diff --git a/docs/source/index.rst b/docs/source/index.rst index 2f742b6c2..14b42cc44 100644 --- a/docs/source/index.rst +++ b/docs/source/index.rst @@ -8,7 +8,7 @@ :keywords: CI/CD, SLSA, supply-chain security .. References/links -.. _Witness: https://github.com/testifysec/witness +.. _Witness: https://github.com/in-toto/witness .. _SLSA: https://slsa.dev ===================== diff --git a/docs/source/pages/supported_technologies/index.rst b/docs/source/pages/supported_technologies/index.rst index 8f207c26d..0e3eb9bcb 100644 --- a/docs/source/pages/supported_technologies/index.rst +++ b/docs/source/pages/supported_technologies/index.rst @@ -89,7 +89,7 @@ Provenances * `SLSA provenance version 0.2 `_. * The provenance should be published as a GitHub release asset - :doc:`page ` - * - `Witness `_ + * - `Witness `_ - * Witness provenance version 0.1 * Projects built with Gradle on GitLab CI diff --git a/docs/source/pages/tutorials/index.rst b/docs/source/pages/tutorials/index.rst index c07cd3365..0e9c69b93 100644 --- a/docs/source/pages/tutorials/index.rst +++ b/docs/source/pages/tutorials/index.rst @@ -2,7 +2,7 @@ .. Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/. .. References/links -.. _Witness: https://github.com/testifysec/witness +.. _Witness: https://github.com/in-toto/witness .. _SLSA: https://slsa.dev diff --git a/src/macaron/config/defaults.ini b/src/macaron/config/defaults.ini index 63d57b834..bf9c46886 100644 --- a/src/macaron/config/defaults.ini +++ b/src/macaron/config/defaults.ini @@ -439,7 +439,7 @@ max_download_size = 70000000 # This is the timeout (in seconds) to run the SLSA verifier. timeout = 120 -# Witness provenance. See: https://github.com/testifysec/witness. +# Witness provenance. See: https://github.com/in-toto/witness. [provenance.witness] # The allowed values of the `predicateType` field in the provenance (data type: list). # For more details, see: diff --git a/src/macaron/slsa_analyzer/checks/provenance_witness_l1_check.py b/src/macaron/slsa_analyzer/checks/provenance_witness_l1_check.py index 9b5344fd8..1fcbb96ae 100644 --- a/src/macaron/slsa_analyzer/checks/provenance_witness_l1_check.py +++ b/src/macaron/slsa_analyzer/checks/provenance_witness_l1_check.py @@ -1,7 +1,7 @@ # Copyright (c) 2023 - 2023, Oracle and/or its affiliates. All rights reserved. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/. -"""This check examines a witness provenance (https://github.com/testifysec/witness).""" +"""This check examines a witness provenance (https://github.com/in-toto/witness).""" import logging @@ -95,7 +95,7 @@ class ProvenanceWitnessL1Table(CheckFacts, ORMBase): class ProvenanceWitnessL1Check(BaseCheck): - """This check examines a Witness provenance (https://github.com/testifysec/witness). + """This check examines a Witness provenance (https://github.com/in-toto/witness). At the moment, we are only checking the actual digests of the artifacts against the digests in the provenance. diff --git a/src/macaron/slsa_analyzer/provenance/witness/__init__.py b/src/macaron/slsa_analyzer/provenance/witness/__init__.py index cbe1afe8e..f7e245b10 100644 --- a/src/macaron/slsa_analyzer/provenance/witness/__init__.py +++ b/src/macaron/slsa_analyzer/provenance/witness/__init__.py @@ -1,7 +1,7 @@ # Copyright (c) 2023 - 2023, Oracle and/or its affiliates. All rights reserved. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/. -"""Witness provenance (https://github.com/testifysec/witness).""" +"""Witness provenance (https://github.com/in-toto/witness).""" import logging from typing import NamedTuple diff --git a/src/macaron/slsa_analyzer/provenance/witness/attestor.py b/src/macaron/slsa_analyzer/provenance/witness/attestor.py index 7fc2e3f24..3f2768843 100644 --- a/src/macaron/slsa_analyzer/provenance/witness/attestor.py +++ b/src/macaron/slsa_analyzer/provenance/witness/attestor.py @@ -30,7 +30,7 @@ class GitLabWitnessAttestor: """Witness attestor for GitLab. In the payload of a witness provenance, each subject corresponds to an attestor. - Docs: https://github.com/testifysec/witness/blob/main/docs/attestors/gitlab.md + Docs: https://github.com/in-toto/witness/blob/main/docs/attestors/gitlab.md """ def extract_repo_url(self, payload: InTotoPayload) -> str | None: