What's Changed
Exciting New Features 🎉
- Add swagger api and audit_log_ext table model by @stonezdj in #21360
- Add configure item for audit_log_disable by @stonezdj in #21368
- Add config max_job_duration_hours for jobservice by @stonezdj in #21390
- Add middleware for audit log by @stonezdj in #21376
- Add dao and manager for audit log ext by @stonezdj in #21379
- Implement audit log ext API by @stonezdj in #21414
- Add user login event to audit log by @stonezdj in #21415
- Add user event and config event by @stonezdj in #21455
- Update purge audit to purge both audit_log_ext and audit_log by @stonezdj in #21608
- Add OIDC login event by @stonezdj in #21650
- add redis tls support for core&jobservice by @MinerYang in #21654
- remove version info for anonymous users by @MinerYang in #21672
- prepare redis tls config by @MinerYang in #21667
- update tlsOptions for external redis by @MinerYang in #21681
- feat: implement the CNAI model processor by @chlins in #21663
- oidclogout by @wy65701436 in #21718
- Feat: artifact adds AI Model type by @Liam-Zhao in #21691
Enhancement 🚀
- Enable MAX_JOB_DURATION_SECONDS in the jobservice container by @stonezdj in #21232
- feat: extend the p2p preheat policy by @chlins in #21115
- fix: replication rule message in UI by @bupd in #21299
- feat: add execution_id and task_id to the replication webhook payload by @chlins in #21614
- support to audit logs by @xuelichao in #21377
- Revamp Copy Pull Command by @bupd in #21155
- Add PKCE support for OIDC authentication by @reasonerjt in #21702
- feat: Persistent Page Size UI by @bupd in #21627
Component updates ⬆️
- Fix auth config oidc scope regex by @rlacko58 in #20483
- fix build package issue by @wy65701436 in #21087
- Update fr-fr-lang.json by @tostt in #21082
- chore: fix some comments by @cangqiaoyuzhuo in #21109
- bump base version by @wy65701436 in #21111
- chore(deps): bump go.opentelemetry.io/otel/sdk from 1.29.0 to 1.31.0 in /src by @dependabot in #21106
- chore(deps): bump k8s.io/api from 0.31.1 to 0.31.2 in /src by @dependabot in #21104
- chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp from 1.27.0 to 1.31.0 in /src by @dependabot in #21107
- chore(deps): bump go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux from 0.51.0 to 0.56.0 in /src by @dependabot in #21131
- chore(deps): bump github.com/aliyun/alibaba-cloud-sdk-go from 1.61.1193 to 1.63.47 in /src by @dependabot in #21130
- chore(deps): bump github.com/golang-jwt/jwt/v4 from 4.4.2 to 4.5.1 in /src by @dependabot in #21132
- chore(deps): bump github.com/prometheus/client_golang from 1.20.4 to 1.20.5 in /src by @dependabot in #21105
- chore(deps): bump golang.org/x/text from 0.19.0 to 0.20.0 in /src by @dependabot in #21161
- chore(deps): bump go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux from 0.56.0 to 0.57.0 in /src by @dependabot in #21160
- chore(deps): bump go.opentelemetry.io/otel from 1.31.0 to 1.32.0 in /src by @dependabot in #21162
- chore(deps): bump github.com/volcengine/volcengine-go-sdk from 1.0.159 to 1.0.164 in /src by @dependabot in #21159
- chore(deps): bump golang.org/x/crypto from 0.28.0 to 0.29.0 in /src by @dependabot in #21158
- Fix postgres script permissions by @hajnalmt in #21007
- fix: event-based replication deletion not work when policy with label by @chlins in #21215
- fix robot deletion event by @wy65701436 in #21234
- fix robot account creation issue by @wy65701436 in #21310
- chore(deps): bump golang.org/x/crypto from 0.29.0 to 0.31.0 in /src by @dependabot in #21307
- fix export cve permission issue by @wy65701436 in #21325
- Fixed the type in DTR adapter info by @lysunkin in #21357
- fix: unify the auth data handle to the decode method by @chlins in #21350
- Skip admin and change oidc user not found message more readable by @stonezdj in #21061
- Update prepare to avoid error when max_job_duration_hours not configured by @stonezdj in #21395
- bump up swagger by @wy65701436 in #21396
- Remove id field from payload when update purge audit or gc schedule by @stonezdj in #21408
- chore(deps): bump github.com/beego/beego/v2 from 2.2.1 to 2.3.4 in /src by @dependabot in #21321
- update spectral image by @wy65701436 in #21410
- bump mockery by @wy65701436 in #21419
- chore(deps): bump github.com/aliyun/alibaba-cloud-sdk-go from 1.63.47 to 1.63.80 in /src by @dependabot in #21405
- chore(deps): bump golang.org/x/net from 0.30.0 to 0.33.0 in /src by @dependabot in #21413
- Fix Overlay Issue in Replication Page UI by @bupd in #21069
- chore(deps): bump github.com/volcengine/volcengine-go-sdk from 1.0.164 to 1.0.177 in /src by @dependabot in #21404
- chore(deps): bump k8s.io/apimachinery from 0.31.2 to 0.32.0 in /src by @dependabot in #21319
- chore(deps): bump golang.org/x/oauth2 from 0.23.0 to 0.25.0 in /src by @dependabot in #21381
- separate buildin values by @wy65701436 in #21425
- Bump up trivy to v0.58.2, trivy adapter to v0.32.3 (#21417) by @reasonerjt in #21442
- chore(deps): bump github.com/aliyun/alibaba-cloud-sdk-go from 1.63.80 to 1.63.84 in /src by @dependabot in #21437
- chore(deps): bump k8s.io/client-go from 0.31.1 to 0.32.1 in /src by @dependabot in #21436
- chore(deps): bump go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux from 0.57.0 to 0.59.0 in /src by @dependabot in #21439
- chore(deps): bump golang.org/x/time from 0.7.0 to 0.9.0 in /src by @dependabot in #21438
- chore(deps): bump go.opentelemetry.io/otel/sdk from 1.31.0 to 1.34.0 in /src by @dependabot in #21440
- Full spanish harbor ui translation by @sergioarmgpl in #21369
- Fix: Incorrect Data Display in Replications Table by @bupd in #21461
- Fix Overflow in Interrogation Services Page by @bupd in #21043
- enlarge the gc workers to 10 by @wy65701436 in #21462
- chore(deps): bump github.com/go-ldap/ldap/v3 from 3.4.6 to 3.4.10 in /src by @dependabot in #21464
- chore(deps): bump github.com/aws/aws-sdk-go from 1.55.5 to 1.55.6 in /src by @dependabot in #21467
- chore(deps): bump github.com/volcengine/volcengine-go-sdk from 1.0.177 to 1.0.180 in /src by @dependabot in #21613
- chore(deps): bump helm.sh/helm/v3 from 3.16.2 to 3.17.0 in /src by @dependabot in #21468
- chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp from 1.31.0 to 1.34.0 in /src by @dependabot in #21465
- Fix issue with user create/delete/update event by @stonezdj in #21651
- Adjust the audit_log_ext column size to keep align with audit_log table by @stonezdj in #21678
- remove redis sentinel patch from builder by @MinerYang in #21679
- add prepare migration script for 2.13.0 by @MinerYang in #21680
- Change audit log label by @stonezdj in #21703
- fix issue 20828 by @wy65701436 in #21726
- consume the downstream distribution by @wy65701436 in #21733
- Add Missing copyright headers in src/portal by @bupd in #21693
- Add Missing copyright headers in src/portal part 2 by @bupd in #21694
- Add Missing Headers in UI part 3 by @bupd in #21695
- Replace Vmware to goharbor by @bupd in #21696
- Add Lint Check for Copyright Headers in UI by @bupd in #21692
- Fix: Copy Pull Button Overlap with Tag Immutable Label by @bupd in #21720
- fix i18n issue by @wy65701436 in #21748
- fix: fix replication of multiple projects with numeric names by @cgirard-mir in #21474
- update golang to v1.23.7 by @wy65701436 in #21749
- chore(deps): bump golang.org/x/time from 0.9.0 to 0.11.0 in /src by @dependabot in #21715
- Fix Password Validation in UI by @bupd in #21697
- chore(deps): bump github.com/volcengine/volcengine-go-sdk from 1.0.180 to 1.0.185 in /src by @dependabot in #21717
- fix: limit the file size of the cnai model processor by @chlins in #21759
- redirect to the sign-in page by @wy65701436 in #21764
- chore(deps): bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp from 0.57.0 to 0.60.0 in /src by @dependabot in #21716
- fix logout redirect by @wy65701436 in #21765
- fix: Remove top error message about no README or license by @Liam-Zhao in #21754
- chore(deps): bump golang.org/x/net from 0.34.0 to 0.36.0 in /src by @dependabot in #21731
- chore(deps): bump golang.org/x/net from 0.34.0 to 0.37.0 in /src by @dependabot in #21744
- chore(deps): bump helm.sh/helm/v3 from 3.17.0 to 3.17.2 in /src by @dependabot in #21745
- Fix token service returning empty token on tls certificate issue without any error by @dee-kryvenko in #20081
- Suppress aborthandler by @ianseyer in #21479
- update oidc login log level by @wy65701436 in #21775
- chore(deps): bump github.com/golang-jwt/jwt/v5 from 5.2.1 to 5.2.2 in /src by @dependabot in #21769
- update robot log level by @wy65701436 in #21778
- Bump golang.org/x/oauth2 from v0.25.0 to v0.27.0 by @yevchuk-kostiantyn in #21757
- fix 21118 by @wy65701436 in #21792
- clean up robot account for SBOM Job by @MinerYang in #21794
- Add tips for \Other events\ by @stonezdj in #21788
- Add operation description for delete tag event by @stonezdj in #21807
- fix orm filterable issue by @wy65701436 in #21797
- Fix: Modelfs overflow in UI. by @bupd in #21791
- Add operation_descrtion when forward audit log by @stonezdj in #21786
- Remove top copy pull cmd button by @bupd in #21810
- chore: format the go.mod by @chlins in #21812
- bump up golang version by @wy65701436 in #21813
- Rule out the duplicate login event and false logout event for oidc by @stonezdj in #21811
- bump up jwt and beego by @wy65701436 in #21814
- build base images for v2.13 by @wy65701436 in #21820
- [cherry-pick] Update dependencies in Harbor UI by @bupd in #21848
- [CHERRY-PICK] fix: support preheat cnai model artifact by @chlins in #21851
- build base for v2.13 by @wy65701436 in #21852
Breaking Changes 🛠
- update csrf key generation by @wy65701436 in #21154
- remove with_signature by @wy65701436 in #21420
Deprecations ❌
Other Changes
- fix release script by @wy65701436 in #21100
- remove asc files handling by @wy65701436 in #21214
- chore(deps): bump codecov/codecov-action from 4 to 5 by @dependabot in #21192
- chore(deps): bump actions/stale from 9.0.0 to 9.1.0 by @dependabot in #21446
- (Doc): Add supported Node Version for Harbor UI in .nvmrc by @bupd in #21153
- Update xpath for some UI components by @stonezdj in #21817
- [cherry-pick] Update robot testcase related to security hub row count to 15 by default by @stonezdj in #21847
New Contributors
- @rlacko58 made their first contribution in #20483
- @cangqiaoyuzhuo made their first contribution in #21109
- @yuzp1996 made their first contribution in #21343
- @lysunkin made their first contribution in #21357
- @sgaist made their first contribution in #20991
- @sergioarmgpl made their first contribution in #21369
- @Liam-Zhao made their first contribution in #21691
- @cgirard-mir made their first contribution in #21474
- @dee-kryvenko made their first contribution in #20081
- @ianseyer made their first contribution in #21479
- @yevchuk-kostiantyn made their first contribution in #21757
Full Changelog: v2.12.0...v2.13.0-rc2