From 3a2561d799e11587352560457ce526c45adb6a85 Mon Sep 17 00:00:00 2001 From: Brandon Mitchell Date: Fri, 28 Jul 2023 10:24:16 -0400 Subject: [PATCH] docs: fix broken link to in-toto Signed-off-by: Brandon Mitchell --- docs/_posts/2023-05-02-in-toto-and-slsa.md | 2 +- docs/attestation-model.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/_posts/2023-05-02-in-toto-and-slsa.md b/docs/_posts/2023-05-02-in-toto-and-slsa.md index 90c3ce4b3..615eb141f 100644 --- a/docs/_posts/2023-05-02-in-toto-and-slsa.md +++ b/docs/_posts/2023-05-02-in-toto-and-slsa.md @@ -69,7 +69,7 @@ predicates they generate during the execution of their software supply chain. For example, they can embed SLSA Provenance specific checks alongside others that verify best practices such as two party code reviews, successful test runs, and so on were adhered to. Taken together, a -[bundle of in-toto attestations](https://github.com/in-toto/attestation/blob/main/spec/v1.0/bundle.md) +[bundle of in-toto attestations](https://github.com/in-toto/attestation/blob/main/spec/v1/bundle.md) and a layout can be used to comprehensively verify a software supply chain’s security posture. diff --git a/docs/attestation-model.md b/docs/attestation-model.md index f98e0034e..a1e651631 100644 --- a/docs/attestation-model.md +++ b/docs/attestation-model.md @@ -144,7 +144,7 @@ recognize that other choices MAY be necessary in various cases. | Bundle | **[JSON Lines]**, see [attestation bundle] | | Storage/Lookup | **TBD** | -[attestation bundle]: https://github.com/in-toto/attestation/blob/main/spec/v1.0/bundle.md +[attestation bundle]: https://github.com/in-toto/attestation/blob/main/spec/v1/bundle.md [Binary Authorization]: https://cloud.google.com/binary-authorization [DSSE]: https://github.com/secure-systems-lab/dsse/ [Generic SLSA Verifier]: https://github.com/slsa-framework/slsa-verifier