Skip to content

Release history

apko releases

Build OCI images from APK packages directly without Dockerfile

Back to tool Latest release

All releases

40 shown

Review required
v1.2.15 Maintenance
Dependencies

Routine maintenance and dependency updates.

Open
Review required
v1.2.14 Maintenance
Dependencies Breaking upgrade

Routine maintenance and dependency updates.

Open
Review required
v1.2.13 Maintenance
Dependencies

Routine maintenance and dependency updates.

Open
v1.2.12 Security relevant
Security fixes
  • Harden against template injection and credential exposure in CI pipelines
Full changelog

Changelog

  • b7931baa8cd8aa1718dcea63208eacebb27148d9 build(deps): bump chainguard-dev/actions from 1.6.17 to 1.6.19 (#2219)
  • 34a75306b40ee67508c6ce6ee34e447dd1454fec fix(ci): harden against template injection and credential exposure (#2217)
View release on GitHub
v1.2.11 Maintenance

Minor fixes and improvements.

Full changelog

Changelog

  • bfd6776788292e020d8cbee9928f441781af72c0 Tweak solver's same-origin heuristic (#2208)
  • 1564c07a4aa6a714b54c196e25a5c0f55d3a8f9b build(deps): bump chainguard-dev/actions from 1.6.15 to 1.6.17 (#2215)
  • 4700edf9b270a3941512c3e116ea0377aa33fa69 build(deps): bump github.com/klauspost/compress from 1.18.5 to 1.18.6 (#2211)
  • b593d2c4d2940e227713c026acdb43e6abf93cbd build(deps): bump github/codeql-action from 4.35.2 to 4.35.3 (#2213)
  • 9157b1ab4335afea3c85e62ae5b5a3b02705e83c build(deps): bump google.golang.org/api from 0.276.0 to 0.277.0 (#2212)
  • 0e4728d2007a54b94a0eb415a92018127c69d66f build(deps): bump k8s.io/apimachinery from 0.35.4 to 0.36.0 (#2189)
  • d81a5d4a622db7c1101b991e3ae596cc5ad5944b build(deps): bump step-security/harden-runner from 2.19.0 to 2.19.1 (#2214)
  • 5644a414d21af5d077c96405f749b878699a3405 retry package fetch+expand on transient errors (#2210)
View release on GitHub
v1.2.10 Maintenance

Minor fixes and improvements.

Full changelog

Changelog

  • 0670f2240b7ef2904739fb8ad12580961cf970fd build(deps): bump go.step.sm/crypto from 0.77.2 to 0.77.9 (#2209)
  • eebbe627f86c584c3ff9df826411a2b33dca5ca6 build(deps): bump goreleaser/goreleaser-action from 7.1.0 to 7.2.1 (#2207)
View release on GitHub
v1.2.9 New feature
Notable features
  • Verify APK package data hash against .PKGINFO for completeness
Full changelog

Changelog

  • 8d34c756b1acdec0d18c82247f900a54255500f5 apk: verify package data hash against .PKGINFO for completeness (#2206)
  • 312a1507941c846eadc2ff22d1e2e1f7d82bebe7 build(deps): bump chainguard.dev/sdk from 0.1.52 to 0.1.54 (#2199)
  • 5f7949b8716d56dcd3e091e65b1c63c9d0cab776 build(deps): bump github.com/invopop/jsonschema from 0.13.0 to 0.14.0 (#2197)
  • e7c2fdf0b02a5a23398beb617f6c4682707c0de9 build(deps): bump goreleaser/goreleaser-action from 7.0.0 to 7.1.0 (#2198)
  • 0d06d1ce763f6a13ea7ba63db777aea73f10dc6a chore(zizmor): trigger zizmor on updates to dependabot config [PSEC-871] (#2186)
  • a7f10d8972fa035714387d9621745397a2f4135c ci: bump golangci-lint to v2.11 and clear new findings (#2205)
  • 8ccb1ed4bb1f847d71dc4accb1f85c18550f405f testdata: refresh apko-discover lock for rotated chainguard key (#2203)
View release on GitHub
v1.2.8 Maintenance

Minor fixes and improvements.

Full changelog

Changelog

  • beb28670f43ae44cf8a73fa1346acc2e536d789e release: fetch full history for goreleaser changelog (#2192)
View release on GitHub
v1.2.7 New feature
Notable features
  • APK package control hash verification against signed APKINDEX
Full changelog

Changelog

  • a118c3d604107532b5525bd4bee2fb369a6228aa apk: verify package control hash against signed APKINDEX (#2191)
View release on GitHub
v1.2.6 Bug fix

Stripped special mode bits in file open and write operations.

Full changelog

Changelog

  • 09b82d635baa11223ba5b28b421069cadcddb5d9 fs: strip special mode bits in OpenFile/WriteFile (#2188)
View release on GitHub
v1.2.5 Bug fix

Scoped all DirFS operations through os.Root for improved filesystem handling.

Full changelog

Changelog

  • f5a96e1299ac81c7ea9441705ec467688086f442 fs: Scope all DirFS operations through os.Root (#2187)
View release on GitHub
v1.2.4 Maintenance

Minor fixes and improvements.

Full changelog

Changelog

  • 4556aed64043278fb8fa429e620fdbbe2a9e3254 build(deps): bump k8s.io/apimachinery from 0.35.3 to 0.35.4 (#2180)
View release on GitHub
v1.1.14 New feature
Notable features
  • Support for custom certificate packages
Full changelog

Changelog

  • 238cd7b8aec624af67bcd08492c7bb4412dc119d Add support for custom certificate packages (#2105)
View release on GitHub
v1.1.1 Security relevant patches GO-2026-4410

## Changelog * 3286a0b290e05ddd57b864f0465bb93aa6ea2484 Format README (#2044)

View release on GitHub
v1.1.0 Maintenance patches GHSA-5g94-c2wx-8pxw patches GHSA-6p9p-q6wh-9j89 patches GO-2026-4405 +1 more

Minor fixes and improvements.

View release on GitHub
v1.0.2 Maintenance

Minor fixes and improvements.

Full changelog

Changelog

  • 89f7c136729d533c74518b174099a1131d5092a9 Refactor and export range retry transport (#2012)
View release on GitHub

Beta — feedback welcome: [email protected]