Skip to content

v0.11.0 — TRUSCA (renamed) + public read-only demo

Choose a tag to compare

View all tags
@haksungjang haksungjang released this 12 Jun 17:00
· 26 commits to main since this release
v0.11.0
d074830
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

The first post-GA feature release. Headlines: the product is renamed to
TRUSCA, a public read-only demo SaaS deployable to a single Hetzner
server, a UI craft pass (W11–W12), and a hardening sweep from an external
verification campaign.

Renamed — TrustedOSS Portal is now TRUSCA

TRUSCA (Trust + SCA) is the new product name — the SCA tool of the
TrustedOSS initiative. The umbrella initiative keeps the TrustedOSS name; the
tool gets its own. What changes for you:

  • Repository: github.com/trustedoss/trustedoss-portal
    github.com/trustedoss/trusca. Git remotes and old web links redirect
    automatically.
  • Docs site path: trustedoss.github.io/trustedoss-portal/
    trustedoss.github.io/trusca/ (GitHub Pages does not redirect the old
    path — update bookmarks).
  • Container images (BREAKING for upgrades): from 0.11.0 images publish as
    ghcr.io/trustedoss/trusca-backend, trusca-backend-worker, and
    trusca-frontend. Releases ≤ 0.10.0 keep their old image names, and an
    upgrade via git checkout v0.11.0 && bash scripts/upgrade.sh switches
    automatically (the new compose file pins the new names). Only custom
    overlays that hardcode the old image names need a manual edit.
  • Unchanged on purpose: database user/roles, the Celery app name, the
    compose network, demo account e-mails, and urn:trustedoss:* problem URNs
    are internal identifiers that match the umbrella name and stay as-is.
  • New brand: the "Hex Check" mark (package hexagon + verification check) and
    the first frontend favicon.

Added

  • Public read-only demo modeDEMO_READ_ONLY makes the backend serve all
    reads but reject every write (allow-listing only the auth login/refresh/logout
    flow) with an RFC 7807 403. The SPA surfaces it as a banner, a login-page
    credentials hint, and a dedicated "read-only demo" toast on blocked writes.
  • Hetzner demo provisioning — cloud-init, an operator runbook (EN/KO), an
    idempotent seed_demo dataset, a daily reset_demo wipe-and-reseed timer, and
    a daily backup timer.
  • Optional SSH-based CD (deploy-hetzner.yml) — one-click / on-release deploy
    to the demo host via the existing upgrade.sh, with strict tag validation and
    host-key pinning.
  • Day-2 operations — opt-in offsite backup (backup-offsite.sh, rclone), a
    backstop uptime canary workflow, and a Korean translation-style linter for the
    docs site.

Changed

  • Visual & craft pass (W11–W12) — modern-enterprise theme (warm near-black
    primary, off-white canvas), Inter/JetBrains-Mono typography system, an
    in-house global toast, CSS-only route/motion transitions with a reduced-motion
    guard, and richer empty/loading states.

Fixed

  • Drawer obligations, CVE deep-links, and the Compliance NOTICE toolbar
    (M-20/M-21/M-22). Relative-time displays now always carry an absolute-time title.

Security

  • Revoke the entire refresh-token family on reuse detection (C-1).
  • Redact embedded git_url credentials on the read API and in audit logs (C-2).
  • Enforce the project boundary for project-scoped API keys (M-2) and scope
    GET /v1/audit reads to the caller's team for team admins (M-3).
  • Codified five testing-hardening rules and vendored the verification team's
    deterministic specs as a nightly regression gate.
Assets 2
Loading