Skip to content
This repository has been archived by the owner on Nov 14, 2023. It is now read-only.

Nit feedback #24

Merged
merged 1 commit into from
Oct 24, 2022
Merged

Nit feedback #24

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion scenarios/building-dependencies.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ Simply receiving signed components may not be enough to ensure complete security

## Taking Ownership of the Artifacts You Depend Upon

The first step of securing any supply chain is securing your dependencies, to assure you know what you're building upon. If you built against the foo package on monday, do you know you'll get the same result if you build against the same named reference on Wednesday?
The first step of securing any supply chain is securing your dependencies, to assure you know what you're building upon. If you built against the foo package on Monday, do you know you'll get the same result if you build against the same named reference on Wednesday?

See [Consuming Public Content](https://opencontainers.org/posts/blog/2020-10-30-consuming-public-content/) for a reference to this workflow:
<img src="./../assets/oci-consuming-public-content.png" alt="Consuming Public Content" style="width:600px;"/>
Expand Down
6 changes: 3 additions & 3 deletions scitt-components.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
# SCITT Components

SCITT provides a set of components enabling Supply Chain, Integrity, Transparency and Trust.
(See [What Is SCITT][WHAT_IS_SCITT])
(see [What Is SCITT][WHAT_IS_SCITT])
But what are the scenarios, projects and products that SCITT enables?
This collection of docs will describe the core components of SCITT, and how it can be enabled and extended to support a breadth of use cases.
This collection of docs will describe the core components of SCITT, and how it can be enabled and extended to support a breadth of use cases, enabling new and existing products and services.

As SCITT is in active design through the [IETF SCITT working group][SCITT_IETF_WG], these documents aim to facilitate various design discussions, based on a set of SCITT primitives and scenarios that benefit from the SCITT primitives.
As SCITT is in active design through the [IETF SCITT working group][SCITT_IETF_WG], these documents aim to facilitate various design discussions, based on a set of SCITT primitives and scenarios.

## Table of Contents

Expand Down