Skip to content
ProtocolSoup

Release And Tag Policy

Release And Tag Policy

Section titled “Release And Tag Policy”

Available Tags

Section titled “Available Tags”
Tag PatternDescriptionMutability
latestCurrent default branch buildMutable
sha-*Git commit SHA for build traceabilityImmutable
vX.Y.ZSemantic version releaseImmutable
vX.YMinor version (resolves to latest patch)Mutable
vXMajor version (resolves to latest minor)Mutable
Section titled “Recommended Tags By Environment”
EnvironmentRecommended TagReason
Local developmentlatestAlways current, fast iteration
Shared testingvX.Y.ZPredictable, reproducible
StagingvX.Y.Z or sha-*Exact version control
Production-like@sha256:... or sha-*Immutable, auditable

Compatibility

Section titled “Compatibility”
  • Patch releases (vX.Y.ZvX.Y.Z+1): No runtime contract changes.
  • Minor releases (vX.YvX.Y+1): Additive, backward-compatible changes.
  • Major releases (vXvX+1): May include breaking changes with migration notes.

Supply Chain Signals

Section titled “Supply Chain Signals”

Each published image includes:

  • Multi-architecture build outputs
  • SBOM generation
  • Cosign provenance attestation
  • Trivy vulnerability scanning in CI
Section titled “Related”