diff --git a/bitnami/nessie/CHANGELOG.md b/bitnami/nessie/CHANGELOG.md
index f9f015692e..6ee24c616a 100644
--- a/bitnami/nessie/CHANGELOG.md
+++ b/bitnami/nessie/CHANGELOG.md
@@ -1,8 +1,12 @@
# Changelog
-## 1.0.7 (2024-12-09)
+## 1.1.0 (2024-12-10)
-* [bitnami/nessie] Release 1.0.7 ([#30845](https://github.com/bitnami/charts/pull/30845))
+* [bitnami/nessie] Detect non-standard images ([#30931](https://github.com/bitnami/charts/pull/30931))
+
+## 1.0.7 (2024-12-09)
+
+* [bitnami/nessie] Release 1.0.7 (#30845) ([7df0c76](https://github.com/bitnami/charts/commit/7df0c769083e44d8847a9be82ad9731922fafbd4)), closes [#30845](https://github.com/bitnami/charts/issues/30845)
## 1.0.6 (2024-12-06)
diff --git a/bitnami/nessie/Chart.lock b/bitnami/nessie/Chart.lock
index 5c68c8b4b9..423db293e2 100644
--- a/bitnami/nessie/Chart.lock
+++ b/bitnami/nessie/Chart.lock
@@ -4,6 +4,6 @@ dependencies:
version: 16.2.5
- name: common
repository: oci://registry-1.docker.io/bitnamicharts
- version: 2.27.2
-digest: sha256:827eacdba5429c70ceb607851e848c3b458c21a776b303360d4995088362dfa8
-generated: "2024-12-06T10:51:17.486217053Z"
+ version: 2.28.0
+digest: sha256:9c2ce8b298e807bc8141682773027cc3b0c62feec6933d315f9f181a4dabe862
+generated: "2024-12-10T17:19:16.139787+01:00"
diff --git a/bitnami/nessie/Chart.yaml b/bitnami/nessie/Chart.yaml
index 6b90648356..a3c42e0f6e 100644
--- a/bitnami/nessie/Chart.yaml
+++ b/bitnami/nessie/Chart.yaml
@@ -38,4 +38,4 @@ sources:
- https://github.com/bitnami/charts/tree/main/bitnami/nessie
- https://github.com/bitnami/containers/tree/main/bitnami/nessie
- https://github.com/nessie/nessie
-version: 1.0.7
+version: 1.1.0
diff --git a/bitnami/nessie/README.md b/bitnami/nessie/README.md
index 5e1e76da75..f29186b8b8 100644
--- a/bitnami/nessie/README.md
+++ b/bitnami/nessie/README.md
@@ -318,13 +318,14 @@ wrj2wDbCDCFmfqnSJ+dKI3vFLlEz44sAV8jX/kd4Y6ZTQhlLbYc=
### Global parameters
-| Name | Description | Value |
-| ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------ |
-| `global.imageRegistry` | Global Docker image registry | `""` |
-| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` |
-| `global.defaultStorageClass` | Global default StorageClass for Persistent Volume(s) | `""` |
-| `global.storageClass` | DEPRECATED: use global.defaultStorageClass instead | `""` |
-| `global.compatibility.openshift.adaptSecurityContext` | Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation) | `auto` |
+| Name | Description | Value |
+| ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- |
+| `global.imageRegistry` | Global Docker image registry | `""` |
+| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` |
+| `global.defaultStorageClass` | Global default StorageClass for Persistent Volume(s) | `""` |
+| `global.storageClass` | DEPRECATED: use global.defaultStorageClass instead | `""` |
+| `global.security.allowInsecureImages` | Allows skipping image verification | `false` |
+| `global.compatibility.openshift.adaptSecurityContext` | Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation) | `auto` |
### Common parameters
@@ -620,6 +621,10 @@ Find more information about how to deal with common errors related to Bitnami's
## Upgrading
+### To 1.1.0
+
+This version introduces image verification for security purposes. To disable it, set `global.security.allowInsecureImages` to `true`. More details at [GitHub issue](https://github.com/bitnami/charts/issues/30850).
+
### To 1.0.0
This major updates the PostgreSQL subchart to its newest major, 16.0.0, which uses PostgreSQL 17.x. Follow the [official instructions](https://www.postgresql.org/docs/17/upgrading.html) to upgrade to 17.x.
diff --git a/bitnami/nessie/templates/NOTES.txt b/bitnami/nessie/templates/NOTES.txt
index 9f955253ea..cdc70aa8c2 100644
--- a/bitnami/nessie/templates/NOTES.txt
+++ b/bitnami/nessie/templates/NOTES.txt
@@ -55,4 +55,5 @@ To access nessie from outside the cluster follow the steps below:
{{- include "common.warnings.rollingTag" .Values.waitContainer.image }}
{{- include "nessie.validateValues" . }}
{{- include "common.warnings.resources" (dict "sections" (list "" "volumePermissions" "waitContainer") "context" $) }}
-{{- include "common.warnings.modifiedImages" (dict "images" (list .Values.image .Values.volumePermissions.image .Values.waitContainer.image) "context" $) }}
\ No newline at end of file
+{{- include "common.warnings.modifiedImages" (dict "images" (list .Values.image .Values.volumePermissions.image .Values.waitContainer.image) "context" $) }}
+{{- include "common.errors.insecureImages" (dict "images" (list .Values.image .Values.volumePermissions.image .Values.waitContainer.image) "context" $) }}
diff --git a/bitnami/nessie/values.yaml b/bitnami/nessie/values.yaml
index e842f835ff..104fcf395b 100644
--- a/bitnami/nessie/values.yaml
+++ b/bitnami/nessie/values.yaml
@@ -21,6 +21,11 @@ global:
imagePullSecrets: []
defaultStorageClass: ""
storageClass: ""
+ ## Security parameters
+ ##
+ security:
+ ## @param global.security.allowInsecureImages Allows skipping image verification
+ allowInsecureImages: false
## Compatibility adaptations for Kubernetes platforms
##
compatibility: