Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* starting proposed restructure Signed-off-by: chaosinthecrd <[email protected]> * adding latest changes to README Signed-off-by: chaosinthecrd <[email protected]> * fixed link to contributing md Signed-off-by: chaosinthecrd <[email protected]> * made title title heading size Signed-off-by: chaosinthecrd <[email protected]> * named the file wrong - doh Signed-off-by: chaosinthecrd <[email protected]> * resizing headings at top Signed-off-by: chaosinthecrd <[email protected]> * added spacing Signed-off-by: chaosinthecrd <[email protected]> * a few more fixes Signed-off-by: chaosinthecrd <[email protected]> * adding background section Signed-off-by: chaosinthecrd <[email protected]> * removing bullet Signed-off-by: chaosinthecrd <[email protected]> * final neatening Signed-off-by: chaosinthecrd <[email protected]> * updated docs further - tutorial not working Signed-off-by: chaosinthecrd <[email protected]> * adding demo gif Signed-off-by: chaosinthecrd <[email protected]> * adding docusaurus stuff and more progress Signed-off-by: chaosinthecrd <[email protected]> * saving progress, including docusaurus website Signed-off-by: chaosinthecrd <[email protected]> * changing logo Signed-off-by: chaosinthecrd <[email protected]> * adding snowfall Signed-off-by: chaosinthecrd <[email protected]> * adding the concepts section Signed-off-by: chaosinthecrd <[email protected]> * Adding the contributing.md from archivista (#327) * adding the contributing.md from archivista * dont need jq Signed-off-by: chaosinthecrd <[email protected]> * Migrating go module (#328) * added all imports * fixing go sum * changing go-witness back for now, makes more sense --------- Co-authored-by: John Kjell <[email protected]> Signed-off-by: chaosinthecrd <[email protected]> * Migrating to the use of in-toto/go-witness module (#331) * added all imports * fixing go sum * changing go-witness back for now, makes more sense * moved witness to using new in-toto/go-witness module Signed-off-by: chaosinthecrd <[email protected]> * adding change to test now following newer version of policy * running docgen as changes found from use of new module * pinning to v0.2.0 of archivista and go-witness Signed-off-by: chaosinthecrd <[email protected]> --------- Signed-off-by: chaosinthecrd <[email protected]> Signed-off-by: Tom Meadows <[email protected]> * Bumping Go version for goreleaser (#333) bumping go version for goreleaser Signed-off-by: chaosinthecrd <[email protected]> * chore: bump actions/download-artifact from 3.0.2 to 4.0.0 (#335) Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 3.0.2 to 4.0.0. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@9bc31d5...7a1cd32) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore: bump github/codeql-action from 2.22.9 to 3.22.11 (#336) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.22.9 to 3.22.11. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@c0d1daa...b374143) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: John Kjell <[email protected]> * chore: bump actions/upload-artifact from 3.1.3 to 4.0.0 (#337) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.3 to 4.0.0. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@a8a3f3a...c7d193f) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: John Kjell <[email protected]> * chore: bump github/codeql-action from 3.22.11 to 3.22.12 (#343) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.22.11 to 3.22.12. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@b374143...012739e) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore: bump actions/download-artifact from 4.0.0 to 4.1.0 (#342) Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4.0.0 to 4.1.0. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@7a1cd32...f44cd7b) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * moving config doc Signed-off-by: chaosinthecrd <[email protected]> * adding latest changes Signed-off-by: chaosinthecrd <[email protected]> * saving progress Signed-off-by: chaosinthecrd <[email protected]> * adding keyless signing tutorial Signed-off-by: chaosinthecrd <[email protected]> * doing images Signed-off-by: chaosinthecrd <[email protected]> * fixing broken image Signed-off-by: chaosinthecrd <[email protected]> * changing url Signed-off-by: chaosinthecrd <[email protected]> * fixed images Signed-off-by: chaosinthecrd <[email protected]> * updating docs and removing witness.md Signed-off-by: chaosinthecrd <[email protected]> * Update go-git to resolve vulnerability (#346) * Update go-git to resolve vulnerability Signed-off-by: John Kjell <[email protected]> * Update x/crypto Signed-off-by: John Kjell <[email protected]> --------- Signed-off-by: John Kjell <[email protected]> * chore: bump actions/dependency-review-action from 3.1.4 to 3.1.5 (#349) * Add FOSSA license scanning Signed-off-by: John Kjell <[email protected]> * Add Security MD files an add FOSSA scan badge Signed-off-by: John Kjell <[email protected]> Signed-off-by: chaosinthecrd <[email protected]> * Pin dependencies and restrict permissions Signed-off-by: John Kjell <[email protected]> * Add signing to goreleaser and Best Practices badge to readme. Signed-off-by: John Kjell <[email protected]> Signed-off-by: chaosinthecrd <[email protected]> * Add cosign install Signed-off-by: John Kjell <[email protected]> * Update cloudflare/circl due to dependabot failure (#352) Signed-off-by: John Kjell <[email protected]> * updated package json Signed-off-by: chaosinthecrd <[email protected]> * chore: bump actions/cache from 3.3.2 to 3.3.3 (#355) Bumps [actions/cache](https://github.com/actions/cache) from 3.3.2 to 3.3.3. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@704facf...e12d46a) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore: bump actions/upload-artifact from 4.0.0 to 4.1.0 (#356) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.0.0 to 4.1.0. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@c7d193f...1eb3cb2) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore: bump github/codeql-action from 3.22.12 to 3.23.0 (#357) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.22.12 to 3.23.0. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@012739e...e5f05b8) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore: bump actions/download-artifact from 4.1.0 to 4.1.1 (#358) Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@f44cd7b...6b208ae) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Initial attempt at PR and Issue templates (#351) * Initial attempt at PR and Issue templates Signed-off-by: John Kjell <[email protected]> * Address some review feedback Signed-off-by: John Kjell <[email protected]> --------- Signed-off-by: John Kjell <[email protected]> Co-authored-by: Tom Meadows <[email protected]> * Checking attestors for duplicates (#361) * prevents duplicate attestors * adding tests * modified help for attestations flag --------- Signed-off-by: chaosinthecrd <[email protected]> * removing witness website for now Signed-off-by: chaosinthecrd <[email protected]> * editing image links Signed-off-by: chaosinthecrd <[email protected]> * updating docgen Signed-off-by: chaosinthecrd <[email protected]> * fixing docgen Signed-off-by: chaosinthecrd <[email protected]> * addressing comments Signed-off-by: chaosinthecrd <[email protected]> * fixing small issue with md Signed-off-by: chaosinthecrd <[email protected]> * fixed ellipsis Signed-off-by: chaosinthecrd <[email protected]> --------- Signed-off-by: chaosinthecrd <[email protected]> Signed-off-by: Tom Meadows <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: John Kjell <[email protected]> Co-authored-by: John Kjell <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
- Loading branch information