EU Parliament Monitor v1.0.2

What's Changed

• [aw] Updates available @github-actions[bot] (#2309)
• [aw] Updates available @github-actions[bot] (#2302)

🏗️ Infrastructure & Performance

• build(deps)(deps): bump the github-actions group with 2 updates @dependabot[bot] (#2312)
• build(deps)(deps): bump the github-actions group with 2 updates @dependabot[bot] (#2311)
• build(deps)(deps): bump the github-actions group across 1 directory with 3 updates @dependabot[bot] (#2308)
• build(deps-dev)(deps-dev): bump the development-dependencies group with 2 updates @dependabot[bot] (#2306)
• build(deps-dev)(deps-dev): bump the development-dependencies group with 3 updates @dependabot[bot] (#2303)
• build(deps)(deps): bump european-parliament-mcp-server from 1.3.12 to 1.3.13 in the production-dependencies group @dependabot[bot] (#2300)
• build(deps)(deps): bump the github-actions group with 2 updates @dependabot[bot] (#2301)
• build(deps-dev)(deps-dev): bump eslint-plugin-jsdoc from 63.0.0 to 63.0.1 in the development-dependencies group @dependabot[bot] (#2299)

🔒 Security & Compliance

• build(deps)(deps): bump the github-actions group with 2 updates @dependabot[bot] (#2312)
• build(deps)(deps): bump the github-actions group with 2 updates @dependabot[bot] (#2311)

📝 Documentation

• docs: align SECURITY_ARCHITECTURE.md and WORKFLOWS.md with official gh-aw 3-layer trust model @copilot-swe-agent[bot] (#2310)
• Expand all FUTURE_*.md with AI-driven OSINT & political-intelligence capabilities (2026→2037) @copilot-swe-agent[bot] (#2298)
• Rewrite FUTURE_THREAT_MODEL to v3.0 three-horizon AWS-native model and align FUTURE_* metadata @copilot-swe-agent[bot] (#2297)

📦 Dependencies

• build(deps)(deps): bump the github-actions group with 2 updates @dependabot[bot] (#2312)
• build(deps)(deps): bump the github-actions group with 2 updates @dependabot[bot] (#2311)
• build(deps)(deps): bump the github-actions group across 1 directory with 3 updates @dependabot[bot] (#2308)
• build(deps-dev)(deps-dev): bump the development-dependencies group with 2 updates @dependabot[bot] (#2306)
• build(deps-dev)(deps-dev): bump the development-dependencies group with 3 updates @dependabot[bot] (#2303)
• build(deps)(deps): bump european-parliament-mcp-server from 1.3.12 to 1.3.13 in the production-dependencies group @dependabot[bot] (#2300)
• build(deps)(deps): bump the github-actions group with 2 updates @dependabot[bot] (#2301)
• build(deps-dev)(deps-dev): bump eslint-plugin-jsdoc from 63.0.0 to 63.0.1 in the development-dependencies group @dependabot[bot] (#2299)

⚙️ Component Updates

• build(deps)(deps): bump the github-actions group with 2 updates @dependabot[bot] (#2312)
• build(deps)(deps): bump the github-actions group with 2 updates @dependabot[bot] (#2311)
• build(deps)(deps): bump the github-actions group across 1 directory with 3 updates @dependabot[bot] (#2308)
• build(deps)(deps): bump the github-actions group with 2 updates @dependabot[bot] (#2301)

📊 Release Metrics & Evidence

All test reports, coverage metrics, and API documentation are generated during build and available in the Documentation Hub.

🏛️ Architecture & Documentation

Document	Description
Architecture	C4 architecture models and system overview
Security Architecture	Security design and controls
Threat Model	STRIDE threat analysis
Data Model	Data structures and relationships
Flowchart	Process flows with security controls
State Diagram	State transitions and lifecycles
Mindmap	Conceptual relationships
SWOT Analysis	Strategic analysis
CRA Assessment	Cyber Resilience Act assessment
API Documentation	TypeDoc-generated API reference

🔐 Security & Supply Chain Protection

This release includes:

• ✅ SLSA Build Provenance Attestations — Cryptographically signed build provenance
• ✅ Software Bill of Materials (SBOM) — Complete dependency inventory in SPDX format
• ✅ npm Provenance — Verified package publishing with attestation
• ✅ CodeQL Security Scanning — Automated vulnerability detection
• ✅ Dependency Scanning — Continuous vulnerability monitoring with Dependabot

Verify attestations:

gh attestation verify euparliamentmonitor-1.0.2.zip -R Hack23/euparliamentmonitor
npm audit signatures

Browse attestations: View all attestations

📋 ISMS Compliance & Policies

Compliance Frameworks

EU Parliament Monitor follows Hack23 AB's comprehensive ISMS with defense-in-depth architecture and documented security controls.

📦 Release Artifacts

Artifact	Description	Verification
euparliamentmonitor-1.0.2.zip	Full application package	SHA-256 checksum, SLSA attestation
euparliamentmonitor-1.0.2.spdx.json	SBOM (SPDX format)	SBOM attestation
*.intoto.jsonl	SLSA attestations	gh attestation verify
npm package	euparliamentmonitor	npm audit signatures

All artifacts are signed and attested using GitHub's SLSA Level 3 build provenance.

🚀 Deployment

• Primary: https://euparliamentmonitor.com
• Documentation: https://euparliamentmonitor.com/docs/
• API Docs: https://euparliamentmonitor.com/docs/api/
• npm: https://www.npmjs.com/package/euparliamentmonitor

🏗️ Built With

• Node.js: 25.x
• TypeScript: 6.0.x
• Chart.js: 4.5.x
• D3.js: 7.9.x
• Vitest: 4.x
• Playwright: 1.x
• European Parliament MCP Server: 1.x

👥 Contributors

@Copilot, @dependabot[bot], @github-actions[bot], @pethers, copilot-swe-agent[bot], dependabot[bot] and github-actions[bot]

Full Changelog: v1.0.1...1.0.2

📦 Release Artifacts

• euparliamentmonitor-v1.0.2.zip - Full application package
• euparliamentmonitor-v1.0.2.spdx.json - SBOM (Software Bill of Materials)
• *.intoto.jsonl - SLSA Build Provenance Attestations

📦 npm Package

npm install euparliamentmonitor@1.0.2

Published with npm provenance for supply chain security.

📚 Documentation

• API Documentation
• Test Coverage Report
• E2E Test Report
• Documentation Hub

🔐 Security

All artifacts include SLSA Build Provenance attestations and SBOM for supply chain security.
Verify attestations using the GitHub CLI:

gh attestation verify euparliamentmonitor-v1.0.2.zip -R Hack23/euparliamentmonitor