fraqtal/agentic-dev
Template
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

chore(work): finish 10-sbom-ci-workflow

Browse Source
This commit is contained in:
Danijel Martinek
2026-05-20 13:33:07 +02:00
parent 08bc19293a
commit b87a406c96
3 changed files with 8 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
docs/work/_system/_state.json
View File

@@ -1,5 +1,5 @@
{
"updated_at": "2026-05-20T11:22:09.493Z",
"updated_at": "2026-05-20T11:33:08.030Z",
"epics": {
"binder-wrap-helper": {
"status": "done",
@@ -667,10 +667,10 @@
"blocks": []
},
"10-sbom-ci-workflow": {
"status": "todo",
"status": "done",
"title": "SBOM CI workflow and ADR-023 amendment",
"ac_total": 1,
"ac_completed": 0,
"ac_completed": 1,
"depends_on": [],
"blocks": []
},
@@ -686,11 +686,6 @@
}
},
"ready": [
{
"epic": "security-headers-rate-limit-sbom",
"story": "10-sbom-ci-workflow",
"title": "SBOM CI workflow and ADR-023 amendment"
},
{
"epic": "security-headers-rate-limit-sbom",
"story": "11-documentation",

6
docs/work/epics/security-headers-rate-limit-sbom/10-sbom-ci-workflow/_story.md
View File

@@ -3,12 +3,12 @@ id: 10-sbom-ci-workflow
epic: security-headers-rate-limit-sbom
title: SBOM CI workflow and ADR-023 amendment
type: technical-story
status: todo
status: done
feature: ci
depends-on: []
blocks: []
created: 2026-05-20T00:00:00Z
updated: 2026-05-20T08:14:55.907Z
updated: 2026-05-20T11:33:07.860Z
---
## Goal
@@ -42,4 +42,4 @@ Consumers pursuing SOC 2 / ISO 27001 / FedRAMP / EU CRA must answer "what's in v
## Tasks
- [ ] Add conditional SBOM generation step (`pnpm dlx @cyclonedx/cyclonedx-npm --output-file sbom-${{ steps.release.outputs.tag_name }}.cdx.json --output-format json`) and upload step (`softprops/action-gh-release@<SHA>` with `files:` pointing to the SBOM and `tag_name:` from release-please output) to `.github/workflows/release-please.yml`; add amendment subsection to `docs/decisions/adr-023-ci-security-and-supply-chain.md` documenting the concrete step shape and rationale; all gates pass.
- [x] Add conditional SBOM generation step (`pnpm dlx @cyclonedx/cyclonedx-npm --output-file sbom-${{ steps.release.outputs.tag_name }}.cdx.json --output-format json`) and upload step (`softprops/action-gh-release@<SHA>` with `files:` pointing to the SBOM and `tag_name:` from release-please output) to `.github/workflows/release-please.yml`; add amendment subsection to `docs/decisions/adr-023-ci-security-and-supply-chain.md` documenting the concrete step shape and rationale; all gates pass.

4
docs/work/epics/security-headers-rate-limit-sbom/_epic.md
View File

@@ -7,7 +7,7 @@ status: in-progress
features:
[core-shared, core-testing, core-eslint, auth, web-next, web-tanstack, cms]
created: 2026-05-20T00:00:00Z
updated: 2026-05-20T11:22:09.324Z
updated: 2026-05-20T11:33:07.860Z
---
## Goal
@@ -29,5 +29,5 @@ Security scanners flag the absence of HSTS, X-Frame-Options, X-Content-Type-Opti
- [x] [07 — Per-framework security header adapters](07-security-header-adapters/_story.md)
- [x] [08 — App wiring: web-next](08-app-wiring-web-next/_story.md)
- [x] [09 — App wiring: web-tanstack and cms](09-app-wiring-web-tanstack-and-cms/_story.md)
- [ ] [10 — SBOM CI workflow and ADR-023 amendment](10-sbom-ci-workflow/_story.md)
- [x] [10 — SBOM CI workflow and ADR-023 amendment](10-sbom-ci-workflow/_story.md)
- [ ] [11 — Documentation and conformance reference updates](11-documentation/_story.md)