🚨 This is a RELEASE CANDIDATE. Use it only for testing purposes. If you find any bugs, file an issue.

⚠️ RELEASE CANDIDATE NOTES ⚠️

👌 Kubernetes version support

• Management Cluster: v1.31.x -> v1.35.x
• Workload Cluster: v1.29.x -> v1.35.x

More information about version support can be found here

Highlights

CAPI v1.13 is a release focused on stability, reliability and performances:

• Bumped to Go 1.25, controller-runtime v0.23, k8s.io/* v0.35, controller-gen v0.20
• KCP now allows to recover from different kind of failures as well as from multiple failures:
  • Increased tolerance to unexpected state of control plane components (accidental node deletion, manual removal of etcd members, accidental deletion of kubeadm control plane labels, and more)
  • Better visibility on common symptoms of kubeadm join errors (failed to promote etcd member, failed to apply kubeadm control plane labels and taints)
• Multiple improvements to improve controllers memory and CPU footprint, performance and stability at scale

Note: Cluster API is only supported on conformant Kubernetes Clusters and contract-relevant provider resources (e.g. InfraCluster) have to be implemented as CRDs (i.e. not via an aggregated apiserver).

Other changes

• The implementation of the Taint propagation proposal is now completed
• Runtime Hooks are now embedding v1beta2 Cluster types
• Machine now reports info about machine placement in the status.failureDomain field
• rolloutAfter for control plane and MachineDeployments can now be controlled from Cluster.spec.topology
• MachineWaitForVolumeDetachConsiderVolumeAttachments feature graduated to GA
• PriorityQueue feature graduated to beta and it is now enabled by default
• ReconcilerRateLimiting feature graduated to beta and it is now enabled by default
  • Starting from this release ReconcilerRateLimiting feature also requires PriorityQueue to be enabled. This ensures that ReconcilerRateLimiting works consistently with controller runtime ExponentialBackoff.

Deprecation and Removals Warning

• v1alpha3 and v1alpha4 apiVersions have been removed
• Reminder: v1beta1 is on track to be unserved in CAPI v1.16
  • Reminder: Provider should start implementing the v1beta2 contract ASAP.

For additional details for providers, please take a look at Cluster API v1.12 compared to v1.13.

Changes since v1.13.0-rc.0

📈 Overview

• 9 new commits merged
• 1 breaking change ⚠️
• 2 bugs fixed 🐛

⚠️ Breaking Changes

• CAPD: Mark docker resources as deprecated (#13565)

🐛 Bug Fixes

• Dependency: Fix CVE-2026-39883 (#13573)
• KCP: KCP deletion should tolerate missing InfraTemplates (#13562)

🌱 Others

• clusterctl: Add cloudscale-ch-cloudscale provider (#13567)
• Dependency: Bump the all-go-mod-patch-and-minor group across 3 directories with 4 updates (#13582)
• e2e: Start testing with Kubernetes v1.36.0-rc.0 (#13569)

Dependencies

Added

Nothing has changed.

Changed

• github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp: v1.30.0 → v1.31.0
• github.com/grpc-ecosystem/grpc-gateway/v2: v2.27.7 → v2.28.0
• go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc: v1.40.0 → v1.43.0
• go.opentelemetry.io/otel/exporters/otlp/otlptrace: v1.40.0 → v1.43.0
• go.opentelemetry.io/otel/metric: v1.40.0 → v1.43.0
• go.opentelemetry.io/otel/sdk/metric: v1.40.0 → v1.43.0
• go.opentelemetry.io/otel/sdk: v1.40.0 → v1.43.0
• go.opentelemetry.io/otel/trace: v1.40.0 → v1.43.0
• go.opentelemetry.io/otel: v1.40.0 → v1.43.0
• go.opentelemetry.io/proto/otlp: v1.9.0 → v1.10.0
• golang.org/x/crypto: v0.49.0 → v0.50.0
• golang.org/x/mod: v0.33.0 → v0.34.0
• golang.org/x/net: v0.52.0 → v0.53.0
• golang.org/x/sys: v0.42.0 → v0.43.0
• golang.org/x/telemetry: e7419c6 → 579e4da
• golang.org/x/term: v0.41.0 → v0.42.0
• golang.org/x/text: v0.35.0 → v0.36.0
• golang.org/x/tools: v0.42.0 → v0.43.0
• gonum.org/v1/gonum: v0.16.0 → v0.17.0
• google.golang.org/genproto/googleapis/api: 8636f87 → 9d38bb4
• google.golang.org/genproto/googleapis/rpc: 8636f87 → 9d38bb4
• google.golang.org/grpc: v1.79.3 → v1.80.0

Removed

Nothing has changed.

🚨 This is a RELEASE CANDIDATE. Use it only for testing purposes. If you find any bugs, file an issue.

⚠️ RELEASE CANDIDATE NOTES ⚠️

👌 Kubernetes version support

• Management Cluster: v1.31.x -> v1.35.x
• Workload Cluster: v1.29.x -> v1.35.x

More information about version support can be found here

Highlights

CAPI v1.13 is a release focused on stability, reliability and performances:

• Bumped to Go 1.25, controller-runtime v0.23, k8s.io/* v0.35, controller-gen v0.20
• KCP now allows to recover from different kind of failures as well as from multiple failures:
  • Increased tolerance to unexpected state of control plane components (accidental node deletion, manual removal of etcd members, accidental deletion of kubeadm control plane labels, and more)
  • Better visibility on common symptoms of kubeadm join errors (failed to promote etcd member, failed to apply kubeadm control plane labels and taints)
• Multiple improvements to improve controllers memory and CPU footprint, performance and stability at scale

Note: Cluster API is only supported on conformant Kubernetes Clusters and contract-relevant provider resources (e.g. InfraCluster) have to be implemented as CRDs (i.e. not via an aggregated apiserver).

Other Changes

• The implementation of the Taint propagation proposal is now completed
• Runtime Hooks are now embedding v1beta2 Cluster types
• Machine now reports info about machine placement in the status.failureDomain field
• rolloutAfter for control plane and MachineDeployments can now be controlled from Cluster.spec.topology
• MachineWaitForVolumeDetachConsiderVolumeAttachments feature graduated to GA
• PriorityQueue feature graduated to beta and it is now enabled by default
• ReconcilerRateLimiting feature graduated to beta and it is now enabled by default
  • Starting from this release ReconcilerRateLimiting feature also requires PriorityQueue to be enabled. This ensures that ReconcilerRateLimiting works consistently with controller runtime ExponentialBackoff.

Deprecation Warning

• v1alpha3 and v1alpha4 apiVersions have been removed
• Reminder: v1beta1 is on track to be unserved in CAPI v1.16
  • Reminder: Provider should start implementing the v1beta2 contract ASAP.

For additional details for providers, please take a look at Cluster API v1.12 compared to v1.13.

Changes since v1.12.0

📈 Overview

• 264 new commits merged
• 9 breaking changes ⚠️
• 30 feature additions ✨
• 37 bugs fixed 🐛

📝 Proposals

• Core: Update autoscaling from zero enhancement proposal with node labels and taints configuration clarification (#13308)

⚠️ Breaking Changes

• API/Runtime SDK: Bump Runtime Hooks v1alpha1 types to core CAPI v1beta2 (#13200)
• API: Remove v1alpha3 + v1alpha4 apiVersions (#13199)
• CABPK: Remove deprecated --cluster-concurrency flag in CABPK (#13288)
• ClusterCache: Remove deprecated ClusterCache GetClientCertificatePrivateKey (#13156)
• ClusterClass: Remove deprecated ShouldSkipImmutabilityChecks (#13291)
• clusterctl: Remove deprecated --disable-grouping clusterctl describe cluster flag (#13289)
• clusterctl: Remove deprecated provider CRD migration from clusterctl upgrade (#13290)
• Dependency: Bump to controller-runtime main & controller-tools v0.20 (#13159)
• Misc: Remove deprecated ParseMajorMinorPatchTolerant / ParseMajorMinorPatch (#13292)

✨ New Features

• API: Backport newly introduced v1beta2 API fields to v1beta1 (#13455)
• CABPK: Optimize cache configuration of CABPK & standardize cache/client setup (#13407)
• CAPD: Implement DevMachinePools (#13346)
• CAPD: Improve CAPD wait for multi-user target (#13514)
• CAPD: Support externally managed LB (#13362)
• Cluster: Only set ownerReference on InfraCluster/ControlPlane when Topology is defined (#13332)
• ClusterCache: Add ClusterFilter to ClusterCache Options (#12665)
• ClusterClass: Implement support for taints (#13192)
• clusterctl: Allow overriding image name in clusterctl config (#13014)
• Core: Optimize cache configuration of core CAPI (#13488)
• Dependency: Bump Go to v1.25.5 (#13164)
• Dependency: Bump to controller-runtime v0.23 (#13245)
• Devtools: Add a flag to skip image preloading (#13143)
• KCP/CABPK: Allow diskSetup to include partition layout (#11634)
• KCP/MachineDeployment/Cluster: Add rolloutAfter to cluster.spec.topology (#13391)
• KCP: Allow remediation of multiple failures in KCP (#13352)
• KCP: Bump coredns/corefile-migration to v1.0.30 (#13282)
• KCP: Implement support for machine taints (#13181)
• KCP: Optimize cache configuration of KCP (#13460)
• Machine: Add Machine status.failureDomain (#13266)
• Machine: Promote MachineWaitForVolumeDetachConsiderVolumeAttachments feature to GA (#13293)
• Metrics/e2e: Add infra CRDs to dashboards, improve/fix dashboards, enable native histograms (#13354)
• Misc: Disable DWARF and symbol table to decrease binary/image size (#12856)
• Misc: Enable PriorityQueue per default (#13171)
• Misc: Promote ReconcileRateLimiting to beta (enabled per default) (#13373)
• Misc: Tune controller concurrency and cache timeout for scale (#13496)
• Release: Prepare main branch for v1.13 (#13174)
• Testing: Add example / debug suite for envtest (#13453)
• util: Extend conversion tests to cover the "no spec" case (#13409)
• util: Refresh cache entries on cache hit in SSA caches (#13459)

🐛 Bug Fixes

• API: Fix v1beta1 ControlPlane contract to handle .status.initialized correctly (#13186)
• CAPD: Fix "Failed to exec DockerMachine bootstrap" errors in CAPD (#13447)
• CAPD: Remove finalizers during deletion if ownerRef was never set for cluster controllers (#13239)
• CAPIM: Extend CAPD in-memory backend to set CP taint to fix scale tests (#13187)
• CAPIM: Fix in-memory watch unit test (#13464)
• CI: Bump trivy to v0.69.2 to fix CI (#13387)
• Cluster: Fix panic in Cluster conversion (#13383)
• ClusterClass/KCP/MachineSet/MachineDeployment: Mitigate managedFields apiserver issue for SSA (#13338)
• ClusterClass: Allow adding spec via ClusterClass JSON patches (#13225)
• ClusterClass: Do not overwrite global http.DefaultClient TLSConfig (#13058)
• ClusterClass: Fix upgradePlan computation in GetUpgradePlanFromClusterClassVersions (#13463)
• Dependency: Bump dependencies to fix CVE GO-2026-4394 (go.opentelemetry.io/otel/sdk pkg) (#13372)
• e2e: Add wait-resource-versions-{become,remain}-stable intervals to e2e config (#13263)
• e2e: Clean up namespace in e2e tests (#13233)
• e2e: Fix cross-ns scale test (#13309)
• e2e: Fix goroutine & memory leak in inmemory provider (#13361)
• e2e: Fix node-label calculation in test extension & fix upgrade test (#13356)
• e2e: Fix WaitForMachinesReady interval (#13050)
• e2e: Increase reconcile timeout for KCP & DockerMachine (#13093)
• e2e: Only retry creating objects that failed (#13265)
• e2e: Tolerate NotFound errors during Namespace deletion in scale test cleanup (#13439)
• KCP/MachineSet: Preserve existing object names for backward compatibility with pre-v1.7 in-place updates (#13124)
• KCP: Grant delete permissions to Secrets. (#13070)
• KCP: Use errors.Errorf instead of errors.Wrapf since the err is nil (#13486)
• Machine/MachineSet/MachineDeployment: Fix UpToDate calculation for rolloutAfter (#13404)
• MachineSet: Use MachineSet template values in completeMoveMachine for in-place updates (#13059)
• Misc: Fix bug while setting status for deprecated fields (#13336)
• Runtime SDK: Improve client cert/key rotation of the RuntimeSDK client (#13213)
• Testing/e2e: Fix unit test flakes, improve clusterctl download error in e2e tests (#13045)
• Testing: Fix flaky by waiting for CRD finalizer processing (#13470)
• Testing: Fix flaky TestClusterReconciler unit test (#13180)
• Testing: Fix TestReconcile flake (#13255)
• Testing: Fix webhook envtest tests for Kubernetes < v1.35 (#13170)
• Upgrades: Remove conflicting rules field from aggregated ClusterRoles (#13490)
• util: Fix a panic in conditions.Delete method if the sources condition list is empty (#13048)
• util: Fix exponential backoff with ReconcilerRateLimiting (#13416)
• util: Fix patchHelper unit test flakes (#13412)

🌱 Others

• API: Deprecate custom Condition types (#13237)
• API: Introduce conversion.MarshalDataUnsafeNoCopy to avoid unnecessary memory allocations during conversion (#13402)
• API: Postpone date when we stop serving v1beta1 (#13394)
• API: Relax validation for Machine .status.addresses to maximum of 128 instead of 32 items (#13060)
• API: Relax validation for Machine .status.addresses to maximum of 256 instead of 128 items (#13395)
• CAPD/CAPIM: Implement .status.failureDomain for DockerMachine & DevMachine (#13286)
• CAPD: Implement pause for DockerMachinePool (#13445)
• CAPD: Improve condition if CAPD Machine is not yet ready for bootstrap exec (#13461)
• CAPD: Move RBAC for devmachinetemplates from main.go to controller.go (#13271)
• CAPD: Reduce verbosity of CAPD exec log (#13493)
• CAPD: Use select with time.After instead of time.Sleep (#13480)
• CAPIM: Fix inMemory watch (#13229)
• CI: Bump golangci-lint v2.7.0 (#13108)
• CI: Bump Kubernetes version used for testing to v1.35.0-rc.0 (#13103)
• CI: Bump Kubernetes version used for testing to v1.35.0-rc.1 (#13138)
• CI: Drop security scan on 1.10 (#13454)
• CI: Dump resources in scale test (#13232)
• CI: Improve Fake API server (#13183)
• CI: Inmemory APIserver fails for unsupported fieldSelectors (#13306)
• CI: Migrate away from custom GitHub action approval workflow (#13533)
• CI: Revive the debug endpoint for CAPDev in-memory (#13423)
• CI: Use env test 1.35.0 (#13168)
• ClusterCache: Remove stack traces from ClusterCache errors (#13396)
• Clus...

👌 Kubernetes version support

• Management Cluster: v1.31.x -> v1.35.x
• Workload Cluster: v1.29.x -> v1.35.x

More information about version support can be found here

Changes since v1.12.4

📈 Overview

• 14 new commits merged
• 1 feature addition ✨
• 3 bugs fixed 🐛

✨ New Features

• CAPD: Improve CAPD wait for multi-user target (#13523)

🐛 Bug Fixes

• Testing: Fix flaky by waiting for CRD finalizer processing (#13478)
• Testing: Fix flaky TestClusterReconciler unit test (#13475)
• Testing: Fix TestMachineSetReconciler_createMachines_preflightChecks flake (#13477)

🌱 Others

• CAPD: Reduce verbosity of CAPD exec log (#13494)
• clusterctl: Bump cert-manager to v1.20.0 (#13484)
• clusterctl: Bump cert-manager to v1.20.1 (#13519)
• Dependency: Bump corefile-migration to v1.0.31 (#13526)
• Dependency: Bump dependencies to fix CVE-2026-33186 (google.golang.org/grpc) (#13504)
• Dependency: Bump go v1.25.9 (#13554)
• Dependency: Switch from docker to moby dependencies (#13550)
• e2e: Start testing with Kubernetes v1.36.0-beta.0 (#13525)
• KCP: KCP surfaces learner etcd members (#13491)

📖 Additionally, there has been 1 contribution to our documentation and book. (#13528)

Dependencies

Added

Nothing has changed.

Changed

• cel.dev/expr: v0.24.0 → v0.25.1
• github.com/cncf/xds/go: 0feb691 → ee656c7
• github.com/coredns/corefile-migration: v1.0.30 → v1.0.31
• github.com/envoyproxy/go-control-plane/envoy: v1.35.0 → v1.36.0
• github.com/envoyproxy/go-control-plane: 75eaa19 → v0.14.0
• github.com/envoyproxy/protoc-gen-validate: v1.2.1 → v1.3.0
• go.opentelemetry.io/contrib/detectors/gcp: v1.38.0 → v1.39.0
• google.golang.org/grpc: v1.78.0 → v1.79.3

Removed

Nothing has changed.

Thanks to all our contributors! 😊

👌 Kubernetes version support

• Management Cluster: v1.30.x -> v1.34.x
• Workload Cluster: v1.28.x -> v1.34.x

More information about version support can be found here

Changes since v1.11.7

📈 Overview

• 9 new commits merged
• 1 feature addition ✨
• 2 bugs fixed 🐛

✨ New Features

• CAPD: Improve CAPD wait for multi-user target (#13524)

🐛 Bug Fixes

• Testing: Fix flaky by waiting for CRD finalizer processing (#13479)
• Testing: Fix flaky TestClusterReconciler unit test (#13476)

🌱 Others

• CAPD: Reduce verbosity of CAPD exec log (#13495)
• clusterctl: Bump cert-manager to v1.20.0 (#13483)
• clusterctl: Bump cert-manager to v1.20.1 (#13518)
• Dependency: Bump dependencies to fix CVE-2026-33186 (google.golang.org/grpc) (#13505)
• Dependency: Bump go v1.25.9 (#13555)
• Dependency: Switch from docker to moby dependencies (#13552)

Dependencies

Added

Nothing has changed.

Changed

• cel.dev/expr: v0.24.0 → v0.25.1
• github.com/cncf/xds/go: 0feb691 → ee656c7
• github.com/envoyproxy/go-control-plane/envoy: v1.35.0 → v1.36.0
• github.com/envoyproxy/go-control-plane: 75eaa19 → v0.14.0
• github.com/envoyproxy/protoc-gen-validate: v1.2.1 → v1.3.0
• go.opentelemetry.io/contrib/detectors/gcp: v1.38.0 → v1.39.0
• google.golang.org/grpc: v1.78.0 → v1.79.3

Removed

Nothing has changed.

Thanks to all our contributors! 😊

🚨 This is a BETA RELEASE. Use it only for testing purposes. If you find any bugs, file an issue.

Highlights

CAPI v1.13 is a release focused on stability, reliability and performances:

• Bumped to Go 1.25, controller-runtime v0.23, k8s.io/* v0.35, controller-gen v0.20
• KCP now allows to recover from different kind of failures as well as from multiple failures:
  • Increased tolerance to unexpected state of control plane components (accidental node deletion, manual removal of etcd members, accidental deletion of kubeadm control plane labels, and more)
  • Better visibility on common symptoms of kubeadm join errors (failed to promote etcd member, failed to apply kubeadm control plane labels and taints)
• Multiple improvements to improve controllers memory and CPU footprint, performance and stability at scale

Note: Cluster API is only supported on conformant Kubernetes Clusters and contract-relevant provider resources (e.g. InfraCluster) have to be implemented as CRDs (i.e. not via an aggregated apiserver).

Other changes

• The implementation of the Taint propagation proposal is now completed
• Runtime Hooks are now embedding v1beta2 Cluster types
• Machine now reports info about machine placement in the status.failureDomain field
• rolloutAfter for control plane and MachineDeployments can now be controlled from Cluster.spec.topology
• MachineWaitForVolumeDetachConsiderVolumeAttachments feature graduated to GA
• PriorityQueue feature graduated to beta and it is now enabled by default
• ReconcilerRateLimiting feature graduated to beta and it is now enabled by default
  • Starting from this release ReconcilerRateLimiting feature also requires PriorityQueue to be enabled. This ensures that ReconcilerRateLimiting works consistently with controller runtime ExponentialBackoff.

Deprecation and Removals Warning

• v1alpha3 and v1alpha4 apiVersions have been removed
• Reminder: v1beta1 is on track to be unserved in CAPI v1.16
  • Reminder: Provider should start implementing the v1beta2 contract ASAP.

For additional details for providers, please take a look at Cluster API v1.12 compared to v1.13.

Changes since v1.13.0-beta.0

📈 Overview

• 24 new commits merged
• 5 feature additions ✨
• 3 bugs fixed 🐛

✨ New Features

• CAPD: Implement DevMachinePools (#13346)
• CAPD: Improve CAPD wait for multi-user target (#13514)
• Core: Optimize cache configuration of core CAPI (#13488)
• KCP: Optimize cache configuration of KCP (#13460)
• Misc: Tune controller concurrency and cache timeout for scale (#13496)

🐛 Bug Fixes

• CAPIM: Fix in-memory watch unit test (#13464)
• KCP: Use errors.Errorf instead of errors.Wrapf since the err is nil (#13486)
• Upgrades: Remove conflicting rules field from aggregated ClusterRoles (#13490)

🌱 Others

• CAPD: Reduce verbosity of CAPD exec log (#13493)
• CAPD: Use select with time.After instead of time.Sleep (#13480)
• clusterctl: Bump cert-manager to v1.20.0 (#13482)
• clusterctl: Bump cert-manager to v1.20.1 (#13515)
• e2e: Improve scale test for re-entrancy and improve observability stack (#13492)
• e2e: Start testing with Kubernetes v1.36.0-beta.0 (#13513)
• KCP: KCP should handle missing control plane label (#13466)
• MachinePool: Fix reconcileDelete returning unnecessary error (#13481)
• Misc: Removing cluster-api-provider-nested as it is read-only (#13500)

Dependencies

Added

Nothing has changed.

Changed

• cel.dev/expr: v0.24.0 → v0.25.1
• github.com/cncf/xds/go: 0feb691 → ee656c7
• github.com/envoyproxy/go-control-plane/envoy: v1.35.0 → v1.36.0
• github.com/envoyproxy/go-control-plane: 75eaa19 → v0.14.0
• github.com/envoyproxy/protoc-gen-validate: v1.2.1 → v1.3.0
• github.com/fatih/color: v1.18.0 → v1.19.0
• go.etcd.io/etcd/api/v3: v3.6.8 → v3.6.9
• go.etcd.io/etcd/client/pkg/v3: v3.6.8 → v3.6.9
• go.etcd.io/etcd/client/v3: v3.6.8 → v3.6.9
• go.opentelemetry.io/contrib/detectors/gcp: v1.38.0 → v1.39.0
• google.golang.org/grpc: v1.78.0 → v1.79.3
• k8s.io/api: v0.35.2 → v0.35.3
• k8s.io/apiextensions-apiserver: v0.35.2 → v0.35.3
• k8s.io/apimachinery: v0.35.2 → v0.35.3
• k8s.io/apiserver: v0.35.2 → v0.35.3
• k8s.io/client-go: v0.35.2 → v0.35.3
• k8s.io/cluster-bootstrap: v0.35.2 → v0.35.3
• k8s.io/code-generator: v0.35.2 → v0.35.3
• k8s.io/component-base: v0.35.2 → v0.35.3
• k8s.io/kms: v0.35.2 → v0.35.3

Removed

Nothing has changed.

🚨 This is a BETA RELEASE. Use it only for testing purposes. If you find any bugs, file an issue.

👌 Kubernetes version support

• Management Cluster: v1.31.x -> v1.35.x
• Workload Cluster: v1.29.x -> v1.35.x

More information about version support can be found here

Highlights

Starting from this release ReconcilerRateLimiting feature also requires PriorityQueue to be enabled.
This ensures that ReconcilerRateLimiting works consistently with controller runtime ExponentialBackoff.

Changes since v1.12.3

📈 Overview

• 17 new commits merged
• 9 bugs fixed 🐛

🐛 Bug Fixes

• CAPD: Fix "Failed to exec DockerMachine bootstrap" errors in CAPD (#13451)
• CI: Bump trivy to v0.69.2 to fix CI (#13388)
• Cluster: Fix panic in Cluster conversion (#13384)
• ClusterClass/KCP/MachineSet/MachineDeployment: Implement mitigation for managedFields issue with SSA in apiserver (#13355)
• ClusterClass: Fix upgradePlan computation in GetUpgradePlanFromClusterClassVersions (#13471)
• Dependency: Bump dependencies to fix CVE GO-2026-4394 (go.opentelemetry.io/otel/sdk pkg) (#13377)
• e2e: Only retry creating objects that failed (#13430)
• Machine/MachineSet/MachineDeployment: Fix UpToDate calculation for rolloutAfter (#13406)
• util: Fix exponential backoff with ReconcilerRateLimiting (#13427)

🌱 Others

• API: Relax validation for Machine .status.addresses to maximum of 256 instead of 128 items (#13399)
• CAPD: Implement pause for DockerMachinePool (#13448)
• clusterctl: Bump cert-manager v1.19.4 (#13381)
• Dependency: Bump cloudflare/circl (#13438)
• Dependency: Bump go v1.25.8 (#13432)
• e2e: Add retry in test framework when getting manifest YAMLs (#13358)
• e2e: Bump autoscaler version used for testing to v1.35.0 (#13375)
• e2e: Improve condition if CAPD Machine is not yet ready for bootstrap exec (#13468)

Dependencies

Added

• github.com/cenkalti/backoff/v5: v5.0.3
• gonum.org/v1/gonum: v0.16.0

Changed

• cloud.google.com/go/compute/metadata: v0.6.0 → v0.9.0
• github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp: v1.26.0 → v1.30.0
• github.com/cloudflare/circl: v1.6.1 → v1.6.3
• github.com/cncf/xds/go: 2f00578 → 0feb691
• github.com/envoyproxy/go-control-plane/envoy: v1.32.4 → v1.35.0
• github.com/envoyproxy/go-control-plane: v0.13.4 → 75eaa19
• github.com/go-jose/go-jose/v4: v4.0.4 → v4.1.3
• github.com/golang/glog: v1.2.4 → v1.2.5
• github.com/grpc-ecosystem/grpc-gateway/v2: v2.26.3 → v2.27.7
• github.com/spiffe/go-spiffe/v2: v2.5.0 → v2.6.0
• go.opentelemetry.io/auto/sdk: v1.1.0 → v1.2.1
• go.opentelemetry.io/contrib/detectors/gcp: v1.34.0 → v1.38.0
• go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp: v0.58.0 → v0.65.0
• go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc: v1.34.0 → v1.40.0
• go.opentelemetry.io/otel/exporters/otlp/otlptrace: v1.34.0 → v1.40.0
• go.opentelemetry.io/otel/metric: v1.35.0 → v1.40.0
• go.opentelemetry.io/otel/sdk/metric: v1.34.0 → v1.40.0
• go.opentelemetry.io/otel/sdk: v1.34.0 → v1.40.0
• go.opentelemetry.io/otel/trace: v1.35.0 → v1.40.0
• go.opentelemetry.io/otel: v1.35.0 → v1.40.0
• go.opentelemetry.io/proto/otlp: v1.5.0 → v1.9.0
• golang.org/x/crypto: v0.45.0 → v0.47.0
• golang.org/x/mod: v0.29.0 → v0.31.0
• golang.org/x/net: v0.47.0 → v0.49.0
• golang.org/x/oauth2: v0.33.0 → v0.34.0
• golang.org/x/sync: v0.18.0 → v0.19.0
• golang.org/x/sys: v0.38.0 → v0.40.0
• golang.org/x/telemetry: 078029d → 8fff8a5
• golang.org/x/term: v0.37.0 → v0.39.0
• golang.org/x/text: v0.31.0 → v0.33.0
• golang.org/x/tools: v0.38.0 → v0.40.0
• google.golang.org/genproto/googleapis/api: a0af3ef → 8636f87
• google.golang.org/genproto/googleapis/rpc: a0af3ef → 8636f87
• google.golang.org/grpc: v1.72.3 → v1.78.0
• google.golang.org/protobuf: v1.36.7 → v1.36.11
• sigs.k8s.io/structured-merge-diff/v6: v6.3.0 → d9cc664

Removed

• github.com/zeebo/errs: v1.4.0

Thanks to all our contributors! 😊

👌 Kubernetes version support

• Management Cluster: v1.30.x -> v1.34.x
• Workload Cluster: v1.28.x -> v1.34.x

More information about version support can be found here

Changes since v1.11.6

📈 Overview

• 11 new commits merged
• 5 bugs fixed 🐛

🐛 Bug Fixes

• CAPD: Fix "Failed to exec DockerMachine bootstrap" errors in CAPD (#13452)
• CI: Bump trivy to v0.69.2 to fix CI (#13389)
• ClusterClass/KCP: Implement mitigation for managedFields issue for KCP with SSA in apiserver (#13426)
• Dependency: Bump dependencies to fix CVE GO-2026-4394 (go.opentelemetry.io/otel/sdk pkg) (#13379)
• e2e: Only retry creating objects that failed (#13431)

🌱 Others

• API: Relax validation for Machine .status.addresses to maximum of 256 instead of 128 items (#13400)
• CAPD: Implement pause for DockerMachinePool (#13449)
• clusterctl: Bump cert-manager v1.19.4 (#13380)
• Dependency: Bump go v1.25.8 (#13434)
• e2e: Add retry in test framework when getting manifest YAMLs (#13359)
• e2e: Improve condition if CAPD Machine is not yet ready for bootstrap exec (#13469)

Dependencies

Added

• github.com/cenkalti/backoff/v5: v5.0.3
• github.com/go-jose/go-jose/v4: v4.1.3
• github.com/spiffe/go-spiffe/v2: v2.6.0
• gonum.org/v1/gonum: v0.16.0
• sigs.k8s.io/structured-merge-diff/v6: v6.3.2

Changed

• cel.dev/expr: v0.19.1 → v0.24.0
• cloud.google.com/go/compute/metadata: v0.6.0 → v0.9.0
• github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp: v1.25.0 → v1.30.0
• github.com/cloudflare/circl: v1.6.1 → v1.6.3
• github.com/cncf/xds/go: cff3c89 → 0feb691
• github.com/envoyproxy/go-control-plane/envoy: v1.32.4 → v1.35.0
• github.com/envoyproxy/go-control-plane: v0.13.4 → 75eaa19
• github.com/golang/glog: v1.2.4 → v1.2.5
• github.com/grpc-ecosystem/grpc-gateway/v2: v2.24.0 → v2.27.7
• github.com/rogpeppe/go-internal: v1.13.1 → v1.14.1
• github.com/stretchr/testify: v1.10.0 → v1.11.1
• go.opentelemetry.io/auto/sdk: v1.1.0 → v1.2.1
• go.opentelemetry.io/contrib/detectors/gcp: v1.34.0 → v1.38.0
• go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp: v0.58.0 → v0.65.0
• go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc: v1.33.0 → v1.40.0
• go.opentelemetry.io/otel/exporters/otlp/otlptrace: v1.33.0 → v1.40.0
• go.opentelemetry.io/otel/metric: v1.34.0 → v1.40.0
• go.opentelemetry.io/otel/sdk/metric: v1.34.0 → v1.40.0
• go.opentelemetry.io/otel/sdk: v1.34.0 → v1.40.0
• go.opentelemetry.io/otel/trace: v1.34.0 → v1.40.0
• go.opentelemetry.io/otel: v1.34.0 → v1.40.0
• go.opentelemetry.io/proto/otlp: v1.4.0 → v1.9.0
• go.yaml.in/yaml/v3: v3.0.3 → v3.0.4
• golang.org/x/crypto: v0.45.0 → v0.47.0
• golang.org/x/mod: v0.29.0 → v0.31.0
• golang.org/x/net: v0.47.0 → v0.49.0
• golang.org/x/oauth2: v0.30.0 → v0.34.0
• golang.org/x/sync: v0.18.0 → v0.19.0
• golang.org/x/sys: v0.38.0 → v0.40.0
• golang.org/x/telemetry: 078029d → 8fff8a5
• golang.org/x/term: v0.37.0 → v0.39.0
• golang.org/x/text: v0.31.0 → v0.33.0
• golang.org/x/tools: v0.38.0 → v0.40.0
• google.golang.org/genproto/googleapis/api: 5f5ef82 → 8636f87
• google.golang.org/genproto/googleapis/rpc: 1a7da9e → 8636f87
• google.golang.org/grpc: v1.71.3 → v1.78.0
• google.golang.org/protobuf: v1.36.6 → v1.36.11

Removed

Nothing has changed.

Thanks to all our contributors! 😊

👌 Kubernetes version support

• Management Cluster: v1.31.x -> v1.35.x
• Workload Cluster: v1.29.x -> v1.35.x

More information about version support can be found here

Changes since v1.12.2

📈 Overview

• 7 new commits merged
• 1 feature addition ✨
• 2 bugs fixed 🐛

✨ New Features

• KCP: Bump coredns/corefile-migration to v1.0.30 (#13294)

🐛 Bug Fixes

• e2e: Add wait-resource-versions-{become,remain}-stable intervals to e2e config (#13328)
• Misc: Fix bug while setting status for deprecated fields (#13344)

🌱 Others

• clusterctl: Update cert-manager to v1.19.3 (#13314)
• clusterctl: Update to cert-manager v1.19.2 (#13278)
• Dependency: Go bump 1.24.13 (#13324)

📖 Additionally, there has been 1 contribution to our documentation and book. (#13261)

Dependencies

Added

Nothing has changed.

Changed

• github.com/coredns/corefile-migration: v1.0.29 → v1.0.30

Removed

Nothing has changed.

Thanks to all our contributors! 😊

👌 Kubernetes version support

• Management Cluster: v1.30.x -> v1.34.x
• Workload Cluster: v1.28.x -> v1.34.x

More information about version support can be found here

Changes since v1.11.5

📈 Overview

• 6 new commits merged
• 1 feature addition ✨
• 2 bugs fixed 🐛

✨ New Features

• KCP: Bump coredns/corefile-migration to v1.0.30 (#13295)

🐛 Bug Fixes

• e2e: Add wait-resource-versions-{become,remain}-stable intervals to e2e config (#13331)
• Misc: Fix bug while setting status for deprecated fields (#13345)

🌱 Others

• clusterctl: Update cert-manager to v1.19.3 (#13313)
• clusterctl: Update to cert-manager v1.19.2 (#13279)
• Dependency: Go bump 1.24.13 (#13325)

Dependencies

Added

Nothing has changed.

Changed

• github.com/coredns/corefile-migration: v1.0.29 → v1.0.30

Removed

Nothing has changed.

Thanks to all our contributors! 😊