diff --git a/attestor/README.md b/attestor/README.md index 24f9022a373..0043ace52c8 100644 --- a/attestor/README.md +++ b/attestor/README.md @@ -23,7 +23,7 @@ Policies for scorecard attestor can be passed through the CLI using the `--polic * `PreventKnownVulnerabilities`: Ensure that the project is free from security vulnerabilities/advisories, as registered in osv.dev. * `PreventUnpinnedDependencies`: Ensure that a project's dependencies are pinned by hash. Dependency pinning makes builds more predictable, and prevents the consumption of malicious package versions from a compromised upstream. * `AllowedUnpinnedDependencies`: Ignore some dependencies, either by the filepath of the dependency management file (`filepath`, e.g. requirements.txt or package.json) or the dependency name (`packagename`, the specific package being ignored). If multiple filepaths/names, or a combination of filepaths and names are specified, all of them will be used. If not specified, no unpinned dependencies will be allowed. -* `RequireCodeReviewed`: Require that If `CodeReviewRequirements` is not specified, at least one reviewer will be required on all changesets. Scorecard-attestor inherits scorecard's deafult commit window (i.e. will only look at the last 30 commits to determine if they are reviewed or not). +* `RequireCodeReviewed`: Require that If `CodeReviewRequirements` is not specified, at least one reviewer will be required on all changesets. Scorecard-attestor inherits scorecard's default commit window (i.e. will only look at the last 30 commits to determine if they are reviewed or not). * `CodeReviewRequirements.MinReviewers`: The minimum number of distinct approvals required. * `CodeReviewRequirements.RequiredApprovers`: A set of approvers, any of whom must be found to have approved all changes. If a change is found without any approvals from this list, the check fails. diff --git a/cron/k8s/README.md b/cron/k8s/README.md index aee2f7fe1da..2dc9d9e0b3c 100644 --- a/cron/k8s/README.md +++ b/cron/k8s/README.md @@ -13,7 +13,7 @@ Note: `relaxed` is a more tolerant, predefined config which ignores things like Follow instructions [here](https://cloud.google.com/kubernetes-engine/docs/how-to/cluster-access-for-kubectl) -to configure `kubectl` and set the deafult cluster. +to configure `kubectl` and set the default cluster. The cluster name is `openssf` which is in zone `us-central1-c`.