diff --git a/Directory.Build.props b/Directory.Build.props
index 49dd32a..6232b02 100644
--- a/Directory.Build.props
+++ b/Directory.Build.props
@@ -26,6 +26,6 @@
Condition="Exists('$(MSBuildThisFileDirectory)tools/analyzers/BannedSymbols.txt')" />
- 6.1.14
+ 6.1.15
diff --git a/docs/0_de/audit/013_SCORECARD_GOVERNANCE_ALERT_MAPPING.MD b/docs/0_de/audit/013_SCORECARD_GOVERNANCE_ALERT_MAPPING.MD
index 6b4a98f..1310e62 100644
--- a/docs/0_de/audit/013_SCORECARD_GOVERNANCE_ALERT_MAPPING.MD
+++ b/docs/0_de/audit/013_SCORECARD_GOVERNANCE_ALERT_MAPPING.MD
@@ -4,13 +4,13 @@
# Scorecard Governance Alert Mapping (Ruleset/Prozess)
-Stand: 2026-02-13
+Stand: 2026-02-22
-## Verifizierter Ist-Stand (2026-02-13)
+## Verifizierter Ist-Stand (2026-02-22)
- Branch Protection `main`:
- - `required_pull_request_reviews.required_approving_review_count = 1`
- - `require_code_owner_reviews = true`
- - `require_last_push_approval = true`
+ - `required_pull_request_reviews.required_approving_review_count = 0`
+ - `require_code_owner_reviews = false`
+ - `require_last_push_approval = false`
- Fuzzing:
- Workflow `.github/workflows/fuzzing-baseline.yml` aktiv.
- Letzter manueller Nachweis-Run: `22003901268` (`success`).
@@ -34,7 +34,7 @@ Diese Datei mappt die repo-/governance-basierten Scorecard-Alerts ohne konkrete
| Alert-ID | Steuerung (Soll) | Aktuelle Umsetzung | Evidence (deterministisch) | DoD A | DoD B |
|---|---|---|---|---|---|
| `BranchProtectionID` | `main` nur via PR + required checks | Branch Protection/Ruleset aktiv, required checks konfiguriert | `gh api repos/tomtastisch/FileClassifier/branches/main/protection` | `required_status_checks` vorhanden | direkter Push auf `main` technisch blockiert |
-| `CodeReviewID` | Mindestens 1 PR-Review vor Merge | PR-Review-Policy in Branch Protection/Ruleset | `gh api repos/tomtastisch/FileClassifier/branches/main/protection --jq '.required_pull_request_reviews'` | `required_approving_review_count >= 1` | Merge ohne Review nicht möglich |
+| `CodeReviewID` | Keine verpflichtende Approving-Review (Workaround aktiv) | Branch-Protection setzt `review_count=0`; Qualitätssicherung über Required Checks + Review-Thread-Prozess gemäß `AGENTS.md` | `gh api repos/tomtastisch/FileClassifier/branches/main/protection --jq '.required_pull_request_reviews'` | `required_approving_review_count == 0` | Merge ohne Review ist möglich; Prozesskontrollen bleiben verpflichtend |
| `MaintainedID` | Nachweis aktiver Wartung | Kontinuierliche Commits/Releases + aktive CI | `gh api repos/tomtastisch/FileClassifier/commits?per_page=20` und `gh api repos/tomtastisch/FileClassifier/actions/runs?per_page=20` | in den letzten 90 Tagen Commits vorhanden | in den letzten 30 Tagen erfolgreiche Workflow-Runs vorhanden |
| `FuzzingID` | Fuzzing-Baseline vorhanden (zusätzlich als Release-Blocker aktiviert) | Workflow `.github/workflows/fuzzing-baseline.yml` | `gh workflow view fuzzing-baseline.yml --yaml` und `gh run list --workflow fuzzing-baseline.yml --limit 10` | Workflow existiert und ist ausführbar | mindestens ein erfolgreicher Run in den letzten 30 Tagen |
| `CIIBestPracticesID` | Prozess-/Security-Baseline dokumentiert und nachvollziehbar | Audit-/Governance-Docs + CI-Evidence + Security Policy | `ls docs/audit` + `bash tools/audit/verify-security-claims.sh` | Audit-Index vorhanden und verlinkt | Security-Claims-Evidence liefert `pass` für Blocker-Claims |
diff --git a/docs/0_de/versioning/002_HISTORY_VERSIONS.MD b/docs/0_de/versioning/002_HISTORY_VERSIONS.MD
index 4e487d6..29a0dbd 100644
--- a/docs/0_de/versioning/002_HISTORY_VERSIONS.MD
+++ b/docs/0_de/versioning/002_HISTORY_VERSIONS.MD
@@ -12,7 +12,7 @@ Heuristik für die Rückwirkungs-Zuordnung:
- `docs|test|ci|chore|tooling|refactor|fix` => Patch
Aktueller Entwicklungsstand:
-- Aktuelle Entwicklungslinie enthält `6.x` (aktueller Arbeitsstand: `v6.1.14`; Details in `docs/versioning/003_CHANGELOG_RELEASES.MD`).
+- Aktuelle Entwicklungslinie enthält `6.x` (aktueller Arbeitsstand: `v6.1.15`; Details in `docs/versioning/003_CHANGELOG_RELEASES.MD`).
Hinweis:
- Die Spalte `Keyword` verwendet den technischen Klassifizierungswert aus der Historie.
@@ -20,6 +20,7 @@ Hinweis:
| Version | Kurzbeschreibung | Commit | Keyword |
|---|---|---|---|
+| `6.1.15` | Governance-Drift geschlossen: Branch-Protection-Review-Policy und Scorecard-Governance-Mappings auf den verifizierten Ist-Stand `required_approving_review_count = 0` konsolidiert, inklusive aktualisierter Prozesskontrollen für verpflichtende Required-Checks und Review-Thread-Evidence gemäß `AGENTS.md` | [unreleased](https://github.com/tomtastisch/FileClassifier/compare/main...HEAD) | patch |
| `6.1.14` | 6.1.14 Pipeline-Konvergenz geschlossen: Release-Workflow erzwingt NuGet-Online-Konvergenz jetzt fail-closed auch für `workflow_dispatch`, Release-Metadaten werden artefaktbasiert deterministisch aufgelöst und Fuzzing-Blocker-/Governance-Evidence-Dokumentation entsprechend nachgezogen | [unreleased](https://github.com/tomtastisch/FileClassifier/compare/main...HEAD) | patch |
| `6.1.13` | FC-0016 abgeschlossen: In-Code-XML-Dokumentation im gesamten CSCore sprachlich auf Deutsch vereinheitlicht (inkl. konsistenter ``- und `
`-Verwendungsstruktur) und Terminologie für Audit-/Betriebskontexte konsolidiert | [unreleased](https://github.com/tomtastisch/FileClassifier/compare/main...HEAD) | patch |
| `6.1.12` | FC-0015 abgeschlossen: Bilinguale Doku-Rasterstruktur in `docs/0_de` und `docs/1_en` mit identischer Dateimenge und verpflichtenden Language-Switch-Headern kanonisch eingeführt; Sync-Tooling fail-closed gehärtet (Parity/Switch-Checks + Stale-Pruning) und PR-Scope-Allowlist für die neue Struktur erweitert | [unreleased](https://github.com/tomtastisch/FileClassifier/compare/main...HEAD) | patch |
diff --git a/docs/0_de/versioning/003_CHANGELOG_RELEASES.MD b/docs/0_de/versioning/003_CHANGELOG_RELEASES.MD
index c6ea75b..1d52084 100644
--- a/docs/0_de/versioning/003_CHANGELOG_RELEASES.MD
+++ b/docs/0_de/versioning/003_CHANGELOG_RELEASES.MD
@@ -7,6 +7,14 @@
Alle Änderungen werden hier technisch dokumentiert. Die Release-Version selbst ist
der Git-Tag `vX.Y.Z` (optional `-prerelease`) als SSOT.
+## [6.1.15]
+- Changed:
+ - Governance-Mapping für `CodeReviewID` auf den verifizierten Branch-Protection-Iststand harmonisiert (`required_approving_review_count = 0`, `require_code_owner_reviews = false`, `require_last_push_approval = false`).
+ - Aussagen „Merge ohne Review nicht möglich“ entfernt und durch prozessuale Pflichtkontrollen (Required Checks + Review-Thread-Evidence gemäß `AGENTS.md`) ersetzt.
+- Docs/CI/Tooling:
+ - Scorecard-Governance-Alert-Mappings in Root und DE/EN-Spiegeln konsolidiert.
+ - Versionskonvergenz aktiv auf `6.1.15` gesetzt (`RepoVersion`, `Version`, `PackageVersion`, Versionshistorie DE/EN).
+
## [6.1.14]
- Added:
- Release-Metadaten-Artefaktpfad eingeführt (`write_release_meta_artifact.sh`) und asynchrone Auflösung für `workflow_dispatch` ergänzt.
diff --git a/docs/1_en/audit/013_SCORECARD_GOVERNANCE_ALERT_MAPPING.MD b/docs/1_en/audit/013_SCORECARD_GOVERNANCE_ALERT_MAPPING.MD
index df7afb6..2fe39d4 100644
--- a/docs/1_en/audit/013_SCORECARD_GOVERNANCE_ALERT_MAPPING.MD
+++ b/docs/1_en/audit/013_SCORECARD_GOVERNANCE_ALERT_MAPPING.MD
@@ -4,13 +4,13 @@
# Scorecard Governance Alert Mapping (Ruleset/Process)
-As of: 2026-02-13
+As of: 2026-02-22
-## Verified Current State (2026-02-13)
+## Verified Current State (2026-02-22)
- Branch protection `main`:
- - `required_pull_request_reviews.required_approving_review_count = 1`
- - `require_code_owner_reviews = true`
- - `require_last_push_approval = true`
+ - `required_pull_request_reviews.required_approving_review_count = 0`
+ - `require_code_owner_reviews = false`
+ - `require_last_push_approval = false`
- Fuzzing:
- Workflow `.github/workflows/fuzzing-baseline.yml` active.
- Last manual evidence run: `22003901268` (`success`).
@@ -33,7 +33,7 @@ Map repo/governance-based Scorecard alerts without a concrete file (`no file ass
| Alert ID | Control (target) | Current implementation | Evidence (deterministic) | DoD A | DoD B |
|---|---|---|---|---|---|
| `BranchProtectionID` | `main` only via PR + required checks | branch protection/ruleset active, required checks configured | `gh api repos/tomtastisch/FileClassifier/branches/main/protection` | `required_status_checks` present | direct push to `main` is technically blocked |
-| `CodeReviewID` | at least 1 PR review before merge | PR review policy in branch protection/ruleset | `gh api repos/tomtastisch/FileClassifier/branches/main/protection --jq '.required_pull_request_reviews'` | `required_approving_review_count >= 1` | merge without review not possible |
+| `CodeReviewID` | no mandatory approving review (workaround active) | branch protection sets `review_count=0`; quality is enforced via required checks + review-thread process per `AGENTS.md` | `gh api repos/tomtastisch/FileClassifier/branches/main/protection --jq '.required_pull_request_reviews'` | `required_approving_review_count == 0` | merge without review is possible; process controls remain mandatory |
| `MaintainedID` | evidence of active maintenance | continuous commits/releases + active CI | `gh api repos/tomtastisch/FileClassifier/commits?per_page=20` and `gh api repos/tomtastisch/FileClassifier/actions/runs?per_page=20` | commits exist in last 90 days | successful workflow runs exist in last 30 days |
| `FuzzingID` | fuzzing baseline exists (additionally enforced as a release blocker) | workflow `.github/workflows/fuzzing-baseline.yml` | `gh workflow view fuzzing-baseline.yml --yaml` and `gh run list --workflow fuzzing-baseline.yml --limit 10` | workflow exists and is executable | at least one successful run in last 30 days |
| `CIIBestPracticesID` | process/security baseline documented and traceable | audit/governance docs + CI evidence + security policy | `ls docs/audit` + `bash tools/audit/verify-security-claims.sh` | audit index exists and links | security claims evidence returns `pass` for blocker claims |
diff --git a/docs/1_en/versioning/002_HISTORY_VERSIONS.MD b/docs/1_en/versioning/002_HISTORY_VERSIONS.MD
index 809e852..b80fb53 100644
--- a/docs/1_en/versioning/002_HISTORY_VERSIONS.MD
+++ b/docs/1_en/versioning/002_HISTORY_VERSIONS.MD
@@ -12,13 +12,14 @@ Heuristics for retroactive classification:
- `docs|test|ci|chore|tooling|refactor|fix` => patch
Current state:
-- Current release line contains `6.x` (current working state: `v6.1.14`; details in `docs/versioning/103_CHANGELOG_RELEASES.MD`).
+- Current release line contains `6.x` (current working state: `v6.1.15`; details in `docs/versioning/103_CHANGELOG_RELEASES.MD`).
Note:
- The \"short description\" column follows the original commit/PR intent text for deterministic traceability and is not normalized to a single language.
| Version | Short description | Commit | Keyword |
|---|---|---|---|
+| `6.1.15` | Governance drift closed: branch-protection review policy and Scorecard governance mappings were aligned to the verified state `required_approving_review_count = 0`, including updated process controls for mandatory required checks and review-thread evidence per `AGENTS.md` | [unreleased](https://github.com/tomtastisch/FileClassifier/compare/main...HEAD) | patch |
| `6.1.14` | 6.1.14 pipeline convergence closed: release workflow now enforces NuGet online convergence fail-closed for `workflow_dispatch` too, resolves release metadata deterministically via artifact, and aligns fuzzing-blocker/governance evidence documentation | [unreleased](https://github.com/tomtastisch/FileClassifier/compare/main...HEAD) | patch |
| `6.1.13` | FC-0016 completed: unified in-code XML documentation language to German across CSCore (including consistent `` and `
` structure) and consolidated terminology for audit/operational contexts | [unreleased](https://github.com/tomtastisch/FileClassifier/compare/main...HEAD) | patch |
| `6.1.12` | FC-0015 completed: introduced canonical bilingual docs grid under `docs/0_de` and `docs/1_en` with identical file sets and mandatory language-switch headers; hardened sync tooling fail-closed (parity/switch checks + stale file pruning) and expanded PR-scope allowlist for the new structure | [unreleased](https://github.com/tomtastisch/FileClassifier/compare/main...HEAD) | patch |
diff --git a/docs/1_en/versioning/003_CHANGELOG_RELEASES.MD b/docs/1_en/versioning/003_CHANGELOG_RELEASES.MD
index dc6957d..f9eb1ba 100644
--- a/docs/1_en/versioning/003_CHANGELOG_RELEASES.MD
+++ b/docs/1_en/versioning/003_CHANGELOG_RELEASES.MD
@@ -6,6 +6,14 @@
All changes are documented here in technical terms. The release version itself is the Git tag `vX.Y.Z` (optional `-prerelease`) as SSOT.
+## [6.1.15]
+- Changed:
+ - Harmonized the governance mapping for `CodeReviewID` with the verified branch-protection state (`required_approving_review_count = 0`, `require_code_owner_reviews = false`, `require_last_push_approval = false`).
+ - Removed claims that merge without review is impossible and replaced them with mandatory process controls (required checks + review-thread evidence per `AGENTS.md`).
+- Docs/CI/Tooling:
+ - Consolidated Scorecard governance alert mappings across root and DE/EN mirrors.
+ - Version convergence set to `6.1.15` (`RepoVersion`, `Version`, `PackageVersion`, DE/EN version history).
+
## [6.1.14]
- Added:
- Introduced release metadata artifact path (`write_release_meta_artifact.sh`) and asynchronous resolution for `workflow_dispatch`.
diff --git a/docs/audit/013_SCORECARD_GOVERNANCE_ALERT_MAPPING.MD b/docs/audit/013_SCORECARD_GOVERNANCE_ALERT_MAPPING.MD
index 2793ab2..115f80f 100644
--- a/docs/audit/013_SCORECARD_GOVERNANCE_ALERT_MAPPING.MD
+++ b/docs/audit/013_SCORECARD_GOVERNANCE_ALERT_MAPPING.MD
@@ -4,13 +4,13 @@
# Scorecard Governance Alert Mapping (Ruleset/Prozess)
-Stand: 2026-02-13
+Stand: 2026-02-22
-## Verifizierter Ist-Stand (2026-02-13)
+## Verifizierter Ist-Stand (2026-02-22)
- Branch Protection `main`:
- - `required_pull_request_reviews.required_approving_review_count = 1`
- - `require_code_owner_reviews = true`
- - `require_last_push_approval = true`
+ - `required_pull_request_reviews.required_approving_review_count = 0`
+ - `require_code_owner_reviews = false`
+ - `require_last_push_approval = false`
- Fuzzing:
- Workflow `.github/workflows/fuzzing-baseline.yml` aktiv.
- Letzter manueller Nachweis-Run: `22003901268` (`success`).
@@ -34,7 +34,7 @@ Diese Datei mappt die repo-/governance-basierten Scorecard-Alerts ohne konkrete
| Alert-ID | Steuerung (Soll) | Aktuelle Umsetzung | Evidence (deterministisch) | DoD A | DoD B |
|---|---|---|---|---|---|
| `BranchProtectionID` | `main` nur via PR + required checks | Branch Protection/Ruleset aktiv, required checks konfiguriert | `gh api repos/tomtastisch/FileClassifier/branches/main/protection` | `required_status_checks` vorhanden | direkter Push auf `main` technisch blockiert |
-| `CodeReviewID` | Mindestens 1 PR-Review vor Merge | PR-Review-Policy in Branch Protection/Ruleset | `gh api repos/tomtastisch/FileClassifier/branches/main/protection --jq '.required_pull_request_reviews'` | `required_approving_review_count >= 1` | Merge ohne Review nicht möglich |
+| `CodeReviewID` | Keine verpflichtende Approving-Review (Workaround aktiv) | Branch-Protection setzt `review_count=0`; Qualitätssicherung über Required Checks + Review-Thread-Prozess gemäß `AGENTS.md` | `gh api repos/tomtastisch/FileClassifier/branches/main/protection --jq '.required_pull_request_reviews'` | `required_approving_review_count == 0` | Merge ohne Review ist möglich; Prozesskontrollen bleiben verpflichtend |
| `MaintainedID` | Nachweis aktiver Wartung | Kontinuierliche Commits/Releases + aktive CI | `gh api repos/tomtastisch/FileClassifier/commits?per_page=20` und `gh api repos/tomtastisch/FileClassifier/actions/runs?per_page=20` | in den letzten 90 Tagen Commits vorhanden | in den letzten 30 Tagen erfolgreiche Workflow-Runs vorhanden |
| `FuzzingID` | Fuzzing-Baseline vorhanden (zusätzlich als Release-Blocker aktiviert) | Workflow `.github/workflows/fuzzing-baseline.yml` | `gh workflow view fuzzing-baseline.yml --yaml` und `gh run list --workflow fuzzing-baseline.yml --limit 10` | Workflow existiert und ist ausführbar | mindestens ein erfolgreicher Run in den letzten 30 Tagen |
| `CIIBestPracticesID` | Prozess-/Security-Baseline dokumentiert und nachvollziehbar | Audit-/Governance-Docs + CI-Evidence + Security Policy | `ls docs/audit` + `bash tools/audit/verify-security-claims.sh` | Audit-Index vorhanden und verlinkt | Security-Claims-Evidence liefert `pass` für Blocker-Claims |
diff --git a/docs/audit/113_SCORECARD_GOVERNANCE_ALERT_MAPPING.MD b/docs/audit/113_SCORECARD_GOVERNANCE_ALERT_MAPPING.MD
index d522f4f..4a20906 100644
--- a/docs/audit/113_SCORECARD_GOVERNANCE_ALERT_MAPPING.MD
+++ b/docs/audit/113_SCORECARD_GOVERNANCE_ALERT_MAPPING.MD
@@ -4,13 +4,13 @@
# Scorecard Governance Alert Mapping (Ruleset/Process)
-As of: 2026-02-13
+As of: 2026-02-22
-## Verified Current State (2026-02-13)
+## Verified Current State (2026-02-22)
- Branch protection `main`:
- - `required_pull_request_reviews.required_approving_review_count = 1`
- - `require_code_owner_reviews = true`
- - `require_last_push_approval = true`
+ - `required_pull_request_reviews.required_approving_review_count = 0`
+ - `require_code_owner_reviews = false`
+ - `require_last_push_approval = false`
- Fuzzing:
- Workflow `.github/workflows/fuzzing-baseline.yml` active.
- Last manual evidence run: `22003901268` (`success`).
@@ -33,7 +33,7 @@ Map repo/governance-based Scorecard alerts without a concrete file (`no file ass
| Alert ID | Control (target) | Current implementation | Evidence (deterministic) | DoD A | DoD B |
|---|---|---|---|---|---|
| `BranchProtectionID` | `main` only via PR + required checks | branch protection/ruleset active, required checks configured | `gh api repos/tomtastisch/FileClassifier/branches/main/protection` | `required_status_checks` present | direct push to `main` is technically blocked |
-| `CodeReviewID` | at least 1 PR review before merge | PR review policy in branch protection/ruleset | `gh api repos/tomtastisch/FileClassifier/branches/main/protection --jq '.required_pull_request_reviews'` | `required_approving_review_count >= 1` | merge without review not possible |
+| `CodeReviewID` | no mandatory approving review (workaround active) | branch protection sets `review_count=0`; quality is enforced via required checks + review-thread process per `AGENTS.md` | `gh api repos/tomtastisch/FileClassifier/branches/main/protection --jq '.required_pull_request_reviews'` | `required_approving_review_count == 0` | merge without review is possible; process controls remain mandatory |
| `MaintainedID` | evidence of active maintenance | continuous commits/releases + active CI | `gh api repos/tomtastisch/FileClassifier/commits?per_page=20` and `gh api repos/tomtastisch/FileClassifier/actions/runs?per_page=20` | commits exist in last 90 days | successful workflow runs exist in last 30 days |
| `FuzzingID` | fuzzing baseline exists (additionally enforced as a release blocker) | workflow `.github/workflows/fuzzing-baseline.yml` | `gh workflow view fuzzing-baseline.yml --yaml` and `gh run list --workflow fuzzing-baseline.yml --limit 10` | workflow exists and is executable | at least one successful run in last 30 days |
| `CIIBestPracticesID` | process/security baseline documented and traceable | audit/governance docs + CI evidence + security policy | `ls docs/audit` + `bash tools/audit/verify-security-claims.sh` | audit index exists and links | security claims evidence returns `pass` for blocker claims |
diff --git a/docs/versioning/002_HISTORY_VERSIONS.MD b/docs/versioning/002_HISTORY_VERSIONS.MD
index ffcaf48..d682b15 100644
--- a/docs/versioning/002_HISTORY_VERSIONS.MD
+++ b/docs/versioning/002_HISTORY_VERSIONS.MD
@@ -12,7 +12,7 @@ Heuristik für die Rückwirkungs-Zuordnung:
- `docs|test|ci|chore|tooling|refactor|fix` => Patch
Aktueller Entwicklungsstand:
-- Aktuelle Entwicklungslinie enthält `6.x` (aktueller Arbeitsstand: `v6.1.14`; Details in `docs/versioning/003_CHANGELOG_RELEASES.MD`).
+- Aktuelle Entwicklungslinie enthält `6.x` (aktueller Arbeitsstand: `v6.1.15`; Details in `docs/versioning/003_CHANGELOG_RELEASES.MD`).
Hinweis:
- Die Spalte `Keyword` verwendet den technischen Klassifizierungswert aus der Historie.
@@ -20,6 +20,7 @@ Hinweis:
| Version | Kurzbeschreibung | Commit | Keyword |
|---|---|---|---|
+| `6.1.15` | Governance-Drift geschlossen: Branch-Protection-Review-Policy und Scorecard-Governance-Mappings auf den verifizierten Ist-Stand `required_approving_review_count = 0` konsolidiert, inklusive aktualisierter Prozesskontrollen für verpflichtende Required-Checks und Review-Thread-Evidence gemäß `AGENTS.md` | [unreleased](https://github.com/tomtastisch/FileClassifier/compare/main...HEAD) | patch |
| `6.1.14` | 6.1.14 Pipeline-Konvergenz geschlossen: Release-Workflow erzwingt NuGet-Online-Konvergenz jetzt fail-closed auch für `workflow_dispatch`, Release-Metadaten werden artefaktbasiert deterministisch aufgelöst und Fuzzing-Blocker-/Governance-Evidence-Dokumentation entsprechend nachgezogen | [unreleased](https://github.com/tomtastisch/FileClassifier/compare/main...HEAD) | patch |
| `6.1.13` | FC-0016 abgeschlossen: In-Code-XML-Dokumentation im gesamten CSCore sprachlich auf Deutsch vereinheitlicht (inkl. konsistenter ``- und `
`-Verwendungsstruktur) und Terminologie für Audit-/Betriebskontexte konsolidiert | [unreleased](https://github.com/tomtastisch/FileClassifier/compare/main...HEAD) | patch |
| `6.1.12` | FC-0015 abgeschlossen: Bilinguale Doku-Rasterstruktur in `docs/0_de` und `docs/1_en` mit identischer Dateimenge und verpflichtenden Language-Switch-Headern kanonisch eingeführt; Sync-Tooling fail-closed gehärtet (Parity/Switch-Checks + Stale-Pruning) und PR-Scope-Allowlist für die neue Struktur erweitert | [unreleased](https://github.com/tomtastisch/FileClassifier/compare/main...HEAD) | patch |
diff --git a/docs/versioning/003_CHANGELOG_RELEASES.MD b/docs/versioning/003_CHANGELOG_RELEASES.MD
index a39cc9f..a4fec49 100644
--- a/docs/versioning/003_CHANGELOG_RELEASES.MD
+++ b/docs/versioning/003_CHANGELOG_RELEASES.MD
@@ -7,6 +7,14 @@
Alle Änderungen werden hier technisch dokumentiert. Die Release-Version selbst ist
der Git-Tag `vX.Y.Z` (optional `-prerelease`) als SSOT.
+## [6.1.15]
+- Changed:
+ - Governance-Mapping für `CodeReviewID` auf den verifizierten Branch-Protection-Iststand harmonisiert (`required_approving_review_count = 0`, `require_code_owner_reviews = false`, `require_last_push_approval = false`).
+ - Aussagen „Merge ohne Review nicht möglich“ entfernt und durch prozessuale Pflichtkontrollen (Required Checks + Review-Thread-Evidence gemäß `AGENTS.md`) ersetzt.
+- Docs/CI/Tooling:
+ - Scorecard-Governance-Alert-Mappings in Root und DE/EN-Spiegeln konsolidiert.
+ - Versionskonvergenz aktiv auf `6.1.15` gesetzt (`RepoVersion`, `Version`, `PackageVersion`, Versionshistorie DE/EN).
+
## [6.1.14]
- Added:
- Release-Metadaten-Artefaktpfad eingeführt (`write_release_meta_artifact.sh`) und asynchrone Auflösung für `workflow_dispatch` ergänzt.
diff --git a/docs/versioning/102_HISTORY_VERSIONS.MD b/docs/versioning/102_HISTORY_VERSIONS.MD
index dd37670..169bce0 100644
--- a/docs/versioning/102_HISTORY_VERSIONS.MD
+++ b/docs/versioning/102_HISTORY_VERSIONS.MD
@@ -12,13 +12,14 @@ Heuristics for retroactive classification:
- `docs|test|ci|chore|tooling|refactor|fix` => patch
Current state:
-- Current release line contains `6.x` (current working state: `v6.1.14`; details in `docs/versioning/103_CHANGELOG_RELEASES.MD`).
+- Current release line contains `6.x` (current working state: `v6.1.15`; details in `docs/versioning/103_CHANGELOG_RELEASES.MD`).
Note:
- The \"short description\" column follows the original commit/PR intent text for deterministic traceability and is not normalized to a single language.
| Version | Short description | Commit | Keyword |
|---|---|---|---|
+| `6.1.15` | Governance drift closed: branch-protection review policy and Scorecard governance mappings were aligned to the verified state `required_approving_review_count = 0`, including updated process controls for mandatory required checks and review-thread evidence per `AGENTS.md` | [unreleased](https://github.com/tomtastisch/FileClassifier/compare/main...HEAD) | patch |
| `6.1.14` | 6.1.14 pipeline convergence closed: release workflow now enforces NuGet online convergence fail-closed for `workflow_dispatch` too, resolves release metadata deterministically via artifact, and aligns fuzzing-blocker/governance evidence documentation | [unreleased](https://github.com/tomtastisch/FileClassifier/compare/main...HEAD) | patch |
| `6.1.13` | FC-0016 completed: unified in-code XML documentation language to German across CSCore (including consistent `` and `
` structure) and consolidated terminology for audit/operational contexts | [unreleased](https://github.com/tomtastisch/FileClassifier/compare/main...HEAD) | patch |
| `6.1.12` | FC-0015 completed: introduced canonical bilingual docs grid under `docs/0_de` and `docs/1_en` with identical file sets and mandatory language-switch headers; hardened sync tooling fail-closed (parity/switch checks + stale file pruning) and expanded PR-scope allowlist for the new structure | [unreleased](https://github.com/tomtastisch/FileClassifier/compare/main...HEAD) | patch |
diff --git a/docs/versioning/103_CHANGELOG_RELEASES.MD b/docs/versioning/103_CHANGELOG_RELEASES.MD
index 5e5af83..ec4651c 100644
--- a/docs/versioning/103_CHANGELOG_RELEASES.MD
+++ b/docs/versioning/103_CHANGELOG_RELEASES.MD
@@ -6,6 +6,14 @@
All changes are documented here in technical terms. The release version itself is the Git tag `vX.Y.Z` (optional `-prerelease`) as SSOT.
+## [6.1.15]
+- Changed:
+ - Harmonized the governance mapping for `CodeReviewID` with the verified branch-protection state (`required_approving_review_count = 0`, `require_code_owner_reviews = false`, `require_last_push_approval = false`).
+ - Removed claims that merge without review is impossible and replaced them with mandatory process controls (required checks + review-thread evidence per `AGENTS.md`).
+- Docs/CI/Tooling:
+ - Consolidated Scorecard governance alert mappings across root and DE/EN mirrors.
+ - Version convergence set to `6.1.15` (`RepoVersion`, `Version`, `PackageVersion`, DE/EN version history).
+
## [6.1.14]
- Added:
- Introduced release metadata artifact path (`write_release_meta_artifact.sh`) and asynchronous resolution for `workflow_dispatch`.
diff --git a/src/FileTypeDetection/FileTypeDetectionLib.vbproj b/src/FileTypeDetection/FileTypeDetectionLib.vbproj
index 7843b07..929d9c2 100644
--- a/src/FileTypeDetection/FileTypeDetectionLib.vbproj
+++ b/src/FileTypeDetection/FileTypeDetectionLib.vbproj
@@ -7,8 +7,8 @@
true
false
Tomtastisch.FileClassifier
- 6.1.14
- 6.1.14
+ 6.1.15
+ 6.1.15
tomtastisch
Deterministic file type and MIME detection with fail-closed archive safety checks, secure extraction primitives, and reproducible hashing evidence for .NET.
filetype;mime;detection;magic-bytes;sniffing;archive;zip;tar;7z;rar;zipslip;security;hashing;sha256;deterministic;dotnet;netstandard2.0;net8;net10