chore: Update SSDLC report for v1.39.0

svc-apix-Bot · svc-apix-Bot · commit 40e570b2d16d · 2025-07-24T07:47:23.000Z
diff --git a/compliance/v1.39.0/ssdlc-compliance-1.39.0.md b/compliance/v1.39.0/ssdlc-compliance-1.39.0.md
@@ -0,0 +1,30 @@
+SSDLC Compliance Report: Terraform Provider MongoDB Atlas 1.39.0
+=================================================================
+
+- Release Creator: oarbusi
+- Created On:       2025-07-24
+
+Overview:
+
+- **Product and Release Name**
+  - Terraform Provider MongoDB Atlas 1.39.0, 2025-07-24.
+
+- **Process Document**
+  - https://www.mongodb.com/blog/post/how-mongodb-protects-against-supply-chain-vulnerabilities
+
+- **Tool used to track third party vulnerabilities**
+  - [Kondukto](https://arcticglow.kondukto.io/)
+
+- **Dependency Information**
+  - See SBOM Lite manifests (CycloneDX in JSON format):
+      - https://github.com/mongodb/terraform-provider-mongodbatlas/releases/download/v1.39.0/sbom.json
+
+- **Security Testing Report**
+  - Available as needed from Cloud Security.
+
+- **Security Assessment Report**
+  - Available as needed from Cloud Security.
+
+Assumptions and attestations:
+
+- Internal processes are used to ensure CVEs are identified and mitigated within SLAs.
