docs: update task tracking after CI enhancement

2025-12-25 00:10:37 +01:00
parent 88da4fedbe
commit db9b45a9ad
3 changed files with 3 additions and 0 deletions
--- a/TODO.md
+++ b/TODO.md
@@ -17,6 +17,7 @@ Unstructured intake buffer for ideas, issues, and observations. Items here are r

 ## Observations

+- CI enhanced: security-tests job, SBOM generation (CycloneDX), memory leak checks
 - Comprehensive pentest plan completed (PENTEST_PLAN.md) - all remediations implemented
 - PKI uses AES-256-GCM for CA private key encryption (PBKDF2 key derivation)
 - SHA1 fingerprints are X.509 standard, not security-relevant (usedforsecurity=False)