Vincent Koc
|
bfa5b39648
|
fix: cover plugin package locks in dependency review
|
2026-05-22 12:56:10 +01:00 |
|
Vincent Koc
|
82f69a269b
|
fix: include plugin shrinkwraps in dependency reports
|
2026-05-22 12:56:10 +01:00 |
|
Peter Steinberger
|
b6c8807ca0
|
chore: add shrinkwrap to plugin npm packages
|
2026-05-22 12:56:10 +01:00 |
|
Peter Steinberger
|
c56067e34f
|
chore: harden npm shrinkwrap release path
|
2026-05-22 12:56:10 +01:00 |
|
Josh Avant
|
bd4db5ee62
|
Add dependency release safety evidence and PR awareness (#81325)
* test: cover dependency pin guard
* build: add dependency vulnerability gate
* build: add dependency risk report
* build: add dependency drift reports
* build: include dependency ownership surface evidence
* build: rename dependency report commands
* build: respect release age exclusions in risk report
* build: clarify transitive risk accounting
* build: remove transitive risk exception registry
* build: clarify transitive risk signal wording
* ci: attach dependency evidence to release preflight
* ci: extract dependency release evidence generator
* build: rename ownership surface dependency report
* ci: clarify release evidence naming
* build: clarify recently published risk report
* build: reorder transitive risk report sections
* build: fix ownership surface pluralization
* ci: surface dependency changes on PRs
* ci: harden dependency change awareness
* ci: use dependency changed PR label
* build: fix dependency report lint
* docs: add dependency safety changelog
|
2026-05-13 03:05:09 -05:00 |
|