EU Parliament Monitor v1.0.7
·
22 commits
to main
since this release
Immutable
release. Only release title and notes can be modified.
What's Changed
ποΈ Infrastructure & Performance
- build(deps-dev)(deps-dev): bump the development-dependencies group with 2 updates @dependabot[bot] (#2345)
- build(deps-dev)(deps-dev): bump jscpd from 4.2.4 to 5.0.4 @dependabot[bot] (#2342)
π¦ Dependencies
- build(deps-dev)(deps-dev): bump the development-dependencies group with 2 updates @dependabot[bot] (#2345)
- build(deps-dev)(deps-dev): bump jscpd from 4.2.4 to 5.0.4 @dependabot[bot] (#2342)
π Release Metrics & Evidence
All test reports, coverage metrics, and API documentation are generated during build and available in the Documentation Hub.
ποΈ Architecture & Documentation
| Document | Description |
|---|---|
| Architecture | C4 architecture models and system overview |
| Security Architecture | Security design and controls |
| Threat Model | STRIDE threat analysis |
| Data Model | Data structures and relationships |
| Flowchart | Process flows with security controls |
| State Diagram | State transitions and lifecycles |
| Mindmap | Conceptual relationships |
| SWOT Analysis | Strategic analysis |
| CRA Assessment | Cyber Resilience Act assessment |
| API Documentation | TypeDoc-generated API reference |
π Security & Supply Chain Protection
This release includes:
- β SLSA Build Provenance Attestations β Cryptographically signed build provenance
- β Software Bill of Materials (SBOM) β Complete dependency inventory in SPDX format
- β npm Provenance β Verified package publishing with attestation
- β CodeQL Security Scanning β Automated vulnerability detection
- β Dependency Scanning β Continuous vulnerability monitoring with Dependabot
Verify attestations:
gh attestation verify euparliamentmonitor-1.0.7.zip -R Hack23/euparliamentmonitor
npm audit signaturesBrowse attestations: View all attestations
π ISMS Compliance & Policies
Compliance Frameworks
EU Parliament Monitor follows Hack23 AB's comprehensive ISMS with defense-in-depth architecture and documented security controls.
π¦ Release Artifacts
| Artifact | Description | Verification |
|---|---|---|
euparliamentmonitor-1.0.7.zip |
Full application package | SHA-256 checksum, SLSA attestation |
euparliamentmonitor-1.0.7.spdx.json |
SBOM (SPDX format) | SBOM attestation |
*.intoto.jsonl |
SLSA attestations | gh attestation verify |
| npm package | euparliamentmonitor |
npm audit signatures |
All artifacts are signed and attested using GitHub's SLSA Level 3 build provenance.
π Deployment
- Primary: https://euparliamentmonitor.com
- Documentation: https://euparliamentmonitor.com/docs/
- API Docs: https://euparliamentmonitor.com/docs/api/
- npm: https://www.npmjs.com/package/euparliamentmonitor
ποΈ Built With
- Node.js: 25.x
- TypeScript: 6.0.x
- Chart.js: 4.5.x
- D3.js: 7.9.x
- Vitest: 4.x
- Playwright: 1.x
- European Parliament MCP Server: 1.x
π₯ Contributors
@dependabot[bot], @pethers and dependabot[bot]
Full Changelog: v1.0.6...1.0.7
π¦ Release Artifacts
euparliamentmonitor-v1.0.7.zip- Full application packageeuparliamentmonitor-v1.0.7.spdx.json- SBOM (Software Bill of Materials)*.intoto.jsonl- SLSA Build Provenance Attestations
π¦ npm Package
npm install euparliamentmonitor@1.0.7Published with npm provenance for supply chain security.
π Documentation
π Security
All artifacts include SLSA Build Provenance attestations and SBOM for supply chain security.
Verify attestations using the GitHub CLI:
gh attestation verify euparliamentmonitor-v1.0.7.zip -R Hack23/euparliamentmonitorContributors
pethers and dependabot