EU Parliament Monitor v0.9.19
·
900 commits
to main
since this release
Immutable
release. Only release title and notes can be modified.
What's Changed
- [aw] Upgrade available @github-actions[bot] (#2083)
🌍 EU Parliament Integration
- Validate and complete refactor for >600 LOC files @copilot-swe-agent[bot] (#2081)
- Modularise data-collection prompt; fix compile-agentic-workflows architecture check @copilot-swe-agent[bot] (#2074)
🏗️ Infrastructure & Performance
- Validate and complete refactor for >600 LOC files @copilot-swe-agent[bot] (#2081)
- build(deps)(deps): bump markdown-it-attrs from 4.3.1 to 4.5.0 in the production-dependencies group @dependabot[bot] (#2084)
- fix(news-translate): emit largeSource signal + 2-phase strategy for big briefs @copilot-swe-agent[bot] (#2082)
- fix(news-translate): add required
groupto top-level concurrency block @copilot-swe-agent[bot] (#2080) - fix(workflows): add cancel-in-progress, max-patch-files, report-failure-as-issue to all news workflows @copilot-swe-agent[bot] (#2078)
- build(deps-dev)(deps-dev): bump eslint-plugin-jsdoc from 62.9.0 to 63.0.0 @dependabot[bot] (#2076)
- build(deps-dev)(deps-dev): bump the development-dependencies group with 3 updates @dependabot[bot] (#2075)
- Modularise data-collection prompt; fix compile-agentic-workflows architecture check @copilot-swe-agent[bot] (#2074)
🔄 Code Quality & Refactoring
- Validate and complete refactor for >600 LOC files @copilot-swe-agent[bot] (#2081)
- fix(news-translate): emit largeSource signal + 2-phase strategy for big briefs @copilot-swe-agent[bot] (#2082)
- fix(news-translate): add required
groupto top-level concurrency block @copilot-swe-agent[bot] (#2080) - fix(workflows): add cancel-in-progress, max-patch-files, report-failure-as-issue to all news workflows @copilot-swe-agent[bot] (#2078)
🔒 Security & Compliance
- fix(news-translate): add required
groupto top-level concurrency block @copilot-swe-agent[bot] (#2080)
📝 Documentation
- fix(news-translate): emit largeSource signal + 2-phase strategy for big briefs @copilot-swe-agent[bot] (#2082)
- fix(news-translate): add required
groupto top-level concurrency block @copilot-swe-agent[bot] (#2080) - fix(workflows): add cancel-in-progress, max-patch-files, report-failure-as-issue to all news workflows @copilot-swe-agent[bot] (#2078)
- Modularise data-collection prompt; fix compile-agentic-workflows architecture check @copilot-swe-agent[bot] (#2074)
📦 Dependencies
- build(deps)(deps): bump markdown-it-attrs from 4.3.1 to 4.5.0 in the production-dependencies group @dependabot[bot] (#2084)
- fix(news-translate): emit largeSource signal + 2-phase strategy for big briefs @copilot-swe-agent[bot] (#2082)
- fix(news-translate): add required
groupto top-level concurrency block @copilot-swe-agent[bot] (#2080) - fix(workflows): add cancel-in-progress, max-patch-files, report-failure-as-issue to all news workflows @copilot-swe-agent[bot] (#2078)
- build(deps-dev)(deps-dev): bump eslint-plugin-jsdoc from 62.9.0 to 63.0.0 @dependabot[bot] (#2076)
- build(deps-dev)(deps-dev): bump the development-dependencies group with 3 updates @dependabot[bot] (#2075)
- Modularise data-collection prompt; fix compile-agentic-workflows architecture check @copilot-swe-agent[bot] (#2074)
🧪 Test Coverage Improvements
- Validate and complete refactor for >600 LOC files @copilot-swe-agent[bot] (#2081)
- fix(news-translate): emit largeSource signal + 2-phase strategy for big briefs @copilot-swe-agent[bot] (#2082)
- fix(news-translate): add required
groupto top-level concurrency block @copilot-swe-agent[bot] (#2080) - fix(workflows): add cancel-in-progress, max-patch-files, report-failure-as-issue to all news workflows @copilot-swe-agent[bot] (#2078)
⚙️ Component Updates
- Validate and complete refactor for >600 LOC files @copilot-swe-agent[bot] (#2081)
- fix(news-translate): emit largeSource signal + 2-phase strategy for big briefs @copilot-swe-agent[bot] (#2082)
- fix(news-translate): add required
groupto top-level concurrency block @copilot-swe-agent[bot] (#2080) - fix(workflows): add cancel-in-progress, max-patch-files, report-failure-as-issue to all news workflows @copilot-swe-agent[bot] (#2078)
- Modularise data-collection prompt; fix compile-agentic-workflows architecture check @copilot-swe-agent[bot] (#2074)
📊 Release Metrics & Evidence
All test reports, coverage metrics, and API documentation are generated during build and available in the Documentation Hub.
🏛️ Architecture & Documentation
| Document | Description |
|---|---|
| Architecture | C4 architecture models and system overview |
| Security Architecture | Security design and controls |
| Threat Model | STRIDE threat analysis |
| Data Model | Data structures and relationships |
| Flowchart | Process flows with security controls |
| State Diagram | State transitions and lifecycles |
| Mindmap | Conceptual relationships |
| SWOT Analysis | Strategic analysis |
| CRA Assessment | Cyber Resilience Act assessment |
| API Documentation | TypeDoc-generated API reference |
🔐 Security & Supply Chain Protection
This release includes:
- ✅ SLSA Build Provenance Attestations — Cryptographically signed build provenance
- ✅ Software Bill of Materials (SBOM) — Complete dependency inventory in SPDX format
- ✅ npm Provenance — Verified package publishing with attestation
- ✅ CodeQL Security Scanning — Automated vulnerability detection
- ✅ Dependency Scanning — Continuous vulnerability monitoring with Dependabot
Verify attestations:
gh attestation verify euparliamentmonitor-0.9.19.zip -R Hack23/euparliamentmonitor
npm audit signaturesBrowse attestations: View all attestations
📋 ISMS Compliance & Policies
Compliance Frameworks
EU Parliament Monitor follows Hack23 AB's comprehensive ISMS with defense-in-depth architecture and documented security controls.
📦 Release Artifacts
| Artifact | Description | Verification |
|---|---|---|
euparliamentmonitor-0.9.19.zip |
Full application package | SHA-256 checksum, SLSA attestation |
euparliamentmonitor-0.9.19.spdx.json |
SBOM (SPDX format) | SBOM attestation |
*.intoto.jsonl |
SLSA attestations | gh attestation verify |
| npm package | euparliamentmonitor |
npm audit signatures |
All artifacts are signed and attested using GitHub's SLSA Level 3 build provenance.
🚀 Deployment
- Primary: https://euparliamentmonitor.com
- Documentation: https://euparliamentmonitor.com/docs/
- API Docs: https://euparliamentmonitor.com/docs/api/
- npm: https://www.npmjs.com/package/euparliamentmonitor
🏗️ Built With
- Node.js: 25.x
- TypeScript: 6.0.x
- Chart.js: 4.5.x
- D3.js: 7.9.x
- Vitest: 4.x
- Playwright: 1.x
- European Parliament MCP Server: 1.x
👥 Contributors
@Copilot, @dependabot[bot], @github-actions[bot], @pethers, copilot-swe-agent[bot], dependabot[bot] and github-actions[bot]
Full Changelog: v0.9.18...0.9.19
📦 Release Artifacts
euparliamentmonitor-v0.9.19.zip- Full application packageeuparliamentmonitor-v0.9.19.spdx.json- SBOM (Software Bill of Materials)*.intoto.jsonl- SLSA Build Provenance Attestations
📦 npm Package
npm install euparliamentmonitor@0.9.19Published with npm provenance for supply chain security.
📚 Documentation
🔐 Security
All artifacts include SLSA Build Provenance attestations and SBOM for supply chain security.
Verify attestations using the GitHub CLI:
gh attestation verify euparliamentmonitor-v0.9.19.zip -R Hack23/euparliamentmonitorContributors
pethers and dependabot