Skip to content

crossplane-contrib/crossview](https:

v3.6.0 Breaking

This release includes breaking changes for platform teams planning a safe upgrade.

Published 2mo Containers & Orchestration
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

crossplane crossplane-managed gui kubernetes troubleshooting ui

Affected surfaces

auth

Summary

AI summary

Updates 🔧 Maintenance & Housekeeping, 🐛 Bug Fixes, and 🚀 Features & Enhancements across a mixed release.

Full changelog

Changelog

v3.6.0 (March 2026)

This release brings authentication flexibility, UI enhancements, important bug fixes for resource visibility and events, Helm chart improvements, organization migration to crossplane-contrib, and better governance/documentation. The database is now optional in certain auth modes for lighter deployments.

Pre-release testing summary: Iterated through 7 release candidates (rc.1 → rc.7) with fixes applied rapidly between March 1–5, 2026.

🚀 Features & Enhancements

  • Flexible authentication modes
    Added support for header (trust an HTTP header for user identity) and none (disable auth entirely) modes, in addition to existing methods.
    Configurable via Helm values: server.auth.mode, trustedHeader, createUsers, defaultRole.
    Database is skipped when using header or none modes → enables lighter, stateless deployments.
    UI now adapts dynamically based on /api/auth/check response.
    Full documentation and local testing examples (including nginx header proxy setup) included.

  • External secrets support
    Added compatibility with external secret management; removed mandatory database dependency in non-authenticated scenarios.
    Updated example configurations to reflect these changes.

  • UI visualization improvements
    Enhanced YAML parser and syntax highlighter.
    Implemented custom floating edges for React Flow (better graph visualization of resources and relationships).

🐛 Bug Fixes

  • Fixed event fetching tabs for composite resources and managed resources (#182)
  • Resolved role selection dialog issues in user management (create & edit dialogs) (#179)
  • Corrected Helm chart icon image URL (#178)
  • Fixed "ready resources" filter not working correctly in the global search page (#176)

🔧 Maintenance & Housekeeping

  • Organization migration
    Moved repo from corpobitcrossplane-contrib (#175)

  • Documentation & governance
    Added/updates: Contributing guide, MAINTAINERS file, SECURITY.md policy, README table of contents + community links, CODE_OF_CONDUCT.md (#167 & related)

  • Other fixes & contributions
    Kubernetes client: deferred RUnlock after conditional re-lock in GetContexts (thanks @wnqueiroz)
    Reverted earlier problematic security patches (Feb 10) to stabilize the branch

  • Release engineering
    Automated version bumps to v3.6.0-rc.1 through v3.6.0-rc.7 (via GitHub Actions bot)

📦 Helm Chart & Deployment Changes

  • Updated icon image address in chart
  • Better SSO/user management configuration options
  • Adjusted templates for improved testing and deployment reliability

How to Test / Upgrade

  1. Use the latest RC tag: v3.6.0-rc.7 (or build from pre-release branch)
  2. Helm install/upgrade example:
    helm upgrade --install crossview oci://ghcr.io/crossplane-contrib/charts/crossview \
  --version 3.6.0 \
  --namespace crossview --create-namespace \
  --set server.auth.mode=header \
  --set trustedHeader=X-Auth-Request-User
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track crossplane-contrib/crossview](https:

Get notified when new releases ship.

Sign up free

About crossplane-contrib/crossview](https:

All releases →

Related context

Beta — feedback welcome: [email protected]