What's Changed

• Revert "Enable automated release tagging when PR from branch's 'release-xxxx'" by @davidcollom in #407
• Bump golang.org/x/crypto from 0.41.0 to 0.45.0 by @dependabot[bot] in #408
• Bump the go-dependencies group with 11 updates by @dependabot[bot] in #410
• Bump the github-actions group with 3 updates by @dependabot[bot] in #411
• Bump the github-actions group with 3 updates by @dependabot[bot] in #413
• Bump alpine from 3.22.2 to 3.23.2 in the container-images group by @dependabot[bot] in #414
• Bump the go-dependencies group with 11 updates by @dependabot[bot] in #415
• Bump alpine from 3.23.2 to 3.23.3 in the container-images group by @dependabot[bot] in #416
• Bump dependabot/fetch-metadata from 2.4.0 to 2.5.0 in the github-actions group by @dependabot[bot] in #417
• Bump the go-dependencies group with 15 updates by @dependabot[bot] in #418
• Bump aquasecurity/trivy-action from 0.33.1 to 0.34.0 in /.github/workflows in the github_actions group across 1 directory by @dependabot[bot] in #419
• Bump golang from 1.25-alpine to 1.26-alpine in the container-images group by @dependabot[bot] in #421
• Bump the github-actions group with 2 updates by @dependabot[bot] in #422
• Bump the go-dependencies group with 10 updates by @dependabot[bot] in #423
• Bump aquasecurity/trivy-action from 0.34.1 to 0.35.0 in /.github/workflows in the github_actions group across 1 directory by @dependabot[bot] in #424
• Bump the github-actions group with 8 updates by @dependabot[bot] in #425
• Bump the go-dependencies group with 12 updates by @dependabot[bot] in #426
• Bump the github-actions group with 4 updates by @dependabot[bot] in #428
• Bump alpine from 3.23.3 to 3.23.4 in the container-images group by @dependabot[bot] in #429
• Bump the go-dependencies group with 11 updates by @dependabot[bot] in #430
• Bump the github-actions group with 4 updates by @dependabot[bot] in #438
• Bump the go-dependencies group with 11 updates by @dependabot[bot] in #439
• Fix retryablehttp logging adapter for docker/quay clients by @camh- in #440
• Fix long-term GitHub Actions failures and remediate govulncheck CVE findings by @davidcollom with @Copilot in #437
• feat: Upgrade Alpine Image and Packages by @joshw123 in #442
• Document and cover missing-image alerting via version_checker_image_failures_total by @davidcollom with @Copilot in #436
• Prune stale per-container version metrics to stop unbounded Prometheus series growth by @davidcollom with @Copilot in #434
• Add Helm support for Grafana dashboard annotations (including folder assignment) by @davidcollom with @Copilot in #432
• Fix selfhosted Helm secret key collisions that broke GitLab PAT auth by @davidcollom with @Copilot in #431
• fix: paginate ECR DescribeImages to retrieve all image tags by @matteosilv in #441

New Contributors

• @camh- made their first contribution in #440
• @davidcollom with @Copilot made their first contribution in #437
• @matteosilv made their first contribution in #441

Full Changelog: v0.10.0...v0.11.0

What's Changed

• Enable automated release tagging when PR from branch's 'release-xxxx' by @davidcollom in #329
• Bump the go-dependencies group with 11 updates by @dependabot[bot] in #389
• Bump the github-actions group with 2 updates by @dependabot[bot] in #388
• Consider all SHA's of a manifest by @davidcollom in #355
• docs: Fix broken link for known-configurations.md by @InsomniaCoder in #397
• Bump alpine from 3.22.0 to 3.22.1 in the container-images group by @dependabot[bot] in #394
• Bump the go-dependencies group with 7 updates by @dependabot[bot] in #393
• Bump the github-actions group with 2 updates by @dependabot[bot] in #392
• Bump the go-dependencies group with 17 updates by @dependabot[bot] in #399
• Bump the github-actions group with 7 updates by @dependabot[bot] in #398
• Bump golang from 1.24-alpine to 1.25-alpine in the container-images group by @dependabot[bot] in #400
• Bump alpine from 3.22.1 to 3.22.2 in the container-images group by @dependabot[bot] in #403
• Bump the go-dependencies group with 8 updates by @dependabot[bot] in #402
• Bump the github-actions group with 5 updates by @dependabot[bot] in #401
• Resolve CodeQL "Issues" by @davidcollom in #404
• Track Kubernetes Channels for latest versions by @maria-reynoso in #351
• Release v0.10.0 by @github-actions[bot] in #405

New Contributors

• @InsomniaCoder made their first contribution in #397

Full Changelog: v0.9.3...v0.10.0

What's Changed

• Bump alpine from 3.21.3 to 3.22.0 in the container-images group by @dependabot in #385
• Bump the go-dependencies group with 8 updates by @dependabot in #384
• Prevent resource leak in keyfunc initialization by @MicahParks in #382
• Bump golangci/golangci-lint-action from 7.0.0 to 8.0.0 in the github-actions group by @dependabot in #383
• Release v0.9.3 by @github-actions in #386

New Contributors

• @MicahParks made their first contribution in #382

Full Changelog: v0.9.2...v0.9.3

What's Changed

• Adding custom backoff function for API's that can be excessive by @davidcollom in #354
• Bump the github-actions group with 2 updates by @dependabot in #377
• Bump the go-dependencies group with 11 updates by @dependabot in #378
• New documentation structure by @maria-reynoso in #375
• Release v0.9.2 by @github-actions in #380

Full Changelog: v0.9.1...v0.9.2

What's Changed

• Resolve SHA256 to tags automatically if the images specified in the k8s manifests doesn't contain tag. by @jahantech in #70
• Use basic auth when token endpoint is not found by @paulwilljones in #356
• Fix label formatting dashboards.yaml by @mstarostik in #359
• validate selfhosted options by @paulwilljones in #361
• Attempt to generate SBOM and Provenance artifacts by @davidcollom in #366
• Fix options parsing - ensuring that TOKEN_PATH and TOKEN_XXX aren't mixed by @davidcollom in #367
• Fix issue 362 by @davidcollom in #365
• Sign Container Images and Helm Chart Aftifacts by @davidcollom in #369
• Ability be set the Requeue Duration by @davidcollom in #368

New Contributors

• @jahantech made their first contribution in #70
• @mstarostik made their first contribution in #359

Full Changelog: v0.9.0...v0.9.1-rc2

What's Changed

• Resolve SHA256 to tags automatically if the images specified in the k8s manifests doesn't contain tag. by @jahantech in #70
• Use basic auth when token endpoint is not found by @paulwilljones in #356
• Fix label formatting dashboards.yaml by @mstarostik in #359
• validate selfhosted options by @paulwilljones in #361
• Attempt to generate SBOM and Provenance artifacts by @davidcollom in #366
• Fix options parsing - ensuring that TOKEN_PATH and TOKEN_XXX aren't mixed by @davidcollom in #367
• Fix issue 362 by @davidcollom in #365
• Sign Container Images and Helm Chart Aftifacts by @davidcollom in #369
• Ability be set the Requeue Duration by @davidcollom in #368

New Contributors

• @jahantech made their first contribution in #70
• @mstarostik made their first contribution in #359

Full Changelog: v0.9.0...v0.9.1-rc1

What's Changed

• Resolve SHA256 to tags automatically if the images specified in the k8s manifests doesn't contain tag. by @jahantech in #70
• Use basic auth when token endpoint is not found by @paulwilljones in #356
• Fix label formatting dashboards.yaml by @mstarostik in #359
• validate selfhosted options by @paulwilljones in #361
• Attempt to generate SBOM and Provenance artifacts by @davidcollom in #366
• Fix options parsing - ensuring that TOKEN_PATH and TOKEN_XXX aren't mixed by @davidcollom in #367
• Fix issue 362 by @davidcollom in #365
• Sign Container Images and Helm Chart Aftifacts by @davidcollom in #369
• Ability be set the Requeue Duration by @davidcollom in #368
• Release v0.9.1 by @github-actions in #374

New Contributors

• @jahantech made their first contribution in #70
• @mstarostik made their first contribution in #359

Full Changelog: v0.9.0...v0.9.1

What's Changed

• Bump the github-actions group with 2 updates by @dependabot in #331
• Bump the go-dependencies group with 6 updates by @dependabot in #330
• Bump golang.org/x/net from 0.34.0 to 0.36.0 in the go_modules group by @dependabot in #338
• Bump the container-images group with 2 updates by @dependabot in #336
• Adding support for GHCR custom domains for using Github Enterprise by @davidcollom in #339
• Bump github.com/golang-jwt/jwt/v5 from 5.2.1 to 5.2.2 in the go_modules group by @dependabot in #343
• Bump github.com/golang-jwt/jwt/v4 from 4.5.1 to 4.5.2 in the go_modules group by @dependabot in #344
• Bump the go-dependencies group across 1 directory with 11 updates by @dependabot in #341
• Adding http metrics to calculate upstream response times by @davidcollom in #342
• Add Errors Reporting Prometheus Metric by @maria-reynoso in #345
• Adding support for additional ACR TLD's by @davidcollom in #340
• Enable ServiceMonitor by default, if available by @davidcollom in #320
• [BUG] Adding missing go metrics collectors by @davidcollom in #347
• Adding a LastUpdated metric so that we can see when images were lookedup and if we have stale data by @davidcollom in #346
• Move over to controller-runtime over doing it ourselves by @davidcollom in #348
• Fix issue of filtering sig,att,sbom image tags when searching SHA and Tag/SemVer, enable regex filtering with SHA searching too, for additional exclusions by @davidcollom in #349
• Bump the github-actions group with 3 updates by @dependabot in #350
• Release v0.9.0 by @github-actions in #353

New Contributors

• @maria-reynoso made their first contribution in #345

Full Changelog: v0.8.6...v0.9.0

What's Changed

• Fix issue 314 - Helm chart does not support CA cert configuration by @davidcollom in #316
• Bump the go-dependencies group across 1 directory with 10 updates by @dependabot in #313
• Bump golangci/golangci-lint-action from 6.1.1 to 6.2.0 in the github-actions group by @dependabot in #312
• Bump alpine from 3.21.0 to 3.21.2 in the container-images group by @dependabot in #310
• Bump the go-dependencies group with 4 updates by @dependabot in #321
• Fix Helm template indentation in env by @ErmakovDmitriy in #327
• Bump the go-dependencies group across 1 directory with 6 updates by @dependabot in #325
• Bump golangci/golangci-lint-action from 6.2.0 to 6.3.1 in the github-actions group by @dependabot in #326
• Release v0.8.6 by @github-actions in #328

New Contributors

• @ErmakovDmitriy made their first contribution in #327

Full Changelog: v0.8.5...v0.8.6

What's Changed

• Bump the go-dependencies group across 1 directory with 10 updates by @dependabot in #305
• Release v0.8.5 by @github-actions in #308

Full Changelog: v0.8.4...v0.8.5