docs: include release automation in threat scope #202

Merged

jwilger merged 1 commit from issue-150-threat-model-release-scope into main

2026-05-14 15:04:13 -07:00

jwilger commented

2026-05-14 14:49:01 -07:00

Owner

Summary

update the threat-model scope to explicitly include release preparation and publishing automation
call out binary artifact integrity from release PR preparation through Forgejo publication
narrow the CI/CD out-of-scope wording to external systems/runner hardening outside repository-owned release automation

Verification

git diff --check

Closes #150

## Summary - update the threat-model scope to explicitly include release preparation and publishing automation - call out binary artifact integrity from release PR preparation through Forgejo publication - narrow the CI/CD out-of-scope wording to external systems/runner hardening outside repository-owned release automation ## Verification - `git diff --check` Closes #150

jwilger added 1 commit

2026-05-14 14:49:01 -07:00

docs: include release automation in threat scope

CI / Verify PR with nix flake check (pull_request) Successful in 4m19s

Details

CI / Request auto_review semantic review (pull_request) Successful in 1s

Details

auto_review auto_review: no findings

CI / Build PR artifacts (no token) (pull_request) Successful in 2s

Details

CI / Publish PR artifact packages (pull_request) Successful in 20s

Details

fdab8d3980

auto-review approved these changes

2026-05-14 14:53:34 -07:00

auto-review left a comment

Walkthrough

Scope Update: The threat model now explicitly includes release preparation and publishing automation, which covers project-owned containers, binary archives, checksums, signatures, and provenance metadata.
Binary Artifact Integrity: The document highlights the importance of maintaining binary artifact integrity from release PR preparation through Forgejo release publication.
CI/CD Scope Clarification: The out-of-scope section is refined to exclude CI/CD systems or runner hardening outside the repository-owned release automation, assuming operators have independently hardened these systems.

The PR updates the threat model to include release preparation and publishing automation, emphasizing binary artifact integrity. It narrows the CI/CD out-of-scope wording to focus on external systems outside repository-owned automation. The changes appear safe to merge. ## Walkthrough - **Scope Update**: The threat model now explicitly includes release preparation and publishing automation, which covers project-owned containers, binary archives, checksums, signatures, and provenance metadata. - **Binary Artifact Integrity**: The document highlights the importance of maintaining binary artifact integrity from release PR preparation through Forgejo release publication. - **CI/CD Scope Clarification**: The out-of-scope section is refined to exclude CI/CD systems or runner hardening outside the repository-owned release automation, assuming operators have independently hardened these systems.

jwilger merged commit 9a92039cf2 into main

2026-05-14 15:04:13 -07:00

jwilger referenced this pull request from a commit

2026-05-14 15:04:15 -07:00

docs: include release automation in threat scope (#202)

jwilger referenced this pull request

2026-05-14 17:13:36 -07:00

docs: apply threat model markdown formatting #203

jwilger referenced this pull request from a commit

2026-05-15 10:42:47 -07:00

docs: apply threat model markdown formatting (#203)