Skip to content

v1.1.1

Choose a tag to compare

View all tags
@nopoz nopoz released this 30 May 00:44
· 12 commits to main since this release
v1.1.1
e374780
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Maintenance release. No changes to the script or its behavior.

  • Update the base image to Alpine 3.23.
  • Harden CI/CD: every action pinned to a commit SHA, build provenance
    attestation on the published image, and Trivy image scanning with results
    uploaded to code scanning.
  • Add workflow static analysis (zizmor, actionlint), Dockerfile linting
    (hadolint), and secret scanning (gitleaks).
  • Add Dependabot for the github-actions and docker ecosystems.
Assets 2
Loading