Changelog

New features, improvements, and fixes to ImageSentinel.

v0.5.0

LatestJanuary 15, 2025

VEX Attestations

Added Vulnerability Exploitability eXchange (VEX) attestations to all images.

Kyverno Policy Templates

Pre-built Kyverno policies for signature verification.

SBOM Performance

50% faster SBOM generation for large images.

v0.4.0

December 20, 2024

GitLab CI Integration

Native GitLab CI/CD integration with auto-generated pipeline templates.

Multi-arch Support

ARM64 and AMD64 hardened images available.

Registry Authentication

Fixed token refresh for long-running CI pipelines.

v0.3.0

November 15, 2024

SLSA Level 3 Provenance

All images now include SLSA Level 3 build provenance attestations.

Go Runtime Images

Added hardened Go minimal base images.

CLI Improvements

New `sentinel verify` command for local signature verification.

v0.2.0

October 1, 2024

GitHub Actions

Released official GitHub Actions for image hardening.

Java Runtime Images

Added hardened Java 17 and Java 21 minimal base images.

v0.1.0

September 1, 2024

Initial Release

ImageSentinel private beta with Python and Node.js hardened images.

Sigstore Signing

Keyless image signing with Sigstore Cosign.

SBOM Generation

CycloneDX and SPDX SBOM formats.

Want to stay updated?

Follow our blog for detailed release notes and engineering insights.

Read the Blog View Documentation

Release History