Skip to content

Releases: RHEcosystemAppEng/sdlc-plugins

v0.13.2

Choose a tag to compare

@mrizzi mrizzi released this 10 Jul 16:29

Fixed

  • Explicit Issue Type field added to Step 6d sub-task creation templates in verify-pr

v0.13.1

Choose a tag to compare

@ruromero ruromero released this 09 Jul 14:43

[0.13.1] - 2026-07-09

Added

  • Format validation for Step 2.1 matrix loading in triage-security
  • Canonical security matrix template in docs/templates

Fixed

  • Release instructions use explicit repo name instead of hardcoded remote

v0.13.0

Choose a tag to compare

@mrizzi mrizzi released this 09 Jul 09:41

Changed

  • Breaking: GitHub org migrated from mrizzi to RHEcosystemAppEng — existing users must re-add the marketplace with /plugin marketplace add RHEcosystemAppEng/sdlc-plugins
  • Added Contributor Covenant Code of Conduct v2.1

v0.12.3

Choose a tag to compare

@mrizzi mrizzi released this 07 Jul 16:10

Added

  • Decision logic for dev-only and feature-gated dependencies in triage-security
  • Transitive dependency remediation guidance in task templates for triage-security
  • Contributors ladder with CONTRIBUTING.md, CODEOWNERS, and GitHub Issue templates (TC-5072)

Fixed

  • Guard clause for Case B unscoped issues in triage-security
  • SBOM results no longer split into separate files in triage-security

v0.12.2

Choose a tag to compare

@mrizzi mrizzi released this 03 Jul 12:50

Fixed

  • Non-plannable requirement flagging added to impact map step in plan-feature
  • Direct dependency requirement clarified for create-branch bookend in plan-feature
  • Eval assertions rewritten for file-based evidence in plan-feature

v0.12.1

Choose a tag to compare

@mrizzi mrizzi released this 02 Jul 15:53

Added

  • Documentation task generation from Feature description signals in plan-feature
  • Testing task generation from readiness template in plan-feature

Fixed

  • Documentation tasks exempted from template and dependency assertions in plan-feature

v0.12.0

Choose a tag to compare

@mrizzi mrizzi released this 02 Jul 11:01

[0.12.0] - 2026-07-02

Added

  • Epic creation and grouping strategies with configurable hierarchy preferences in plan-feature (TC-4869)
  • Parent issue linking step in plan-feature (TC-4870)
  • Early assignment and Assigned transition at Step 0.7 in triage-security (TC-5008)
  • Cross-CVE traceability links and comments at Step 4.3 in triage-security (TC-5009)

Fixed

  • Traceability links created at identification time instead of after confirmation in triage-security (TC-5009)

v0.11.1

Choose a tag to compare

@mrizzi mrizzi released this 01 Jul 14:37

Added

  • Deployment context classification for remediation tasks in triage-security
  • Concurrent triage detection before remediation task creation in triage-security
  • Staleness detection for security-matrix.md in triage-security
  • Embargo warning gate for high-severity CVEs in triage-security
  • Optional SBOM-based base image verification via cosign in triage-security
  • Ready for QA discovery category with remediation task completion check in triage-security
  • ProdSec contact config and vulnerability creator @mention in triage-security
  • Description digest comment on remediation task creation in triage-security
  • External CVE data enrichment from MITRE and OSV.dev in triage-security
  • Proactive cross-stream remediation with security-preemptive label in triage-security
  • Cross-CVE overlap detection via Upstream Affected Component in triage-security
  • get_remote_links command in jira-client
  • Priority and fixVersion REST API fallback in jira-client
  • Priority and fixVersion inheritance in plan-feature task creation
  • Priority and fixVersion prompts in define-feature
  • Dynamic issue type discovery and hierarchy mapping in plan-feature
  • Jira Field Defaults configuration step in setup
  • Bug and Hierarchy configuration in setup
  • Hierarchy preferences step and configuration contract in setup
  • Priority and fixVersion field handling constraints

Changed

  • Cross-CVE overlap fields made configurable via /setup in triage-security
  • Unsupported ecosystem message generalized to use placeholder in triage-security

Fixed

  • Step numbering consistency (7.0/7 → 7/8) in triage-security
  • SBOM verification output line made mandatory for RPM packages in triage-security
  • Created column added to Ready for QA table template in triage-security
  • get_remote_links guarded against non-dict responses in jira-client
  • ADF taskList/taskItem node sanitization to prevent INVALID_INPUT errors in jira-client
  • Field handling and test review feedback addressed in jira-client
  • Feature-branch label included in workflow mode decision output in plan-feature
  • Convention enrichment completeness check and verification pass in plan-feature
  • Baseline comparison gate added to eval failure subtask creation in verify-pr
  • Idempotent sibling link check documented in triage-security Step 4.2

v0.11.0

Choose a tag to compare

@mrizzi mrizzi released this 19 Jun 13:22

[0.11.0] - 2026-06-19

Added

  • report-bug skill for structured bug reporting with Jira issue creation
  • triage-bug skill for bug lifecycle pipeline triage
  • Bug Configuration scaffolding step in setup skill
  • Bug description template scaffold
  • Bug lifecycle pipeline documentation and constraints
  • Eval infrastructure for report-bug and triage-bug skills

Changed

  • Improved triage-bug skill discoverability and navigation

Fixed

  • triage-bug digest comment exempted from Comment Footnote rule
  • triage-bug eval assertion for ai-generated-jira label
  • report-bug programmatic input format and composed output examples
  • Bug lifecycle docs heading levels aligned with feature phases
  • Corrected report-bug constraint source reference

v0.10.0

Choose a tag to compare

@mrizzi mrizzi released this 15 Jun 14:57

[0.10.0] - 2026-06-15

Added

  • triage-security skill for version-aware CVE triage with Jira sub-task creation and security matrix integration
  • Security Configuration step in setup skill for local security-matrix scaffolding
  • Security matrix template (security-matrix.md) for Konflux repositories
  • Triage-security architectural constraints and guardrails
  • Eval infrastructure for triage-security with discovery mode and RPM ecosystem test cases

Changed

  • triage-security Step 2.1 matrix loading now prefers local files with Konflux API fallback
  • Applied progressive disclosure to triage-security SKILL.md for improved readability

Fixed

  • verify-pr now classifies review body suggestions alongside inline comments
  • Corrected traceability index constraint references in triage-security
  • Aligned Vulnerability issue type ID field name with project config contract in triage-security

A special thank you to @ruromero for his great contribution of the triage-security skill — the headline feature of this release. His work brings version-aware CVE triage with full Jira traceability and security matrix integration to the SDLC workflow. Thank you, Ruben!