Releases: mrizzi/sdlc-plugins
Releases · mrizzi/sdlc-plugins
Release list
v0.12.2
Fixed
- Non-plannable requirement flagging added to impact map step in
plan-feature - Direct dependency requirement clarified for create-branch bookend in
plan-feature - Eval assertions rewritten for file-based evidence in
plan-feature
v0.12.1
v0.12.0
[0.12.0] - 2026-07-02
Added
- Epic creation and grouping strategies with configurable hierarchy preferences in
plan-feature(TC-4869) - Parent issue linking step in
plan-feature(TC-4870) - Early assignment and Assigned transition at Step 0.7 in
triage-security(TC-5008) - Cross-CVE traceability links and comments at Step 4.3 in
triage-security(TC-5009)
Fixed
- Traceability links created at identification time instead of after confirmation in
triage-security(TC-5009)
v0.11.1
Added
- Deployment context classification for remediation tasks in
triage-security - Concurrent triage detection before remediation task creation in
triage-security - Staleness detection for
security-matrix.mdintriage-security - Embargo warning gate for high-severity CVEs in
triage-security - Optional SBOM-based base image verification via cosign in
triage-security - Ready for QA discovery category with remediation task completion check in
triage-security - ProdSec contact config and vulnerability creator @mention in
triage-security - Description digest comment on remediation task creation in
triage-security - External CVE data enrichment from MITRE and OSV.dev in
triage-security - Proactive cross-stream remediation with
security-preemptivelabel intriage-security - Cross-CVE overlap detection via Upstream Affected Component in
triage-security get_remote_linkscommand injira-client- Priority and
fixVersionREST API fallback injira-client - Priority and
fixVersioninheritance inplan-featuretask creation - Priority and
fixVersionprompts indefine-feature - Dynamic issue type discovery and hierarchy mapping in
plan-feature - Jira Field Defaults configuration step in
setup - Bug and Hierarchy configuration in
setup - Hierarchy preferences step and configuration contract in
setup - Priority and
fixVersionfield handling constraints
Changed
- Cross-CVE overlap fields made configurable via
/setupintriage-security - Unsupported ecosystem message generalized to use placeholder in
triage-security
Fixed
- Step numbering consistency (7.0/7 → 7/8) in
triage-security - SBOM verification output line made mandatory for RPM packages in
triage-security - Created column added to Ready for QA table template in
triage-security get_remote_linksguarded against non-dict responses injira-client- ADF
taskList/taskItemnode sanitization to preventINVALID_INPUTerrors injira-client - Field handling and test review feedback addressed in
jira-client - Feature-branch label included in workflow mode decision output in
plan-feature - Convention enrichment completeness check and verification pass in
plan-feature - Baseline comparison gate added to eval failure subtask creation in
verify-pr - Idempotent sibling link check documented in
triage-securityStep 4.2
v0.11.0
[0.11.0] - 2026-06-19
Added
report-bugskill for structured bug reporting with Jira issue creationtriage-bugskill for bug lifecycle pipeline triage- Bug Configuration scaffolding step in
setupskill - Bug description template scaffold
- Bug lifecycle pipeline documentation and constraints
- Eval infrastructure for
report-bugandtriage-bugskills
Changed
- Improved
triage-bugskill discoverability and navigation
Fixed
triage-bugdigest comment exempted from Comment Footnote ruletriage-bugeval assertion forai-generated-jiralabelreport-bugprogrammatic input format and composed output examples- Bug lifecycle docs heading levels aligned with feature phases
- Corrected
report-bugconstraint source reference
v0.10.0
[0.10.0] - 2026-06-15
Added
triage-securityskill for version-aware CVE triage with Jira sub-task creation and security matrix integration- Security Configuration step in
setupskill for local security-matrix scaffolding - Security matrix template (
security-matrix.md) for Konflux repositories - Triage-security architectural constraints and guardrails
- Eval infrastructure for
triage-securitywith discovery mode and RPM ecosystem test cases
Changed
triage-securityStep 2.1 matrix loading now prefers local files with Konflux API fallback- Applied progressive disclosure to
triage-securitySKILL.md for improved readability
Fixed
verify-prnow classifies review body suggestions alongside inline comments- Corrected traceability index constraint references in
triage-security - Aligned Vulnerability issue type ID field name with project config contract in
triage-security
A special thank you to @ruromero for his great contribution of the triage-security skill — the headline feature of this release. His work brings version-aware CVE triage with full Jira traceability and security matrix integration to the SDLC workflow. Thank you, Ruben!
v0.9.2
[0.9.2] - 2026-06-03
Added
- Description digest protocol for cross-phase integrity verification in
plan-featureandimplement-task - Convention applicability rules with file-type scoping for convention upgrades in
plan-featureandverify-pr - Eval-aware Test Quality integration with autonomous eval failure sub-task creation in
verify-pr - Description digest verification step in
implement-task - Documentation scope preservation check in
implement-task - Eval infrastructure change detection in
verify-prcorrectness check - Failure evidence rendering in
run-evalssummary output - Cross-phase integrity and convention applicability constraints
Fixed
- Standardized digest computation on ADF JSON with format-tagged digests for access-method-agnostic verification
- Multiple digest comment handling disambiguation in
implement-task - Convention applicability format enforcement and self-verification guards in
plan-feature - Issue link direction for Incorporates and Depend in
plan-feature - Digest protocol inlined in SKILL.md to fix eval regression
- CI reporting success when no evals need to run
- HTML special character escaping in eval failure evidence output
v0.9.1
v0.9.0
[0.9.0] - 2026-05-14
Added
- Feature-branch workflow mode with automatic bookend task generation in
plan-feature - Target Branch support and bookend handling in
implement-task - Target Branch and Bookend Type sections in the task description template
- Feature-branch workflow constraints and documentation
- Fork PR eval dispatch CI workflow for cross-fork eval runs
- Commit status reporting for eval PR visibility
Changed
- Migrated eval CI workflows to direct Workload Identity Federation
- Hardened eval dispatch against artifact poisoning and injection
Fixed
- Resolved stale pending commit status when eval discover fails
- Fork PR resolution via
pulls.listwith pagination
Documentation
- Excluded eval baselines from changelog scope