some bug fixes and features
What's Changed
- changed go version to 1.18.x by @alexstan12 in #577
- added repos command to list repositories by @aokirisaki in #569
- Modified sync error log calls to include error type by @chofnar in #506
- Periodically sync golang image from dockerhub to ghcr.io by @peusebiu in #589
- cleanup: refactor filenames to reflect functionality by @rchincha in #539
- zb: replace map with sync.Map to avoid concurrent writes closes #582 by @peusebiu in #590
- Build extensions - manage builds with different combinations of extensions by @alexstan12 in #532
- Fix data races in tests closes #599, closes #598 by @peusebiu in #600
- build: remove swagger install in stacker files by @peusebiu in #602
- fix dependabot alerts CVE-2022-33082/GHSA-2m4x-4q9j-w97g by @rchincha in #607
- Add a way to list imports used by specific binaries by @alexstan12 in #605
- Create scorecards.yml by @rchincha in #611
- Update automatically helm chart when publish a new release for zot by @Andreea-Lupu in #609
- ci/cd: fix oras cli flags after it got updated by @peusebiu in #619
- add a security policy document by @rchincha in #613
- Rename push token by @Andreea-Lupu in #617
- restrict workflow action permissions by @rchincha in #612
- fix dependabot.yml by @rchincha in #623
- Fix test data races by @peusebiu in #620
- fix dependabot alerts by @rchincha in #634
- fix dependabot alerts by @rchincha in #642
- harden github action/workflow perms by @rchincha in #643
- Update to latest gqlgen - 1.17.13 by @andaaron in #639
- fix dependabot alerts by @rchincha in #654
- GetRefferers of any artifactType, not just application/vnd.cncf.notary.v2.signature by @alexstan12 in #637
- Freeform search API by @laurentiuNiculae in #618
- add a github workflow to report branch coverage by @rchincha in #655
- Fixes/Improvements to pkg/cli/stress_test.go by @andaaron in #680
- change filenames in pkg/extensions by @alexstan12 in #669
- Fix typos in workflow permissions by @andaaron in #681
- fix dependabot alerts by @rchincha in #679
- mandatory annotations verification + testing by @aokirisaki in #595
- RepoSummary has a new attribute NewestTag of type ImageSummary by @andaaron in #671
- Fuzzing for local storage by @alexstan12 in #601
- Fix permissions for image sync and stale workflows by @andaaron in #683
- regclient blackbox tests and regclient installation in Makefile by @aokirisaki in #668
- fix dependabot alerts by @rchincha in #686
- Make rejecting docker manifests more explicit by @bogdanbiv in #596
- fix dependabot alerts by @rchincha in #694
- RepoInfo structure now includes new field representing RepoSummary by @alexstan12 in #687
- fix dependabot alerts by @rchincha in #711
- replace dependency of tagsInfo with list of manifests by @alexstan12 in #695
- deprecation: allowReadAccess and ReadOnly by @nicoldr in #594
- fix dependabot alerts by @rchincha in #723
- fix dependabot alerts by @rchincha in #727
- GQL Playground: Added content-type to Access-Control-Allow-Headers by @chofnar in #722
- Fix file handlers not being closed after calls to ImageStore.GetBlob by @andaaron in #731
- Add the hack folder to .gitignore by @andaaron in #733
- support OCI image index at manifest endpoint by @rchincha in #638
- fix chart version from pushpull.bats by @Andreea-Lupu in #741
- [cloud usecase] zot cli should not download manifests when listing images by @roxanaN in #457
- fix dependabot alerts by @rchincha in #736
- add a copyright notice by @rchincha in #743
- fix artifact upload action in github workflow by @rchincha in #742
- Get identity from certificate when using mTLS by @nicoldr in #719
- graphql: Apply authorization on /_search endpoint by @alexstan12 in #728
- fix
make binary-stacker
Makefile target by @rchincha in #752 - GraphQL: RepoListWithNewestImage to return list of RepoSummary by @chofnar in #697
- fix dependabot alerts by @rchincha in #761
- zb: populate images first for the GetCatalog test by @roxanaN in #744
- Fix syntax errors in benchmark and cluster workflows by @andaaron in #763
- Updates following the new oras version by @roxanaN in #764
- storage: different subpaths can point to same root directory by @shimish2 in #718
- Skip manifest which have no annotation for tags by @alexstan12 in #754
- Replaced deprecated io/ioutil functions by @slab713 in #768
- Read log path and verify content separately to avoid failed tests by @nicoldr in #760
- s3: fix dedupe failing to manage blobs correctly by @peusebiu in #772
- fix security alerts from artifacthub by @rchincha in #771
- report listening port when chosen by kernel by @rchincha in #770
- Refactor s3 dedupe by @peusebiu in #774
- routes: support resumable pull by @rchincha in #765
- update README.md for release by @rchincha in #791
New Contributors
- @bogdanbiv made their first contribution in #596
- @nicoldr made their first contribution in #594
- @slab713 made their first contribution in #768
Full Changelog: v1.4.1...v1.4.2