Skip to content

CHANGELOG.md

Latest commit

 

History

History
125 lines (67 loc) · 6.19 KB

CHANGELOG.md

File metadata and controls

125 lines (67 loc) · 6.19 KB

1.1.0 (2026-04-17)

Features

  • trigger release pipeline (cb88666)

[Unreleased]

Added

Changed

Fixed

1.0.10 (2026-04-17)

Added

Changed

  • security: ignore remaining inherited Go CVEs in .trivyignore (expires 2026-08-19) to keep scans actionable until upstream runner/toolchain updates land

Fixed

1.0.9 (2026-04-17)

Added

Changed

  • deps: sync Containerfile defaults and local tooling pins to patched versions (argo 4.0.4, kargo 1.9.6, pack 0.40.2, dive 0.13.1, hadolint 2.14.0, yq 4.53.2)

Fixed

1.0.8 (2026-04-17)

Added

  • ci: scheduled workflow to update GitHub Actions runner version daily (push to main, no human intervention; requires REPO_PAT secret)

Changed

  • security: add CVE-2026-24051 to .trivyignore (OpenTelemetry SDK in containerd, trivy, argo)
  • deps: upgrade runner and bundled tool versions in manifest.yaml (runner 2.333.1, argo 4.0.4, kargo 1.9.6, pack 0.40.2, dive 0.13.1, hadolint 2.14.0, yq 4.53.2)
  • ci(trivy): write JSON report to build/trivy-report.json and print a human-readable vulnerability summary when scans fail

Fixed

  • container: bootstrap pip with --break-system-packages for PEP 668 (externally-managed-environment)
  • deps: update GitHub Actions runner to 2.333.0 and 2.333.1

1.0.7 (2026-03-01)

Bug Fixes

  • container: bootstrap pip with --break-system-packages for PEP 668 (12eb4cf)

1.0.6 (2026-03-01)

Bug Fixes

  • deps: upgrade Actions runner from 2.321.0 to 2.332.0 (v2.321.0 deprecated by GitHub)

1.0.5 (2026-02-20)

Bug Fixes

  • ci: remove --all flag from skopeo copy to fix registry push (1602822)

1.0.4 (2026-02-20)

Bug Fixes

  • add .trivyignore for base-image CVEs and document security (706ba83)
  • ci: scan image from Docker daemon in Trivy step (54334d3)
  • ci: use --input flag for trivy OCI archive scan (88da58a)
  • use +0000 in .trivyignore exp dates for Trivy parse (e2d66c5)

1.0.3 (2026-02-19)

Bug Fixes

  • ci: use oci-archive format for trivy scan and cache vulndb (acd077c)

1.0.2 (2026-02-19)

Bug Fixes

  • use bash arrays for BUILD_ARGS and LABELS to handle values with spaces (0dd5806)

1.0.1 (2026-02-19)

Bug Fixes

  • ci: add missing -y flags and fix trivy command in release pipeline (33ca427)

1.0.0 (2026-02-19)

Bug Fixes

  • address PR review feedback (d1e532f)
  • address PR review feedback (a178c21)
  • comments from pr (hadolint, python version) (30e5588)
  • container: bootstrap pip via get-pip.py for deadsnakes Python (48a8477)
  • container: install pip for Python 3.12/3.13 via ensurepip (76980ea)
  • use ghcr.io/actions/actions-runner base image and fix FromAsCasing (697a7a6)

Features

  • add pre-commit with hadolint, shellcheck, and commitlint hooks (ea59872)
  • add semantic-release pipeline with build tools and best practices (6db1c23)
  • container: add Python pip packages and GCC build tooling (559933d)
  • replace custom update-tools workflow with Renovate (ba84de9)
  • replace packer with kargo CLI (51c2b52)
  • switch base image to GitHub runner and add DevOps tools (10d0b70)
  • v1 (20b6ec2)