Commit 3de05711 authored by Mark Lodato's avatar Mark Lodato
Browse files

Fix broken links when deployed to personal GH Pages



There were several absolute paths that work on the production site and
the development server but not on a personal fork's GitHub Pages. The
fix is to use either relative paths or {{site.baseurl}}.
Signed-off-by: default avatarMark Lodato <lodato@google.com>
parent a87099d2
{% assign versions = site.spec_versions %}
{% for item in versions %}
<a href="/spec/{{item}}/" class="inline-block {% if page.url contains item %}bg-button-green button-mono{% else %}button-mono text-green-button{% endif %} text-white rounded-lg px-4 py-3 text-20 font-normal">Version {{item | replace: "v", ""}}</a>
{% endfor %}
\ No newline at end of file
<a href="{{site.baseurl}}/spec/{{item}}/" class="inline-block {% if page.url contains item %}bg-button-green button-mono{% else %}button-mono text-green-button{% endif %} text-white rounded-lg px-4 py-3 text-20 font-normal">Version {{item | replace: "v", ""}}</a>
{% endfor %}
......@@ -16,7 +16,7 @@ independent from one another, it allows parallel progress and prioritization
based on risk. (This is a lesson we learned when deploying other security
controls at scale throughout Google.) We expect SLSA ratings to be composed to
describe a supply chain's overall security stance, as described in the case
study [vision](example.md#vision-case-study).
study [vision](../example.md#vision-case-study).
## Q: What about reproducible builds?
......@@ -32,7 +32,7 @@ bit-for-bit identical output. This property
including easier debugging, more confident cherry-pick releases, better build
caching and storage efficiency, and accurate dependency tracking.
For these reasons, SLSA 4 [requires](levels.md#level-requirements) reproducible builds
For these reasons, SLSA 4 [requires](../levels.md#level-requirements) reproducible builds
unless there is a justification why the build cannot be made reproducible.
[Example](https://lists.reproducible-builds.org/pipermail/rb-general/2021-January/002177.html)
justifications include profile-guided optimizations or code signing that
......
......@@ -306,14 +306,16 @@ Requirements on the process by which provenance is generated and consumed:
<table>
<tr><th>Requirement<th>Description<th>L1<th>L2<th>L3<th>L4
<tr id="available">
<td>Available
<td>Available/]
<td>
The provenance is available to the consumer in a format that the consumer
accepts. The format SHOULD be in-toto [SLSA Provenance](provenance/index.html),
accepts. The format SHOULD be in-toto [SLSA Provenance],
but another format MAY be used if both producer and consumer agree and it meets
all the other requirements.
[SLSA Provenance]: {{site.baseurl}}/provenance
<td><td><td><td>
<tr id="authenticated">
<td>Authenticated
......
......@@ -204,7 +204,7 @@ It’s adaptable, and it’s been designed with the wider security ecosystem in
</div>
<div class="flex flex-wrap justify-center items-center w-6/7 mx-auto md:-ml-4 md:-mr-4">
<div class="w-full md:w-1/2 getting_started_card md:pl-4 md:h-80 mb-8 md:mb-0">
<a href="/get-started#reaching-slsa-level-1" class="hover:no-underline">
<a href="get-started#reaching-slsa-level-1" class="hover:no-underline">
<div class="bg-white h-full rounded-lg p-10 flex flex-col">
<p class="h3 font-semibold mb-8 md:mb-6">Start using SLSA</p>
<p>Ready to put your project through its paces? The first on-ramp to SLSA Level 1 is generating provenance. We’ve put together a quick walkthrough with the steps you’ll need to take and available tools you can use.</p>
......@@ -213,7 +213,7 @@ It’s adaptable, and it’s been designed with the wider security ecosystem in
</a>
</div>
<div class="w-full md:w-1/2 getting_started_card md:pl-4 md:h-80">
<a href="/spec/{{ site.current_spec_version }}/#specifications" class="hover:no-underline">
<a href="spec/{{ site.current_spec_version }}/#specifications" class="hover:no-underline">
<div class="bg-white h-full rounded-lg p-10 flex flex-col">
<p class="h3 font-semibold mb-8 md:mb-6">Review the specifications</p>
<p>Want to learn about how it fits your organization’s security? Here’s the documentation behind the framework, with use cases, specific threats (and their prevention), provenance and fully detailed requirements.</p>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment