Skip to content

Commit

Permalink
impl: use consistent "only-leading" table syntax (#1025)
Browse files Browse the repository at this point in the history 
Fixes #1023 by using a consistent Markdown syntax for tables with a
leading `|` but no trailing trailing `|`. Change the markdown lint
config to require this in all files. Example:

```markdown
| Key | Value
| --- | -----
| One | A
| Two | B
```

Signed-off-by: Mark Lodato <[email protected]>
  • Loading branch information
@MarkLodato
MarkLodato authored Feb 9, 2024
1 parent 2d57c6b commit 53992b6
Show file tree
Hide file tree
Showing 27 changed files with 411 additions and 407 deletions.
4 changes: 4 additions & 0 deletions .markdownlint.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,10 @@ MD047: true
MD048:
style: "backtick"

# MD055/table-pipe-style - Table pipe style
MD055:
style: "leading_only"

# Disable checks that currently have bugs:
MD051: false # https://github.com/DavidAnson/markdownlint/issues/538
MD053: false # https://github.com/DavidAnson/markdownlint/issues/537
18 changes: 9 additions & 9 deletions CONTRIBUTING.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -99,15 +99,15 @@ multiple apply. If you are not sure which type to use, take a guess and a
maintainer will update if needed. See [review and approval] for the meaning of
"waiting period" and "# approvers".

| Type | Meaning | Waiting period | # Approvers |
|---|---|---|---|
| `content` | A change to the meaning of the specification. Must include a [changelog entry]. | 72h | 3 |
| `editorial` | A clarification to the specification that does not change its meaning, beyond a simple `fix`. | 24h | 2 |
| `nonspec` | A change to a non-specification, non-blog page, beyond a simple `fix`. | 24h | 2 |
| `blog` | A new or updated blog post. (Do not mix with categories above.) | 24h | 2 |
| `fix` | A fix for obvious typos, broken links, and similar. | 0h | 1 |
| `style` | A user-visible style or layout change. No content changes. | 0h | 1 |
| `impl` | A user-invisible change, such as editing a README or the repo configuration. | 0h | 1 |
| Type | Meaning | Waiting period | # Approvers
|---|---|---|---
| `content` | A change to the meaning of the specification. Must include a [changelog entry]. | 72h | 3
| `editorial` | A clarification to the specification that does not change its meaning, beyond a simple `fix`. | 24h | 2
| `nonspec` | A change to a non-specification, non-blog page, beyond a simple `fix`. | 24h | 2
| `blog` | A new or updated blog post. (Do not mix with categories above.) | 24h | 2
| `fix` | A fix for obvious typos, broken links, and similar. | 0h | 1
| `style` | A user-visible style or layout change. No content changes. | 0h | 1
| `impl` | A user-invisible change, such as editing a README or the repo configuration. | 0h | 1

Note 1: PR authors with write access to the repo count as second or third
approvers for their own PRs. For example, if the author of a PR with the
Expand Down
20 changes: 10 additions & 10 deletions MAINTAINERS.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,14 +13,14 @@ permissions in this repository.
<!-- Please keep the list sorted alphabetically by first name. -->
<!-- Remember to add new candidates to the GitHub group. -->

| Name | Email | OpenSSF Slack | GitHub | Affiliation |
| --- | --- | --- | --- | --- |
| Andrew McNamara | [email protected] | @arewm | [arewm](https://github.com/arewm) | Red Hat |
| Arnaud Le Hors | [email protected] | @Arnaud Le Hors | [lehors](https://github.com/lehors) | IBM |
| Joshua Lock | [email protected] | @Joshua Lock | [joshuagl](https://github.com/joshuagl) | Verizon |
| Kris K | [email protected] | @Kris K | [kpk47](https://github.com/kpk47) | Google |
| Mark Lodato | [email protected] | @Mark Lodato | [MarkLodato](https://github.com/MarkLodato) | Google |
| Michael Lieberman | [email protected] | @Michael Lieberman | [mlieberman85](https://github.com/mlieberman85) | Kusari |
| Name | Email | OpenSSF Slack | GitHub | Affiliation
| --- | --- | --- | --- | ---
| Andrew McNamara | [email protected] | @arewm | [arewm](https://github.com/arewm) | Red Hat
| Arnaud Le Hors | [email protected] | @Arnaud Le Hors | [lehors](https://github.com/lehors) | IBM
| Joshua Lock | [email protected] | @Joshua Lock | [joshuagl](https://github.com/joshuagl) | Verizon
| Kris K | [email protected] | @Kris K | [kpk47](https://github.com/kpk47) | Google
| Mark Lodato | [email protected] | @Mark Lodato | [MarkLodato](https://github.com/MarkLodato) | Google
| Michael Lieberman | [email protected] | @Michael Lieberman | [mlieberman85](https://github.com/mlieberman85) | Kusari

### Becoming a Maintainer

Expand All @@ -47,8 +47,8 @@ candidate to the [Specification Maintainers] GitHub team.
<!-- Please keep the list sorted alphabetically by first name. -->
<!-- Remember to remove candidates from the GitHub group. -->

| Name | Email | OpenSSF Slack | GitHub | Affiliation |
| --- | --- | --- | --- | --- |
| Name | Email | OpenSSF Slack | GitHub | Affiliation
| --- | --- | --- | --- | ---

### Removing a Maintainer

Expand Down
12 changes: 6 additions & 6 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,12 +25,12 @@ See https://slsa.dev/community for ways to get involved in SLSA development.

## Active workstreams

| Workstream | [Shepherd] |
| ---------- | ---------- |
| [Build Level 4] | David A Wheeler (@david-a-wheeler) |
| [Hardware Attested Platforms] | Marcela Melara (@marcelamelara), Chad Kimes (@chkimes) |
| [Source Track] | Kris K (@kpk47) |
| [Version 1.1 release] | Joshua Lock (@joshuagl) |
| Workstream | [Shepherd]
| ---------- | ----------
| [Build Level 4] | David A Wheeler (@david-a-wheeler)
| [Hardware Attested Platforms] | Marcela Melara (@marcelamelara), Chad Kimes (@chkimes)
| [Source Track] | Kris K (@kpk47)
| [Version 1.1 release] | Joshua Lock (@joshuagl)

[Shepherd]: CONTRIBUTING.md#workstream-lifecycle
[Build Level 4]: https://github.com/slsa-framework/slsa/issues/977
Expand Down
70 changes: 35 additions & 35 deletions controls/survey.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,21 +30,21 @@ model. Subsequent sections analyze each layer.
[in-toto v1]: https://github.com/in-toto/docs/blob/master/in-toto-spec.md
[in-toto v2]: https://github.com/in-toto/attestation

Project | Envelope | Statement | Predicate | Storage | Generation | Policy | Status
---------------------- | -------- | --------- | --------- | ------- | ---------- | ------ | ------
Raw signing | ✓ | ✓ | ✗ | | | | (varies)
[JSS] | ✓ | | | | | | Abandoned
[JWS] | ✓ | | | | | | IETF Standard
[JWT] | ✓ | | | | | | IETF Standard
[OpenPGP] | ✓ | | | | | | IETF Standard
[PASETO] | ✓ | | | | | | Stable
[DSSE] | ✓ | | | | | | In development
[in-toto v1] | ✓ | ✓ | ✓ | | ✓ | ✓ | Stable
[Notary v2] | ~ | ✓ | ✗ | ✓ | | ✓ | In development
[Simple Signing] | ~ | ✓ | | | | | Stable
[in-toto v2] | ~ | ✓ | | | | | In development
[SPDX] | | | ✓ | | | | Stable
[Binary Authorization] | ~ | ~ | ✗ | ~ | | ✓ | Stable
| Project | Envelope | Statement | Predicate | Storage | Generation | Policy | Status
| ---------------------- | -------- | --------- | --------- | ------- | ---------- | ------ | ------
| Raw signing | ✓ | ✓ | ✗ | | | | (varies)
| [JSS] | ✓ | | | | | | Abandoned
| [JWS] | ✓ | | | | | | IETF Standard
| [JWT] | ✓ | | | | | | IETF Standard
| [OpenPGP] | ✓ | | | | | | IETF Standard
| [PASETO] | ✓ | | | | | | Stable
| [DSSE] | ✓ | | | | | | In development
| [in-toto v1] | ✓ | ✓ | ✓ | | ✓ | ✓ | Stable
| [Notary v2] | ~ | ✓ | ✗ | ✓ | | ✓ | In development
| [Simple Signing] | ~ | ✓ | | | | | Stable
| [in-toto v2] | ~ | ✓ | | | | | In development
| [SPDX] | | | ✓ | | | | Stable
| [Binary Authorization] | ~ | ~ | ✗ | ~ | | ✓ | Stable

Legend:

Expand All @@ -66,15 +66,15 @@ Columns:

## Envelope Layer (not specific to Attestations)

Property | [DSSE] | [OpenPGP] | [JWS] | [JWT] | [PASETO] | [in-toto v1] | [JSS]
----------------------- | -------------- | --------- | ----- | ----- | -------- | ------------ | -----
Authenticated Purpose | ✓ | ✗ | ✓ | ✓ | ✗ | ✓ | ✗
Arbitrary Message Type | ✓ | ✓ | ✓ | ✗ | ✗ | ✗ | ✗
Simple | ✓ | ✗ | ✗ | ✗ | ✓ | ✓ | ✓
Avoids Canonicalization | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | ✓
Pluggable Crypto | ✓ | ✗ | ✓ | ✓ | ✗ | ✓ | ✓
Efficient Encoding | ✓ | ✗ | ✗ | ✗ | ✗ | ✓ | ✗
Widely Adopted | ✗ (not yet!) | ✓ | ✓ | ✓ | ✗ | ✗ | ✗
| Property | [DSSE] | [OpenPGP] | [JWS] | [JWT] | [PASETO] | [in-toto v1] | [JSS]
| ----------------------- | -------------- | --------- | ----- | ----- | -------- | ------------ | -----
| Authenticated Purpose | ✓ | ✗ | ✓ | ✓ | ✗ | ✓ | ✗
| Arbitrary Message Type | ✓ | ✓ | ✓ | ✗ | ✗ | ✗ | ✗
| Simple | ✓ | ✗ | ✗ | ✗ | ✓ | ✓ | ✓
| Avoids Canonicalization | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | ✓
| Pluggable Crypto | ✓ | ✗ | ✓ | ✓ | ✗ | ✓ | ✓
| Efficient Encoding | ✓ | ✗ | ✗ | ✗ | ✗ | ✓ | ✗
| Widely Adopted | ✗ (not yet!) | ✓ | ✓ | ✓ | ✗ | ✗ | ✗

Properties:

Expand Down Expand Up @@ -107,17 +107,17 @@ Properties:

## Statement Layer

Property | [in-toto v2] | [in-toto v1] | [Simple Signing] | [Notary v2] | Raw Signing
--------------------- | ------------ | ------------ | ---------------- | ----------- | -----------
Recommended Envelope | DSSE | in-toto v1 | OpenPGP | JWT | (various)
Subject: Clear | ✓ | ✗ | ✓ | ✓ | ✓
Subject: Any Type | ✓ | ✓ | ✗ | ✓ | (depends)
Subject: Multi-Digest | ✓ | ✓ | ✗ | ✗ | (depends)
Predicate: Supported | ✓ | ✓ | ✓ | ✗ | ✗
Predicate: Flexible | ✓ | ✗ (*) | ✓ | (n/a) | (n/a)
Predicate: Typed | ✓ | ✗ | ✗ | (n/a) | (n/a)
Layered | ✓ | ✗ | ✓ | (n/a) | (n/a)
Evolvable | ✓ | ✓ | ✗ | ✓ | ✗
| Property | [in-toto v2] | [in-toto v1] | [Simple Signing] | [Notary v2] | Raw Signing
| --------------------- | ------------ | ------------ | ---------------- | ----------- | -----------
| Recommended Envelope | DSSE | in-toto v1 | OpenPGP | JWT | (various)
| Subject: Clear | ✓ | ✗ | ✓ | ✓ | ✓
| Subject: Any Type | ✓ | ✓ | ✗ | ✓ | (depends)
| Subject: Multi-Digest | ✓ | ✓ | ✗ | ✗ | (depends)
| Predicate: Supported | ✓ | ✓ | ✓ | ✗ | ✗
| Predicate: Flexible | ✓ | ✗ (*) | ✓ | (n/a) | (n/a)
| Predicate: Typed | ✓ | ✗ | ✗ | (n/a) | (n/a)
| Layered | ✓ | ✗ | ✓ | (n/a) | (n/a)
| Evolvable | ✓ | ✓ | ✗ | ✓ | ✗

Properties:

Expand Down
14 changes: 7 additions & 7 deletions docs/attestation-model.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -136,13 +136,13 @@ and have desirable security properties. Our hope is to align the industry around
this particular suite because it makes everything easier. That said, we
recognize that other choices MAY be necessary in various cases.

| Component | Recommendation |
| --- | --- |
| Envelope | **[DSSE]** (ECDSA over NIST P-256 (or stronger) and SHA-256.) |
| Statement | **[in-toto attestations]** |
| Predicate | Choose as appropriate, i.e.; [Provenance], [SPDX], [other predicates defined by third-parties]. If none are a good fit, invent a new one |
| Bundle | **[JSON Lines]**, see [attestation bundle] |
| Storage/Lookup | **TBD** |
| Component | Recommendation
| --- | ---
| Envelope | **[DSSE]** (ECDSA over NIST P-256 (or stronger) and SHA-256.)
| Statement | **[in-toto attestations]**
| Predicate | Choose as appropriate, i.e.; [Provenance], [SPDX], [other predicates defined by third-parties]. If none are a good fit, invent a new one
| Bundle | **[JSON Lines]**, see [attestation bundle]
| Storage/Lookup | **TBD**

[attestation bundle]: https://github.com/in-toto/attestation/blob/main/spec/v1/bundle.md
[Binary Authorization]: https://cloud.google.com/binary-authorization
Expand Down
12 changes: 6 additions & 6 deletions docs/get-started.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -106,9 +106,9 @@ The following table shows known build software packages and the potential SLSA l

Note that this list is provided "as is". OpenSSF makes no claim as to the reliability of this information. A certification program is under development to provide a more definitive list.

| Builder | Potential SLSA Level |
|--------------------------|:--------------------:|
| FRSCA | 2 |
| GitHub Actions | 3 |
| Google Cloud Build | 3 |
| No Hosted Build Platform | 1 |
| Builder | Potential SLSA Level
|--------------------------|:--------------------:
| FRSCA | 2
| GitHub Actions | 3
| Google Cloud Build | 3
| No Hosted Build Platform | 1
12 changes: 6 additions & 6 deletions docs/notes/index.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,9 +8,9 @@ docs. This way you can type, for example, `https://slsa.dev/notes/community`
instead of finding the Google docs URL. Each notes document also has the time,
meeting link, etc. at the top.

URL | Alias | Meeting
------------------------------ | ------------ | ---------------------------
[community](community) | | General community meeting
[positioning](positioning) | | Positioning SIG
[specification](specification) | [spec](spec) | Specification SIG
[tooling](tooling) | | Tooling SIG
| URL | Alias | Meeting
| ------------------------------ | ------------ | ---------------------------
| [community](community) | | General community meeting
| [positioning](positioning) | | Positioning SIG
| [specification](specification) | [spec](spec) | Specification SIG
| [tooling](tooling) | | Tooling SIG
Loading

0 comments on commit 53992b6

Please sign in to comment.