v1.2.0

This release focuses on streamlining our supported environments by deprecating end-of-life PHP versions, ensuring our Docker images remain secure and performant.

⚠️ Breaking Changes

• Deprecation of PHP 8.0 & 8.1: Support for PHP 8.0 and 8.1 has been officially removed. Docker images will no longer be built or published for these versions. Users still relying on 8.0 or 8.1 tags are encouraged to upgrade to PHP 8.2 or higher.

🔄 What's Changed

• CI/CD Pipeline Update: The GitHub Actions build matrix in docker-publish.yml has been updated to only build images for active PHP versions (8.2, 8.3, 8.4, and 8.5).
• Documentation Alignment: Updated GITHUB_SETUP_GUIDE.md to accurately reflect the active PHP versions and adjusted all example tags to use 8.2 as the baseline.

Full Changelog: v1.1.0...v1.2.0

v1.2.2

Revert v1.2.1

Full Changelog: v1.0.3...v1.2.2

v1.2.1

Release v1.2.1

🔒 Security Fixes

• Patched CVE-2026-23949: Explicitly upgraded the jaraco.context python dependency to version >=6.1.0 during the Docker build process. This eliminates a high-severity vulnerability flagged by Docker Scout, which was previously being pulled in by system-level dependencies.
  • Note: We also remove the vulnerable .dist-info metadata from /usr/lib/python3/dist-packages/ so that security scanners correctly identify the patched version.

📝 Updating

If your GitLab/GitHub CI/CD pipelines use the :latest tag, or tags mapped to specific PHP versions (like :8.2, :8.3, etc.), the underlying images will be updated automatically on Docker Hub and GHCR once this release is published. Pulling the latest image will secure your pipeline environments.

docker pull devanoxpvtltd/laravel:latest

👨‍💻 Under the Hood

• 4e5637d fix: upgrade jaraco.context to version 6.1.0 to patch CVE-2026-23949

Full Changelog: v1.2.0...v1.2.1

v1.1.0

This release upgrades the core frontend tooling runtime to improve performance and leverage modern JavaScript features.

✨ Features & Improvements

• Build: Upgraded the Node.js version in the Docker image to v24.x (latest). This ensures downstream Laravel applications that rely on frontend build tools (Vite, Mix, npm, etc.) and testing frameworks can utilize the latest features and performance improvements provided by the new Node runtime.

📝 Full Changelog

• build: upgrade Node.js version to 24.x in Dockerfile

v1.0.3

This release introduces built-in support for Playwright browser testing and increases the frequency of automated image builds.

✨ Features & Improvements

• Testing: Installed Playwright globally along with its required system dependencies and browsers directly into the Docker image. This resolves "Playwright is outdated" errors and ensures out-of-the-box readiness for Pest Browser Plugin and Laravel Dusk tests without needing additional OS packages.
• CI/CD Automation: Increased the GitHub Action docker-publish workflow schedule frequency from weekly to daily. This ensures Docker images are continuously rebuilt with the very latest upstream OS packages and security patches.

📝 Full Changelog

• feat: add Playwright to Dockerfile and increase docker-publish workflow frequency to daily

v1.0.2

This release includes the following improvements and documentation updates:

✨ Features & Improvements

• Build: Installed and enabled the pcov PHP extension in the Dockerfile to support faster and more efficient code coverage generation.

📚 Documentation

• Docs: Added a comprehensive GitLab CI/CD configuration example to the README.md to assist users in integrating the Docker image with their GitLab pipelines.

📝 Full Changelog

• build: install and enable pcov PHP extension in Dockerfile
• docs: add GitLab CI/CD configuration example to README

v1.0.1

This release primarily focuses on optimizing our CI/CD pipelines, significantly improving the organization of our GitHub Container Registry (GHCR), and updating our release cadence.

✨ Improvements & Fixes

🐳 GHCR Tag Cleanup

• Disabled Docker Provenance Attestations: Fixed an issue where Docker Buildx was creating and uploading separate provenance/SBOM artifacts, which cluttered the GHCR packages UI with unwanted sha256:... tags.
• Removed Cosign Image Signing: Prevented Cosign from uploading .sig artifacts that were also incorrectly displaying as tags inside the GHCR package listing. Your GHCR registry will now cleanly only show the correct PHP version tags (8.5, latest, etc.).

⚙️ Workflow Optimizations

• Release Cadence Updated to Weekly: Docker images are now configured to be automatically built and pushed weekly (every Sunday at midnight UTC) instead of daily, striking a better balance between up-to-date images and CI resource usage.
• Improved Workflow Concurrency: Added a global concurrency group to the GitHub Actions docker-publish.yml workflow. This ensures that pushing a branch, pushing a tag, or creating a release concurrently will immediately cancel any older runs, preventing race conditions and saving valuable build minutes.
• Trigger Refinements: The Docker build pipeline will now only trigger automatically on the weekly schedule or when a formal GitHub Release is published, removing noise from general push and pull_request events to the main branch.

📝 Documentation & Licensing

• Updated RELEASING.md and README.md to accurately reflect the new weekly schedule and manual release triggers.
• Updated the LICENSE file to correctly attribute copyright to Devanox Private Limited.

---

For inquiries or support, please contact info@devanox.com or open an issue on our GitHub repository.

v1.0.0

Docker Laravel v1.0.0 Release Notes

We are thrilled to announce the initial release (v1.0.0) of Docker Laravel by Devanox Private Limited!

This release provides production-ready, highly configurable Docker images tailored for PHP and Laravel applications, designed to streamline both local development and production deployments.

🎉 Key Features

🐳 Production-Ready Docker Environments

• Multi-PHP Support: Seamless support for PHP 8.3, 8.4, and 8.5. Images are automatically built and published with specific PHP version tags (e.g., :8.5, :8.4, :latest).
• Debian & Alpine Variants: Flexibility to choose between Debian-based and Alpine-based images depending on your size and security requirements.
• Pre-installed Composer: The latest version of Composer is included out-of-the-box so you can start managing dependencies immediately.

⚡ Automatic Laravel Installer

• Zero-Config Bootstrapping: Mounting an empty directory to /var/www/html automatically triggers the container to download and bootstrap a fresh Laravel installation.

🛠️ Built-in Supervisor Services

Easily toggle essential Laravel services via environment variables without needing to modify the Dockerfile:

• Queue Worker (LARAVEL_ENABLE_QUEUE_WORKER=1)
• Task Scheduler (LARAVEL_ENABLE_SCHEDULER=1)
• Laravel Horizon (LARAVEL_ENABLE_HORIZON=1)
• Laravel Pulse (LARAVEL_ENABLE_PULSE=1)
• Laravel Reverb (LARAVEL_ENABLE_REVERB=1)

🔒 HTTPS Ready

• Local SSL: Pre-generated SSL certificates included (server.crt, server.key) to test HTTPS locally right away.
• Production SSL: Simple volume mounting allows you to easily drop in your valid production certificates.

🚀 CI/CD Automation

• Automated daily "rolling release" builds via GitHub Actions to ensure OS packages, security patches, and PHP versions are constantly up-to-date.
• Images are automatically published to both Docker Hub (devanoxpvtltd/laravel) and GitHub Container Registry (GHCR).

📝 Documentation & Licensing

• Added comprehensive README.md, GITHUB_SETUP_GUIDE.md, and RELEASING.md guides to help you get started quickly.
• Licensed under the terms of the GNU General Public License v3.0.

---

For inquiries or support, please contact info@devanox.com or open an issue on our GitHub repository.