From ae1cdc71dc0814053e3052a6fcc8c955f45cf6c1 Mon Sep 17 00:00:00 2001
From: arjundashrath <54043589+arjundashrath@users.noreply.github.com>
Date: Thu, 3 Feb 2022 16:10:35 +0530
Subject: [PATCH 01/13] Update README.md

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 95cd92b..cd66930 100644
--- a/README.md
+++ b/README.md
@@ -23,7 +23,7 @@ First-of-its-kind patent-pending technology that automatically correlates outbou
 2. In the workflow logs, you will see a link to security insights and recommendations.  
 
     <p align="left">
-      <img src="https://step-security-images.s3.us-west-2.amazonaws.com/build_log_link1.png" alt="Link in build log" >
+      <img src="https://github.com/step-security/supply-chain-goat/blob/main/images/InsightsLink.png" alt="Link in build log" >
     </p>
 
 3. Click on the link ([example link](https://app.stepsecurity.io/github/jauderho/dockerfiles/actions/runs/1736506434)). You will see outbound traffic made by each step.

From 4dd9a3bdf83083d338afa8626baf91ef71d78ae8 Mon Sep 17 00:00:00 2001
From: arjundashrath <54043589+arjundashrath@users.noreply.github.com>
Date: Thu, 3 Feb 2022 16:17:34 +0530
Subject: [PATCH 02/13] Update README.md

---
 README.md | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index cd66930..2ada168 100644
--- a/README.md
+++ b/README.md
@@ -23,16 +23,17 @@ First-of-its-kind patent-pending technology that automatically correlates outbou
 2. In the workflow logs, you will see a link to security insights and recommendations.  
 
     <p align="left">
-      <img src="https://github.com/step-security/supply-chain-goat/blob/main/images/InsightsLink.png" alt="Link in build log" >
+      <img src="https://github.com/arjundashrath/supply-chain-goat/blob/main/images/harden-runner/ActionLog.png" alt="Link in build log" >
     </p>
 
 3. Click on the link ([example link](https://app.stepsecurity.io/github/jauderho/dockerfiles/actions/runs/1736506434)). You will see outbound traffic made by each step.
 
     <p align="left">
-      <img src="https://step-security-images.s3.us-west-2.amazonaws.com/insights3.png" alt="Insights from harden-runner" >
+      <img src="https://github.com/arjundashrath/supply-chain-goat/blob/main/images/harden-runner/OnlineTool.png" alt="Insights from harden-runner" >
     </p>
+    Below the insights, you will see the recommended policy.
     <p align="left">
-      <img src="https://step-security-images.s3.us-west-2.amazonaws.com/recommended-policy.png" alt="Policy recommended by harden-runner" >
+      <img src="https://github.com/arjundashrath/supply-chain-goat/blob/main/images/harden-runner/RecommendedPolicy.png" alt="Policy recommended by harden-runner" >
     </p>
 
 4. Add the recommended outbound endpoints to your workflow file, and only traffic to these endpoints will be allowed.

From 4b2d27fd0aa9492cf5380b2a2fdafe21bb895831 Mon Sep 17 00:00:00 2001
From: arjundashrath <54043589+arjundashrath@users.noreply.github.com>
Date: Thu, 3 Feb 2022 16:23:54 +0530
Subject: [PATCH 03/13] Update README.md

---
 README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 2ada168..3ced8c7 100644
--- a/README.md
+++ b/README.md
@@ -44,9 +44,9 @@ First-of-its-kind patent-pending technology that automatically correlates outbou
         with:
           egress-policy: block
           allowed-endpoints: 
-            api.github.com:443
+            codecov.io:443
             github.com:443
-            pypi.org:443
+
     ```
 
 ## Try it out

From 7b14730d513a425cfd99a7e5934c3e6457511499 Mon Sep 17 00:00:00 2001
From: arjundashrath <54043589+arjundashrath@users.noreply.github.com>
Date: Thu, 3 Feb 2022 16:25:33 +0530
Subject: [PATCH 04/13] Update README.md

---
 README.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 3ced8c7..511caaf 100644
--- a/README.md
+++ b/README.md
@@ -23,17 +23,17 @@ First-of-its-kind patent-pending technology that automatically correlates outbou
 2. In the workflow logs, you will see a link to security insights and recommendations.  
 
     <p align="left">
-      <img src="https://github.com/arjundashrath/supply-chain-goat/blob/main/images/harden-runner/ActionLog.png" alt="Link in build log" >
+      <img src="https://github.com/step-security/supply-chain-goat/blob/main/images/harden-runner/ActionLog.png" alt="Link in build log" >
     </p>
 
 3. Click on the link ([example link](https://app.stepsecurity.io/github/jauderho/dockerfiles/actions/runs/1736506434)). You will see outbound traffic made by each step.
 
     <p align="left">
-      <img src="https://github.com/arjundashrath/supply-chain-goat/blob/main/images/harden-runner/OnlineTool.png" alt="Insights from harden-runner" >
+      <img src="https://github.com/step-security/supply-chain-goat/blob/main/images/harden-runner/OnlineTool.png" alt="Insights from harden-runner" >
     </p>
     Below the insights, you will see the recommended policy.
     <p align="left">
-      <img src="https://github.com/arjundashrath/supply-chain-goat/blob/main/images/harden-runner/RecommendedPolicy.png" alt="Policy recommended by harden-runner" >
+      <img src="https://github.com/step-security/supply-chain-goat/blob/main/images/harden-runner/RecommendedPolicy.png" alt="Policy recommended by harden-runner" >
     </p>
 
 4. Add the recommended outbound endpoints to your workflow file, and only traffic to these endpoints will be allowed.

From 5b0997e901bbb9ae0f92d24803b61ea1029f0442 Mon Sep 17 00:00:00 2001
From: arjundashrath <54043589+arjundashrath@users.noreply.github.com>
Date: Mon, 7 Feb 2022 14:20:35 +0530
Subject: [PATCH 05/13] Update README.md

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 511caaf..e49b094 100644
--- a/README.md
+++ b/README.md
@@ -23,7 +23,7 @@ First-of-its-kind patent-pending technology that automatically correlates outbou
 2. In the workflow logs, you will see a link to security insights and recommendations.  
 
     <p align="left">
-      <img src="https://github.com/step-security/supply-chain-goat/blob/main/images/harden-runner/ActionLog.png" alt="Link in build log" >
+      <img src="https://github.com/arjundashrath/supply-chain-goat/blob/main/images/harden-runner/WorkflowLog.png" alt="Link in build log" >
     </p>
 
 3. Click on the link ([example link](https://app.stepsecurity.io/github/jauderho/dockerfiles/actions/runs/1736506434)). You will see outbound traffic made by each step.

From 09ace35a6c42d233ff640ed393ec938bfacd0823 Mon Sep 17 00:00:00 2001
From: arjundashrath <54043589+arjundashrath@users.noreply.github.com>
Date: Mon, 7 Feb 2022 14:26:52 +0530
Subject: [PATCH 06/13] Update README.md

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index e49b094..24da5ff 100644
--- a/README.md
+++ b/README.md
@@ -29,7 +29,7 @@ First-of-its-kind patent-pending technology that automatically correlates outbou
 3. Click on the link ([example link](https://app.stepsecurity.io/github/jauderho/dockerfiles/actions/runs/1736506434)). You will see outbound traffic made by each step.
 
     <p align="left">
-      <img src="https://github.com/step-security/supply-chain-goat/blob/main/images/harden-runner/OnlineTool.png" alt="Insights from harden-runner" >
+      <img src="https://github.com/arjundashrath/supply-chain-goat/blob/main/images/harden-runner/OutboundCalls.png" alt="Insights from harden-runner" >
     </p>
     Below the insights, you will see the recommended policy.
     <p align="left">

From 3fb042e591888ae493c8d0a484f0ef2611061ecc Mon Sep 17 00:00:00 2001
From: arjundashrath <54043589+arjundashrath@users.noreply.github.com>
Date: Mon, 7 Feb 2022 14:30:46 +0530
Subject: [PATCH 07/13] Update README.md

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 24da5ff..0d258b9 100644
--- a/README.md
+++ b/README.md
@@ -29,7 +29,7 @@ First-of-its-kind patent-pending technology that automatically correlates outbou
 3. Click on the link ([example link](https://app.stepsecurity.io/github/jauderho/dockerfiles/actions/runs/1736506434)). You will see outbound traffic made by each step.
 
     <p align="left">
-      <img src="https://github.com/arjundashrath/supply-chain-goat/blob/main/images/harden-runner/OutboundCalls.png" alt="Insights from harden-runner" >
+      <img src="https://github.com/arjundashrath/supply-chain-goat/blob/main/images/harden-runner/OutboundCall.png" alt="Insights from harden-runner" >
     </p>
     Below the insights, you will see the recommended policy.
     <p align="left">

From dd8ece98d45d4edde1a60de7ddefc1d4ab6caf4f Mon Sep 17 00:00:00 2001
From: arjundashrath <54043589+arjundashrath@users.noreply.github.com>
Date: Mon, 7 Feb 2022 14:34:38 +0530
Subject: [PATCH 08/13] Update README.md

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 0d258b9..389d5b2 100644
--- a/README.md
+++ b/README.md
@@ -23,7 +23,7 @@ First-of-its-kind patent-pending technology that automatically correlates outbou
 2. In the workflow logs, you will see a link to security insights and recommendations.  
 
     <p align="left">
-      <img src="https://github.com/arjundashrath/supply-chain-goat/blob/main/images/harden-runner/WorkflowLog.png" alt="Link in build log" >
+      <img src="https://github.com/arjundashrath/supply-chain-goat/blob/main/images/harden-runner/ActionLog.png" alt="Link in build log" >
     </p>
 
 3. Click on the link ([example link](https://app.stepsecurity.io/github/jauderho/dockerfiles/actions/runs/1736506434)). You will see outbound traffic made by each step.

From 301bf3ba4b80aab46faa836698e0780c0a9fc8e6 Mon Sep 17 00:00:00 2001
From: arjundashrath <54043589+arjundashrath@users.noreply.github.com>
Date: Mon, 7 Feb 2022 14:38:31 +0530
Subject: [PATCH 09/13] Update README.md

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 389d5b2..3a2c5d7 100644
--- a/README.md
+++ b/README.md
@@ -33,7 +33,7 @@ First-of-its-kind patent-pending technology that automatically correlates outbou
     </p>
     Below the insights, you will see the recommended policy.
     <p align="left">
-      <img src="https://github.com/step-security/supply-chain-goat/blob/main/images/harden-runner/RecommendedPolicy.png" alt="Policy recommended by harden-runner" >
+      <img src="https://github.com/arjundashrath/supply-chain-goat/blob/main/images/harden-runner/RecPolicy.png" alt="Policy recommended by harden-runner" >
     </p>
 
 4. Add the recommended outbound endpoints to your workflow file, and only traffic to these endpoints will be allowed.

From bb6055f37bc0c247d9c87d554fc4967e6c7e24ae Mon Sep 17 00:00:00 2001
From: arjundashrath <54043589+arjundashrath@users.noreply.github.com>
Date: Mon, 7 Feb 2022 14:41:31 +0530
Subject: [PATCH 10/13] Update README.md

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 3a2c5d7..8db2691 100644
--- a/README.md
+++ b/README.md
@@ -33,7 +33,7 @@ First-of-its-kind patent-pending technology that automatically correlates outbou
     </p>
     Below the insights, you will see the recommended policy.
     <p align="left">
-      <img src="https://github.com/arjundashrath/supply-chain-goat/blob/main/images/harden-runner/RecPolicy.png" alt="Policy recommended by harden-runner" >
+      <img src="https://github.com/arjundashrath/supply-chain-goat/blob/main/images/harden-runner/RecomPolicy.png" alt="Policy recommended by harden-runner" >
     </p>
 
 4. Add the recommended outbound endpoints to your workflow file, and only traffic to these endpoints will be allowed.

From 7e6007240934f3cfc84bd3c0eae6a10c048a6319 Mon Sep 17 00:00:00 2001
From: arjundashrath <54043589+arjundashrath@users.noreply.github.com>
Date: Mon, 7 Feb 2022 14:42:37 +0530
Subject: [PATCH 11/13] Update README.md

---
 README.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 8db2691..7a31536 100644
--- a/README.md
+++ b/README.md
@@ -44,8 +44,9 @@ First-of-its-kind patent-pending technology that automatically correlates outbou
         with:
           egress-policy: block
           allowed-endpoints: 
-            codecov.io:443
+            api.github.com:443
             github.com:443
+            pypi.org:443
 
     ```
 

From 65ac598c2b05ee12f1da152c167ce388a6f4605d Mon Sep 17 00:00:00 2001
From: arjundashrath <54043589+arjundashrath@users.noreply.github.com>
Date: Mon, 7 Feb 2022 14:43:11 +0530
Subject: [PATCH 12/13] Update README.md

---
 README.md | 1 -
 1 file changed, 1 deletion(-)

diff --git a/README.md b/README.md
index 7a31536..99c0618 100644
--- a/README.md
+++ b/README.md
@@ -47,7 +47,6 @@ First-of-its-kind patent-pending technology that automatically correlates outbou
             api.github.com:443
             github.com:443
             pypi.org:443
-
     ```
 
 ## Try it out

From 39804202c45b34c4a8e6f447836028d4c2f57b44 Mon Sep 17 00:00:00 2001
From: arjundashrath <54043589+arjundashrath@users.noreply.github.com>
Date: Mon, 7 Feb 2022 14:46:55 +0530
Subject: [PATCH 13/13] Update README.md

---
 README.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 99c0618..0ea221e 100644
--- a/README.md
+++ b/README.md
@@ -23,17 +23,17 @@ First-of-its-kind patent-pending technology that automatically correlates outbou
 2. In the workflow logs, you will see a link to security insights and recommendations.  
 
     <p align="left">
-      <img src="https://github.com/arjundashrath/supply-chain-goat/blob/main/images/harden-runner/ActionLog.png" alt="Link in build log" >
+      <img src="https://github.com/step-security/supply-chain-goat/blob/main/images/harden-runner/ActionLog.png" alt="Link in build log" >
     </p>
 
 3. Click on the link ([example link](https://app.stepsecurity.io/github/jauderho/dockerfiles/actions/runs/1736506434)). You will see outbound traffic made by each step.
 
     <p align="left">
-      <img src="https://github.com/arjundashrath/supply-chain-goat/blob/main/images/harden-runner/OutboundCall.png" alt="Insights from harden-runner" >
+      <img src="https://github.com/step-security/supply-chain-goat/blob/main/images/harden-runner/OutboundCall.png" alt="Insights from harden-runner" >
     </p>
     Below the insights, you will see the recommended policy.
     <p align="left">
-      <img src="https://github.com/arjundashrath/supply-chain-goat/blob/main/images/harden-runner/RecomPolicy.png" alt="Policy recommended by harden-runner" >
+      <img src="https://github.com/step-security/supply-chain-goat/blob/main/images/harden-runner/RecomPolicy.png" alt="Policy recommended by harden-runner" >
     </p>
 
 4. Add the recommended outbound endpoints to your workflow file, and only traffic to these endpoints will be allowed.