sapientpants
diff --git a/‎.changeset/refactor-ci-workflows-docker-security.md‎
Lines changed: 0 additions & 48 deletions b/‎.changeset/refactor-ci-workflows-docker-security.md‎
Lines changed: 0 additions & 48 deletions
diff --git a/‎.changeset/silver-sheep-exist.md‎
Lines changed: 0 additions & 28 deletions b/‎.changeset/silver-sheep-exist.md‎
Lines changed: 0 additions & 28 deletions
diff --git a/‎CHANGELOG.md‎
Lines changed: 43 additions & 0 deletions b/‎CHANGELOG.md‎
Lines changed: 43 additions & 0 deletions
diff --git a/‎package.json‎
Lines changed: 1 addition & 1 deletion b/‎package.json‎
Lines changed: 1 addition & 1 deletion
@@ -1,5 +1,48 @@
 # Changelog
 
+## 1.8.2
+
+### Patch Changes
+
+- [#199](https://github.com/sapientpants/deepsource-mcp-server/pull/199) [`68ec816`](https://github.com/sapientpants/deepsource-mcp-server/commit/68ec816bdf09bd29b1ade72b693de5a548a51b4d) - Refactor CI/CD workflows and improve Docker security
+
+  ### CI/CD Improvements
+  - **Unified Build Process**: Consolidated build into single job that creates reusable artifacts
+  - **Build Artifacts**: Generated once and reused throughout workflow for consistency
+  - **Build Manifest**: Added metadata tracking (SHA, timestamp, dependencies)
+  - **Tag Creation**: Tags now created before building artifacts for better traceability
+  - **Artifact Naming**: Include commit SHA for consistent naming across workflows
+
+  ### Docker Support
+  - **Multi-Platform Builds**: Added support for linux/amd64 and linux/arm64
+  - **Docker Workflow**: New reusable workflow for container image builds
+  - **Configuration**: Docker releases controlled via `ENABLE_DOCKER_RELEASE` variable
+
+  ### Security Enhancements
+  - **CodeQL Integration**: Added dedicated security scanning workflow
+  - **Consolidated Scanning**: Unified security checks in reusable workflow
+  - **Docker Security**: Container images run as non-root user (nodejs:1001)
+  - **Trivy Scanning**: Automated vulnerability detection in container images
+  - **Dependency Scanning**: Enhanced vulnerability reporting
+
+  ### Developer Experience
+  - **Issue Templates**: Added bug report and feature request templates
+  - **PR Template**: Comprehensive pull request template with checklist
+  - **Workflow Documentation**: Enhanced comments for better maintainability
+  - **Better Validation**: Improved changeset validation in PR workflow
+
+  ### Infrastructure
+  - **NPM Packaging**: Dedicated job for package preparation with attestations
+  - **SLSA Provenance**: Generate attestations for supply chain security
+  - **Improved Permissions**: Updated for container registry access
+  - **DeepSource Integration**: Maintained test coverage reporting
+
+  ### Technical Details
+  - Removed redundant `reusable-setup.yml` (merged into other workflows)
+  - Better job dependency graph for parallel execution
+  - Consistent secret passing (DEEPSOURCE_DSN)
+  - Enhanced artifact retention strategies
+
 ## 1.8.1
 
 ### Patch Changes
 
@@ -1,6 +1,6 @@
 {
   "name": "deepsource-mcp-server",
-  "version": "1.8.1",
+  "version": "1.8.2",
   "description": "Model Context Protocol server for DeepSource",
   "repository": {
     "type": "git",
Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "deepsource-mcp-server",`
`3`		`- "version": "1.8.1",`
	`3`	`+ "version": "1.8.2",`
`4`	`4`	`"description": "Model Context Protocol server for DeepSource",`
`5`	`5`	`"repository": {`
`6`	`6`	`"type": "git",`