This release adds 6 notable features for engineering teams evaluating rollout.
✓ No known CVEs patched in this version
Topics
+9 more
ReleasePort's take
Light signalv0.160.4 adds Milvus dynamic secrets and wildcard DNS PKI support, fixes JSON secrets import and Vault integration, and introduces permission audit for machine identities. Routine release with no breaking changes or critical issues.
Why it matters: Restores JSON secrets import and Vault namespace access. Adds Milvus provider and permission audit feature. Post-quantum cryptography algorithms now enterprise-only. Treat as routine upgrade unless relying on moved features.
Summary
AI summaryUpdates telemetry, pki, and fix across a mixed release.
Changes in this release
| Type | Severity | Summary | CVE |
|---|---|---|---|
| Feature | Medium |
Adds Organization Created PostHog telemetry event. Adds Organization Created PostHog telemetry event. Source: llm_adapter@2026-05-21 Confidence: high |
— |
| Feature | Medium |
Adds RBAC PostHog events for roles and memberships. Adds RBAC PostHog events for roles and memberships. Source: llm_adapter@2026-05-21 Confidence: high |
— |
| Feature | Medium |
Adds permission audit feature for project machine identities. Adds permission audit feature for project machine identities. Source: llm_adapter@2026-05-21 Confidence: high |
— |
| Feature | Medium |
Allows applications on active projects. Allows applications on active projects. Source: llm_adapter@2026-05-21 Confidence: high |
— |
| Feature | Medium |
Adds Milvus as a dynamic secret provider. Adds Milvus as a dynamic secret provider. Source: llm_adapter@2026-05-21 Confidence: high |
— |
| Feature | Medium |
Moves post-quantum cryptography algorithms to enterprise. Moves post-quantum cryptography algorithms to enterprise. Source: llm_adapter@2026-05-21 Confidence: high |
— |
| Feature | Medium |
Adds wildcard DNS identifier support in ACME PKI. Adds wildcard DNS identifier support in ACME PKI. Source: llm_adapter@2026-05-21 Confidence: high |
— |
| Feature | Medium |
Allows disabling default CRL distribution point URL. Allows disabling default CRL distribution point URL. Source: llm_adapter@2026-05-21 Confidence: high |
— |
| Feature | Medium |
Enriches TelemetryInstanceStats with deployment depth metrics. Enriches TelemetryInstanceStats with deployment depth metrics. Source: granite4.1:30b@2026-05-21-audit Confidence: high |
— |
| Feature | Medium |
Adds deployment depth metrics to telemetry instance stats. Adds deployment depth metrics to telemetry instance stats. Source: llm_adapter@2026-05-21 Confidence: low |
— |
| Bugfix | Medium |
Increases cron job test timeout to 20 seconds. Increases cron job test timeout to 20 seconds. Source: llm_adapter@2026-05-21 Confidence: high |
— |
| Bugfix | Medium |
Expands forbid policies to cover legacy actions. Expands forbid policies to cover legacy actions. Source: llm_adapter@2026-05-21 Confidence: high |
— |
| Bugfix | Medium |
Fixes JSON secrets import functionality. Fixes JSON secrets import functionality. Source: llm_adapter@2026-05-21 Confidence: high |
— |
| Bugfix | Medium |
Allows namespace list access via gateway in Vault import. Allows namespace list access via gateway in Vault import. Source: llm_adapter@2026-05-21 Confidence: high |
— |
| Bugfix | Medium |
Wraps Milvus describe role in error handling. Wraps Milvus describe role in error handling. Source: llm_adapter@2026-05-21 Confidence: high |
— |
Full changelog
What's Changed
- feat(telemetry): add Organization Created PostHog event by @devin-ai-integration[bot] in https://github.com/Infisical/infisical/pull/6533
- chore: add upgrade impact for v0.160.3 by @maidul98 in https://github.com/Infisical/infisical/pull/6553
- fix(cron-job): increase timeout for beforeEach to 20 seconds by @victorvhs017 in https://github.com/Infisical/infisical/pull/6551
- fix: expand forbid policies to cover legacy actions by @scott-ray-wilson in https://github.com/Infisical/infisical/pull/6534
- feat(telemetry): enrich self-hosted TelemetryInstanceStats with deployment depth metrics by @devin-ai-integration[bot] in https://github.com/Infisical/infisical/pull/6538
- fix: import JSON secrets by @mathnogueira in https://github.com/Infisical/infisical/pull/6536
- fix(import-hashicorp-vault): allow the list of namespaces using gateway by @adilsitos in https://github.com/Infisical/infisical/pull/6542
- feat(telemetry): add RBAC PostHog events (custom roles + membership role changes) by @devin-ai-integration[bot] in https://github.com/Infisical/infisical/pull/6537
- feat: add permission audit feature for project machine identities by @scott-ray-wilson in https://github.com/Infisical/infisical/pull/6531
- feat: allow applications on active project by @carlosmonastyrski in https://github.com/Infisical/infisical/pull/6556
- chore(cron-jobs): update CLAUDE.md to clarify queue and cron job usage by @victorvhs017 in https://github.com/Infisical/infisical/pull/6558
- feat(dynamic-secret): milvus by @adilsitos in https://github.com/Infisical/infisical/pull/6494
- chore(upgrade-impact): exclude helm and route review to previous-release author by @PrestigePvP in https://github.com/Infisical/infisical/pull/6557
- feat(pki): allow disabling the default CRL distribution point URL by @saifsmailbox98 in https://github.com/Infisical/infisical/pull/6562
- fix(milvus-dynamic-secret): wrap describe role in try/catch by @adilsitos in https://github.com/Infisical/infisical/pull/6566
- feat(pki): move PQC algorithms to enterprise plan by @saifsmailbox98 in https://github.com/Infisical/infisical/pull/6563
- feat(pki): support wildcard DNS identifiers in ACME by @saifsmailbox98 in https://github.com/Infisical/infisical/pull/6565
Full Changelog: https://github.com/Infisical/infisical/compare/v0.160.3...v0.160.4
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About infisical
Infisical is the open-source platform for secrets, certificates, and privileged access management.
Related context
Related tools
Beta — feedback welcome: [email protected]