For AI agents: a markdown representation of this page is available at https://container-registry.com/docs/2.15/release-notes/release-notes-v2.15.3/index.md. The site index is at https://container-registry.com/llms.txt.

Release notes v2.15.3

Released 2026-06-23. Compare with v2.15.2.

Bug Fixes

  • core: Reduce auth-failure log noise and skip basic auth for non-admin in OIDC/LDAP/UAA (#314)
  • Invalid UTF-8 Input Should not Cause HTTP 500 Errors (#344)
  • ldap: Use custom orm.ReadOrCreate to prevent LDAP login failure (#341)
  • Return 404 For Missing Repository Artifacts (#342)

Performance Improvements

  • core: Avoid eager structured-logger build on demoted auth-failure logs (#319)

Commercial Features

This release includes the following commercial enhancements:

  • Branding customization
  • Hybrid multi-auth
  • SFTP storage adapter
  • Workload Identity Federation
  • PGX DB monitoring with OTel metrics
  • AWS RDS IAM authn

Container Images

Multi-arch images (linux/amd64, linux/arm64) signed with cosign.

ImageReference
harbor-core8gears.container-registry.com/8gcr/harbor-core:v2.15.3
harbor-jobservice8gears.container-registry.com/8gcr/harbor-jobservice:v2.15.3
harbor-registryctl8gears.container-registry.com/8gcr/harbor-registryctl:v2.15.3
harbor-exporter8gears.container-registry.com/8gcr/harbor-exporter:v2.15.3
harbor-portal8gears.container-registry.com/8gcr/harbor-portal:v2.15.3
harbor-registry8gears.container-registry.com/8gcr/harbor-registry:v2.15.3
trivy-adapter8gears.container-registry.com/8gcr/trivy-adapter:v2.15.3

Verify an image signature:

cosign verify \
  --certificate-identity "https://github.com/container-registry/harbor-next/.github/workflows/release-please.yml@refs/heads/release-2.15" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  8gears.container-registry.com/8gcr/harbor-core:v2.15.3