docs(readme): fix typos

thomasleplus · thomasleplus · commit c58dc3480247 · 2026-02-04T21:13:25.000+01:00
diff --git a/README.md b/README.md
@@ -58,11 +58,11 @@ docker buildx imagetools inspect leplusorg/mail --format '{{ json .Provenance }}
 
 [Sigstore](https://docs.sigstore.dev) is trying to improve supply
 chain security by allowing you to verify the origin of an
-artifcat. You can verify that the image that you use was actually
+artifact. You can verify that the image that you use was actually
 produced by this repository. This means that if you verify the
 signature of the Docker image, you can trust the integrity of the
 whole supply chain from code source, to CI/CD build, to distribution
-on Maven Central or whever you got the image from.
+on Maven Central or wherever you got the image from.
 
 You can use the following command to verify the latest image using its
 sigstore signature attestation:
