·
5 commits
to main
since this release
v0.2.1
ramonclaudio
Ray
This tag was signed with the committer’s verified signature.
ramonclaudio
Ray
🚀 Release v0.2.1
Install from npm:
npm install -g create-claude-statusline@v0.2.1Install from GitHub Packages:
npm install -g @rmncldyo/create-claude-statusline@v0.2.1 --registry=https://npm.pkg.github.com🔐 Security & Verification
Package Signatures:
# Download verification keys
curl -O https://raw.githubusercontent.com/RMNCLDYO/claude-code-statusline/main/minisign.pub
# Verify minisign signature (recommended)
minisign -Vm create-claude-statusline-v0.2.1.tgz -p minisign.pub
# Verify GPG signature
gpg --verify create-claude-statusline-v0.2.1.tgz.asc create-claude-statusline-v0.2.1.tgzSupply Chain Attestations:
- ✅ NPM Provenance: Package published with Sigstore attestation
- ✅ SLSA Build Provenance: GitHub-generated build attestation
- ✅ Signed SBOMs: All dependency manifests cryptographically signed
📋 Software Bill of Materials (SBOM)
Multiple SBOM formats available for comprehensive dependency analysis:
| Format | File | Signatures |
|---|---|---|
| SPDX 2.3 | create-claude-statusline-v0.2.1.sbom.spdx.json |
.minisig, .asc |
| CycloneDX | create-claude-statusline-v0.2.1.sbom.cyclonedx.json |
.minisig, .asc |
| CycloneDX XML | create-claude-statusline-v0.2.1.sbom.cyclonedx.xml |
.minisig, .asc |
| Microsoft SPDX | create-claude-statusline-v0.2.1.ms-spdx.json |
.minisig, .asc |
🛡️ Security Standards Compliance
- 🎯 OpenSSF Scorecard: Optimized for maximum security score
- 🏆 SLSA Level 3: Build provenance and hermetic builds
- 📊 SSDF Compliant: Secure software development framework
- 🔍 SBOM Standards: SPDX 2.3, CycloneDX 1.5+ compatible
Full Changelog: CHANGELOG.md