Release notes

Check these release notes regularly for product updates.

October, 2024

• Added information about FedRAMP as part of the Security frameworks and industry best practices in Tanzu Application Catalog page.

September,2024

• Starting September 11, 2024, VMware Tanzu cloud services will move from the VMware Cloud Services Console to the new VMware Tanzu Platform Console. You can continue to access these services at https://console.tanzu.broadcom.com using your existing credentials. For details on the transition and any required actions, see Article.
• Enhanced the Knowledge Graph to provide a more comprehensive view of catalog vulnerabilities and packages within your Open Source software catalog. For more details, see Knowledge Graph in Getting started guide and Accessing Visual Software Knowledge Graph.

July, 2024

• Restructured the main Table of Contents for easy navigation.

June, 2024

• Added information on Visual Software Knowledge Graph for organizing security metadata and continuous SBOM scanning, Track daily app releases, vulnerability patches, and OSS package manager contributions. For more information, see Accessing Visual Software Knowledge Graph and Getting started guide.

May, 2024

• Added information on Tanzu Application Catalog overview.

• Added information on Tanzu Application Catalog resources.

• Added information on how non-advanced users can use the JSON file to configure registry credentials to deploy container images and Helm charts. For more information, see Obtain registry credentials in Getting started with VMware Tanzu Application Catalog section.

April, 2024

• Added information about Pod Security Standards in Kubernetes.
• Added information on listing container images from an OCI Hosted registry.
• Updated instructions about SLSA level compliance since Tanzu Application Catalog is now generating SLSA Provenance attestations.
• Added the definition of the Tanzu Application Catalog Build Type for SLSA Provenance attestations.

March, 2024

• Added information about DISA, CIS, and, STIG hardening applied to PhotonOS containers as part of the Security frameworks and industry best practices in Tanzu Application Catalog page.

February, 2024

• Added information and instructions on multi-platform container images. For more information, see Building multi-platform container images.

• CVE Summary is now available in the container details view through the Library page. For more information, see FAQs and Concepts.

January, 2024

• Added support for user-defined customizations in container images. See Apply user-defined customizations to Tanzu Application Catalog containers.

December, 2023

• Added information about security frameworks in Tanzu Application Catalog. For more information, see Security frameworks.

• Added instructions on how to file a support request for Tanzu Application Catalog issues. See How to file a support request for Tanzu Application Catalog issues.

• Added instruction to verify VMware Tanzu Application Catalog signatures by using Notation. See Verify VMware Tanzu Application Catalog signatures.

November, 2023

• Introduced visualizer tool to process SBoM data and generate graphical representations of software components. See Getting started and FAQs.

• Added support for Nexus Container Registry. For more information on how to see how to configure this new kind of registry, see Getting started.

• Option to choose from multiple registries while adding an application is now available. For more information, see FAQs.

October, 2023

• Changed product name from VMware Application Catalog to VMware Tanzu Application Catalog. Note that this name change will not have any direct impact on the usage, pricing, or functionality of the product; nor will this change have any impact on the virtual machine-related capabilities of the product. The product will continue to have virtual-machine-related capabilities.

• Updated How frequently a new version of an application is released?. Container images releases for operating system updates are now triggered when a vulnerability fix is detected instead of daily. With this improvement, the Trigger information report will include the list of vulnerabilities fixed in each release.

September, 2023

• Added supported processor architecture. For more information, see Changelog and Interoperability section.

August, 2023

• Updated Reports section. Virtual Machines now have Built time reports associated with them.

• Added CSAF VEX document (report) for containers under the Build Time Reports section.

• Updated documentation with steps to identify applications that are FIPS, non-root or air-gapped validated. For more information, see FAQs.

• Updated documentation on how Tanzu Application Catalog is verified against specific Kubernetes versions and cloud platforms. For more information, see Verification matrix and FAQs.

July, 2023

• Added basic configuration for not customizable artifacts that doesn’t count towards the Tanzu Application Catalog subscription.

• Updated Kubeapps documentation for auto-discovering applications.

• Tanzu Application Catalog now includes VMware enterprise support for Sealed Secrets. For more information, see Elevate the Security of Your Kubernetes Secrets with Tanzu Application Catalog and Sealed Secrets.

June, 2023

• Added Source Container report for containers under the Build Time Reports section.

• Updated versions of Kubernetes platforms. For more information, see Interoperability.

• Images are now flattened into a single layer there by reducing the size of the images and the time taken for the images to be pulled and uncompressed. This helps in reuse of the same layers. Since, Tanzu Application Catalog produces up-to-date container images using the latest fixed minimal dependencies, the possibilities to reuse any of those layers are minimal.

• Added support to convert SPDX file to CycloneDX file and use Dependency-Track to view information of SBoM. For more information, see FAQ section.

• Updated cosign verify command. For more information, see Verify Vmware Tanzu Application Catalog Signatures.

May, 2023

• Added role based access to use Tanzu Application Catalog. The new role added is App Catalog user (with read operations) in addition to the previously existing role, that is, App Catalog Admin. For more information, see Getting started and FAQs.

April, 2023

• Added SBOM report in SPDX format for single VMs and containers under the Build Time Reports section.

• Added support for GitHub Container Registry (GHCR). For more information on how to see how to configure this new kind of registry, see Getting started.

March, 2023

• At the end of March the openssl-fips-provider package was added to the PhotonOS 4 base image so container images based on that distro are compatible with FIPS.

February, 2023

• Added support for Google Artifact Registry (GAR). For more information on how to see how to configure this new kind of registry, see Getting started.

December, 2022

• Starting December 15, 2022, users can click directly on the Tanzu Application Catalog tile (instead of clicking the VMware Marketplace tile as before) in the VMware Cloud Services Console and start accessing the product, without having to go through VMware Marketplace. Alternatively, they can visit the URL app-catalog.vmware.com directly and use their Cloud Services Console credentials to log in and use Tanzu Application Catalog.

October, 2022

• Added support for JFrog Container Registry (JCR). For more information on how to see how to configure this new kind of registry, see Getting started.

September, 2022

• Added support for Amazon Elastic Container Registry (ECR). For more information on how to see how to configure this new kind of registry, see Getting started.

August, 2022

• Extended OS support for containers and Helm charts. By default, for the supported Operating Systems, all official stable and long term support (LTS) versions will be available. Currently supported versions can be found in the OS changelog.

July, 2022

• Tanzu Application Catalog can now be accessed via VMware Marketplace. Access trusted and secure open source application components that are continuously maintained. Customize your applications based on your operating system and operate with confidence of conforming to enterprise security requirements. To experience the refreshed Tanzu Application Catalog user interface, see the VMware Marketplace.

November, 2021

• Added support for Virtual Machine Images (OVAs). Now users may request supported applications in OVA format as well, in addition to already supported helm chart and container image form factors. These OVAs will be validated on the latest version of VMware Cloud on AWS. For more information, see Virtual Machine Images Documentation.
• Started container images, Helm Charts and metadata files signing with cosign.
• Added new applications: SonarQube.

October, 2021

• Added new applications: Apache Geode, Contour Operator, Argo Workflows.
• Metadata for containers and charts are stored in the OCI registry.

September, 2021

• Added new documentation pages:
  • Applications Documentation
  • Applications Tutorials

• Added “Helm Charts parameters” documentation pages for each application.

  

• Improved applications onboarding UX. Manage your custom base images and registries directly in our UI.

  

• Added new applications: Sealed Secrets, OpenLDAP, Data Platform Blueprint 1, Data Platform Blueprint 2. Check the application changelog for more information.

August, 2021

• Improved applications onboarding UX.

  

• Added the help support panel featuring “Question Based Lists” allowing you to explore our documentation directly from our UI.

• Added new applications: Kubeapps APIs. For more information, see application changelog.

July, 2021

• Improved applications onboarding UX.

  

• Added new applications: OpenResty, Grafana Tempo, OAuth2 Proxy, Concourse, Argo CD. For more information, see the application changelog.

June, 2021

• Added new applications: Dex, Neo4j, HAProxy. For more information, see the application changelog.

May, 2021

• Added new applications: cert-manager. For more information, see application changelog.

April, 2021

• Added new applications: Jupyter Hub, AWS CLI version 2, Configurable HTTP Proxy. For more information, see application changelog.

March, 2021

• Added new applications: Wavefront Prometheus Storage Adapter, Wavefront Adapter for Istio. For more information, see the application changelog.
  • Wavefront Helm Chart Kubernetes Collector is a scratch container now.

February, 2021

• Added new applications: Grafana Operator, Apache Solr, ORAS, Trivy, kubeapps-pinniped-proxy. For more information, see the application changelog.

January, 2021

• Added new applications: PgBouncer. For more information, see the application changelog.

December 10th, 2020

• Tanzu Application Catalog for Tanzu Advanced
• The customer’s onboarding process for new organizations significantly improved. This will result in faster service activation.

• Improved the application details view. All Helm Chart dependencies are shown in the UI now.

  

• Added a new getting started page with a summary of the service and its features.

  

• Credentials’ view for customers to can manage their access to the registry that contains Tanzu Application Catalog for Tanzu Advanced’s catalog.

• New release of chart-syncer tool with support for OCI registries as source passing the list of charts and as target.

September 31st, 2020

Updated the application details view to focus on the release process.

August 31st, 2020

• Preliminary support for showing multiple application releases in the User Interface: although Tanzu Application Catalog is continuous delivering new assets as they are built, the UI was only showing the latest version for each application. With this change, and only when being part of a chart, a message will popup if there is a more recent version of a given container image.

  

August 14, 2020

• Introduced two new build time reports for both containers and helm charts:
• Asset Specification: contains information about the asset such as name, version and the list of system packages.

• Test Results: exposes the testing suite that the application passed before releasing.

  

July 13, 2020

• Exposed the full customer catalog in a consolidated view
• Displaying the application type in the rows
• Establish a more visual way to display relationships between applications and their dependencies
• Simplify the navigation. Now all applications are at the same level, instead of being scoped under a “catalog”

June 23, 2020

• Added new filters in the applications section allowing to filter the table globally and specify an operating system or the status of applications.
• Display the operating system in the Applications table.

June 5, 2020

• Applications list can now be filtered by application and version:

  

May 13, 2020

• Added documentation and help widgets.

• Improved the Applications section UX/UI:

  • Different version branches of the same application are now grouped together.
  • Helm Charts and Container dependencies are now visible in the artifacts sections.

  • Helm Chart tarball urls are now displayed in the information pane.

    

March 26, 2020

• Added pagination and sorting in the main catalog section.

• Improved Application Request Wizard for Containers & Helm Charts selection.

  

March 13, 2020

• Added a new application request wizard.

• Improved the Helm Charts sections by adding more information: including repository URL, digest and instructions about how to install it.