letro/letro-authentication-service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

update fork divergence

Browse Source
This commit is contained in:
Letro Bot
2026-04-30 13:02:31 +03:30
parent 430cb7eadc
commit 81ce7c1ee0
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
FORK_DIVERGENCE.md
View File

@@ -17,7 +17,8 @@ Upstream:
Fork:
- Version is sourced from a dedicated `LETRO_VERSION` file, decoupling the fork release cycle from Rust crate versions
- Git tags follow the `letro-v*` format to namespace fork releases
- Release artifacts include a `fork-changes.diff` (diff from upstream commit recorded in `UPSTREAM_VERSION`) and `FORK_DIVERGANCE.md` instead of binaries
- Release artifacts include a `fork-changes.diff` (diff from upstream commit recorded in `UPSTREAM_VERSION`), `FORK_DIVERGENCE.md`, and two SBOM files (`sbom-repo.json` for repository scan, `sbom-image.json` for Docker image scan) instead of binaries
- SBOM files generated using Trivy in CycloneDX format for supply chain security and vulnerability tracking
- Rust toolchain installation removed from release workflows (no longer needed)
- `BOT_GITHUB_TOKEN` used for checkout steps that require write access
- 30-second delay added before enabling auto-merge on release PRs to allow GitHub to register pending checks
@@ -29,6 +30,7 @@ COMMIT_REFS:
- 71c6c8320576f84590f05bc972895ce8b5eb445b
- 6231550007ab050ea43b5ddc77ecf3bc85ec7109
- 494c4267c354bcc85d54fe4ffb6615bf50d56928
- 8bfc965b0f72f8f8624e83c084353f9c0eacc72f
Impact:
- Fork versioning is fully independent of upstream Cargo crate versions