v1.1 Planning
The following features are under consideration for v1.1. The v1.1 theme is software supply chain security — a natural extension of the air-gap deployment workflow. When deploying software to air-gapped environments, verifying the integrity and provenance of every component is critical. SBOM generation, cryptographic bill-of-materials tracking, and offline vulnerability scanning address this need directly.
AirGap Deploy v1.1
SBOM generation: Generate CycloneDX SBOM during
prepphase from Cargo.lock dependency graph, component metadata, and license informationCBOM generation: Scan dependencies for known cryptographic crates and document crypto usage as CycloneDX CBOM entries
Vulnerability scanning:
airgap-deploy scansubcommand that checks SBOMs against an offline vulnerability database (Grype or Trivy)
AirGap Transfer v1.1
SBOM-aware manifests: Reference CycloneDX SBOM files in transfer manifests for chain-of-custody documentation
Cleanroom Whisper v1.1
No v1.1 features are currently planned for Cleanroom Whisper. Whisper’s v1.0.0 scope is self-contained, and post-v1.0.0 priorities will depend on user feedback and adoption patterns. Possible future directions include additional output format support and export options, but no commitments are made at this stage.
Timeline
The v1.1 scope will be finalized after v1.0.0 release and initial user feedback. No target date has been set. Per the release philosophy, AirGap Deploy and Transfer minor releases are coordinated while Cleanroom Whisper releases independently.
See individual project SRS documents for detailed requirements (tagged v1.1).
Proposed Artifacts
The following tables list all proposed sphinx-needs artifacts for v1.1. These items are not yet approved and may change based on v1.0.0 feedback.
AirGap Deploy
ID |
Title |
Type |
Priority |
Status |
|---|---|---|---|---|
Generate CycloneDX SBOM |
req |
should |
proposed |
|
Parse Cargo.lock for Dependency Graph |
req |
should |
proposed |
|
Extract License Information |
req |
should |
proposed |
|
Include Component Metadata in SBOM |
req |
should |
proposed |
|
Include SBOM in Deployment Archive |
req |
should |
proposed |
|
Detect Cryptographic Dependencies |
req |
should |
proposed |
|
Document Internal Cryptographic Usage |
req |
should |
proposed |
|
Unified SBOM/CBOM Document |
req |
should |
proposed |
|
Scan Subcommand |
req |
could |
proposed |
|
Offline Vulnerability Database |
req |
could |
proposed |
|
Vulnerability Report Output |
req |
could |
proposed |
|
Severity Threshold Exit Code |
req |
could |
proposed |
|
SBOM/CBOM Generation During Deployment Packaging |
usecase |
should |
proposed |
|
Offline Vulnerability Scanning with SBOM |
usecase |
could |
proposed |
AirGap Transfer
ID |
Title |
Type |
Priority |
Status |
|---|---|---|---|---|
Reference SBOM in Transfer Manifest |
req |
could |
proposed |
|
Log SBOM in Transfer Audit Trail |
req |
could |
proposed |
|
Transfer Deployment Package with SBOM Metadata |
usecase |
could |
proposed |