Sourced from fluxcd/flux2's releases.
v2.6.1
Highlights
Flux v2.6.1 is a patch release that comes with various fixes. Users are encouraged to upgrade for the best experience.
Fixes:
- Fix a bug introduced in image-reflector-controller v0.35.0 that was causing spurious error events for policies during image repository reconciliation.
- Fix excessive logging in image-reflector-controller after a restart when the image tags cache is empty.
Components changelog
- image-reflector-controller v0.35.1
What's Changed
- [release/v2.6.x] Update image-reflector-controller to v0.35.1 by
@fluxcdbotin fluxcd/flux2#5382- [release/v2.6.x] Add digest pinning to image automation testing by
@fluxcdbotin fluxcd/flux2#5384Full Changelog: https://github.com/fluxcd/flux2/compare/v2.6.0...v2.6.1
v2.6.0
Highlights
Flux v2.6.0 is a feature release. Users are encouraged to upgrade for the best experience.
For a compressive overview of new features and API changes included in this release, please refer to the Announcing Flux 2.6 GA blog post.
Overview of the new features:
- General availability release for the Flux OCI Artifacts APIs and
flux artifactcommands- Support for OCI digests pinning (ImagePolicy, ImageUpdateAutomation)
- Object-level workload identity authentication (OCIRepository, ImageRepository, Kustomization, Alert Provider)
- Cache registry credentials for cloud providers (OCIRepository, ImageRepository)
- Git HTTP/S Mutual TLS authentication (GitRepository, ImageUpdateAutomation)
- Support for sparse checkout (GitRepository)
- Support for GitHub App authentication (Alert Provider)
- Support for managed Identity authentication to Azure Event Hub (Alert Provider)
- Customize the ID of the Git commit status with CEL expressions (Alert Provider)
WaitForTerminationdeletion policy (Kustomization)DisableChartDigestTrackingfeature gate (HelmRelease)❤️ Big thanks to all the Flux contributors that helped us with this release!
Kubernetes compatibility
This release is compatible with the following Kubernetes versions:
| Kubernetes version | Minimum required |
... (truncated)
b73c7f7
Merge pull request #5384
from fluxcd/backport-5383-to-release/v2.6.x7aff032
Add digest pinning to image automation testing3bb3ae3
Merge pull request #5382
from fluxcd/backport-5381-to-release/v2.6.xbf1af3c
Update toolkit components4c66d37
Merge pull request #5370
from fluxcd/update-components481c3c6
Update toolkit components1d1d96b
Merge pull request #5373
from fluxcd/dependabot-up0b97277
Update dependabot config6507321
Merge pull request #5371
from fluxcd/oci-ga79fed69
Update CLI to OCIRepository v1 (GA)Sourced from tj-actions/changed-files's changelog.
Changelog
46.0.5 - (2025-04-09)
⚙️ Miscellaneous Tasks
- deps: Bump yaml from 2.7.0 to 2.7.1 (#2520) (ed68ef8) - (dependabot[bot])
- deps-dev: Bump typescript from 5.8.2 to 5.8.3 (#2516) (a7bc14b) - (dependabot[bot])
- deps-dev: Bump
@types/nodefrom 22.13.11 to 22.14.0 (#2517) (3d751f6) - (dependabot[bot])- deps-dev: Bump eslint-plugin-prettier from 5.2.3 to 5.2.6 (#2519) (e2fda4e) - (dependabot[bot])
- deps-dev: Bump ts-jest from 29.2.6 to 29.3.1 (#2518) (0bed1b1) - (dependabot[bot])
- deps: Bump github/codeql-action from 3.28.12 to 3.28.15 (#2530) (6802458) - (dependabot[bot])
- deps: Bump tj-actions/branch-names from 8.0.1 to 8.1.0 (#2521) (cf2e39e) - (dependabot[bot])
- deps: Bump tj-actions/verify-changed-files from 20.0.1 to 20.0.4 (#2523) (6abeaa5) - (dependabot[bot])
⬆️ Upgrades
- Upgraded to v46.0.4 (#2511)
Co-authored-by: github-actions[bot] (6f67ee9) - (github-actions[bot])
46.0.4 - (2025-04-03)
🐛 Bug Fixes
- Bug modified_keys and changed_key outputs not set when no changes detected (#2509) (6cb76d0) - (Tonye Jack)
📚 Documentation
⬆️ Upgrades
- Upgraded to v46.0.3 (#2506)
Co-authored-by: github-actions[bot] Co-authored-by: Tonye Jack jtonye@ymail.com (27ae6b3) - (github-actions[bot])
46.0.3 - (2025-03-23)
🔄 Update
- Updated README.md (#2501)
Co-authored-by: github-actions[bot] (41e0de5) - (github-actions[bot])
- Updated README.md (#2499)
Co-authored-by: github-actions[bot] (9457878) - (github-actions[bot])
📚 Documentation
... (truncated)
1158705
chore(deps-dev): bump eslint-plugin-jest from 28.11.0 to 28.12.0 (#2575)48aea2e
chore(deps-dev): bump @types/node from 22.15.24 to
22.15.26 (#2576)050a3d3
Updated README.md (#2574)f000a9b
docs: add Jellyfrog as a contributor for code, and doc (#2573)7a9a6d2
chore(deps-dev): bump @types/node from 22.15.21 to
22.15.24 (#2572)abda8aa
chore: update build job to fail when there are uncommited changes (#2571)c6634ca
chore(deps): bump github/codeql-action from 3.28.17 to 3.28.18 (#2564)860b02d
chore(deps): bump @octokit/rest from 21.1.1 to 22.0.0 (#2568)Sourced from ossf/scorecard-action's releases.
v2.4.2
What's Changed
This update bumps the Scorecard version to the v5.2.1 release. For a complete list of changes, please refer to the Scorecard v5.2.0 and v5.2.1 release notes.
Full Changelog: https://github.com/ossf/scorecard-action/compare/v2.4.1...v2.4.2
05b42c6
:seedling: bump docker to ghcr v2.4.2 (#1548)b225da6
Bump github.com/ossf/scorecard/v5 from v5.2.0 to v5.2.1 (#1550)9399f6f
:seedling: Bump the docker-images group across 1 directory with 2
updates (#1...e1daa8c
:seedling: Bump the github-actions group across 1 directory with 5
updates (#...9fe6511
:seedling: Bump golang.org/x/net from 0.39.0 to 0.40.0 (#1542)25b9cd9
:seedling: Bump github.com/ossf/scorecard/v5 from v5.1.1 to v5.2.0 (#1547)18cc9b8
:seedling: Bump golang.org/x/net from 0.38.0 to 0.39.0 (#1536)db78142
:seedling: Bump the github-actions group with 2 updates (#1538)de386ed
:seedling: Bump golang from 1.24.1 to 1.24.2 in the docker-images group
(#1534)5b7cedb
:seedling: Bump github.com/sigstore/cosign/v2 from 2.4.3 to 2.5.0 (#1537)