This repository was archived by the owner on Apr 19, 2024. It is now read-only.
Merge upstream conflicts #11
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
With the current logic we only verifies the region and return if it's empty; we were not validating the regionEndpoint parameter. Signed-off-by: Ankur Kothiwal <[email protected]>
go 1.21 added toolchain support. We should now specify a toolchain version in go.mod. https://go.dev/doc/toolchain Signed-off-by: James Hewitt <[email protected]>
Signed-off-by: Dimitar Kostadinov <[email protected]>
Merging despite CodeQL warnings. see this for more details, why we decided to merge: github/codeql#16486
Signed-off-by: Emmanuel Ferdman <[email protected]>
Enable configuration options that can selectively disable validation that dependencies exist within the registry before the image index is uploaded. This enables sparse indexes, where a registry holds a manifest index that could be signed (so the digest must not change) but does not hold every referenced image in the index. The use case for this is when a registry mirror does not need to mirror all platforms, but does need to maintain the digests of all manifests either because they are signed or because they are pulled by digest. The registry administrator can also select specific image architectures that must exist in the registry, enabling a registry operator to select only the platforms they care about and ensure all image indexes uploaded to the registry are valid for those platforms. Signed-off-by: James Hewitt <[email protected]>
The original path was referencing a docker directory which no longer makes much sense. Signed-off-by: Milos Gajdos <[email protected]>
This bumps go-jose to the latest available version: v4.0.3. This slightly breaks the backwards compatibility with the existing registry deployments but brings more security with it. We now require the users to specify the list of token signing algorithms in the configuration. We do strive to maintain the b/w compat by providing a list of supported algorithms, though, this isn't something we recommend due to security issues, see: * go-jose/go-jose#64 * go-jose/go-jose#69 As part of this change we now return to the original flow of the token signature validation: 1. X2C (tls) headers 2. JWKS 3. KeyID Signed-off-by: Milos Gajdos <[email protected]>
Bumps [github.com/Azure/azure-sdk-for-go/sdk/azidentity](https://github.com/Azure/azure-sdk-for-go) from 1.3.0 to 1.6.0. - [Release notes](https://github.com/Azure/azure-sdk-for-go/releases) - [Changelog](https://github.com/Azure/azure-sdk-for-go/blob/main/documentation/release.md) - [Commits](Azure/azure-sdk-for-go@sdk/azcore/v1.3.0...sdk/azcore/v1.6.0) --- updated-dependencies: - dependency-name: github.com/Azure/azure-sdk-for-go/sdk/azidentity dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]>
Huge help from @milosgajdos who figured out how to do the entire marshalling/unmarshalling for the configs Signed-off-by: Anders Ingemann <[email protected]>
…om 1.3.0 to 1.6.0 (#4380)
We also update the Redis TLS config initialization in the app. Signed-off-by: Milos Gajdos <[email protected]>
Signed-off-by: Milos Gajdos <[email protected]>
Signed-off-by: Milos Gajdos <[email protected]>
Signed-off-by: Milos Gajdos <[email protected]>
Setting the HTML <base> element causes page-internal links to point to the root of the website, rather than local anchors on the same page. Signed-off-by: David Karlsson <[email protected]>
Signed-off-by: Mahmoud Kandil <[email protected]>
The garbage-collect should remove unsed layer link file P.S. This was originally contributed by @m-masataka, now I would like to take over it. Thanks @m-masataka efforts with PR #2288 Signed-off-by: Liang Zheng <[email protected]>
Signed-off-by: Milos Gajdos <[email protected]>
Signed-off-by: Milos Gajdos <[email protected]>
This is a prep for the first stable v3 release of registry. Signed-off-by: Milos Gajdos <[email protected]>
Co-authored-by: Benjamin Schanzel <[email protected]> Signed-off-by: Milos Gajdos <[email protected]>
it can now return a client using default azure credentials updated docs to include information on Azure Workload Identity Signed-off-by: Lucas Melchior <[email protected]> fix anchor link in docs Signed-off-by: Lucas Melchior <[email protected]>
Signed-off-by: Mateusz Urbanek <[email protected]>
Signed-off-by: closeobserve <[email protected]>
To address the issue where a failed write operation results in an empty file, we can use a temporary file for non-append writes. This ensures that the original file is only replaced once the new content is fully written and committed. **Key Changes:** 1. **Temporary File Handling:** - For non-append writes, a temporary file is created in the same directory as the target file. - All write operations are performed on the temporary file first. 2. **Atomic Commit:** - The temporary file is only renamed to the target path during `Commit()`, ensuring atomic replacement. - If `Commit()` fails, the temporary file is cleaned up. 3. **Error Handling:** - `Cancel()` properly removes temporary files if the operation is aborted. - `Close()` is made idempotent to handle multiple calls safely. 4. **Data Integrity:** - Directory sync after rename ensures metadata persistence. - Proper file flushing and syncing before rename operations. Signed-off-by: Oded Porat <[email protected]>
Bumps the go_modules group with 1 update in the / directory: [golang.org/x/net](https://github.com/golang/net). Updates `golang.org/x/net` from 0.37.0 to 0.38.0 - [Commits](golang/net@v0.37.0...v0.38.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-version: 0.38.0 dependency-type: direct:production dependency-group: go_modules ... Signed-off-by: dependabot[bot] <[email protected]>
…dules group across 1 directory (#4625)
Signed-off-by: Youfu Zhang <[email protected]>
…cess is interrupted, the solution involves writing to a temporary file first and then atomically renaming it to the target file. This ensures that the target file is only updated if the write completes successfully, preventing empty or partially written files. **Explanation:** 1. **Temporary File Creation:** The content is first written to a temporary file (appending `.tmp` to the original path). This ensures that the original file remains intact until the write is complete. 2. **Write to Temporary File:** Using the existing `Writer` with truncation (`false`), the content is written to the temporary file. If the write fails, the temporary file is closed and deleted. 3. **Commit and Rename:** After successfully writing to the temporary file, it is committed. Then, the temporary file is atomically renamed to the target path using `Move`, which is handled by the filesystem's rename operation (atomic on most systems). 4. **Cleanup on Failure:** If any step fails, the temporary file is cleaned up to avoid leaving orphaned files. Signed-off-by: Oded Porat <[email protected]>
Signed-off-by: Anže Luzar <[email protected]>
Append a UUID to ensure uniqueness Join delete error Signed-off-by: Oded Porat <[email protected]>
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.4.1 to 2.4.2. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](ossf/scorecard-action@f49aabe...05b42c6) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-version: 2.4.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: Pat Riehecky <[email protected]>
If you want to enable traces, you can still set the env to your collector. Signed-off-by: Pat Riehecky <[email protected]>
square brackets and the respective parentheses for a markdown link were falsely typed in causing readability issues. This commit fixes the markdown syntax for the same Signed-off-by: Shan Desai <[email protected]>
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.