This release adds 8 notable features for engineering teams evaluating rollout.
✓ No known CVEs patched in this version
Topics
+9 more
Affected surfaces
Summary
AI summaryUpdated API audit logging, secret-sync handling, LDAP mTLS, login membership check, certificate import flexibility, PKI dashboard fixes, frontend redirect removal, telemetry events, machine identity removal, relay resource auth, Salesforce OAuth rotation, and documentation enhancements.
Full changelog
What's Changed
- chore(api): increase error audit log stream alarm threshold by @Thiago-AS in https://github.com/Infisical/infisical/pull/6569
- fix(secret-sync): handle duplicate Vercel team shared vars and overlapping scopes by @victorvhs017 in https://github.com/Infisical/infisical/pull/6541
- feat(ldap): add mutual TLS (mTLS) client certificate support by @victorvhs017 in https://github.com/Infisical/infisical/pull/6540
- feat: added membership isActive check in login points by @akhilmhdh in https://github.com/Infisical/infisical/pull/6577
- chore: allow deletion of rotations without active subscription by @varonix0 in https://github.com/Infisical/infisical/pull/6576
- chore(doc): add CLI login status doc by @Thiago-AS in https://github.com/Infisical/infisical/pull/6570
- feat: allow import of a certificate without a private key or chain by @carlosmonastyrski in https://github.com/Infisical/infisical/pull/6573
- fix: project templates role editor exception by @varonix0 in https://github.com/Infisical/infisical/pull/6578
- feat: better error message for not found by @akhilmhdh in https://github.com/Infisical/infisical/pull/6568
- feat: added ssh app connection block user capability by @akhilmhdh in https://github.com/Infisical/infisical/pull/6575
- feat(app-connection): add certificate auth for Azure Key Vault by @victorvhs017 in https://github.com/Infisical/infisical/pull/6581
- fix(pki): fix dashboard filters and auto-renew display for app-level certificates by @saifsmailbox98 in https://github.com/Infisical/infisical/pull/6572
- feat(frontend): remove last-visited-project auto-redirect by @devin-ai-integration[bot] in https://github.com/Infisical/infisical/pull/6582
- improvement(vault-impoter): move limiter to request by @adilsitos in https://github.com/Infisical/infisical/pull/6579
- feat(telemetry): add comprehensive PostHog events for PKI/Certificate Manager by @devin-ai-integration[bot] in https://github.com/Infisical/infisical/pull/6526
- feat: remove machine identity creation from applications by @carlosmonastyrski in https://github.com/Infisical/infisical/pull/6583
- improvement(platfor-286): add e2e tests for saml by @PrestigePvP in https://github.com/Infisical/infisical/pull/6574
- feat(relay): add resource identity auth for relays by @saifsmailbox98 in https://github.com/Infisical/infisical/pull/6515
- improvement(secret-share): add option to now show the external page and endpoint by @adilsitos in https://github.com/Infisical/infisical/pull/6466
- feat: updated the rollback to be aligned with our environment and path. by @akhilmhdh in https://github.com/Infisical/infisical/pull/6461
- feat(secret-rotation): salesforce oauth secrets by @adilsitos in https://github.com/Infisical/infisical/pull/6326
- docs: add secretsScope to InfisicalSecret CRD default example YAML by @devin-ai-integration[bot] in https://github.com/Infisical/infisical/pull/6594
- docs: hyperlink Northflank to northflank.com on app-connections page by @devin-ai-integration[bot] in https://github.com/Infisical/infisical/pull/6597
Full Changelog: https://github.com/Infisical/infisical/compare/v0.160.4...v0.160.5
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About infisical
Infisical is the open-source platform for secrets, certificates, and privileged access management.
Related context
Related tools
Beta — feedback welcome: [email protected]