diff --git a/.github/workflows/nightly-build.yml b/.github/workflows/nightly-build.yml
index cb437af1..9518037d 100644
--- a/.github/workflows/nightly-build.yml
+++ b/.github/workflows/nightly-build.yml
@@ -1,8 +1,5 @@
 name: Nightly Build & Package
 on:
-  push:
-    branches:
-      - nightly
   schedule:
     # Daily at 09:00 UTC (4am EST / 5am EDT)
     - cron: '0 9 * * *'
@@ -22,7 +19,50 @@ env:
   IMAGE_NAME: ${{ github.repository }}
 
 jobs:
+  sync-development-to-nightly:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+    outputs:
+      has_changes: ${{ steps.sync.outputs.has_changes }}
+
+    steps:
+      - name: Checkout nightly branch
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8  # v6.0.1
+        with:
+          ref: nightly
+          fetch-depth: 0
+          token: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Configure Git
+        run: |
+          git config user.name "github-actions[bot]"
+          git config user.email "github-actions[bot]@users.noreply.github.com"
+
+      - name: Sync development to nightly
+        id: sync
+        run: |
+          # Fetch development branch
+          git fetch origin development
+
+          # Check if there are differences
+          if git diff --quiet nightly origin/development; then
+            echo "No changes to sync from development to nightly"
+            echo "has_changes=false" >> $GITHUB_OUTPUT
+          else
+            echo "Syncing changes from development to nightly"
+            # Fast-forward merge development into nightly
+            git merge origin/development --ff-only -m "chore: sync from development branch [skip ci]" || {
+              # If fast-forward fails, force reset to development
+              echo "Fast-forward not possible, resetting nightly to development"
+              git reset --hard origin/development
+            }
+            git push origin nightly
+            echo "has_changes=true" >> $GITHUB_OUTPUT
+          fi
+
   build-and-push-nightly:
+    needs: sync-development-to-nightly
     runs-on: ubuntu-latest
     permissions:
       contents: read
@@ -34,11 +74,15 @@ jobs:
       digest: ${{ steps.build.outputs.digest }}
 
     steps:
-      - name: Checkout code
+      - name: Checkout nightly branch
         uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8  # v6.0.1
         with:
+          ref: nightly
           fetch-depth: 0
 
+      - name: Set lowercase image name
+        run: echo "IMAGE_NAME_LC=${IMAGE_NAME,,}" >> $GITHUB_ENV
+
       - name: Set up QEMU
         uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130  # v3.7.0
 
@@ -84,7 +128,7 @@ jobs:
       - name: Generate SBOM
         uses: anchore/sbom-action@0b82b0b1a22399a1c542d4d656f70cd903571b5c  # v0.21.1
         with:
-          image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:nightly
+          image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME_LC }}:nightly
           format: cyclonedx-json
           output-file: sbom-nightly.json
 
@@ -103,8 +147,13 @@ jobs:
       packages: read
 
     steps:
-      - name: Checkout code
+      - name: Checkout nightly branch
         uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8  # v6.0.1
+        with:
+          ref: nightly
+
+      - name: Set lowercase image name
+        run: echo "IMAGE_NAME_LC=${IMAGE_NAME,,}" >> $GITHUB_ENV
 
       - name: Log in to GitHub Container Registry
         uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef  # v3.6.0
@@ -114,13 +163,13 @@ jobs:
           password: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Pull nightly image
-        run: docker pull ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:nightly
+        run: docker pull ${{ env.REGISTRY }}/${{ env.IMAGE_NAME_LC }}:nightly
 
       - name: Run container smoke test
         run: |
           docker run --name charon-nightly -d \
             -p 8080:8080 \
-            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:nightly
+            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME_LC }}:nightly
 
           # Wait for container to start
           sleep 10
@@ -142,15 +191,16 @@ jobs:
       contents: read
 
     steps:
-      - name: Checkout code
+      - name: Checkout nightly branch
         uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8  # v6.0.1
         with:
+          ref: nightly
           fetch-depth: 0
 
       - name: Set up Go
         uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5  # v6.2.0
         with:
-          go-version: '1.25.5'
+          go-version: '1.25.6'
 
       - name: Set up Node.js
         uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238  # v6.2.0
@@ -193,8 +243,13 @@ jobs:
       security-events: write
 
     steps:
-      - name: Checkout code
+      - name: Checkout nightly branch
         uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8  # v6.0.1
+        with:
+          ref: nightly
+
+      - name: Set lowercase image name
+        run: echo "IMAGE_NAME_LC=${IMAGE_NAME,,}" >> $GITHUB_ENV
 
       - name: Download SBOM
         uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131  # v7.0.0
@@ -211,7 +266,7 @@ jobs:
       - name: Scan with Trivy
         uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8  # 0.33.1
         with:
-          image-ref: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:nightly
+          image-ref: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME_LC }}:nightly
           format: 'sarif'
           output: 'trivy-nightly.sarif'