Anchore Enterprise Release Notes - Version 5.27.0
Anchore Enterprise v5.27.0
Enterprise Service
Future v6 Release
Anchore Enterprise v6 will require Postgres 17 or greater and the pg_cron extension to be installed and accessible by Anchore Enterprise. Please plan your database upgrades accordingly.Requirements
- If upgrading from a v4.x release, please refer to the v4.x –> v5.x Migration Guide.
- If upgrading from a release in the range of v5.0.0 - v5.26.x
- The upgrade will result in an automatic schema change that will require database downtime. Below are the estimated downtime durations for version that require significant downtime:
- The v5.3.0 schema change may take more than an hour to complete depending on the amount of data in your reporting system.
- The v5.6.0 schema change may take 2 hours or more depending on the amount of data in your system.
- The v5.11.x schema change will take approximately 1-2 minutes to complete for every 1 million vulnerable artifacts in your reporting system.
- If your Anchore Enterprise deployment is on FIPS enabled hosts and your database is being hosted on Amazon RDS, an upgrade to Postgres 16 or greater is required. For more information please see the FIPS section in Requirements.
- The upgrade will result in an automatic schema change that will require database downtime. Below are the estimated downtime durations for version that require significant downtime:
- Minimum recommended memory for the Analyzer and Policy Engine services has been increased from 8GB to 16GB to better support the performance improvements in the new image analysis system. See the Deployment Requirements Documentation for more information.
Fixes
- Fixes an issue where downloading or generating an SBOM from an analyzed image produced an incorrect
source.name, displaying the internal analysis scratch path instead of the actual image reference. - Fixes an issue where the Artifact Location column in Runtime/Inventory reports incorrectly displayed the artifact PURL instead of the actual artifact location path.
- Fixes an issue where empty SAML attributes in an IdP assertion caused SSO login failures with a
ValueError, preventing users from authenticating. - Fixes an issue where image analysis could become stuck in a failing state with the error “Image is not in base state” when the analyzer was unable to fetch the image record from the catalog.
- Fixes an issue where image analysis failed with
analysis_failedstatus for accounts that had corrections configured withorigin,licenses, orcpesas the match field, caused by an error during SBOM content generation. - Fixes an issue where generated SBOMs for images analyzed via distributed analysis were missing
osandarchitecturedetails in the source metadata.
Deprecations
- Support for OpenStack Swift, which is an open-source object storage system, has been deprecated. Please see Object Storage for a list of supported Object Stores.
- The enterprise-gitlab-scan plugin is being deprecated in favor of using AnchoreCTL directly in your pipelines. Please see GitLab for more information on integrating Anchore Enterprise with GitLab.
- The webhook system managed in the configuration file is being deprecated in favor of the more advanced notification system which can be configured to send notifications to webhook endpoints. Please see Notifications for more information on configuring notifications.
- Images analyzed prior to Anchore Enterprise v4.0.0 will be updated to indicate that their analysis has failed, as Anchore Enterprise no longer supports the analysis artifacts produced prior to v4.0.0. Please ensure that any required images are re-analyzed after upgrading to v5.25.0.
- Images archived prior to Anchore Enterprise v4.0.0 can no longer be restored into the active dataset. Please ensure that any required archived images are restored prior to upgrading to v5.25.0.
UI Updates
Fixes
- Fixed an issue where viewing the Events & Notifications page for an account context with a large number of events could cause the UI pod to crash due to excessive memory usage.
- Fixed an unlikely issue where upon failure to retrieve Image Compliance list data, the page would continue to show as loading instead of presenting an error.
- Fixed an unlikely issue where the Image Metadata tab could crash due to an unhandled error response from a data dependency.
- Various supporting libraries have been updated in order to improve security, performance, and also to remove deprecation warnings from browser and server output logs. Redundant libraries have been removed to reduce the app startup time and overall size.
Recommended Component Versions
| Component | Supported Version | Helm Chart Version | Additional Info |
|---|---|---|---|
| Enterprise | v5.27.0 | v3.24.0 | With Syft v1.42.2 and Grype v0.109.1 |
| Enterprise UI | v5.27.0 | ||
| AnchoreCTL | v5.27.0 | Deploying AnchoreCTL | |
| Anchore ECS Inventory | v1.4.1 | v0.0.16 | https://github.com/anchore/ecs-inventory |
| Anchore Kubernetes Inventory | v1.8.2 | v0.6.3 | https://github.com/anchore/k8s-inventory |
| Kubernetes Admission Controller | v0.8.3 | v0.8.3 | https://github.com/anchore/kubernetes-admission-controller |
| Jenkins Plugin | v3.3.0 | https://plugins.jenkins.io/anchore-container-scanner | |
| Harbor Scanner Adapter | v1.5.3 | https://github.com/anchore/harbor-scanner-adapter |
Anchore Helm Chart can be found at https://github.com/anchore/anchore-charts
Syft Release Notes can be found at https://github.com/anchore/syft/releases/tag/v1.42.2
Grype Release Notes can be found at https://github.com/anchore/grype/releases/tag/v0.109.1
Last modified April 16, 2026