Riksdagsmonitor v1.0.20
·
57 commits
to main
since this release
Immutable
release. Only release title and notes can be modified.
What's Changed
- [aw] Upgrade available @github-actions[bot] (#3011)
📚 Documentation
- chore(deps-dev): bump js-yaml from 5.0.0 to 5.1.0, fix agentic workflow tests, and add cost-focus guardrails @dependabot[bot] (#3017)
- Enable Actions token-based Copilot inference and document accepted IMF secret warning in news workflows @copilot-swe-agent[bot] (#3013)
- Strip 1130 unrelated rebuilt files, retain only .github workflow fixes @copilot-swe-agent[bot] (#3010)
🧪 Testing
- chore(deps-dev): bump js-yaml from 5.0.0 to 5.1.0, fix agentic workflow tests, and add cost-focus guardrails @dependabot[bot] (#3017)
- Strip 1130 unrelated rebuilt files, retain only .github workflow fixes @copilot-swe-agent[bot] (#3010)
🌐 Internationalization
- Strip 1130 unrelated rebuilt files, retain only .github workflow fixes @copilot-swe-agent[bot] (#3010)
🔧 Maintenance
- chore(deps-dev): bump js-yaml from 5.0.0 to 5.1.0, fix agentic workflow tests, and add cost-focus guardrails @dependabot[bot] (#3017)
- chore(deps-dev): bump the development-dependencies group with 3 updates @dependabot[bot] (#3014)
- chore(deps): bump Hack23/riksdagsmonitor from a9014fb to 154e5c5 @dependabot[bot] (#3015)
- chore(deps-dev): bump the development-dependencies group with 2 updates @dependabot[bot] (#3006)
📦 npm Package
Shared types, theme system, and dashboard utilities are available as an npm package with provenance:
npm install riksdagsmonitorimport {
DARK_THEME_COLORS, LIGHT_THEME_COLORS,
getActiveThemeColors, getPartyColor,
CHART_PALETTE, BREAKPOINTS,
} from 'riksdagsmonitor';
📊 Release Metrics & Evidence
All test reports, coverage metrics, and API documentation are generated during build and available in the Documentation Hub.
🔐 Security & Supply Chain Protection
This release includes:
- ✅ SLSA Build Provenance Attestations - Cryptographically signed build provenance
- ✅ Software Bill of Materials (SBOM) - Complete dependency inventory in SPDX format
- ✅ SHA-256 Checksums - All artifacts include checksums for integrity verification
- ✅ npm Provenance - npm package published with verified provenance attestation
- ✅ CodeQL Security Scanning - Automated vulnerability detection
- ✅ Dependency Scanning - Continuous vulnerability monitoring with Dependabot
Verify attestations:
gh attestation verify riksdagsmonitor-1.0.20.zip -R Hack23/riksdagsmonitor
npm audit signaturesBrowse attestations: View all attestations
📋 ISMS Compliance & Policies
Compliance Frameworks
Riksdagsmonitor follows Hack23 AB's comprehensive ISMS with defense-in-depth architecture and documented security controls.
🏗️ Architecture Documentation
📦 Release Artifacts
| Artifact | Description | Verification |
|---|---|---|
riksdagsmonitor-1.0.20.zip |
Production build | SHA-256 checksum, SLSA attestation |
riksdagsmonitor-1.0.20.zip.sha256 |
SHA-256 checksum | Compare with sha256sum |
riksdagsmonitor-1.0.20.spdx.json |
SBOM (SPDX format) | SBOM attestation |
*.intoto.jsonl |
SLSA attestations | gh attestation verify |
riksdagsmonitor (npm) |
npm package | npm audit signatures |
🚀 Deployment
- Primary: https://riksdagsmonitor.com (AWS S3/CloudFront)
- Backup: GitHub Pages
- Documentation: https://riksdagsmonitor.com/docs/
- API Docs: https://riksdagsmonitor.com/docs/api/
- npm Package: https://www.npmjs.com/package/riksdagsmonitor
- Status:
🌐 Hack23 Ecosystem
| Platform | Live Site | API Docs | Repository |
|---|---|---|---|
| Riksdagsmonitor | riksdagsmonitor.com | API | GitHub |
| EU Parliament MCP | euparliamentmonitor.com | API | GitHub |
| CIA Compliance Manager | ciacompliancemanager.com | API | GitHub |
| Black Trigram | blacktrigram.com | API | GitHub |
| CIA Platform | — | — | GitHub |
| ISMS Public | — | — | GitHub |
🏗️ Built With
- Node.js: 26.x
- Vite: 8.x
- Chart.js: 4.5.x
- D3.js: 7.9.x
- Vitest: 4.x
- Cypress: 15.x
- TypeScript: 6.x
👥 Contributors
@Copilot, @dependabot[bot], @github-actions[bot], @pethers, copilot-swe-agent[bot], dependabot[bot] and github-actions[bot]
Full Changelog: v1.0.19...1.0.20
📦 Release Artifacts
riksdagsmonitor-v1.0.20.zip- Production buildriksdagsmonitor-v1.0.20.zip.sha256- Checksum for verificationriksdagsmonitor-v1.0.20.spdx.json- SBOM (Software Bill of Materials)*.intoto.jsonl- SLSA Build Provenance Attestations
📦 npm Package
Shared types, theme system, and utilities are available as an npm package:
npm install riksdagsmonitor📚 Documentation
🔐 Security
All artifacts include SLSA Build Provenance attestations and SBOM for supply chain security.
Verify attestations using the GitHub CLI:
gh attestation verify riksdagsmonitor-v1.0.20.zip -R Hack23/riksdagsmonitorContributors
pethers and dependabot