01
Secure development lifecycle
A Truenote-specific lifecycle defines security responsibilities from design and threat review through testing, release, and post-change verification.
PCI DSS includes secure-software requirements for systems that are inside, or can affect, a cardholder data environment. For an application such as Truenote, that means disciplined software development, vulnerability detection, protection against common web attacks, and controlled releases. The safeguards below are the parts Truenote has completed and tested in this repository.
Each item below is backed by implementation, documentation, or a passed repository acceptance check.
01
A Truenote-specific lifecycle defines security responsibilities from design and threat review through testing, release, and post-change verification.
02
A documented threat model covers application, AI, provider, authorization, data, and PCI-impact boundaries. Negative tests exercise fail-closed behavior.
03
Deterministic high-risk input is checked before persistence and before calls to embedding, reranking, answer, and utility-model providers.
04
Sensitive generated text is blocked before a normal answer is returned. Missing or invalid citations also produce a refusal.
05
Program and classification limits are applied before retrieval and checked again before protected content can reach generation or citation lookup.
06
Source, file, scan, parsing, lifecycle, and role checks must pass before knowledge content becomes available to users.
07
The delivery workflow runs CodeQL, secret scanning, dependency auditing, software bill of materials generation, type checks, builds, and unit tests.
08
A tool-neutral change procedure and record format capture reason, impact, authorization, review, testing, deployment, recovery, and post-change verification.
09
Security events use append-only hash chaining. Durable SIEM delivery logic includes signed payloads, retry leases, backoff, and dead-letter handling.
These results verify the repository implementation and its documented evidence package.
Negative tests denied cross-program and above-clearance retrieval, citation access, and document reads.
Portable tests captured provider payloads and confirmed deterministic redaction before supported provider calls.
Tests rejected missing, malformed, unknown, and out-of-range citations and refused sensitive model output.
Tests accepted trusted same-origin mutations and rejected foreign, opaque, malformed, cross-site, and sibling-origin requests.
Tests passed signed delivery, lease fencing, retry scheduling, dead-letter handling, and delivery-health behavior.
Hosted checks passed type checking, production build, unit tests, secret scan, dependency audit and SBOM, and CodeQL analysis.
Every completed safeguard and passed check named above is represented below. Each card opens the exact public repository document, implementation, test, or workflow record in a new tab.
Processes, design analysis, staff guidance, and release records.
Documented behavior, source implementation, and direct boundary tests.
Server-side authorization, controlled activation, and browser-request defenses.
Security-event integrity, durable delivery, hosted analysis, and evidence validation.