Andreas/mtg_python_deckbuilder
1
0
Fork 0
mirror of https://github.com/mwisnowski/mtg_python_deckbuilder.git synced 2026-04-05 20:57:16 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 8

chore: prepare release 4.5.3
Some checks failed
CI / build (push) Has been cancelled
Details

Browse source
This commit is contained in:
matt 2026-04-02 10:47:33 -07:00
parent 75184a5967
commit dd996939e6
7 changed files with 27 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

17
docs/releases/v4.5.3.md Normal file
View file

@ -0,0 +1,17 @@
# MTG Python Deckbuilder v4.5.3
## Added
- **SBOM & supply chain provenance**: Every tagged release now attaches source SBOMs (SPDX + CycloneDX JSON) for Python dependencies and a CycloneDX container image SBOM to the GitHub Release assets. Build provenance attestations (SLSA-style) are published for the multi-arch Docker image via the GitHub Attestations API. `provenance: mode=max` is enabled on all arch builds.
### Verifying attestations
```bash
gh attestation verify oci://docker.io/mwisnowski/mtg-python-deckbuilder:latest \
--repo mwisnowski/mtg_python_deckbuilder
```
### Inspecting an SBOM
```bash
syft convert sbom-source.cyclonedx.json -o table
```