# Changelog v0.3.73 - 2026-05-27

### Fixed
- Docker workflow no longer fails due to Trivy vulnerability scanner finding CRITICAL/HIGH CVEs. The scanner now runs as a non-blocking step (`continue-on-error: true`) so the image push succeeds regardless of scan results. Security findings are still uploaded to the GitHub Security tab for visibility.

### Changed
- README Docker section now includes a note explaining that GHCR requires authentication even for public images, with instructions to login via `docker login ghcr.io` using a GitHub token or PAT with `read:packages` scope.
