Back to Everything Claude Code

ECC v2.0.0-rc.1 Publication Evidence - 2026-05-13 Post-Hardening

docs/releases/2.0.0-rc.1/publication-evidence-2026-05-13-post-hardening.md

2.0.05.3 KB
Original Source

ECC v2.0.0-rc.1 Publication Evidence - 2026-05-13 Post-Hardening

This is release-readiness evidence only. It does not create a GitHub release, npm publication, plugin tag, marketplace submission, or announcement post.

Source Commit

FieldEvidence
Upstream main base209abd403b7eaa968c6d4fa67be82e04b55706d6
Evidence branchdocs/post-hardening-release-evidence-20260513
Evidence scopeCurrent main after PR #1850 and PR #1851
Git remotehttps://github.com/affaan-m/everything-claude-code.git
Local status caveatWorking tree had the unrelated untracked docs/drafts/ directory

The actual release operator should repeat these checks from the final release commit with a clean checkout before publishing.

Queue And Release State

SurfaceCommandResult
GitHub PRs and issuesgh pr list / gh issue list across trunk, AgentShield, and JARVIS0 open PRs and 0 open issues on accessible affaan-m repos
Trunk discussionsGraphQL discussion count for affaan-m/everything-claude-code0 open discussions
Dependabot alertsDependabot alert API for trunk, AgentShield, and JARVIS0 open alerts
Release stategh release view v2.0.0-rc.1Still not created; release remains approval-gated

ECC-Tools organization repo counts were not rechecked through the current GraphQL token in this pass because the token cannot resolve those org repos. The prior post-#42 local checkout handoff recorded both ECC-Tools repos at 0 open PRs and 0 open issues.

Hardening Landed Since Previous Evidence

PRMerge commitEvidence
#1850248673271455e9dc85b8add2a6ab76107b718639Removed Bash tool access from read-only analyzer agents and zh-CN copies; AgentShield high findings on that surface dropped 21 -> 18 with no new high findings
#1851209abd403b7eaa968c6d4fa67be82e04b55706d6Disabled actions/checkout credential persistence in write-permission workflows and added a workflow-security validator rule to keep that guard in place

Required Command Evidence

EvidenceCommandResult
Harness auditnpm run harness:audit -- --format jsonoverall_score: 70, max_score: 70, no top actions
Adapter scorecardnpm run harness:adapters -- --checkHarness Adapter Compliance: PASS; 11 adapters
Observability readinessnpm run observability:ready -- --format jsonoverall_score: 21, max_score: 21, ready: true, no top actions; includes Release Safety 3/3
Workflow security validatornode scripts/ci/validate-workflow-security.jsValidated 7 workflow files
Workflow validator testsnode tests/ci/validate-workflow-security.test.jsPassed 14/14
Release surfacenode tests/docs/ecc2-release-surface.test.jsPassed 18/18
Package surfacenode tests/scripts/npm-publish-surface.test.jsPassed 2/2
Root suitenode tests/run-all.jsPassed 2381/2381, 0 failed
Markdown lintnpx markdownlint-cli '**/*.md' --ignore node_modules --ignore docs/draftsPassed
Rust surfacecd ecc2 && cargo testPassed 462/462; warnings only for unused functions/fields
GitGuardian Security ChecksGitHub check on post-hardening security PRsPassed before merge

Supply-Chain Evidence

SurfaceCommand or checkResult
Local npm vulnerability auditnpm audit --json0 vulnerabilities
Local npm signature auditnpm audit signatures241 verified registry signatures and 30 verified attestations
Rust advisory auditcd ecc2 && cargo audit -qPassed silently
TanStack / Mini Shai-Hulud IOC checkGrep for affected package namespaces, payload filenames, and known commit markerNo runtime or lockfile dependency on affected packages; no worm IOC matches
GitGuardian Security ChecksGitHub check on post-hardening security PRsPassed before merge

External Advisory Mapping

The May 2026 TanStack incident maps to ECC release risk through three workflow classes:

  • pull_request_target workflows that execute or checkout untrusted PR code;
  • shared dependency caches crossing fork, base, and release workflow trust boundaries;
  • release jobs with writable tokens or OIDC tokens exposed to subsequent process execution.

ECC's current guardrails cover those classes through:

  • rejection of untrusted checkout refs in workflow_run and pull_request_target workflows;
  • rejection of shared caches in pull_request_target and id-token: write workflows;
  • mandatory npm audit signatures when workflows run npm audit;
  • mandatory npm ci --ignore-scripts in workflows with write permissions;
  • mandatory persist-credentials: false on actions/checkout in workflows with write permissions.

Blockers Still Requiring Approval Or External Action

  • Create or verify GitHub prerelease v2.0.0-rc.1.
  • Publish [email protected] with npm dist-tag next.
  • Create and push the Claude plugin tag only after explicit approval.
  • Confirm the live Claude/Codex/OpenCode marketplace submission path or record the manual submission owner and status.
  • Verify ECC Tools billing/App/Marketplace claims before using them in launch copy.
  • Refresh announcement copy with live URLs after release and package/plugin URLs exist.