Add a changelog (#411)

Signed-off-by: Ben Cotton <ben@kusari.dev>

Author: funnelfiasco

docs/index.md

@@ -16,7 +16,7 @@ Previous versions are presented for historical reference.
 Downstream consumers of the OSPS Baseline should specify their compliance against a specific version.
 Only the version labeled as "current" should be used for new compliance efforts.
 
-* Current version: [v2025.10.10](versions/2025-10-10) (<a href="versions/2025-10-10-checklist.md">checklist</a>)
+* Current version: [v2025.10.10](versions/2025-10-10) (<a href="versions/2025-10-10-checklist.md">checklist</a>) ([release notes](release_notes.md#2025-10-10))
 * Previous versions:
     * [v2025.02.25](versions/2025-02-25) (<a href="versions/2025-02-25-checklist.md">checklist</a>)
 * [In-development version](versions/devel) (<a href="versions/devel-checklist.md">checklist</a>)

docs/release_notes.md

@@ -0,0 +1,42 @@
+# OSPS Baseline release notes
+
+## 2025-10-10
+
+### New controls
+
+* Level 1
+    * [OSPS-BR-01.02](versions/2025-10-10#osps-br-0102)
+    * [OSPS-BR-03.02](versions/2025-10-10#osps-br-0302)
+    * [OSPS-BR-07.01](versions/2025-10-10#osps-br-0701)
+    * [OSPS-QA-05.02](versions/2025-10-10#osps-qa-0502)
+* Level 2
+    * (none)
+* Level 3
+    * [OSPS-BR-07.02](versions/2025-10-10#osps-br-0702)
+    * [OSPS-DO-03.02](versions/2025-10-10#osps-br-0302)
+
+### Modified controls
+
+(none)
+
+### Removed controls
+
+(none)
+
+### New control mappings
+
+* [800-161](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-161r1-upd1.pdf)
+* [PCIDSS](https://docs-prv.pcisecuritystandards.org/PCI%20DSS/Standard/PCI-DSS-v4_0_1.pdf)
+* [PSSCRM](https://arxiv.org/pdf/2404.12300)
+* [SAMM](https://owaspsamm.org/model/)
+* [UKSSCOP](https://www.gov.uk/government/publications/software-security-code-of-practice/software-security-code-of-practice)
+
+### Other changes
+
+* Added definitions for several additional terms in order to improve clarity
+
+----
+
+## 2025-02-25
+
+Initial release of the Open Source Project Security Baseline.