oras-project · qweeah · Jun 7, 2024 · Jun 7, 2024 · Jun 7, 2024 · Jun 7, 2024
@@ -53,12 +53,8 @@ const config = {
                     // Remove this to remove the "edit this page" links.
                     editUrl:
                         "https://github.com/oras-project/oras-www/tree/main/",
-                        versions: {
-                            "1.1": {
-                                label: '1.1',
-                                path: '1.1',
-                            }
-                        }
+                        includeCurrentVersion: false,
+                        lastVersion: "1.2"
                 },
                 blog: {
                     showReadingTime: true,

@@ -148,7 +148,7 @@ Git has a `-s` command line option to do this automatically:
 If you forgot to do this and have not yet pushed your changes to the remote
 repository, you can amend your commit with the sign-off by running
 
-    git commit --amend -s
+    git commit --amend -s 
 
 ## Pull Request Checklist
 

@@ -16,21 +16,21 @@ sidebar_position: 40
 
 ## Contributor Ladder
 
-Hello! We are excited that you want to learn more about our project contributor ladder!
-This contributor ladder outlines the different contributor roles within the project,
-along with the responsibilities and privileges that come with them.
+Hello! We are excited that you want to learn more about our project contributor ladder! 
+This contributor ladder outlines the different contributor roles within the project, 
+along with the responsibilities and privileges that come with them. 
 Community members generally start at the first levels of the "ladder" and advance up it as their involvement in the project grows.
 Our project members are happy to help you advance along the contributor ladder.
 
-Each of the contributor roles below is organized into three sections.
-"Responsibilities" are tasks that a contributor is expected to do.
-"Requirements" are qualifications a person needs to meet to be in that role,
+Each of the contributor roles below is organized into three sections. 
+"Responsibilities" are tasks that a contributor is expected to do. 
+"Requirements" are qualifications a person needs to meet to be in that role, 
 and "Privileges" are rights contributors on that level are entitled to.
 
 ### Contributor
-A Contributor directly adds value to the project.
-Contributions need not be code.
-Individuals at the Contributor level may be new contributors,
+A Contributor directly adds value to the project. 
+Contributions need not be code. 
+Individuals at the Contributor level may be new contributors, 
 or they may only contribute occasionally.
 
 * Responsibilities include:
@@ -54,22 +54,22 @@ or they may only contribute occasionally.
 
 ### Owners Structure
 There are two types of owners in the ORAS project hierarchy: organization owners and subproject owners.
-ORAS organization owners oversee the overall project and its health.
-Subproject owners focus on a single repository,
-a group of related repositories,
-a service (e.g., a website),
+ORAS organization owners oversee the overall project and its health. 
+Subproject owners focus on a single repository, 
+a group of related repositories, 
+a service (e.g., a website), 
 or subproject to support the other subprojects (e.g., marketing or community management).
 
-Changes in ORAS Organization owners have to be announced via an
-[issue on the Community repository](https://github.com/oras-project/community/issues).
+Changes in ORAS Organization owners have to be announced via an 
+[issue on the Community repository](https://github.com/oras-project/community/issues). 
 Changes to sub-project owners are to be announced via the appropriate sub-project issue.
 
-You can find more information on the roles of organization owners and
+You can find more information on the roles of organization owners and 
 subproject owners in the [governance](https://github.com/oras-project/community/blob/main/governance/GOVERNANCE.md).
 
 ## Inactivity
-It is important for contributors to be and stay active to set an example and show commitment to the project.
-Inactivity is harmful to the project as it may lead to unexpected delays,
+It is important for contributors to be and stay active to set an example and show commitment to the project. 
+Inactivity is harmful to the project as it may lead to unexpected delays, 
 contributor attrition, and a lost of trust in the project.
 
 * Inactivity is measured by:
@@ -81,24 +81,24 @@ contributor attrition, and a lost of trust in the project.
 
 ## Involuntary Removal or Demotion
 
-Involuntary removal/demotion of a contributor happens when responsibilities and requirements aren't being met.
-This may include repeated patterns of inactivity, extended period of inactivity,
-a period of failing to meet the requirements of your role,
-and/or a violation of the Code of Conduct.
-This process is important because it protects the community and its deliverables while also opens up opportunities for new
+Involuntary removal/demotion of a contributor happens when responsibilities and requirements aren't being met. 
+This may include repeated patterns of inactivity, extended period of inactivity, 
+a period of failing to meet the requirements of your role, 
+and/or a violation of the Code of Conduct. 
+This process is important because it protects the community and its deliverables while also opens up opportunities for new 
 contributors to step in.
 
 Involuntary removal or demotion is handled through a vote by a majority of the current Maintainers.
 
 ## Stepping Down/Emeritus Process
-If and when contributors' commitment levels change,
-contributors can consider stepping down (moving down the contributor ladder) vs moving to emeritus status
+If and when contributors' commitment levels change, 
+contributors can consider stepping down (moving down the contributor ladder) vs moving to emeritus status 
 (completely stepping away from the project).
 
-Contact the Maintainers about changing to Emeritus status,
+Contact the Maintainers about changing to Emeritus status, 
 or reducing your contributor level.
 
 ## Contact
-* For inquiries, please drop a message in the #oras channel in the CNCF Workspace.
-You can follow the instructions in the [community resources](../community/community_resources.mdx#joining-the-slack-channel)
+* For inquiries, please drop a message in the #oras channel in the CNCF Workspace. 
+You can follow the instructions in the [community resources](../community/community_resources.mdx#joining-the-slack-channel) 
 to join it.
@@ -5,7 +5,7 @@ sidebar_position: 50
 
 # Security Policy
 
-Thank you for taking the time to report a security vulnerability.
+Thank you for taking the time to report a security vulnerability. 
 We would like to investigate every report thoroughly.
 
 ## Reporting a Vulnerability
@@ -20,9 +20,9 @@ Navigate to the appropriate reporsitory.
 
 Click on `Security` and then `Report a vulnerability`
 
-![Screenshot of how to report a vulnerability](/img/reporting_a_security_concern.png)
+![Screenshot of how to report a vulnerability](../static/img/reporting_a_security_concern.png)
 
-**Step 3**
+**Step 3** 
 
 You can fill in all the details of the vulnerability and click on `Submit report`.
 This report will be visible to only the maintainers (and anyone else required to look into the issue).
@@ -40,16 +40,16 @@ Please send us a report whenever you:
 
 The ORAS maintainers will acknowledge and analyze your report within 14 working days for high severity issues.
 
-Any vulnerability information you share with us, stays with the maintainers.
+Any vulnerability information you share with us, stays with the maintainers. 
 We will only disclose the information that is required to resolve the problem.
 
 We will update you on the status of the report throughout.
 
 ## Fixing the issue
 
-Once a security vulnerability has been identified, the maintainers (contributors, if required) will work on finding a solution.
+Once a security vulnerability has been identified, the maintainers (contributors, if required) will work on finding a solution. 
 The development and testing for the fix will happen in a private GitHub repository in order to prevent premature disclosure of the vulnerability.
 
-After the fix has been tested and deemed fit to be made public,
-the changes will be merged from the private GitHub repository to the appropriate public branches.
+After the fix has been tested and deemed fit to be made public, 
+the changes will be merged from the private GitHub repository to the appropriate public branches. 
 All the necessary binaries will be built and published.
@@ -0,0 +1,140 @@
+const projects = [
+    {
+        title: "Helm",
+        light: "img/adopters/helm_light.svg",
+        dark: "img/adopters/helm_dark.svg",
+        description: "Helm is the package manager for Kubernetes. It helps you manage Kubernetes applications.",
+        link: "https://v3.helm.sh/docs/topics/registries/",
+    },
+    {
+        title: "Singularity",
+        light: "img/adopters/singularity.svg",
+        dark: "img/adopters/singularity.svg",
+        description: "Linux container platform optimized for High Performance Computing (HPC) and Enterprise Performance Computing (EPC).",
+        link: "https://docs.sylabs.io/guides/3.1/user-guide/cli/singularity.html",
+    },
+    {
+        title: "Falcoctl",
+        light: "img/adopters/falco.svg",
+        dark: "img/adopters/falco.svg",
+        description: "Open source standard for runtime security for hosts, containers, Kubernetes and the cloud.",
+        link: "https://github.com/falcosecurity/falcoctl",
+    },
+    {
+        title: "Policy",
+        light: "img/adopters/policy.svg",
+        dark: "img/adopters/policy.svg",
+        description: "CLI for building Open Policy Agent (OPA) policies into OCI images.",
+        link: "https://github.com/opcr-io/policy",
+    },
+    {
+        title: "Wasm to OCI",
+        light: "img/adopters/wasmtooci_light.svg",
+        dark: "img/adopters/wasmtooci_dark.svg",
+        description: "Use OCI registries to distribute WebAssembly modules.",
+        link: "https://github.com/engineerd/wasm-to-oci",
+    },
+    {
+        title: "Conftest",
+        light: "img/adopters/opa_light.svg",
+        dark: "img/adopters/opa_dark.svg",
+        description: "Write tests against structured configuration data using the Open Policy Agent Rego query language.",
+        link: "https://github.com/open-policy-agent/conftest",
+    },
+    {
+        title: "Notation",
+        light: "img/adopters/notary_light.svg",
+        dark: "img/adopters/notary_dark.svg",
+        description: "Signing and verifying artifacts. Safeguarding the software delivery security from development to deployment.",
+        link: "https://github.com/notaryproject/notation",
+    },
+    {
+        title: "SOCI Snapshotter",
+        light: "img/adopters/aws_light.svg",
+        dark: "img/adopters/aws_dark.svg",
+        description: "A containerd snapshotter plugin which enables standard OCI images to be lazily loaded without requiring a build-time conversion step.",
+        link: "https://github.com/awslabs/soci-snapshotter",
+    },
+    {
+        title: "Helmper",
+        light: "img/adopters/helmper.svg",
+        dark: "img/adopters/helmper.svg",
+        description: "A little helper that pushes Helm Charts and images to your registries, easily configured with a declarative spec.",
+        link: "https://github.com/christoffernissen/helmper",
+    },
+];
+
+const registries = [
+    {
+        title: "CNCF Distribution",
+        light: "img/adopters/cncf.svg",
+        dark: "img/adopters/cncf.svg",
+        description: "The toolkit to pack, ship, store, and deliver container content.",
+        link: "https://github.com/distribution/distribution",
+    },
+    {
+        title: "Amazon Elastic Container Registry",
+        light: "img/adopters/aws_light.svg",
+        dark: "img/adopters/aws_dark.svg",
+        description: "Fully managed container registry offering high-performance hosting, to reliably deploy application images and artifacts anywhere.",
+        link: "https://aws.amazon.com/ecr/",
+    },
+    {
+        title: "Azure Container Registry",
+        light: "img/adopters/azure.svg",
+        dark: "img/adopters/azure.svg",
+        description: "A private registry service for building, storing, and managing container images and related artifacts.",
+        link: "https://azure.microsoft.com/products/container-registry/",
+    },
+    {
+        title: "Google Artifact Registry",
+        light: "img/adopters/gcp.svg",
+        dark: "img/adopters/gcp.svg",
+        description: "A single place for an organization to manage container images and language packages (such as Maven and npm).",
+        link: "https://cloud.google.com/artifact-registry",
+    },
+    {
+        title: "GitHub Packages Container Registry",
+        light: "img/adopters/github_light.svg",
+        dark: "img/adopters/github_dark.svg",
+        description: "Stores container images within your organization or personal account, and allows you to associate an image with a repository.",
+        link: "https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-container-registry",
+    },
+    {
+        title: "GitLab Container Registry",
+        light: "img/adopters/gitlab.svg",
+        dark: "img/adopters/gitlab.svg",
+        description: "Fully-integrated with GitLab making it easy for developers to code, test, and deploy container images.",
+        link: "https://docs.gitlab.com/ee/user/packages/container_registry/",
+    },
+    {
+        title: "JFrog Artifactory",
+        light: "img/adopters/jfrog.svg",
+        dark: "img/adopters/jfrog.svg",
+        description: "Fully hybrid - on-prem / cloud binary repository that supports Docker containers, provides reliable, consistent, and efficient access to remote Docker container registries.",
+        link: "https://jfrog.com/container-registry/",
+    },
+    {
+        title: "Docker Hub",
+        light: "img/adopters/docker_light.svg",
+        dark: "img/adopters/docker_dark.svg",
+        description: "Docker Hub is a service provided by Docker for finding and sharing container images.",
+        link: "https://hub.docker.com/",
+    },
+    {
+        title: "Zot Registry",
+        light: "img/adopters/zot.svg",
+        dark: "img/adopters/zot.svg",
+        description: "An OCI-native container registry for distributing container images and OCI artifacts.",
+        link: "https://zotregistry.dev/",
+    },
+    {
+        title: "Harbor",
+        light: "img/adopters/harbor.svg",
+        dark: "img/adopters/harbor.svg",
+        description: "An open source registry that secures artifacts with policies and role-based access control, ensures images are scanned and signs images as trusted.",
+        link: "https://goharbor.io/",
+    },
+];
+
+export default { projects, registries };