<!-- llms-index: https://docs.gradle.com/develocity/llms.txt -->

<a id="component-eol-banner"></a>

You are viewing **Develocity Provenance Governor 1.6**. To view the latest available version of the docs, see [1.7](https://docs.gradle.com/develocity/provenance-governor/1.7/policy-types/).

# Policy Types

Develocity Provenance Governor supports the following policy types:

 
| Policy Kind | Description |
| --- | --- |
| BuildTool | Enforce specific build tool and version usage |
| JavaToolchains | Control Java toolchain (JDK version/vendor) requirements |
| ResolvedDependenciesRepositories | Restrict dependency resolution sources |
| PackageUrl | Allow or block specific dependencies |
| PublishRepositories | Enforce artifact promotion workflows |
| AttestationsExist | Verify required attestation types exist |
| TrustedPublicKeys | Validate attestation signatures |
| VerificationSummary | Evaluate VSA verification results |
| DependencyScoring | Score dependency health using SLO-based vulnerability and upgrade compliance |