project-zot/zot v1.4.1

some bug fixes and features

on GitHub

What's Changed

• update metrics/Dockerfile to match current binary name format by @Andreea-Lupu in #497
• build(deps): bump github.com/swaggo/http-swagger from 1.2.5 to 1.2.6 by @rchincha in #513
• linter: upgrade linter version and add fixes accordingly by @alexstan12 in #503
• codeql: move from v1 to v2 by @rchincha in #514
• storage: prevent tag overwrites controlled via configuration by @laurentiuNiculae in #445
• dependabot alert: fix CVE-2022-29810 by @rchincha in #518
• add a CODEOWNERS file by @rchincha in #520
• use TempDir instead of /tmp/zot in tests by @shimish2 in #517
• zb: fix usage help output by @rchincha in #523
• stacker builds: use a different base image by @rchincha in #530
• add failfast flag in go test by @shimish2 in #533
• Reduce downloads by grouping .sync dirs for all images in the same repo by @chofnar in #493
• Report unknown keys when parsing configuration files by @peusebiu in #521
• clustering: Give time to minio container to come up by @peusebiu in #535
• Changed Github workflow to cache dependencies by @chofnar in #525
• build: fix base image in stacker files by @rchincha in #543
• update linter version to 1.46.2 by @rchincha in #540
• Adding mocked tests for routes by @laurentiuNiculae in #500
• update cosign deps by @rchincha in #544
• ext: use distribution spec route prefix for extension api by @shimish2 in #449
• fix stacker build file to include compatible glibc runtime by @rchincha in #545
• fix CVE-2022-29162/GHSA-f3fp-gc8g-vw66 by @rchincha in #550
• zb: pick client IPs from a pool, closes #472 by @peusebiu in #477
• s3: added logic for deduping blobs by @peusebiu in #504
• add endpoints field in ext discover api by @shimish2 in #548
• sync: specify contentType for cosign manifest, preserve digests, allow http redirects when syncing signatures by @peusebiu in #542
• fix CVE-2022-29173/GHSA-66x3-6cw3-v5gj by @rchincha in #552
• fix extension endpoints by @shimish2 in #557
• fix CVE-2022-28948/GHSA-hp87-p4gw-j4gq by @rchincha in #559
• Code coverage improvement by @aokirisaki in #553
• fixed failed tests for all skopeo versions by @aokirisaki in #524
• ci/cd: Fix arm builds by @peusebiu in #555
• Fix periodic background tasks (gc and scrub) by @Andreea-Lupu in #529
• zli: cve scan doesn't print CRITICAL vulnerabilities for image by @laurentiuNiculae in #556
• check notary v2 signature while looking for available signatures by @shimish2 in #423
• Added sync onDemand test for ORAS artifact by @chofnar in #522
• fix dependabot alerts by @rchincha in #581
• fix sample request url in search extension README by @shimish2 in #583
• routes: strip query parameter from request URL by @shimish2 in #576

New Contributors

• @alexstan12 made their first contribution in #503
• @aokirisaki made their first contribution in #553

Full Changelog: v1.4.0...v1.4.1