This package was only used for the deprecated "shortid" syntax. Now that
support for this syntax was removed, we can also remove this package.
This patch deprecates and removes the package, adding temporary aliases pointing
to the new location to ease migration from docker/distribution to the new
distribution/distribution/v3. We should remove those aliases in a future update.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 7b651a9692)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
full diff: a6d0ee40d4...v1.0.0
This is similar to the same changes on main:
- bf56f348be (update to v1.0.0-rc1)
- 8a8d91529d (update to v1.0.0)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This integrates the new module, which was extracted from this repository
at commit b9b19409cf458dcb9e1253ff44ba75bd0620faa6;
# install filter-repo (https://github.com/newren/git-filter-repo/blob/main/INSTALL.md)
brew install git-filter-repo
# create a temporary clone of docker
cd ~/Projects
git clone https://github.com/distribution/distribution.git reference
cd reference
# commit taken from
git rev-parse --verify HEAD
b9b19409cf
# remove all code, except for general files, 'reference/', and rename to /
git filter-repo \
--path .github/workflows/codeql-analysis.yml \
--path .github/workflows/fossa.yml \
--path .golangci.yml \
--path distribution-logo.svg \
--path CODE-OF-CONDUCT.md \
--path CONTRIBUTING.md \
--path GOVERNANCE.md \
--path README.md \
--path LICENSE \
--path MAINTAINERS \
--path-glob 'reference/*.*' \
--path-rename reference/:
# initialize go.mod
go mod init github.com/distribution/reference
go mod tidy -go=1.20
This commit is based on 152af63ec5 in the main branch,
but adjusted for the 2.8 branch, with some differences:
- the Sort functions have not been kept, as they were not part of the v2 package,
and introduced in 1052518d9f
- the ParseAnyReferenceWithSet and ShortIdentifierRegexp were kept (but deprecated)
as removing happened in 6d4f62d7fd, which is not
in the 2.8 branch.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
to address CVE-2020-26160
full diff: a601269ab7...v3.2.2
3.2.1 release notes
---------------------------------------
- Import Path Change: See MIGRATION_GUIDE.md for tips on updating your code
Changed the import path from github.com/dgrijalva/jwt-go to github.com/golang-jwt/jwt
- Fixed type confusion issue between string and []string in VerifyAudience.
This fixes CVE-2020-26160
3.2.2 release notes
---------------------------------------
- Starting from this release, we are adopting the policy to support the most 2
recent versions of Go currently available. By the time of this release, this
is Go 1.15 and 1.16.
- Fixed a potential issue that could occur when the verification of exp, iat
or nbf was not required and contained invalid contents, i.e. non-numeric/date.
Thanks for @thaJeztah for making us aware of that and @giorgos-f3 for originally
reporting it to the formtech fork.
- Added support for EdDSA / ED25519.
- Optimized allocations.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Indentation is spelled wrong as intendation everywhere the word occurs
Can either be:
> "found a tab character that violates indentation"
or
> "found tab characters that violate indentation"
Signed-off-by: Parth Mehrotra <parth@mehrotra.me>
at the first iteration, only the following metrics are collected:
- HTTP metrics of each API endpoint
- cache counter for request/hit/miss
- histogram of storage actions, including:
GetContent, PutContent, Stat, List, Move, and Delete
Signed-off-by: tifayuki <tifayuki@gmail.com>
This upgrade, and vendors aws-sdk-go to version v1.12.36.
This is because it has new API calls accessible to the S3 client,
specifically S3.ListObjectsV2PagesWithContext
Signed-off-by: Sargun Dhillon <sargun@sargun.me>
Updates resumable hash implementation to Go 1.8 equivalent. This should
be a major speedup, since it includes a number of optimizations from Go
1.7.
Signed-off-by: Stephen J Day <stephen.day@docker.com>
Vndr has a simpler configuration and allows pointing to forked
packages. Additionally other docker projects are now using
vndr making vendoring in distribution more consistent.
Updates letsencrypt to use fork.
No longer uses sub-vendored packages.
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Updating to a recent version of Azure Storage SDK to be
able to patch some memory leaks through configurable HTTP client
changes which were made possible by recent patches to it.
Signed-off-by: Ahmet Alp Balkan <ahmetalpbalkan@gmail.com>
Updated to latest version of go aws sdk.
Use vendored sub pakages within aws sdk.
Adds missing vendor packages for letsencrypt
Fixes#1832
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)