2026.3
| Version |  Release Date |
|---|---|
| 2026.3.0 | March 16, 2026 |
| 2026.3.1 | March 23, 2026 |
| 2026.3.2 | March 26, 2026 |
| 2026.3.3 | April 2, 2026 |
System Requirements Update
Ensure your infrastructure meets the latest requirements for optimal performance and security:
| Component | Minimum Version | Recommended Version |
|---|---|---|
| KOTS | 1.117.3 | Latest |
| Kubernetes | 1.30 | 1.35 |
| PostgreSQL | 15 | 17 |
| Redis | 6 | 7 |
| ggscout | 0.19.0 | Latest |
Helm & Upgrade Considerations
To ensure compatibility, please review Helm values updates from the previous version. Air gap deployment? Find all the images and tag names in the air gap install page.
Using Argo CD? A pre-created encryption secret is required before deploying — see the Argo CD installation guide.
Upgrading to 2026.3
Embedded cluster installations running 2026.2.0: You must manually delete the replicated PodDisruptionBudget before upgrading. Older versions are not affected. See Upgrade KOTS > Upgrading to 2026.3.
Feature highlights
- JFrog Artifactory Package Registries — scan Maven, npm, PyPI, NuGet, Go, and 7 more package ecosystems for secrets hiding in your software supply chain, with historical and incremental scanning support. Currently in beta. Learn more.
- Red Hat Quay Integration — detect secrets in container images across quay.io and self-hosted Quay deployments, with full image layer analysis and OAuth2 authentication. Currently in beta. Learn more.
- Okta Integration Network — GitGuardian is now an Okta-verified app with one-click SAML SSO, SCIM provisioning, and Group Push for streamlined identity management. Learn more.
Secrets Detection Engine
- v2.157 — 26 new detectors (WooCommerce, Iyzico, Mercado Pago, Bitbucket HTTP Access Token, PostgreSQL, MariaDB, Azure Event Hub, Azure Container Registry, Coralogix, Azure Web PubSub, Azure Batch, Azure APIM Gateway, Azure IoT Provisioning, Azure AI Search, GitLab CI/CD Job Token, PostHog, and more), 13 improved, 4 analyzer upgrades, 4 new revokers (SendGrid, Slack User Token, Slackbot, Heroku), scanning throughput nearly doubled.
- v2.158 — 4 new detectors (MiniMax, Retell, Azure Storage Account Key, Curl Username Password), 2 improved (Azure Container Registry, MongoDB), scanning speed improved by 12%.
Enhancements
- Improved scanning for SharePoint Online and OneDrive integrations. Self-hosted customers using these integrations should ensure all required pods are active and properly scaled. See the scaling documentation and non-VCS sources configuration for details.
- Audit logs now display scope information for PAT and SAT creation events. Learn more.
- Workspace managers can restrict Personal Access Token scopes for members. Learn more.
- Customizable session duration for dashboard sessions. Learn more.
- Slack and Webhook alerts now include feedback content (remarks) for incidents. Learn more.
- Enhanced Slack incident notification messages with improved formatting and additional context. Learn more.
- Jira templates now support filename and line number fields. Learn more.
- "System" theme mode option that follows OS light/dark preference. Learn more.
- Public API endpoint for retrieving GitGuardian egress IP addresses. Learn more.
- Custom perimeter support for Microsoft Teams, Confluence Cloud, Confluence Data Center, Jira Cloud, and Jira Data Center. Learn more.
- Self-Hosted:
- Allow to have fixed tags for the Custom CA image, to support environments enforcing fixed tags
- Added ALB ingress support for autoscaling and improved templating of custom autoscaling metrics in Helm charts.
- Added missing queues to KEDA ScaledObjects configuration for improved autoscaling coverage.
Fixes
- Jira Cloud installations unexpectedly soft-deleted. Learn more.
- API schema validation error for response path 'id'. Learn more.
- Timeout issues when bulk-updating incident custom tags. Learn more.
- Authorization issue allowing Team Leaders to delete "All Incidents" team notification settings. Learn more.
- Self-Hosted:
- Fixed Redis password handling issue when using existing secrets in ArgoCD environments.
Hotfixes
2026.3.1
Release Date: March 24, 2026
Fixes
- GitHub Enterprise integration: Fixed issue where repositories appeared as "Unmonitored" after upgrading to 2026.3 despite being correctly selected in Integration settings.
- JFrog Package Registries: Fixed payload mismatch error during JFrog Artifactory package registry scans.
- API documentation link: Fixed incorrect API documentation link in the self-hosted help menu.
- Audit logs: Fixed actor filter in audit logs where selected users were lost after using and clearing the search field.
2026.3.2
Release Date: March 26, 2026
Fixes
- Database migration on upgrade: Fixed a pre-deploy migration failure blocking upgrades to 2026.3 on instances originally installed before version 2025.7.
2026.3.3
Release Date: April 2, 2026
Fixes
- In-app analytics optimization: Fixed excessive data footprint from inAppAnalytics, reducing storage and memory usage.
