Changes and Releases

Updates on Giant Swarm workload cluster releases, apps, UI improvements and documentation changes.

• Jan 21, 2026 Security auth-bundle v0.5.0
• Jan 21, 2026 Security dex-app v2.2.0

  Added

  • Add Gateway API HTTPRoute support as an alternative to Ingress for exposing dex. HTTPRoute is disabled by default to maintain backwards compatibility.
• Jan 21, 2026 Security auth-bundle v0.4.0
• Jan 21, 2026 Observability loki-app v0.36.0

  Added

  • Add support for Gateway API resources
• Jan 21, 2026 Security starboard-exporter v1.0.2

  Fixed

  • Disable the kubescape scanner input by default.
• Jan 21, 2026 Security athena v1.15.0

  Added

  • Add Gateway API support with HTTPRoute template (.Values.route).
  • Add support for SecurityPolicy resources for authentication via Envoy Gateway.

  Changed

  • Make Ingress resource conditional with .Values.ingress.enabled (defaults to true for backwards compatibility).
• Jan 21, 2026 Security starboard-exporter v1.0.1

  Fixed

  • Downgrade k8s client libraries to v1.34 versions to fix a regression (#135895).
• Jan 21, 2026 AI Agents muster v0.0.172

  What’s Changed

  • Fix: MCPServer reconciler status sync and SSO state synchronization by @teemow in https://github.com/giantswarm/muster/pull/283

  Full Changelog: https://github.com/giantswarm/muster/compare/v0.0.171...v0.0.172

• Jan 20, 2026 Security starboard-exporter v1.0.0

  Announcements

  • starboard-exporter now supports kubescape! In addition to Trivy VulnerabilityReports, starboard-exporter now also supports reconciliation of Kubescape VulnerabilityManifests. Metrics have been updated to include a scanner label, indicating the source type of the data. Trivy and Kubescape can be used simultaneously, or individually toggled on and off. See the README for more information.
  • There is a breaking change to one of the CLI flags in this version. The --vulnerability-scans-enabled flag has been renamed to --trivy-vulnerability-scans-enabled in order to facilitate the new Kubescape scanner support. Users installing via the Helm chart are not affected.

  Added

  • Support for Kubescape vulnerability scanning via VulnerabilityManifest CR.
  • Scanner label (scanner="trivy" or scanner="kubescape") to all vulnerability metrics to distinguish between scanning sources.
  • Command-line flag --kubescape-vulnerability-scans-enabled.
  • Helm values configuration for enabling/disabling individual scanners under exporter.vulnerabilityReports.scanners.
  • Added backwards compatibility for legacy vulnerabilityReports.enabled Helm value (now enables Trivy scanner)

  Changed

  • Renamed Trivy-specific functions and constants to include “Trivy” prefix to distinguish them from Kubescape components while maintaining shared metrics.
  • Command-line flag --vulnerability-scans-enabled to --trivy-vulnerability-scans-enabled (Breaking Change).
• Jan 20, 2026 AI Agents muster v0.0.171

  What’s Changed

  • Fix: MCPServer reconciler status sync fails continuously by @teemow in https://github.com/giantswarm/muster/pull/282

  Full Changelog: https://github.com/giantswarm/muster/compare/v0.0.170...v0.0.171

• Newer entries
• Older entries