[1.7.0] - 2026-02-28

Added

• add bot detection input and outputs for CI build management

[1.6.0] - 2026-02-28

Added

• add unified workflow for container build and release
• add release-platforms input and unified workflow example
• add release-platforms input and resolve build platforms step

[1.5.0] - 2026-02-28

Added

• migrate scripts to typescript

Changed

• update action to use compiled dist output
• configure typescript build tooling

[1.4.0] - 2026-02-28

Added

• add commit convention gate for smart build filtering

Changed

• bump alpine base image from 3.19 to 3.21

Removed

• drop dockerhub credential secret name inputs
• remove unused sanitize_branch_name function

Fixed

• conditional cache, pr comment events, dynamic version

[1.3.1] - 2026-02-22

Changed

• skip per-package monorepo release tags in container builds (#20)

[1.3.0] - 2026-02-22

Added

• add release workflow for automated version tagging

What's New

• Added GitHub Release event support for automatic semantic version tagging
• Standard releases generate 1.2.3, 1.2, 1, and latest tags
• Pre-releases generate version and channel tags (e.g., beta)
• New release-version output
• Added examples/release-workflow.yml
• Removed unnecessary package.json and package-lock.json
• Zero breaking changes

Full Changelog: v1.1.1...v1.2.0

What's Changed

• Add SECURITY.md with unified security policy by @Copilot in #14
• Add version number to PR comment footer by @Copilot in #17
• ⚙️ setup: add clean commit convention files by @Copilot in #18

Full Changelog: v1.1.0...v1.1.1

What's Changed

• Added built-in Trivy vulnerability scanning for source code, Dockerfile, and container images
• Added automatic SARIF upload to GitHub Security tab for vulnerability tracking
• Added comprehensive security scan results in PR comments with expandable vulnerability details
• Added optional baseline image comparison to track security improvements over time
• Added 17 new security-related inputs with sensible defaults (scanning enabled by default)
• Added 6 new security-related outputs (vulnerability counts by severity)
• Added example workflows demonstrating basic, strict, and comparison scanning modes
• Added .trivyignore.example template for managing false positives
• Updated README with comprehensive security scanning documentation and FAQ section
• Fixed package.json by removing invalid "main" field (composite actions don't require it)
• Fixed pr-comment.js with defensive array checks to prevent crashes on malformed Trivy output
• Updated Trivy action to v0.33.1 (includes 2025 security patches)

Full Changelog: v1.0.5...v1.1.0

What's Changed

• Renamed latest flow to staging for clearer pre-production semantics and better CI/CD integration
• Updated build flow detection to use staging-{sha} tag format for pushes to main branch
• Enhanced README with comprehensive tagging strategy documentation explaining SHA-based tagging
• Added workflow graph visualization showing all five flow types including new staging flow
• Improved flow type descriptions and use case documentation across all files

Full Changelog: v1.0.4...v1.0.5