Releases: dfirs1car1o/sicario-spec
Releases · dfirs1car1o/sicario-spec
SicarioSpec v0.4.0
Immutable
release. Only release title and notes can be modified.
What's Changed
Other changes
- feat: wire to Spec Kit, honest positioning, NIST control maps, hooks runner, sicario-saas by @svc-claude-dev in #9
- Catalog readiness: neutral positioning, halting-gate proof, framework selector (#18), docs-site sweep (#19) by @svc-claude-dev in #10
- Harden release posture and refresh docs branding by @svc-claude-dev in #15
- Remove unsupported release Dependabot scan by @SiCar10mw in #19
- Harden release workflow tag input by @svc-claude-dev in #20
New Contributors
- @svc-claude-dev made their first contribution in #9
Full Changelog: v0.1.2...v0.4.0
Contributors
SiCar10mw and svc-claude-dev
Assets 6
SicarioSpec v0.1.2
Immutable
release. Only release title and notes can be modified.
What's Changed
Other changes
- Add agent integrations and Pages docs by @SiCar10mw in #8
Full Changelog: v0.1.1...v0.1.2
Contributors
SiCar10mw
Assets 5
SicarioSpec v0.1.1
Immutable
release. Only release title and notes can be modified.
What's Changed
Other changes
- Add release packaging and governance gates by @SiCar10mw in #4
- Fix immutable release asset publishing by @SiCar10mw in #5
- Make release reruns skip immutable assets by @SiCar10mw in #6
- Release v0.1.1 by @SiCar10mw in #7
New Contributors
- @SiCar10mw made their first contribution in #4
Full Changelog: v0.1.0...v0.1.1
Contributors
SiCar10mw
Assets 5
SicarioSpec v0.1.0
Immutable
release. Only release title and notes can be modified.
SicarioSpec v0.1.0
Initial public release of SicarioSpec: a secure-by-default governance bundle for GitHub Spec Kit.
Included
sicarioCLI withinit,verify,assess, and--version.- AppSec, AI system, agent-fleet, cloud/IaC, security-toolchain, supply-chain, compliance, docs, and enterprise-strict profiles.
- Spec Kit presets and Sicario guard extension commands.
- CCM v4.1 and SOX 404 / ICFR starter control maps.
- Terraform, Azure Bicep, Azure Verified Modules, AWS CloudFormation, GCP Terraform, Kubernetes, container, and policy-as-code starters.
- Docusaurus docs scaffold, threat model, abuse cases, evidence index, risk register, exceptions, and accepted-risk defaults.
- Public project health files: MIT license, code of conduct, security policy, support policy, issue forms, PR template, changelog, release process, Dependabot, CodeQL, and OpenSSF Scorecard.
Install
python3 -m pip install "git+https://github.com/dfirs1car1o/sicario-spec.git@v0.1.0"Validation
Validated before release:
python3 -m unittest discover -s tests
python3 -m sicario_cli.cli verify .
python3 -m pip wheel .
python3 setup.py sdist
installed wheel in a clean venv and ran sicario init/verifyKnown limitations
- OpenSSF Best Practices badge is not claimed yet; the repo only adds Scorecard automation and documentation for future self-assessment.
- Control maps are starter traceability aids, not certification claims.