Skip to main content

2 posts tagged with "platform"

View All Tags

2026.3

Versioncalendar icon Release Date
2026.3.0March 16, 2026
2026.3.1March 23, 2026

System Requirements Update

Ensure your infrastructure meets the latest requirements for optimal performance and security:

ComponentMinimum VersionRecommended Version
KOTS1.117.3Latest
Kubernetes1.301.35
PostgreSQL1517
Redis67
ggscout0.19.0Latest

Helm & Upgrade Considerations

To ensure compatibility, please review Helm values updates from the previous version. Air gap deployment? Find all the images and tag names in the air gap install page.

Using Argo CD? A pre-created encryption secret is required before deploying — see the Argo CD installation guide.

Upgrading to 2026.3

Embedded cluster installations running 2026.2.0: You must manually delete the replicated PodDisruptionBudget before upgrading. Older versions are not affected. See Upgrade KOTS > Upgrading to 2026.3.

Feature highlights

  • JFrog Artifactory Package Registries — scan Maven, npm, PyPI, NuGet, Go, and 7 more package ecosystems for secrets hiding in your software supply chain, with historical and incremental scanning support. Currently in beta. Learn more.
  • Red Hat Quay Integration — detect secrets in container images across quay.io and self-hosted Quay deployments, with full image layer analysis and OAuth2 authentication. Currently in beta. Learn more.
  • Okta Integration Network — GitGuardian is now an Okta-verified app with one-click SAML SSO, SCIM provisioning, and Group Push for streamlined identity management. Learn more.

Secrets Detection Engine

  • v2.157 — 26 new detectors (WooCommerce, Iyzico, Mercado Pago, Bitbucket HTTP Access Token, PostgreSQL, MariaDB, Azure Event Hub, Azure Container Registry, Coralogix, Azure Web PubSub, Azure Batch, Azure APIM Gateway, Azure IoT Provisioning, Azure AI Search, GitLab CI/CD Job Token, PostHog, and more), 13 improved, 4 analyzer upgrades, 4 new revokers (SendGrid, Slack User Token, Slackbot, Heroku), scanning throughput nearly doubled.
  • v2.158 — 4 new detectors (MiniMax, Retell, Azure Storage Account Key, Curl Username Password), 2 improved (Azure Container Registry, MongoDB), scanning speed improved by 12%.

Enhancements

  • Improved scanning for SharePoint Online and OneDrive integrations. Self-hosted customers using these integrations should ensure all required pods are active and properly scaled. See the scaling documentation and non-VCS sources configuration for details.
  • Audit logs now display scope information for PAT and SAT creation events. Learn more.
  • Workspace managers can restrict Personal Access Token scopes for members. Learn more.
  • Customizable session duration for dashboard sessions. Learn more.
  • Slack and Webhook alerts now include feedback content (remarks) for incidents. Learn more.
  • Enhanced Slack incident notification messages with improved formatting and additional context. Learn more.
  • Jira templates now support filename and line number fields. Learn more.
  • "System" theme mode option that follows OS light/dark preference. Learn more.
  • Public API endpoint for retrieving GitGuardian egress IP addresses. Learn more.
  • Self-Hosted:
    • Allow to have fixed tags for the Custom CA image, to support environments enforcing fixed tags
    • Added ALB ingress support for autoscaling and improved templating of custom autoscaling metrics in Helm charts.
    • Added missing queues to KEDA ScaledObjects configuration for improved autoscaling coverage.

Fixes

  • Jira Cloud installations unexpectedly soft-deleted. Learn more.
  • API schema validation error for response path 'id'. Learn more.
  • Timeout issues when bulk-updating incident custom tags. Learn more.
  • Authorization issue allowing Team Leaders to delete "All Incidents" team notification settings. Learn more.
  • Self-Hosted:
    • Fixed Redis password handling issue when using existing secrets in ArgoCD environments.

Hotfixes

2026.3.1

calendar icon   Release Date: March 24, 2026

Fixes

  • GitHub Enterprise integration: Fixed issue where repositories appeared as "Unmonitored" after upgrading to 2026.3 despite being correctly selected in Integration settings.
  • JFrog Package Registries: Fixed payload mismatch error during JFrog Artifactory package registry scans.
  • API documentation link: Fixed incorrect API documentation link in the self-hosted help menu.
  • Audit logs: Fixed actor filter in audit logs where selected users were lost after using and clearing the search field.

2026.2

Versioncalendar icon Release Date
2026.2.0February 23, 2026

System Requirements Update

Ensure your infrastructure meets the latest requirements for optimal performance and security:

ComponentMinimum VersionRecommended Version
KOTS1.117.3Latest
Kubernetes1.30 ⚠️1.35
PostgreSQL1517
Redis67
ggscout0.19.0Latest

Helm & Upgrade Considerations

To ensure compatibility, please review Helm values updates from the previous version. Air gap deployment? Find all the images and tag names in the air gap install page.

Using Argo CD? A pre-created encryption secret is now required before deploying — see the Argo CD installation guide.

Upgrading to 2026.2 Kubernetes Support

GitGuardian 2026.2 now requires Kubernetes 1.30 as the minimum supported version. However, Kubernetes 1.30 is no longer receiving active or maintenance support from the Kubernetes project (see end-of-life schedule).

We strongly recommend upgrading to Kubernetes 1.35 for optimal security and stability. See our system requirements for more details.

Feature highlights

  • Dark Mode — we've refreshed the GitGuardian interface and introduced Dark Mode so you can work comfortably in any environment, with cleaner layouts, improved contrast, and polished navigation. Head to Account → Interface → Theme to pick your preference. Learn more.

Secrets Detection Engine

  • v2.156 — 7 new detectors (Modelscope, Proxmox, ZegoCloud, Deepgram, Microsoft Power Apps Webhook, Mem0, Obsidian), 4 improved (Azure SAS URL, Okta OAuth, Azure Entra Access Token, Azure OpenAI), 1 analyzer upgrade (Azure SAS URL expiration check), 1 deprecated (Azure Logic App Sig Key).

Enhancements

  • Incidents API enhanced with external ticket information (Jira/ServiceNow), analytics period selector with flexible date range options, improved SSO certificate editing experience. Learn more.
  • ggshield correctly ignores secrets with closed related incidents. Learn more.
  • Self-Hosted:
    • Helm charts now include a strict JSON schema generated from values.yaml. Any property not defined in values.yaml will be rejected at install or upgrade time. If you encounter validation errors, you can temporarily use the --skip-schema-validation Helm flag while we address any missing properties.
    • The background_validity_check queue has moved from worker-long to worker-worker. If you have scaled your workers for validity checks, you may need to adjust your worker-worker replicas accordingly. See the application topology page for the full queue mapping.
    • New optional worker-check-runs worker to offload check_run processing from worker-worker. Disabled by default. Enable it by setting celeryWorkers.check-runs.replicas in your Helm values.
    • Remove terms and conditions acceptance requirement for self-hosted instance.
    • License grace period extended from 10 hours to 120 hours when ReplicatedSDK is unreachable.

Fixes

  • Validity checks automatic retry mechanism, CSV export JSON format. Learn more.
  • Validity checks periodic re-check for invalid secrets, analytics tooltip dates, Developer in the Loop duplicate submissions, SCIM email notification defaults. Learn more.
  • Self-Hosted: Fixed Redis password handling when using existing secrets in ArgoCD environments.

Something we didn’t cover?

See our Roadmap

Subscribe on GitHub

Submit a request

API status