diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 625afd6..ee66ba5 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -13,11 +13,20 @@ jobs:
     name: Build Production Images
     runs-on: ubuntu-latest
     if: startsWith(github.ref, 'refs/tags/')
+    permissions:
+      contents: read
+      packages: write
     
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
         
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKER_HUB_USERNAME }}
+          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
+          
       - name: Setup Docker Buildx
         uses: docker/setup-buildx-action@v3
         with:
@@ -25,12 +34,6 @@ jobs:
           endpoint: "wgtechlabs/unthread-bot-builder"
           install: true
           
-      - name: Login to Docker Hub
-        uses: docker/login-action@v3
-        with:
-          username: ${{ secrets.DOCKER_HUB_USERNAME }}
-          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
-          
       - name: Login to GitHub Container Registry
         uses: docker/login-action@v3
         with:
@@ -91,11 +94,12 @@ jobs:
             org.opencontainers.image.source=${{ github.server_url }}/${{ github.repository }}
             org.opencontainers.image.url=${{ github.server_url }}/${{ github.repository }}
             org.opencontainers.image.licenses=GPL-3.0
-          cache-from: type=gha
+            cache-from: type=gha
           cache-to: type=gha,mode=max
           
       - name: Run Trivy vulnerability scanner
         uses: aquasecurity/trivy-action@0.28.0
+        continue-on-error: true
         with:
           image-ref: ${{ env.REGISTRY_DOCKERHUB }}:${{ steps.version.outputs.version }}
           format: 'sarif'
@@ -103,7 +107,7 @@ jobs:
           
       - name: Upload Trivy scan results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@v3
-        if: always()
+        if: always() && hashFiles('trivy-results.sarif') != ''
         with:
           sarif_file: 'trivy-results.sarif'
           
diff --git a/package.json b/package.json
index c6d0977..de5b8c6 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "unthread-webhook-server",
-  "version": "1.0.0-beta.2",
+  "version": "1.0.0-beta.3",
   "description": "A Node.js server application that receives webhook events from Unthread.io and queues them for processing.",
   "license": "GPL-3.0",
   "private": true,