v1.5.4

Omni 1.5.4 (2026-02-18)

Welcome to the v1.5.4 release of Omni!

Please try out the release binaries and report any issues at
https://github.com/siderolabs/omni/issues.

Contributors

• Utku Ozdemir

Changes

2 commits

• 8fa3caf4 release(v1.5.4): prepare release
• b38d89b3 fix: compare current and new kernel args more defensively

Dependency Changes

This release has no dependency changes

Previous release can be found at v1.5.3

v1.4.10

Omni 1.4.10 (2026-02-18)

Welcome to the v1.4.10 release of Omni!

Please try out the release binaries and report any issues at
https://github.com/siderolabs/omni/issues.

Urgent Upgrade Notes (No, really, you MUST read this before you upgrade)

This release consolidates Discovery service state, Audit logs, Machine logs, and Secondary resources into a single SQLite storage backend.

1. New Required Flag
You must set the new --sqlite-storage-path (or .storage.sqlite.path) flag. There is no default value, and Omni will not start without it.
It must be a path to the SQLite file (will be created by Omni), not a directory, e.g., --sqlite-storage-path=/path/to/omni-sqlite.db.

2. Audit Logging Changes
A new flag --audit-log-enabled (or .logs.audit.enabled) has been introduced to explicitly enable or disable audit logging.

• Default: true.
• Change: Previously, audit logging was implicitly enabled only when the path was set. Now, it is enabled by default.

3. Automatic Migration
Omni will automatically migrate your existing data (BoltDB, file-based logs) to the new SQLite database on the first startup. To ensure this happens correctly, simply add the new SQLite flag and leave your existing storage flags in place for the first run.

Once the migration is complete, you are free to remove the deprecated flags listed below. If they remain, they will be ignored and eventually dropped in future versions.

4. Deprecated Flags (Kept for Migration)
The following flags (and config keys) are deprecated and kept solely to facilitate the automatic migration:

• --audit-log-dir (.logs.audit.path)
• --secondary-storage-path (.storage.secondary.path)
• --machine-log-storage-path (.logs.machine.storage.path)
• --machine-log-storage-enabled (.logs.machine.storage.enabled)
• --embedded-discovery-service-snapshot-path (.services.embeddedDiscoveryService.snapshotsPath)
• --machine-log-buffer-capacity (.logs.machine.bufferInitialCapacity)
• --machine-log-buffer-max-capacity (.logs.machine.bufferMaxCapacity)
• --machine-log-buffer-safe-gap (.logs.machine.bufferSafetyGap)
• --machine-log-num-compressed-chunks (.logs.machine.storage.numCompressedChunks)

5. Removed Flags
The following flags have been removed and are no longer supported:

• --machine-log-storage-flush-period (.logs.machine.storage.flushPeriod)
• --machine-log-storage-flush-jitter (.logs.machine.storage.flushJitter)

Contributors

• Utku Ozdemir

Changes

2 commits

• 47d18493 release(v1.4.10): prepare release
• c9d0860a fix: compare current and new kernel args more defensively

Dependency Changes

This release has no dependency changes

Previous release can be found at v1.4.9

v1.5.3

Omni 1.5.3 (2026-02-17)

Welcome to the v1.5.3 release of Omni!

Please try out the release binaries and report any issues at
https://github.com/siderolabs/omni/issues.

Contributors

• Utku Ozdemir
• Artem Chernyshev

Changes

3 commits

• 9b46d417 release(v1.5.3): prepare release
• ee1fc5f3 fix: break the dep loop in the cluster machine config status controller
• 329926cd fix: fix schematic generation for machines in agent mode

Dependency Changes

This release has no dependency changes

Previous release can be found at v1.5.2

v1.5.2

Omni 1.5.2 (2026-02-12)

Welcome to the v1.5.2 release of Omni!

Please try out the release binaries and report any issues at
https://github.com/siderolabs/omni/issues.

Contributors

• Artem Chernyshev
• Utku Ozdemir

Changes

2 commits

• 348ea65f release(v1.5.2): prepare release
• 309b3501 fix: replace gotextdiff with linear-space Myers diff to prevent OOM

Dependency Changes

This release has no dependency changes

Previous release can be found at v1.5.1

v1.5.1

Omni 1.5.1 (2026-02-11)

Welcome to the v1.5.1 release of Omni!

Please try out the release binaries and report any issues at
https://github.com/siderolabs/omni/issues.

Contributors

• Artem Chernyshev

Changes

3 commits

• 0de60cd3 release(v1.5.1): prepare release
• 908d738c fix: properly generate upgrade diffs for the imported cluster
• 86f33f83 fix: fix memory leak in the config diff compute code

Dependency Changes

This release has no dependency changes

Previous release can be found at v1.5.0

v1.4.9

Omni 1.4.9 (2026-02-06)

Welcome to the v1.4.9 release of Omni!

Please try out the release binaries and report any issues at
https://github.com/siderolabs/omni/issues.

Urgent Upgrade Notes (No, really, you MUST read this before you upgrade)

This release consolidates Discovery service state, Audit logs, Machine logs, and Secondary resources into a single SQLite storage backend.

1. New Required Flag
You must set the new --sqlite-storage-path (or .storage.sqlite.path) flag. There is no default value, and Omni will not start without it.
It must be a path to the SQLite file (will be created by Omni), not a directory, e.g., --sqlite-storage-path=/path/to/omni-sqlite.db.

2. Audit Logging Changes
A new flag --audit-log-enabled (or .logs.audit.enabled) has been introduced to explicitly enable or disable audit logging.

• Default: true.
• Change: Previously, audit logging was implicitly enabled only when the path was set. Now, it is enabled by default.

3. Automatic Migration
Omni will automatically migrate your existing data (BoltDB, file-based logs) to the new SQLite database on the first startup. To ensure this happens correctly, simply add the new SQLite flag and leave your existing storage flags in place for the first run.

Once the migration is complete, you are free to remove the deprecated flags listed below. If they remain, they will be ignored and eventually dropped in future versions.

4. Deprecated Flags (Kept for Migration)
The following flags (and config keys) are deprecated and kept solely to facilitate the automatic migration:

• --audit-log-dir (.logs.audit.path)
• --secondary-storage-path (.storage.secondary.path)
• --machine-log-storage-path (.logs.machine.storage.path)
• --machine-log-storage-enabled (.logs.machine.storage.enabled)
• --embedded-discovery-service-snapshot-path (.services.embeddedDiscoveryService.snapshotsPath)
• --machine-log-buffer-capacity (.logs.machine.bufferInitialCapacity)
• --machine-log-buffer-max-capacity (.logs.machine.bufferMaxCapacity)
• --machine-log-buffer-safe-gap (.logs.machine.bufferSafetyGap)
• --machine-log-num-compressed-chunks (.logs.machine.storage.numCompressedChunks)

5. Removed Flags
The following flags have been removed and are no longer supported:

• --machine-log-storage-flush-period (.logs.machine.storage.flushPeriod)
• --machine-log-storage-flush-jitter (.logs.machine.storage.flushJitter)

Contributors

• Edward Sammut Alessi
• Utku Ozdemir

Changes

2 commits

• d38be3fb release(v1.4.9): prepare release
• 0108d1e4 fix: prevent unwanted upgrades of non-image-factory machines (backport)

Dependency Changes

This release has no dependency changes

Previous release can be found at v1.4.8

v1.5.0

Omni 1.5.0 (2026-02-05)

Welcome to the v1.5.0 release of Omni!

Please try out the release binaries and report any issues at
https://github.com/siderolabs/omni/issues.

Better Audit Logging

Omni now collects audit logs for operations performed on all user-managed resources, improving security and traceability.

Config Generation

Omni can now generate its own configuration directly from the defined schema.
The config merge algorithms were also improved: now the config preserves the default values properly when some sections are
overwritten by the user provided config.

Etcd Maintenance

The following etcd commands are now usable with Omni managed clusters:
talosctl etcd downgrade validate
talosctl etcd downgrade enable
talosctl etcd downgrade cancel
talosctl etcd forfeit leadership

gRPC Tunnel Management

Added the ability to switch gRPC tunnel modes for connected machines.

Join Token Management

Added a dedicated omnictl jointoken omni-endpoint to streamline node registration.

Kernel Args CLI Tools

Added support for managing kernel arguments directly within cluster templates.

Schema-Aware Code Editor

The built-in code editor for the machine configs now supports different configuration schemas for each Talos version.
So the config will be always validated against the currently running Talos version schema.

omnictl Directory Support

The omnictl sync/apply can now process directories, simplifying bulk resource applications.

WireGuard Bind Address

The WireGuard endpoint (services.siderolink.wireGuard.endpoint / --siderolink-wireguard-bind-addr) is now respected. Previously, Omni always bound to all interfaces regardless of this setting. Default remains 0.0.0.0:50180.

Contributors

• Edward Sammut Alessi
• Utku Ozdemir
• Andrey Smirnov
• Oguz Kilcan
• Artem Chernyshev
• Noel Georgi
• Pranav Patil
• Orzelius
• Laura Brehm
• Aleksandr Gamzin
• Brant Gurganus
• Justin Garrison
• Mateusz Urbanek
• Spencer Smith
• Utku Ozdemir

Changes

125 commits

• c27f8d39 release(v1.5.0): prepare release
• 277c946b fix: prevent unwanted upgrades of non-image-factory machines (backport)
• 9b05243c fix: pause cluster machine watches until expanded
• 6a37b31a fix: check config generation errors before computing redacted configs
• 515701af release(v1.5.0-beta.2): prepare release
• 2aabc02a chore: rekres
• 3a7c9278 chore: rekres to disable helm doc generation step
• c241820e fix: apply AccessPolicy rules on gRPC proxy for Talos backend
• 587356b3 fix: stop generating node unique token in NodeUniqueTokenStatus
• 85ff13f9 feat(installation-media): add step validation to installation media wizard
• 0b33cf8e feat(installation-media): select defaults for each form step
• 8f1eb588 refactor(frontend): extract route.name into a computed ref
• 0d5d7da6 feat: allow multiple --config-path flags for config merging
• 056d5e4e fix: bind wireguard to configured address instead of all interfaces
• 7376edaf fix(installation-media): fix bug when setting arch to amd64
• c3c483d7 fix(installation-media): clarify bootloader section
• 9bcd356c fix: don't submit empty machine labels to create schematic
• 46de2c3a chore: enable no-explicit-any in frontend and fix errors
• d20fd8f0 chore: rekres and generate-frontend
• bc7725f7 feat(installation-media): implement edit preset functionality
• 77a32346 refactor(installation-media): move form state to its own composable
• fe713e94 release(v1.5.0-beta.1): prepare release
• 49788342 test: fix failing workload proxy tests
• a5795c2f feat: add config descriptions in schema, use them in flags
• 883fadfe feat(installation-media): add review page for installation media
• db1b969b refactor(frontend): refactor config patch edit
• d12c92c0 feat(installation-media): allow skipping/jumping between steps
• 993097ae fix: fix tmenuitem to not lose reactivity from props
• 98ef83ee fix: fix config patches encryption when encryption is disabled
• aafc74f9 chore: update packages
• c87c952e refactor(frontend): rekres and use request error from fetch.pb.ts
• 0f8a3d6c test(e2e): add an e2e test for exposed services
• 680c7948 chore: enable noImplicitAny for typescript
• fd82327c release(v1.5.0-beta.0): prepare release
• 587bffe8 fix: fix regressions on service api url generation
• 28a2b87d feat: create sequential stage controller
• 5cfa4ccb fix(frontend): fix loading of machine config
• 6a256ac6 fix: open OIDC plugin link in a new tab
• 8b39d5f1 refactor(frontend): refactor patches watches
• ca61be7e chore: remove unused vite-plugin-node-polyfills
• 50901c1a chore: bump lodash
• 91c8bff4 feat: generate omni config from schema
• 6c220683 refactor(frontend): refactor nodeoverview watches
• 698dd146 fix: always show features section in cluster overview
• d8df9c11 test: wait for 1 minute for cluster to be destroyed
• d3ae77c0 chore: bump copyright to 2026
• 3804184d fix(frontend): keep correct auth flow for cli/workload
• 21a89ae7 docs: update CONTRIBUTING.md
• 2e90fad3 feat: add ominctl jointoken omni-endpoint
• 7919ba7e feat(frontend): constrain machine label width
• b9a049a3 feat(frontend): close tooltips even if hovered on
• b1233347...

v1.4.8

Omni 1.4.8 (2026-02-04)

Welcome to the v1.4.8 release of Omni!

Please try out the release binaries and report any issues at
https://github.com/siderolabs/omni/issues.

Urgent Upgrade Notes (No, really, you MUST read this before you upgrade)

This release consolidates Discovery service state, Audit logs, Machine logs, and Secondary resources into a single SQLite storage backend.

1. New Required Flag
You must set the new --sqlite-storage-path (or .storage.sqlite.path) flag. There is no default value, and Omni will not start without it.
It must be a path to the SQLite file (will be created by Omni), not a directory, e.g., --sqlite-storage-path=/path/to/omni-sqlite.db.

2. Audit Logging Changes
A new flag --audit-log-enabled (or .logs.audit.enabled) has been introduced to explicitly enable or disable audit logging.

• Default: true.
• Change: Previously, audit logging was implicitly enabled only when the path was set. Now, it is enabled by default.

3. Automatic Migration
Omni will automatically migrate your existing data (BoltDB, file-based logs) to the new SQLite database on the first startup. To ensure this happens correctly, simply add the new SQLite flag and leave your existing storage flags in place for the first run.

Once the migration is complete, you are free to remove the deprecated flags listed below. If they remain, they will be ignored and eventually dropped in future versions.

4. Deprecated Flags (Kept for Migration)
The following flags (and config keys) are deprecated and kept solely to facilitate the automatic migration:

• --audit-log-dir (.logs.audit.path)
• --secondary-storage-path (.storage.secondary.path)
• --machine-log-storage-path (.logs.machine.storage.path)
• --machine-log-storage-enabled (.logs.machine.storage.enabled)
• --embedded-discovery-service-snapshot-path (.services.embeddedDiscoveryService.snapshotsPath)
• --machine-log-buffer-capacity (.logs.machine.bufferInitialCapacity)
• --machine-log-buffer-max-capacity (.logs.machine.bufferMaxCapacity)
• --machine-log-buffer-safe-gap (.logs.machine.bufferSafetyGap)
• --machine-log-num-compressed-chunks (.logs.machine.storage.numCompressedChunks)

5. Removed Flags
The following flags have been removed and are no longer supported:

• --machine-log-storage-flush-period (.logs.machine.storage.flushPeriod)
• --machine-log-storage-flush-jitter (.logs.machine.storage.flushJitter)

Contributors

• Edward Sammut Alessi
• Artem Chernyshev
• Oguz Kilcan
• Utku Ozdemir
• Utku Ozdemir

Changes

7 commits

• 93e71058 release(v1.4.8): prepare release
• df8b9462 fix: open OIDC plugin link in a new tab
• 26e6d991 fix(frontend): keep correct auth flow for cli/workload
• 3959a0f1 fix: apply AccessPolicy rules on gRPC proxy for Talos backend
• 1a11c1d0 feat: clean up orphaned machine logs from sqlite
• dd635009 fix: pause cluster machine watches until expanded
• 450a7fe5 fix: stop generating node unique token in NodeUniqueTokenStatus

Dependency Changes

This release has no dependency changes

Previous release can be found at v1.4.7

v1.5.0-beta.2

Omni 1.5.0-beta.2 (2026-01-30)

Welcome to the v1.5.0-beta.2 release of Omni!
This is a pre-release of Omni

Please try out the release binaries and report any issues at
https://github.com/siderolabs/omni/issues.

Better Audit Logging

Omni now collects audit logs for operations performed on all user-managed resources, improving security and traceability.

Config Generation

Omni can now generate its own configuration directly from the defined schema.
The config merge algorithms were also improved: now the config preserves the default values properly when some sections are
overwritten by the user provided config.

Etcd Maintenance

The following etcd commands are now usable with Omni managed clusters:
talosctl etcd downgrade validate
talosctl etcd downgrade enable
talosctl etcd downgrade cancel
talosctl etcd forfeit leadership

gRPC Tunnel Management

Added the ability to switch gRPC tunnel modes for connected machines.

Join Token Management

Added a dedicated omnictl jointoken omni-endpoint to streamline node registration.

Kernel Args CLI Tools

Added support for managing kernel arguments directly within cluster templates.

Schema-Aware Code Editor

The built-in code editor for the machine configs now supports different configuration schemas for each Talos version.
So the config will be always validated against the currently running Talos version schema.

omnictl Directory Support

The omnictl sync/apply can now process directories, simplifying bulk resource applications.

WireGuard Bind Address

The WireGuard endpoint (services.siderolink.wireGuard.endpoint / --siderolink-wireguard-bind-addr) is now respected. Previously, Omni always bound to all interfaces regardless of this setting. Default remains 0.0.0.0:50180.

Contributors

• Edward Sammut Alessi
• Utku Ozdemir
• Andrey Smirnov
• Oguz Kilcan
• Artem Chernyshev
• Noel Georgi
• Pranav Patil
• Orzelius
• Laura Brehm
• Aleksandr Gamzin
• Brant Gurganus
• Justin Garrison
• Mateusz Urbanek
• Spencer Smith
• Utku Ozdemir

Changes

121 commits

• 515701af release(v1.5.0-beta.2): prepare release
• 2aabc02a chore: rekres
• 3a7c9278 chore: rekres to disable helm doc generation step
• c241820e fix: apply AccessPolicy rules on gRPC proxy for Talos backend
• 587356b3 fix: stop generating node unique token in NodeUniqueTokenStatus
• 85ff13f9 feat(installation-media): add step validation to installation media wizard
• 0b33cf8e feat(installation-media): select defaults for each form step
• 8f1eb588 refactor(frontend): extract route.name into a computed ref
• 0d5d7da6 feat: allow multiple --config-path flags for config merging
• 056d5e4e fix: bind wireguard to configured address instead of all interfaces
• 7376edaf fix(installation-media): fix bug when setting arch to amd64
• c3c483d7 fix(installation-media): clarify bootloader section
• 9bcd356c fix: don't submit empty machine labels to create schematic
• 46de2c3a chore: enable no-explicit-any in frontend and fix errors
• d20fd8f0 chore: rekres and generate-frontend
• bc7725f7 feat(installation-media): implement edit preset functionality
• 77a32346 refactor(installation-media): move form state to its own composable
• fe713e94 release(v1.5.0-beta.1): prepare release
• 49788342 test: fix failing workload proxy tests
• a5795c2f feat: add config descriptions in schema, use them in flags
• 883fadfe feat(installation-media): add review page for installation media
• db1b969b refactor(frontend): refactor config patch edit
• d12c92c0 feat(installation-media): allow skipping/jumping between steps
• 993097ae fix: fix tmenuitem to not lose reactivity from props
• 98ef83ee fix: fix config patches encryption when encryption is disabled
• aafc74f9 chore: update packages
• c87c952e refactor(frontend): rekres and use request error from fetch.pb.ts
• 0f8a3d6c test(e2e): add an e2e test for exposed services
• 680c7948 chore: enable noImplicitAny for typescript
• fd82327c release(v1.5.0-beta.0): prepare release
• 587bffe8 fix: fix regressions on service api url generation
• 28a2b87d feat: create sequential stage controller
• 5cfa4ccb fix(frontend): fix loading of machine config
• 6a256ac6 fix: open OIDC plugin link in a new tab
• 8b39d5f1 refactor(frontend): refactor patches watches
• ca61be7e chore: remove unused vite-plugin-node-polyfills
• 50901c1a chore: bump lodash
• 91c8bff4 feat: generate omni config from schema
• 6c220683 refactor(frontend): refactor nodeoverview watches
• 698dd146 fix: always show features section in cluster overview
• d8df9c11 test: wait for 1 minute for cluster to be destroyed
• d3ae77c0 chore: bump copyright to 2026
• 3804184d fix(frontend): keep correct auth flow for cli/workload
• 21a89ae7 docs: update CONTRIBUTING.md
• 2e90fad3 feat: add ominctl jointoken omni-endpoint
• 7919ba7e feat(frontend): constrain machine label width
• b9a049a3 feat(frontend): close tooltips even if hovered on
• b1233347 chore: add environment to chromatic.yml
• 9783f4c5 feat(installation-media): change installation media wizard to be route based
• 41506f72 chore: move graceful config rollout logic to the lowest controller level
• 8e4c6e86 test: regression test for machine class scaling
• [b3e430bd](https://github...

v1.5.0-beta.1

Omni 1.5.0-beta.1 (2026-01-28)

Welcome to the v1.5.0-beta.1 release of Omni!
This is a pre-release of Omni

Please try out the release binaries and report any issues at
https://github.com/siderolabs/omni/issues.

Better Audit Logging

Omni now collects audit logs for operations performed on all user-managed resources, improving security and traceability.

Config Generation

Omni can now generate its own configuration directly from the defined schema.
The config merge algorithms were also improved: now the config preserves the default values properly when some sections are
overwritten by the user provided config.

Etcd Maintenance

The following etcd commands are now usable with Omni managed clusters:
talosctl etcd downgrade validate
talosctl etcd downgrade enable
talosctl etcd downgrade cancel
talosctl etcd forfeit leadership

gRPC Tunnel Management

Added the ability to switch gRPC tunnel modes for connected machines.

Join Token Management

Added a dedicated omnictl jointoken omni-endpoint to streamline node registration.

Kernel Args CLI Tools

Added support for managing kernel arguments directly within cluster templates.

Schema-Aware Code Editor

The built-in code editor for the machine configs now supports different configuration schemas for each Talos version.
So the config will be always validated against the currently running Talos version schema.

omnictl Directory Support

The omnictl sync/apply can now process directories, simplifying bulk resource applications.

Contributors

• Edward Sammut Alessi
• Utku Ozdemir
• Andrey Smirnov
• Oguz Kilcan
• Noel Georgi
• Artem Chernyshev
• Pranav Patil
• Orzelius
• Laura Brehm
• Aleksandr Gamzin
• Brant Gurganus
• Justin Garrison
• Mateusz Urbanek
• Spencer Smith
• Utku Ozdemir

Changes

104 commits

• fe713e94 release(v1.5.0-beta.1): prepare release
• 49788342 test: fix failing workload proxy tests
• a5795c2f feat: add config descriptions in schema, use them in flags
• 883fadfe feat(installation-media): add review page for installation media
• db1b969b refactor(frontend): refactor config patch edit
• d12c92c0 feat(installation-media): allow skipping/jumping between steps
• 993097ae fix: fix tmenuitem to not lose reactivity from props
• 98ef83ee fix: fix config patches encryption when encryption is disabled
• aafc74f9 chore: update packages
• c87c952e refactor(frontend): rekres and use request error from fetch.pb.ts
• 0f8a3d6c test(e2e): add an e2e test for exposed services
• 680c7948 chore: enable noImplicitAny for typescript
• fd82327c release(v1.5.0-beta.0): prepare release
• 587bffe8 fix: fix regressions on service api url generation
• 28a2b87d feat: create sequential stage controller
• 5cfa4ccb fix(frontend): fix loading of machine config
• 6a256ac6 fix: open OIDC plugin link in a new tab
• 8b39d5f1 refactor(frontend): refactor patches watches
• ca61be7e chore: remove unused vite-plugin-node-polyfills
• 50901c1a chore: bump lodash
• 91c8bff4 feat: generate omni config from schema
• 6c220683 refactor(frontend): refactor nodeoverview watches
• 698dd146 fix: always show features section in cluster overview
• d8df9c11 test: wait for 1 minute for cluster to be destroyed
• d3ae77c0 chore: bump copyright to 2026
• 3804184d fix(frontend): keep correct auth flow for cli/workload
• 21a89ae7 docs: update CONTRIBUTING.md
• 2e90fad3 feat: add ominctl jointoken omni-endpoint
• 7919ba7e feat(frontend): constrain machine label width
• b9a049a3 feat(frontend): close tooltips even if hovered on
• b1233347 chore: add environment to chromatic.yml
• 9783f4c5 feat(installation-media): change installation media wizard to be route based
• 41506f72 chore: move graceful config rollout logic to the lowest controller level
• 8e4c6e86 test: regression test for machine class scaling
• b3e430bd test: add e2e for creating and scaling clusters using machine classes
• 0de90a23 feat: support different config schemas for the code editor
• 72557577 refactor: add a majorMinorVersion function to parse versions into major.minor
• f18ec16a refactor(frontend): refactor some watches to useresourcewatch
• cb45c1b4 fix: prevent ClusterMachine creation when Machine is not allocated
• f56551ab chore: move some tests from e2e upgrades e2e test to misc upgrades test
• 82d9bc5b fix: solve new machines not joining omni if they are part of a cluster
• 2d5e58cb chore: rekres and bump deps
• 8f6d0170 chore: bump node to 24.13
• e7a2fa39 fix(frontend): fix incorrect cluster query checking for disk_encryption
• c6aaff0f refactor: make namespace implicit in auth package
• 85d09948 chore: separate integration-tests
• 1483aacb refactor(frontend): expose all vars from watch in watch composable
• c6b29e52 test: add talemu fixtures and split into talemu + qemu tests
• 87e073f9 fix(frontend): fix lost reactivity on cluster overview page
• dff8e1f6 feat: make namespace implicit in k8s and oidc package NewResource functions
• 897db4fb test: fix another test flake in redacted machine config tests
• 4db83819 test: remove machine.install.extraKernelArgs from infra machines
• [79ef09b3](79ef09...