June 14 2026
Supply chain policy updates
Supply chain policies can now be applied universally across any Minimus image to protect your npm environment without restrictions.As part of this update, the environment variable has been updated and the typosquatting control has been changed to a simple on/off toggle. Learn moreJune 7 2026
Comply with the CIS MariaDB Benchmark
Our new MariaDB-Hardened image complies with the app-specific CIS benchmark, making it easier to deploy CIS compliant MariaDB clusters.Set up actions for Helm chart version updates
Trigger webhooks, GitHub actions, or notifications in response to Helm chart version releases. The new action trigger will help you automate deployments and stay up to date. Learn moreSmarter Go dependency scanning
Introduced better CPE matching for specific golang modules to correct for scanner false negatives. Learn moreSTIG update
Updated the Datastream XCCDF Checklist for GPOS (General Purpose Operating System) to v3r2p2 (patch 2).This includes updated Rule IDs and OVAL Definition IDs, and the addition of CCI codes (Control Correlation Identifiers). Learn moreBug Fixes
- Fixed a usability issue affecting date filters in the logs view
- Improved site performance for an even smoother user experience
May 31 2026
Manage private images as code with minicli
minicli is the new Minimus CLI for defining, building, and managing private image configurations as code, directly from your terminal or CI/CD pipeline. It ships with built-in AI agent skills, so you can use tools like Cursor or Claude Code to manage your images with natural language. Learn moreGranular control over supply chain policies
We’ve added granular policy controls to the Minimus supply chain, giving you finer-tuned guardrails over package installations. Configure individual thresholds for cooling-off periods, popularity, typosquatting risk, and suspicious version releases, and manage allow and block lists. Learn moreMay 24 2026
Enhanced gallery search
We’ve upgraded the image gallery search to support more complex and multi-term queries, giving you more precise results in fewer keystrokes.New default view for advisories
We’ve reworked the Affected Images filter within advisories to give you more granular control.By default, the page now filters by My Images (your subscribed and private images). You can clear this filter to view advisories that are still under review or not yet linked to specific Minimus images, or adjust the selection to filter by all or specific images instead. Learn moreBug Fixes
- Added backlink support for multi-license packages in the image SBOM
- Fixed the backlinks in email notifications pointing to private images.
May 10 2026
EOL managed: guard against end-of-life image pulls
We’ve added a new action to trigger when EOL images are pulled from the Minimus registry. EOL actions are designed to help your team safeguard its operations against the use of unsupported image versions. Learn moreBug Fixes
Fixed the backlinks in email notifications pointing to private images.
April 23 2026
Generate a custom migration plan with AI
We’ve added a complex prompt designed for use with local AI agents with terminal access, such as Cursor, Cline, Claude Desktop, and others. Run the prompt to generate a custom migration plan tailored to your existing Dockerfile to help swap out the existing base and runtime images with Minimus images. Learn moreApril 19 2026
Never miss an image update
We’ve added a new action that triggers with every new image digest.Trigger webhooks, GitHub Actions, and notifications following any image update, whether a vulnerability fix, package update, configuration change, and more. Every change in the image Changelog reflects a new image build with a new digest, so you can use the new action to stay on top of all image updates. Learn moreComply with the CIS Apache Cassandra Benchmark
Our new Cassandra-Hardened image complies with the app-specific CIS benchmark, making it easier to deploy CIS compliant Cassandra clusters.New Minimus Helm charts
We’ve added new Helm charts to help you deploy Minimus secure images quickly and effortlessly, with many more charts expected soon.Look for the Related Charts tab in the image card to quickly identify relevant Helm charts available from Minimus.Quick reference package licenses
View official SPDX package license documents directly from the image SBOM. We’ve added reference links to the license details to cut out extra steps.Bug Fixes
- Improved the certificate management page in Creator to address edge-cases.
- Updated the package comparison display in the Risk Reduction report.
April 12 2026
Advanced certificate management with Minimus Creator
View certificate details directly in Creator and the associated File Management space. Certificate details include the Common Name (CN), organization, type, validity period, signature algorithm, SHA-256 fingerprint and more.The certificate validity status is clearly labeled to indicate whether it is valid, expired, or not yet valid. You can also download copies of your certificates directly from file bundles.Proactively replace deprecated image versions using Minimus Actions
We’ve added new triggers to activate Minimus Actions when an image line is nearing or has reached EOL. The new EOL action triggers are part of a general effort to add support indications to Minimus, including EOL, near EOL, and LTS indications.EOL-related actions can be used to send out notifications over Slack or email or trigger GitHub Actions and webhooks.Get current vulnerability distribution information directly from Minimus Actions
Minimus Actions now include vulnerability distribution information in notifications announcing new image versions and vulnerability fixes.The change currently includes GitHub Actions and webhooks, and will soon extend to email alerts and Slack notifications as well.Bug Fixes
- Added option to View in GHSA for advisories of vulnerabilities that have not yet been listed by NVD.
- Consecutive file bundle updates now seamlessly trigger corresponding rebuilds of linked images, ensuring every change is reliably reflected in your private image.
March 29 2026
Comply with the CIS NGINX Benchmark
We’ve added a new NGINX-Hardened image to the list of Minimus Hardened Images. The new NGINX-Hardened image complies with app-specific CIS benchmarks and is also offered as a FIPS-validated option - NGINX-Hardened-FIPS image.View default ports in the image specification tab
We’ve added a list of the default listening and exposed ports in the image version specification tab. Learn moreMarch 22 2026
Plan version upgrades with Minimus support indications
Don’t let end-of-life announcements catch you by surprise. The Minimus console redesigned the display of EOL, near EOL, and LTS indications to help teams plan their deployments and maintenance. Learn moreNew FIPS 140-3 certificate for OpenSSL
The Minimus Cryptographic Module has acquired a new CMVP certificate - certificate 5177. The Minimus Cryptographic Module is a FIPS validated OpenSSL module used in many Minimus FIPS validated images. Learn moreOCI labels
We’ve updated image labels to use the standard OCI format. OCI labels hold metadata that makes images transparent, traceable, and auditable. You will see the change when you rundocker inspect.OCI labels example
Bug Fixes
- Private images previously created with internal Python packages were automatically migrated to the equivalent auto-versioning Python packages. For example, if the package
py3-babelwas previously selected, it was migrated topy3-babel-auto. Learn more - Improved the performance of the advisories page and the advisories search and filtering functions
March 15 2026
Plan for Long-Term-Support with Minimus
Know which image lines offer long-term-support (LTS) by the upstream project directly within Minimus. In addition to End of life (EOL) indications, image lines with official LTS status are now labeled in Minimus to help teams plan their deployments for long-term success and optimal maintenance. Learn moreMinimus Creator promotes auto-packages
Minimus Creator already supports auto-versioning for Ruby, Python, and PHP packages. Now the package selector display also groups together package families leading with the auto-version option to help users when creating private images. Learn moreFixed an issue where the Changelog was not displayed for Dev variants of private images.
March 8 2026
Compare package composition between Minimus images and their public counterparts
Get an immediate sense of the SBOM size and risk differences between a Minimus image and its public equivalent with a new graph in the Risk Reduction tab.Dive deeper into the comparison with a detailed breakdown of the packages used by each image and their version, license, and risk posture. As always, you can toggle the view betweenlatest and latest-dev to view the relevant report. Learn moreMarch 1 2026
Plan for the image line end-of-life with Minimus
Know when upstream support for the image line is scheduled to end directly within Minimus. End of life (EOL) indications are provided in both the image line menu and the changelog view. Hover over the line to see the exact EOL date. Learn moreUnderstand build status and errors for your private images
Deep dive into your private image build statuses directly from the Creator space. You will be able to see exactly which image lines succeeded and which failed and why. As always, share the trace ID with our support team so we can assist you as soon as possible. Learn moreComply with the CIS MongoDB Benchmark
We’ve added a new Mongo-Hardened image to the list of Minimus Hardened Images. The new Mongo-Hardened image complies with app-specific CIS benchmarks and is also offered as a FIPS-validated option - Mongo-Hardened-FIPS image.Build-time auto-versioning for Ruby packages
We’ve expanded support for auto-versioning packages to include Ruby packages. Currently, Ruby, Python, and PHP auto-versioning packages are available in Creator to auto-match the starter image version at build time. Learn moreStand-alone risk reduction reports
Benefit from a stand-alone risk reduction report even when there is no comparison image. Whether it is the static or glibc-dynamic images or something else, you will now be able to track the vulnerabilities trend over the past 30 days directly from the usual risk reduction tab.Other Enhancements
- Remove recent search results in the image gallery to keep only the ones you want.
February 22 2026
Helm chart signatures
Verify Minimus Helm charts using the Cosign signature. Simple step-by-step instructions were added in a dedicated tab in Minimus Helm charts. Learn moreEnhance your private gallery with image descriptions
Add descriptions to your private images to stay organized, capture image context, note usage details, or leave the team reminders for future reference. Descriptions can be added during image creation or updated anytime. To view a private image description, hover over the image in the gallery. Learn moreSAML role management
Managing SAML roles can get confusing when users belong to multiple groups or have individual role assignments. To help simplify the task, we’ve added helpful hints along the user configuration pages to guide admins more closely. Learn moreOfficial logo for FIPS 140-3 validated images
FIPS 140-3 validated images from Minimus get yet another boost with the adoption of the official NIST logo. The FIPS 140-3 logo is a certification mark of NIST.
February 18 2026
Build-time auto-versioning for Python and PHP packages
When creating private images with Image Creator, pairing the right package version with the starter image version can potentially get tricky.To save you the trouble, Minimus added auto-versioning Python and PHP packages to auto-match the starter image version at build time. Learn moreFebruary 15 2026
Recent searches at your fingertips
Dive back into your recent image searches at any time, even between sessions. Your last 10 searches are available from the search bar so you can freely explore the Minimus gallery without fear of losing your context.Discover when images were first added
Easily see when images were first added to the Minimus image gallery. Switch to the recently added sorting option to see the exact date when the image first became available by Minimus.February 8 2026
Actions for private images
Trigger webhooks and get alerted when a new version or vulnerability fix is out for your private images. Actions help teams deploy images smoothly and reliably.File bundle usability enhancements
Usability enhancements for file bundles improve the configuration experience. A status label “new” was added to mark bundles created inside the Creator wizard. Validations were added to protect against edge cases, check file format, and more. Bundles show which images they are used in to further simplify bundle management.February 1 2026
Sort images by popularity, recently added, or name
Sort the gallery to easily see which images were recently added or which images are most popular. As part of the change, your private images have been moved to the my images category and will no longer appear at the top of the general gallery.Added support for SAML groups for Azure and Google providers
SAML groups for role-based access control now support all identity providers, including Okta, Azure, Google and others. Learn moreEnhanced the SAML configuration form
Configuring SAML groups for Minimus is now simpler with a toggle to enable the option when relevant.New FIPS 140-3 modules
Minimus has acquired a new FIPS CMVP certificate for Java - certificate 5142. In addition, Minimus utilizes a new FIPS module for BoringCrypto - certificate 5104.Improved FIPS 140-3 testing instructions
The compliance FIPS display has been enhanced for clarity. Certificate and testing information for the OpenSSL and Java FIPS modules is shown separately for better understanding.Bug Fixes
- Improved the advisories search and filtering functions
- Enhanced file bundles’ usability
January 25 2026
Filter by Advanced images and Helm charts
Easily identify Minimus images that support Bitnami Helm charts with a quick filter. Related charts and images cross-reference each other to enhance findability.Bug Fixes
- Improved configuration overrides with file bundles
- Added support for file bundle events in activity logs