github project-zot/zot v2.1.16
on GitHub

7 hours ago

What's Changed

  • chore: fix dependabot alerts by @rchincha in #3860
  • fix(search): expose LastPullTimestamp and PushedBy on index ImageSummary by @cainydev in #3865
  • chore: fix dependabot alerts by @rchincha in #3880
  • feat(zb): list tests, test regex filter, docs update by @vrajashkr in #3884
  • ci: use zot localstack image and consolidate on using the setup localstack GH action by @andaaron in #3899
  • chore: fix dependabot alerts by @rchincha in #3896
  • chore: pin trivy-action to safe version by @andaaron in #3897
  • feat(schema): add schema command to dump JSON Schema for zot config by @rchincha in #3905
  • feat: support pushing multiple tags for a single manifest by @andaaron in #3885
  • fix(storage/gcs): fix double-prefixed rootdirectory and EOF handling in Walk for GCS by @thees in #3903
  • test(blackbox): harden zot restart + reachability checks by @andaaron in #3907
  • chore: fix dependabot alerts by @rchincha in #3921
  • test: add tests for pushing manifests with non-canonical digests together with tags by @andaaron in #3920
  • chore: fix dependabot alerts by @rchincha in #3931
  • build: bump zui version to commit-1c8e5ef by @rchincha in #3932
  • chore: fix dependabot alerts by @rchincha in #3940
  • fix: address code review comments by @andaaron in #3942
  • feat: Add TrivyConfig.VulnSeveritySources (Trivy's --vuln-severity-source) by @andaaron in #3943
  • chore: fix dependabot alerts by @rchincha in #3947
  • ci: fix nightly test by @rchincha in #3948
  • chore: fix dependabot alerts by @rchincha in #3953
  • Pin actions and tighten workflow permissions by @benoittgt in #3954
  • fix(ci): pass GITHUB_TOKEN explicitly to oras login in sync-trivy step by @rchincha in #3961
  • chore: fix dependabot alerts by @rchincha in #3964
  • feat(api): add repository quota enforcement middleware by @Aluchir in #3923
  • fix: Updating a repository should not result in a corrupted index.json file if disk is full by @andaaron in #3963
  • chore: fix dependabot alerts by @rchincha in #3968
  • fix(auth): add workaround for Docker client auth with mixed anonymous policies by @andaaron in #3868
  • chore: fix dependabot alerts by @rchincha in #3971
  • fix(security): limit manifest PUT body to 4 MiB (INPUT-1) by @rchincha in #3977
  • fix(security): limit API key creation body to 4 KiB (INPUT-2) by @rchincha in #3978
  • security: suppress Allow-Credentials on wildcard CORS origin (CORS-1) by @rchincha in #3980
  • fix(security): remove InsecureSkipVerify from metrics client (TLS-1) by @rchincha in #3982

New Contributors

Full Changelog: v2.1.15...v2.1.16

Check out latest releases or
releases around project-zot/zot v2.1.16

Don't miss a new zot release

NewReleases is sending notifications on new releases.

Get notifications