Skip to content

Commit

Permalink
docs: s/validate/verify
Browse files Browse the repository at this point in the history
  • Loading branch information
@rsoberano-ld
rsoberano-ld committed Jan 11, 2024
1 parent 0edee76 commit 2ebc7d8
Show file tree
Hide file tree
Showing 12 changed files with 13 additions and 13 deletions.
4 changes: 2 additions & 2 deletions PROVENANCE.md
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
## Validating SDK packages with the SLSA framework (Supply-chain Levels for Software Artifacts)
## Verifying SDK packages with the SLSA framework (Supply-chain Levels for Software Artifacts)

LaunchDarkly uses the [SLSA framework](https://slsa.dev/spec/v1.0/about) to help developers make their supply chain more secure by ensuring the authenticity and build integrity of our published SDK packages.

As part of [SLSA requirements for level 3 compliance](https://slsa.dev/spec/v1.0/requirements), LaunchDarkly publishes provenance attestations about our SDK package builds to npm for distribution alongside our packages.

For npm packages that are published with provenance, npm automatically [validates the authenticity of the package using Sigstore](https://docs.npmjs.com/generating-provenance-statements#about-npm-provenance).
For npm packages that are published with provenance, npm automatically [verifies the authenticity of the package using Sigstore](https://docs.npmjs.com/generating-provenance-statements#about-npm-provenance).
2 changes: 1 addition & 1 deletion packages/sdk/akamai-base/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ yarn && yarn build && cd packages/sdk/akamai-base
yarn test
```

## Validating SDK packages with the SLSA framework (Supply-chain Levels for Software Artifacts)
## Verifying SDK packages with the SLSA framework (Supply-chain Levels for Software Artifacts)

LaunchDarkly uses the [SLSA framework](https://slsa.dev/spec/v1.0/about) to help developers make their supply chain more secure by ensuring the authenticity and build integrity of our published SDK packages. To learn more, see the [provenance guide](PROVENANCE.md).

Expand Down
2 changes: 1 addition & 1 deletion packages/sdk/akamai-edgekv/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ yarn && yarn build && cd packages/sdk/akamai-edgekv
yarn test
```

## Validating SDK packages with the SLSA framework (Supply-chain Levels for Software Artifacts)
## Verifying SDK packages with the SLSA framework (Supply-chain Levels for Software Artifacts)

LaunchDarkly uses the [SLSA framework](https://slsa.dev/spec/v1.0/about) to help developers make their supply chain more secure by ensuring the authenticity and build integrity of our published SDK packages. To learn more, see the [provenance guide](PROVENANCE.md).

Expand Down
2 changes: 1 addition & 1 deletion packages/sdk/cloudflare/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@ yarn && yarn build && cd packages/sdk/cloudflare
yarn test
```

## Validating SDK packages with the SLSA framework (Supply-chain Levels for Software Artifacts)
## Verifying SDK packages with the SLSA framework (Supply-chain Levels for Software Artifacts)

LaunchDarkly uses the [SLSA framework](https://slsa.dev/spec/v1.0/about) to help developers make their supply chain more secure by ensuring the authenticity and build integrity of our published SDK packages. To learn more, see the [provenance guide](PROVENANCE.md).

Expand Down
2 changes: 1 addition & 1 deletion packages/sdk/react-native/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -98,7 +98,7 @@ echo "MOBILE_KEY=mob-abc" >> packages/sdk/react-native/example/.env
yarn && yarn ios-go
```

## Validating SDK packages with the SLSA framework (Supply-chain Levels for Software Artifacts)
## Verifying SDK packages with the SLSA framework (Supply-chain Levels for Software Artifacts)

LaunchDarkly uses the [SLSA framework](https://slsa.dev/spec/v1.0/about) to help developers make their supply chain more secure by ensuring the authenticity and build integrity of our published SDK packages. To learn more, see the [provenance guide](PROVENANCE.md).

Expand Down
2 changes: 1 addition & 1 deletion packages/sdk/server-node/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ We run integration tests for all our SDKs using a centralized test harness. This

We encourage pull requests and other contributions from the community. Check out our [contributing guidelines](CONTRIBUTING.md) for instructions on how to contribute to this SDK.

## Validating SDK packages with the SLSA framework (Supply-chain Levels for Software Artifacts)
## Verifying SDK packages with the SLSA framework (Supply-chain Levels for Software Artifacts)

LaunchDarkly uses the [SLSA framework](https://slsa.dev/spec/v1.0/about) to help developers make their supply chain more secure by ensuring the authenticity and build integrity of our published SDK packages. To learn more, see the [provenance guide](PROVENANCE.md).

Expand Down
2 changes: 1 addition & 1 deletion packages/sdk/vercel/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,7 @@ yarn && yarn build && cd packages/sdk/vercel
yarn test
```
## Validating SDK packages with the SLSA framework (Supply-chain Levels for Software Artifacts)
## Verifying SDK packages with the SLSA framework (Supply-chain Levels for Software Artifacts)

LaunchDarkly uses the [SLSA framework](https://slsa.dev/spec/v1.0/about) to help developers make their supply chain more secure by ensuring the authenticity and build integrity of our published SDK packages. To learn more, see the [provenance guide](PROVENANCE.md).

Expand Down
2 changes: 1 addition & 1 deletion packages/shared/common/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ This library is a beta version and should not be considered ready for production

See [Contributing](../CONTRIBUTING.md).

## Validating SDK packages with the SLSA framework (Supply-chain Levels for Software Artifacts)
## Verifying SDK packages with the SLSA framework (Supply-chain Levels for Software Artifacts)

LaunchDarkly uses the [SLSA framework](https://slsa.dev/spec/v1.0/about) to help developers make their supply chain more secure by ensuring the authenticity and build integrity of our published SDK packages. To learn more, see the [provenance guide](PROVENANCE.md).

Expand Down
2 changes: 1 addition & 1 deletion packages/shared/sdk-server-edge/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ This library is a beta version and should not be considered ready for production

See [Contributing](../CONTRIBUTING.md).

## Validating SDK packages with the SLSA framework (Supply-chain Levels for Software Artifacts)
## Verifying SDK packages with the SLSA framework (Supply-chain Levels for Software Artifacts)

LaunchDarkly uses the [SLSA framework](https://slsa.dev/spec/v1.0/about) to help developers make their supply chain more secure by ensuring the authenticity and build integrity of our published SDK packages. To learn more, see the [provenance guide](PROVENANCE.md).

Expand Down
2 changes: 1 addition & 1 deletion packages/shared/sdk-server/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ This project contains Typescript classes and interfaces that are applicable to s

See [Contributing](../CONTRIBUTING.md).

## Validating SDK packages with the SLSA framework (Supply-chain Levels for Software Artifacts)
## Verifying SDK packages with the SLSA framework (Supply-chain Levels for Software Artifacts)

LaunchDarkly uses the [SLSA framework](https://slsa.dev/spec/v1.0/about) to help developers make their supply chain more secure by ensuring the authenticity and build integrity of our published SDK packages. To learn more, see the [provenance guide](PROVENANCE.md).

Expand Down
2 changes: 1 addition & 1 deletion packages/store/node-server-sdk-dynamodb/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -91,7 +91,7 @@ const factory = DynamoDBFeatureStore({ cacheTTL: 0 });

We encourage pull requests and other contributions from the community. Check out our [contributing guidelines](CONTRIBUTING.md) for instructions on how to contribute to this SDK.

## Validating SDK packages with the SLSA framework (Supply-chain Levels for Software Artifacts)
## Verifying SDK packages with the SLSA framework (Supply-chain Levels for Software Artifacts)

LaunchDarkly uses the [SLSA framework](https://slsa.dev/spec/v1.0/about) to help developers make their supply chain more secure by ensuring the authenticity and build integrity of our published SDK packages. To learn more, see the [provenance guide](PROVENANCE.md).

Expand Down
2 changes: 1 addition & 1 deletion packages/store/node-server-sdk-redis/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,7 @@ const factory = RedisFeatureStoreFactory({ cacheTTL: 0 });

We encourage pull requests and other contributions from the community. Check out our [contributing guidelines](CONTRIBUTING.md) for instructions on how to contribute to this SDK.

## Validating SDK packages with the SLSA framework (Supply-chain Levels for Software Artifacts)
## Verifying SDK packages with the SLSA framework (Supply-chain Levels for Software Artifacts)

LaunchDarkly uses the [SLSA framework](https://slsa.dev/spec/v1.0/about) to help developers make their supply chain more secure by ensuring the authenticity and build integrity of our published SDK packages. To learn more, see the [provenance guide](PROVENANCE.md).

Expand Down

0 comments on commit 2ebc7d8

Please sign in to comment.