2026.02.1

What's Changed

• Use official hadolint/hadolint-action instead of fork (#271) @sairon
• SHA-pin all pinnable actions, use builder 2026.02.0 (#270) @sairon

2026.02.0

What's Changed

• Tag published builder images with commit SHA (#269) @sairon
• Revert "Disable ASLR to work around QEMU aarch64 issues (#229)" (#267) @sairon
• Bump docker/login-action from 3.6.0 to 3.7.0 (#268) @dependabot[bot]
• Bump home-assistant/builder from 2025.09.0 to 2025.11.0 (#266) @dependabot[bot]

2025.11.0

💥 Breaking Changes

This release removes support for the armv7, i386, and armhf architectures which were previously announced as deprecated in the Home Assistant architecture decisions (https://github.com/home-assistant/architecture/discussions/1230, https://github.com/home-assistant/architecture/discussions/1200, https://github.com/home-assistant/architecture/discussions/1199).

The --all flag has has been removed since it could silently fail for add-on developers who relied on it in builds for the deprecated architectures using the latest version of the builder action. If your build process uses --all, update it to specify architectures explicitly (e.g., --amd64 --aarch64) or use a matrix strategy for the build job (see addons-example for a concrete example of an add-on build workflow).

If you need to build images for the deprecated architectures, you can specify an older builder action, e.g. home-assistant/builder@2025.09.0 which still supports build of these architectures, including the --all flag.

What's Changed

• Drop support for --all in favor of explicit architecture arguments (#265) @sairon
• Don't refer to @master action in the readme examples (#264) @sairon
• actions/publish: use dotslash self-reference (#258) @eshattow
• Remove deprecated archs (#263) @edenhaus
• Bump actions/checkout from 5 to 6 (#262) @dependabot[bot]
• Bump sigstore/cosign-installer from 3.10.0 to 4.0.0 (#254) @dependabot[bot]
• Bump docker/login-action from 3.5.0 to 3.6.0 (#253) @dependabot[bot]
• Bump home-assistant/builder from 2025.03.0 to 2025.09.0 (#252) @dependabot[bot]

2025.09.0

What's Changed

• Add --no-cosign-verify flag to disable Cosign signature verification (#251) @sairon
• Update to cosign v2.5.3 (#250) @agners
• Bump sigstore/cosign-installer from 3.9.2 to 3.10.0 (#249) @dependabot[bot]
• Update to Alpine Linux 3.22 (#248) @eshattow
• Bump actions/checkout from 4 to 5 (#247) @dependabot[bot]
• Bump docker/login-action from 3.4.0 to 3.5.0 (#246) @dependabot[bot]
• Bump sigstore/cosign-installer from 3.9.1 to 3.9.2 (#244) @dependabot[bot]
• Bump sigstore/cosign-installer from 3.9.0 to 3.9.1 (#243) @dependabot[bot]
• Bump sigstore/cosign-installer from 3.8.2 to 3.9.0 (#242) @dependabot[bot]
• Bump sigstore/cosign-installer from 3.8.1 to 3.8.2 (#241) @dependabot[bot]
• Bump home-assistant/builder from 2025.02.0 to 2025.03.0 (#240) @dependabot[bot]

2025.03.0

What's Changed

• Migrate to tonistiigi/binfmt (#239) @frenck
• Bump docker/login-action from 3.3.0 to 3.4.0 (#238) @dependabot[bot]
• Bump home-assistant/builder from 2024.08.2 to 2025.02.0 (#235) @dependabot[bot]

2025.02.0

What's Changed

• Use ghcr.io as default registry for base image/instructions (#233) @agners
• Update to cosign v2.4.3 (#232) @agners
• Make builder image arch selectible (#231) @mib1185
• Disable ASLR to work around QEMU aarch64 issues (#229) @agners
• Bump sigstore/cosign-installer from 3.8.0 to 3.8.1 (#230) @dependabot[bot]
• Bump sigstore/cosign-installer from 3.7.0 to 3.8.0 (#228) @dependabot[bot]
• Bump olegtarasov/get-tag from 2.1.3 to 2.1.4 (#227) @dependabot[bot]
• Bump sigstore/cosign-installer from 3.6.0 to 3.7.0 (#224) @dependabot[bot]
• Bump home-assistant/builder from 2024.08.1 to 2024.08.2 (#221) @dependabot[bot]

2024.08.2

What's Changed

• Update to cosign v2.4.0 (#220) @agners
• bug fix issue 209 default Alpine version 3.13->3.20 (#210) @skyshino
• Bump home-assistant/builder from 2024.03.5 to 2024.08.1 (#219) @dependabot

2024.08.1

What's Changed

• Make sure builder image is pulled by default (#218) @agners

2024.08.0

What's Changed

• Use manifest digest for signing (#217) @agners
• Trust git repositories in builder (#216) @agners
• Bump to Alpine 3.20 (#215) @agners
• Use released versions of the builder (#214) @agners
• Bump sigstore/cosign-installer from 3.5.0 to 3.6.0 (#211) @dependabot
• Bump docker/login-action from 3.2.0 to 3.3.0 (#208) @dependabot
• Inform if build information are not available (#143) @agners
• Bump docker/login-action from 3.1.0 to 3.2.0 (#205) @dependabot
• Apply labels from add-on build.(yaml|json) when building add-on (#203) @lildude
• Bump sigstore/cosign-installer from 3.4.0 to 3.5.0 (#204) @dependabot
• Update get-tag GitHub Action to v2.1.3 (#202) @agners

2024.03.5

What's Changed

• Reenable cosign verification (#201) @agners