Release notes v2.15.3
Released 2026-06-23. Compare with v2.15.2.
Bug Fixes
- core: Reduce auth-failure log noise and skip basic auth for non-admin in OIDC/LDAP/UAA (#314)
- Invalid UTF-8 Input Should not Cause HTTP 500 Errors (#344)
- ldap: Use custom orm.ReadOrCreate to prevent LDAP login failure (#341)
- Return 404 For Missing Repository Artifacts (#342)
Performance Improvements
- core: Avoid eager structured-logger build on demoted auth-failure logs (#319)
Commercial Features
This release includes the following commercial enhancements:
- Branding customization
- Hybrid multi-auth
- SFTP storage adapter
- Workload Identity Federation
- PGX DB monitoring with OTel metrics
- AWS RDS IAM authn
Container Images
Multi-arch images (linux/amd64, linux/arm64) signed with cosign.
| Image | Reference |
|---|---|
harbor-core | 8gears.container-registry.com/8gcr/harbor-core:v2.15.3 |
harbor-jobservice | 8gears.container-registry.com/8gcr/harbor-jobservice:v2.15.3 |
harbor-registryctl | 8gears.container-registry.com/8gcr/harbor-registryctl:v2.15.3 |
harbor-exporter | 8gears.container-registry.com/8gcr/harbor-exporter:v2.15.3 |
harbor-portal | 8gears.container-registry.com/8gcr/harbor-portal:v2.15.3 |
harbor-registry | 8gears.container-registry.com/8gcr/harbor-registry:v2.15.3 |
trivy-adapter | 8gears.container-registry.com/8gcr/trivy-adapter:v2.15.3 |
Verify an image signature:
cosign verify \
--certificate-identity "https://github.com/container-registry/harbor-next/.github/workflows/release-please.yml@refs/heads/release-2.15" \
--certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
8gears.container-registry.com/8gcr/harbor-core:v2.15.3