Anchore Enterprise Release Notes - Version 5.15.0
Anchore Enterprise v5.15.0
Enterprise Service Updates
Requirements
- If upgrading from a v4.x release, please refer to the v4.x –> v5.x Migration Guide.
- If upgrading from a release in the range of v5.0.0 - v5.14.x
- The upgrade will result in an automatic schema change that will require database downtime. Below are the estimated downtime durations for version that require significant downtime:
- The v5.3.0 schema change may take more than an hour to complete depending on the amount of data in your reporting system.
- The v5.6.0 schema change may take 2 hours or more depending on the amount of data in your system.
- The v5.11.x schema change will take approximately 1-2 minutes to complete for every 1 million vulnerable artifacts in your reporting system.
- If your Anchore Enterprise deployment is on FIPS enabled hosts and your database is being hosted on Amazon RDS, an upgrade to Postgres 16 or greater is required. For more information please see the FIPS section in Requirements.
- The upgrade will result in an automatic schema change that will require database downtime. Below are the estimated downtime durations for version that require significant downtime:
Improvements
- API
- Improved the ImageContent Object description.
GET /v2/versionnow provides the commit SHA and the build datetime for the Enterprise Image.
- Various package updates to improve security and performance.
Fixes
- Fixes an issue determining if a policy_eval event should be issued because the policy eval result has changed. For customers who have alerts enabled, this may have resulted in multiple events being generated in error.
- Fixes an issue during analysis which causes a cache miss to occur in the image layer cache. The cache miss would result in reduced performance. Resolving this issue will result in improve analysis performance.
- Resolves an issue parsing environment variables with unexpected newline characters. This issue prevents services from starting.
Deprecations
- Support for OpenStack Swift, which is an open-source object storage system, has been deprecated. Please see Object Storage for a list of supported Object Stores.
- The enterprise-gitlab-scan plugin is being deprecated in favor of using AnchoreCTL directly in your pipelines. Please see GitLab for more information on integrating Anchore Enterprise with GitLab.
- The webhook system managed in the configuration file is being deprecated in favor of the more advanced notification system which can be configured to send notifications to webhook endpoints. Please see Notifications for more information on configuring notifications.
UI Updates
Fixes
- When a trailing slash was manually included in the URL for the Images tab, an issue was observed. This has been fixed.
- Column headers within our tables now have a dividing line between them for better visibility and to help resizing.
- When an error occurred while generating a report due to exceeding a configured limit, the message returned was generic and not helpful. Additional detail has now been added.
- When a SAML user has groups conferred by an IDP, those groups show within the Edit User modal and appear to be removable. As the group will continue to persist even after removal as the IDP asserts it, the user experience has been improved to prevent removal with an explanation as to why.
- The graphs within the Artifact Analysis view now correctly repaint on changing the theme from dark to light mode or vice versa.
- When navigating directly to a tab url as a user who does not have permission to view it, the tab tour would still get triggered. This is no longer the case.
- When the window height is made very small, the Log Out button was overlapping with the navigation tabs. This has been fixed.
- The dark/light mode preference is now preserved across browser tabs. This means that if you switch to dark mode in one browser tab, that change is immediately reflected in any other open browser tab (within the same browser).
- Various supporting libraries have been updated in order to improve security, performance, and also to remove deprecation warnings from browser and server output logs. Redundant libraries have been removed to reduce the app startup time and overall size.
Recommended Component Versions
| Component | Supported Version | Helm Chart Version | Additional Info |
|---|---|---|---|
| Enterprise | v5.15.0 | v3.5.0 | With Syft v1.19.0 and Grype v0.87.0 |
| Enterprise UI | v5.15.0 | ||
| AnchoreCTL | v5.15.0 | Deploying AnchoreCTL | |
| Anchore ECS Inventory | v1.3.3 | v0.0.10 | https://github.com/anchore/ecs-inventory |
| Anchore Kubernetes Inventory | v1.7.4 | v0.5.1 | https://github.com/anchore/k8s-inventory |
| Kubernetes Admission Controller | v0.6.3 | v0.6.4 | https://github.com/anchore/kubernetes-admission-controller |
| Jenkins Plugin | v3.3.0 | https://plugins.jenkins.io/anchore-container-scanner | |
| Harbor Scanner Adapter | v1.4.1 | https://github.com/anchore/harbor-scanner-adapter |
Anchore Helm Chart can be found at https://github.com/anchore/anchore-charts
Syft Release Notes can be found at https://github.com/anchore/syft/releases/tag/v1.19.0
Grype Release Notes can be found at https://github.com/anchore/grype/releases/tag/v0.87.0
Last modified February 27, 2025