Skip to main content

Supply Chain Security release notes

These release notes describe recent changes to Harness Supply Chain Security.

About Harness Release Notes
  • Progressive deployment: Harness deploys changes to Harness SaaS clusters on a progressive basis. This means that the features described in these release notes may not be immediately available in your cluster. To identify the cluster that hosts your account, go to your Account Overview page in Harness. In the new UI, go to Account Settings, Account Details, General, Account Details, and then Platform Service Versions.
  • Security advisories: Harness publishes security advisories for every release. Go to the Harness Trust Center to request access to the security advisories.
  • More release notes: Go to Harness Release Notes to explore all Harness release notes, including module, delegate, Self-Managed Enterprise Edition, and FirstGen release notes.

July 2024

Version: 1.14.3

Announcements

SCS is now Generally Available (GA). We have moved from Limited GA (since January 2024) to GA. Read more on our announcement blog.

New features

  • Repository Security Posture Management:
    • Connect your GitHub with Harness SCS to identify insecure configurations in code repositories and organization settings for comprehensive risk, compliance, and security posture management. Use the Harness SCS GitHub app for integration. Learn more in our RSPM documentation.
  • Manage Risk and Compliance
  • Integrations and Permissions

Enhancements

Artifact view will now support the following views

  • Chain of Custody: Log the artifact's journey throughout the software supply chain.
  • Artifact Listing: View all container images, including their digests and tags.
  • Security Insights: Access detailed information on security vulnerabilities.
  • SLSA Provenance: View the provenance and verification status of artifacts following the SLSA framework.

July 2024

Version 1.12.0

New features and enhancements

  • The "Repositories" tab previously located in the Artifact View has been relocated and expanded into a separate section titled "Code Repositories". All repository data will now be accessible from the Code Repositories section, providing a more streamlined interface for managing repository information.

September 2023

The Supply Chain Security module documentation is live on the Harness Developer Hub. Check back soon for module release notes.