-
Notifications
You must be signed in to change notification settings - Fork 229
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Here is my first take on the new navigation approach. This PR doesn't make any changes to how the specification is organized with regard to the tracks, etc. It is meant to be merely a UI modification, essentially changing the navigation bar so that the various versions of the specification are directly visible and accessible rather than dependent on using the version selector which only appears once you go into the specification. I didn't include the older versions: 0.1 and 1.0-rc1 and rc2. All of these are however still there and can be accessed directly via their respective URLs or from any page linking to them such as past blog posts. Let me know if you think we should add 0.1 to the navigation bar. I'm also not sure there is value in having the 1.1 RC given that I think it's a dead-end (if anything I think this should be 1.0.1). In the process of making this change I found a few bugs that I was able to fix. Any feedback or suggestions welcome but please keep in mind that Jekyll is a **static** page generator so anything that requires dynamic processing (either server-side or client-side) is out of scope. These would require PHP and/or Javascript. I've more or less managed to get my head around Jekyll and its template programming language Liquid but I'm not up for the added complexity any of this would imply. PR #1268 will have a small impact that I'll handle once it is merged. --------- Signed-off-by: Arnaud J Le Hors <[email protected]>
- Loading branch information
Showing
33 changed files
with
1,636 additions
and
65 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,344 @@ | ||
| # Global side menu | ||
| # Children are only visible when the item or one of its children is selected | ||
|
|
||
| - title: Home | ||
| url: / | ||
|
|
||
| - title: Current activities | ||
| url: /current-activities | ||
| description: What the SLSA community is currently working on | ||
|
|
||
| - title: SLSA Specification 1.1 Draft | ||
| description: > | ||
| These pages describe SLSA's security levels and requirements for each track. | ||
| If you want to achieve SLSA a particular level, these are the requirements | ||
| you'll need to meet. | ||
| url: /spec/v1.1/ | ||
| children: | ||
|
|
||
| - title: Understanding SLSA | ||
| description: > | ||
| These pages provide an overview of SLSA, how it helps protect against common | ||
| supply chain attacks, and common use cases. If you're new to SLSA or | ||
| supply chain security, start here. | ||
| children: | ||
|
|
||
| - title: What's new in v1.1 | ||
| url: /spec/v1.1/whats-new | ||
| description: What's new in SLSA Version 1.1 | ||
|
|
||
| - title: About SLSA | ||
| url: /spec/v1.1/about | ||
| description: An introductory guide to SLSA | ||
|
|
||
| - title: Supply chain threats | ||
| url: /spec/v1.1/threats-overview | ||
| description: An introduction to supply chain threats | ||
|
|
||
| - title: Use cases | ||
| url: /spec/v1.1/use-cases | ||
| description: Use cases | ||
|
|
||
| - title: Guiding principles | ||
| url: /spec/v1.1/principles | ||
| description: Use cases | ||
|
|
||
| - title: FAQ | ||
| url: /spec/v1.1/faq | ||
| description: Questions and more information | ||
|
|
||
| - title: Future directions | ||
| url: /spec/v1.1/future-directions | ||
| description: Additions and changes being considered for future SLSA versions | ||
|
|
||
| - title: Core specification | ||
| description: > | ||
| These pages describe SLSA's security levels and requirements for each track. | ||
| If you want to achieve SLSA a particular level, these are the requirements | ||
| you'll need to meet. | ||
| children: | ||
|
|
||
| - title: Terminology | ||
| url: /spec/v1.1/terminology | ||
| description: Terminology and model used by SLSA | ||
|
|
||
| - title: Security levels | ||
| url: /spec/v1.1/levels | ||
| description: Overview of SLSA's tracks and levels, intended for all audiences | ||
|
|
||
| - title: Producing artifacts | ||
| url: /spec/v1.1/requirements | ||
| description: Detailed technical requirements for producing software artifacts, intended for platform implementers | ||
|
|
||
| - title: Distributing provenance | ||
| url: /spec/v1.1/distributing-provenance | ||
| description: Detailed technical requirements for distributing provenance, intended for platform implementers and software distributors | ||
|
|
||
| - title: Verifying artifacts | ||
| url: /spec/v1.1/verifying-artifacts | ||
| description: Guidance for verifying software artifacts and their SLSA provenance, intended for platform implementers and software consumers | ||
|
|
||
| - title: Verifying build platforms | ||
| url: /spec/v1.1/verifying-systems | ||
| description: Guidelines for securing SLSA Build L3+ builders, intended for platform implementers | ||
|
|
||
| - title: Threats & mitigations | ||
| url: /spec/v1.1/threats | ||
| description: Detailed information about specific supply chain attacks and how SLSA helps | ||
|
|
||
| - title: Attestation formats | ||
| description: > | ||
| These pages include the concrete schemas for SLSA attestations. The | ||
| Provenance and VSA formats are recommended, but not required by the | ||
| specification. | ||
| children: | ||
|
|
||
| - title: General model | ||
| url: /spec/v1.1/attestation-model | ||
| description: General attestation mode | ||
|
|
||
| - title: Provenance | ||
| url: /spec/v1.1/provenance | ||
| description: Suggested provenance format and explanation | ||
|
|
||
| - title: Verification Summary | ||
| url: /spec/v1.1/verification_summary | ||
| description: Suggested VSA format and explanation | ||
|
|
||
| - title: Single-page view | ||
| url: /spec/v1.1/onepage | ||
| skip_next_prev: true # don't show as a next/prev link | ||
|
|
||
| - title: SLSA Specification 1.0 | ||
| description: > | ||
| These pages describe SLSA's security levels and requirements for each track. | ||
| If you want to achieve SLSA a particular level, these are the requirements | ||
| you'll need to meet. | ||
| url: /spec/v1.0/ | ||
| children: | ||
|
|
||
| - title: Understanding SLSA | ||
| description: > | ||
| These pages provide an overview of SLSA, how it helps protect against common | ||
| supply chain attacks, and common use cases. If you're new to SLSA or | ||
| supply chain security, start here. | ||
| children: | ||
|
|
||
| - title: What's new in v1.0 | ||
| url: /spec/v1.0/whats-new | ||
| description: What's new in SLSA Version 1.0 | ||
|
|
||
| - title: About SLSA | ||
| url: /spec/v1.0/about | ||
| description: An introductory guide to SLSA | ||
|
|
||
| - title: Supply chain threats | ||
| url: /spec/v1.0/threats-overview | ||
| description: An introduction to supply chain threats | ||
|
|
||
| - title: Use cases | ||
| url: /spec/v1.0/use-cases | ||
| description: Use cases | ||
|
|
||
| - title: Guiding principles | ||
| url: /spec/v1.0/principles | ||
| description: Use cases | ||
|
|
||
| - title: FAQ | ||
| url: /spec/v1.0/faq | ||
| description: Questions and more information | ||
|
|
||
| - title: Future directions | ||
| url: /spec/v1.0/future-directions | ||
| description: Additions and changes being considered for future SLSA versions | ||
|
|
||
| - title: Core specification | ||
| description: > | ||
| These pages describe SLSA's security levels and requirements for each track. | ||
| If you want to achieve SLSA a particular level, these are the requirements | ||
| you'll need to meet. | ||
| children: | ||
|
|
||
| - title: Terminology | ||
| url: /spec/v1.0/terminology | ||
| description: Terminology and model used by SLSA | ||
|
|
||
| - title: Security levels | ||
| url: /spec/v1.0/levels | ||
| description: Overview of SLSA's tracks and levels, intended for all audiences | ||
|
|
||
| - title: Producing artifacts | ||
| url: /spec/v1.0/requirements | ||
| description: Detailed technical requirements for producing software artifacts, intended for platform implementers | ||
|
|
||
| - title: Distributing provenance | ||
| url: /spec/v1.0/distributing-provenance | ||
| description: Detailed technical requirements for distributing provenance, intended for platform implementers and software distributors | ||
|
|
||
| - title: Verifying artifacts | ||
| url: /spec/v1.0/verifying-artifacts | ||
| description: Guidance for verifying software artifacts and their SLSA provenance, intended for platform implementers and software consumers | ||
|
|
||
| - title: Verifying build platforms | ||
| url: /spec/v1.0/verifying-systems | ||
| description: Guidelines for securing SLSA Build L3+ builders, intended for platform implementers | ||
|
|
||
| - title: Threats & mitigations | ||
| url: /spec/v1.0/threats | ||
| description: Detailed information about specific supply chain attacks and how SLSA helps | ||
|
|
||
| - title: Attestation formats | ||
| description: > | ||
| These pages include the concrete schemas for SLSA attestations. The | ||
| Provenance and VSA formats are recommended, but not required by the | ||
| specification. | ||
| children: | ||
|
|
||
| - title: General model | ||
| url: /spec/v1.0/attestation-model | ||
| description: General attestation mode | ||
|
|
||
| - title: Provenance | ||
| url: /spec/v1.0/provenance | ||
| description: Suggested provenance format and explanation | ||
|
|
||
| - title: Verification Summary | ||
| url: /spec/v1.0/verification_summary | ||
| description: Suggested VSA format and explanation | ||
|
|
||
| - title: Single-page view | ||
| url: /spec/v1.0/onepage | ||
| skip_next_prev: true # don't show as a next/prev link | ||
|
|
||
| - title: SLSA Working Draft | ||
| url: /spec/draft/ | ||
| children: | ||
|
|
||
| - title: Understanding SLSA | ||
| description: > | ||
| These pages provide an overview of SLSA, how it helps protect against common | ||
| supply chain attacks, and common use cases. If you're new to SLSA or | ||
| supply chain security, start here. | ||
| children: | ||
|
|
||
| - title: What's new | ||
| url: /spec/draft/whats-new | ||
| description: The changes brought by this Working Draft. | ||
|
|
||
| - title: About SLSA | ||
| url: /spec/draft/about | ||
| description: An introductory guide to SLSA | ||
|
|
||
| - title: Supply chain threats | ||
| url: /spec/draft/threats-overview | ||
| description: An introduction to supply chain threats | ||
|
|
||
| - title: Use cases | ||
| url: /spec/draft/use-cases | ||
| description: Use cases | ||
|
|
||
| - title: Guiding principles | ||
| url: /spec/draft/principles | ||
| description: Use cases | ||
|
|
||
| - title: FAQ | ||
| url: /spec/draft/faq | ||
| description: Questions and more information | ||
|
|
||
| - title: Future directions | ||
| url: /spec/draft/future-directions | ||
| description: Additions and changes being considered for future SLSA versions | ||
|
|
||
| - title: Core specification | ||
| description: > | ||
| These pages describe SLSA's security levels and requirements for each track. | ||
| If you want to achieve SLSA a particular level, these are the requirements | ||
| you'll need to meet. | ||
| children: | ||
|
|
||
| - title: Terminology | ||
| url: /spec/draft/terminology | ||
| description: Terminology and model used by SLSA | ||
|
|
||
| - title: Security levels | ||
| url: /spec/draft/levels | ||
| description: Overview of SLSA's tracks and levels, intended for all audiences | ||
|
|
||
| - title: Producing artifacts | ||
| url: /spec/draft/requirements | ||
| description: Detailed technical requirements for producing software artifacts, intended for platform implementers | ||
|
|
||
| - title: Distributing provenance | ||
| url: /spec/draft/distributing-provenance | ||
| description: Detailed technical requirements for distributing provenance, intended for platform implementers and software distributors | ||
|
|
||
| - title: Verifying artifacts | ||
| url: /spec/draft/verifying-artifacts | ||
| description: Guidance for verifying software artifacts and their SLSA provenance, intended for platform implementers and software consumers | ||
|
|
||
| - title: Verifying build platforms | ||
| url: /spec/draft/verifying-systems | ||
| description: Guidelines for securing SLSA Build L3+ builders, intended for platform implementers | ||
|
|
||
| - title: Integrity levels for attested build environments | ||
| url: /spec/draft/attested-build-env-levels | ||
| description: Overview of SLSA's Attested Build Environment track, intended for all audiences | ||
|
|
||
| - title: Threats & mitigations | ||
| url: /spec/draft/threats | ||
| description: Detailed information about specific supply chain attacks and how SLSA helps | ||
|
|
||
| - title: Securing Source Code | ||
| url: /spec/draft/source-requirements | ||
| description: Overview of the Source track | ||
|
|
||
| - title: Attestation formats | ||
| description: > | ||
| These pages include the concrete schemas for SLSA attestations. The | ||
| Provenance and VSA formats are recommended, but not required by the | ||
| specification. | ||
| children: | ||
|
|
||
| - title: General model | ||
| url: /spec/draft/attestation-model | ||
| description: General attestation mode | ||
|
|
||
| - title: Provenance | ||
| url: /spec/draft/provenance | ||
| description: Suggested provenance format and explanation | ||
|
|
||
| - title: Verification Summary | ||
| url: /spec/draft/verification_summary | ||
| description: Suggested VSA format and explanation | ||
|
|
||
| - title: Single-page view | ||
| url: /spec/draft/onepage | ||
| skip_next_prev: true # don't show as a next/prev link | ||
|
|
||
| - title: How to SLSA | ||
| description: > | ||
| These instructions tell you how to apply the core SLSA specification to use | ||
| SLSA in your specific situation. | ||
| url: /how-to/ | ||
| children: | ||
|
|
||
| - title: For developers | ||
| url: /how-to/get-started | ||
| description: How to apply SLSA requirements to your build | ||
|
|
||
| - title: For organizations | ||
| url: /how-to/how-to-orgs | ||
| description: How to apply SLSA to an organization | ||
|
|
||
| - title: For infrastructure providers | ||
| url: /how-to/how-to-infra | ||
| description: How to implement SLSA in source, build, and package platforms | ||
|
|
||
| - title: Specification stages | ||
| url: /spec-stages | ||
|
|
||
| - title: Community | ||
| url: /community | ||
|
|
||
| - title: Blog | ||
| url: /blog |
Oops, something went wrong.