This project is mirrored from https://github.com/slsa-framework/slsa.git.
Pull mirroring updated .
- 16 May, 2022 1 commit
-
-
dependabot[bot] authored
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 3.1.1 to 3.2.0. - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/56337c425554a6be30cdef71bf441f15be286854...17f8bd926464a1afa4c6a11669539e9c1ba77048 ) --- updated-dependencies: - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by:
dependabot[bot] <support@github.com>
-
- 04 May, 2022 1 commit
-
-
Mark Lodato authored
Blog: clean up styling, add banner for guest posts
-
- 03 May, 2022 1 commit
-
-
Mark Lodato authored
Add a "views expressed disclaimer" on guest posts. Clean up the styling of blog posts: - Smaller header with white background. - Format the date to look a bit nicer. Signed-off-by:
Mark Lodato <lodato@google.com>
-
- 02 May, 2022 2 commits
-
-
Abhishek Arya authored
Add SLSA + SBOM blogpost
-
Brandon Lum authored
Signed-off-by:
Brandon Lum <lumjjb@gmail.com>
-
- 28 Apr, 2022 2 commits
-
-
Mark Lodato authored
Update build-model diagram to match visual style
-
Mark Lodato authored
Reimplement the diagram in Figma and use the same visual style as the other supply chain diagrams. Signed-off-by:
Mark Lodato <lodato@google.com>
-
- 25 Apr, 2022 4 commits
-
-
Mark Lodato authored
Bump github-pages from 225 to 226 in /docs
-
dependabot[bot] authored
Bumps [github-pages](https://github.com/github/pages-gem) from 225 to 226. - [Release notes](https://github.com/github/pages-gem/releases) - [Commits](https://github.com/github/pages-gem/compare/v225...v226 ) --- updated-dependencies: - dependency-name: github-pages dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by:
dependabot[bot] <support@github.com>
-
Mark Lodato authored
Make the diagrams easier to edit
-
Mark Lodato authored
dependabot: fix bundler, decrease freq to weekly
-
- 23 Apr, 2022 1 commit
-
-
Mark Lodato authored
Signed-off-by:
Mark Lodato <lodato@google.com>
-
- 22 Apr, 2022 2 commits
-
-
Mark Lodato authored
Our Gemfile is in the docs directory, not the root directory. Decrease all the frequencies to weekly (not daily) to slightly reduce the amount of PR spam we get. Signed-off-by:
Mark Lodato <lodato@google.com>
-
Mark Lodato authored
Bump actions/checkout from 3.0.0 to 3.0.2
-
- 21 Apr, 2022 5 commits
-
-
Mark Lodato authored
Signed-off-by:
Mark Lodato <lodato@google.com>
-
Mark Lodato authored
Signed-off-by:
Mark Lodato <lodato@google.com>
-
Mark Lodato authored
We don't need these anymore now that we use Google Web Fonts exclusively. Signed-off-by:
Mark Lodato <lodato@google.com>
-
Mark Lodato authored
Use Google Web Font (Inter, Arimo) instead of custom alternatives (Prodigy Sans, Arial) to allow easier edits. Visually it's very similar. Rename "bad dependency" to "risky dependency" as per #347. Update Figma file to match SVG (remove drop shadow, use non-oval shape for Build, fix alignment). Signed-off-by:
Mark Lodato <lodato@google.com>
-
dependabot[bot] authored
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.0.0 to 3.0.2. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/a12a3943b4bdde767164f792f33f40b04645d846...2541b1294d2704b0964813337f33b291d3f8596b ) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by:
dependabot[bot] <support@github.com>
-
- 19 Apr, 2022 1 commit
-
-
Mark Lodato authored
Update Gemfile.lock
-
- 13 Apr, 2022 6 commits
-
-
Mark Lodato authored
Fix lint error on blog post
-
Mark Lodato authored
Signed-off-by:
Mark Lodato <lodato@google.com>
-
Mark Lodato authored
-
Mark Lodato authored
Signed-off-by:
Mark Lodato <lodato@google.com>
-
Thomas Owens authored
Signed-off-by:
Thomas Owens <thomas.j.owens@gmail.com>
-
Thomas Owens authored
-
- 12 Apr, 2022 14 commits
-
-
Abhishek Arya authored
Add blog post: SLSA is no free lunch
-
Abhishek Arya authored
Co-authored-by:
Kim Lewandowski <kim.m.lewandowski@gmail.com>
-
Michael Lieberman authored
Signed-off-by:
Michael Lieberman <mlieberman85@gmail.com>
-
Michael Lieberman authored
Co-authored-by:
Kim Lewandowski <kim.m.lewandowski@gmail.com> Signed-off-by:
Michael Lieberman <mlieberman85@gmail.com>
-
Michael Lieberman authored
This is a blog post trying to clear up any confusion on some common use cases for SLSA as well as what SLSA doesn't cover and is currently out of scope. Signed-off-by:
Michael Lieberman <mlieberman85@gmail.com>
-
Thomas Owens authored
-
Thomas Owens authored
Signed-off-by:
Thomas Owens <thomas.j.owens@gmail.com>
-
Thomas Owens authored
Signed-off-by:
Thomas Owens <thomas.j.owens@gmail.com>
-
Mark Lodato authored
Addresses vulnerablities in Nokogiri. Signed-off-by:
Mark Lodato <lodato@google.com>
-
Mark Lodato authored
Fix "Change history" rendering of VSA page
-
Mark Lodato authored
Improve CSS on blog post pages.
-
Thomas Owens authored
Signed-off-by:
Thomas Owens <thomas.j.owens@gmail.com>
-
-
Thomas Owens authored
Signed-off-by:
Thomas Owens <thomas.j.owens@gmail.com>
-