dependabot[bot]
6a0ee091d8
Bump github.com/jackc/pgx/v4 from 4.18.1 to 4.18.3 in /src ( #20139 )
...
Bumps [github.com/jackc/pgx/v4](https://github.com/jackc/pgx ) from 4.18.1 to 4.18.3.
- [Changelog](https://github.com/jackc/pgx/blob/v4.18.3/CHANGELOG.md )
- [Commits](https://github.com/jackc/pgx/compare/v4.18.1...v4.18.3 )
---
updated-dependencies:
- dependency-name: github.com/jackc/pgx/v4
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Shengwen YU <yshengwen@vmware.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-03-29 16:14:23 +08:00
dependabot[bot]
ebb8050068
Bump golang.org/x/net from 0.17.0 to 0.22.0 in /src ( #20113 )
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.17.0 to 0.22.0.
- [Commits](https://github.com/golang/net/compare/v0.17.0...v0.22.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Shengwen YU <yshengwen@vmware.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-03-29 15:15:28 +08:00
dependabot[bot]
9beede0d82
Bump github.com/cloudevents/sdk-go/v2 from 2.14.0 to 2.15.2 in /src ( #20099 )
...
Bumps [github.com/cloudevents/sdk-go/v2](https://github.com/cloudevents/sdk-go ) from 2.14.0 to 2.15.2.
- [Release notes](https://github.com/cloudevents/sdk-go/releases )
- [Commits](https://github.com/cloudevents/sdk-go/compare/v2.14.0...v2.15.2 )
---
updated-dependencies:
- dependency-name: github.com/cloudevents/sdk-go/v2
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-03-28 11:02:43 +00:00
dependabot[bot]
4acde986a9
Bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.3 in /src ( #20104 )
...
Bumps [github.com/go-jose/go-jose/v3](https://github.com/go-jose/go-jose ) from 3.0.1 to 3.0.3.
- [Release notes](https://github.com/go-jose/go-jose/releases )
- [Changelog](https://github.com/go-jose/go-jose/blob/v3.0.3/CHANGELOG.md )
- [Commits](https://github.com/go-jose/go-jose/compare/v3.0.1...v3.0.3 )
---
updated-dependencies:
- dependency-name: github.com/go-jose/go-jose/v3
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-03-28 18:24:03 +08:00
dependabot[bot]
8b8b88d86a
Bump golang.org/x/sync from 0.3.0 to 0.6.0 in /src ( #20036 )
...
Bumps [golang.org/x/sync](https://github.com/golang/sync ) from 0.3.0 to 0.6.0.
- [Commits](https://github.com/golang/sync/compare/v0.3.0...v0.6.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/sync
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-03-28 17:46:37 +08:00
dependabot[bot]
d58172c112
Bump github.com/tencentcloud/tencentcloud-sdk-go from 1.0.62 to 3.0.233+incompatible in /src ( #20035 )
...
Bump github.com/tencentcloud/tencentcloud-sdk-go in /src
Bumps [github.com/tencentcloud/tencentcloud-sdk-go](https://github.com/tencentcloud/tencentcloud-sdk-go ) from 1.0.62 to 3.0.233+incompatible.
- [Commits](https://github.com/tencentcloud/tencentcloud-sdk-go/commits )
---
updated-dependencies:
- dependency-name: github.com/tencentcloud/tencentcloud-sdk-go
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-03-28 17:01:37 +08:00
MinerYang
a269b4f31c
Update support for artifactType for both manifest and index ( #20030 )
...
add artifact_type for artifact model to support artifactType filter
Signed-off-by: yminer <yminer@vmware.com>
add 2.11 sql schema & update index artifactType omitted
Signed-off-by: yminer <yminer@vmware.com>
update UT
update migrate sql for artifact_type
Signed-off-by: yminer <yminer@vmware.com>
remove debug line
2024-03-12 13:52:56 +00:00
Wang Yan
dbe9790147
add generate sbom object utility ( #20097 )
...
* add generate sbom object utility
Leverage the go-containerregistry to generate the oci object for sbom and add it as an accessory of the subject artifact.
Signed-off-by: wang yan <wangyan@vmware.com>
* remove vendor
Signed-off-by: wang yan <wangyan@vmware.com>
* resolve comments
Signed-off-by: wang yan <wangyan@vmware.com>
* fix ut
Signed-off-by: wang yan <wangyan@vmware.com>
* resolve comments
Signed-off-by: wang yan <wangyan@vmware.com>
* remove the todo comments
Signed-off-by: wang yan <wangyan@vmware.com>
---------
Signed-off-by: wang yan <wangyan@vmware.com>
2024-03-12 12:27:34 +08:00
dependabot[bot]
c5790ced14
Bump github.com/aws/aws-sdk-go from 1.50.5 to 1.50.24 in /src ( #20018 )
...
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go ) from 1.50.5 to 1.50.24.
- [Release notes](https://github.com/aws/aws-sdk-go/releases )
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.50.5...v1.50.24 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-02-26 12:05:17 +08:00
dependabot[bot]
2fd4588782
Bump helm.sh/helm/v3 from 3.11.3 to 3.14.2 in /src ( #20017 )
...
Bumps [helm.sh/helm/v3](https://github.com/helm/helm ) from 3.11.3 to 3.14.2.
- [Release notes](https://github.com/helm/helm/releases )
- [Commits](https://github.com/helm/helm/compare/v3.11.3...v3.14.2 )
---
updated-dependencies:
- dependency-name: helm.sh/helm/v3
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-02-26 10:08:51 +08:00
dependabot[bot]
056c41fd80
Bump github.com/google/uuid from 1.3.1 to 1.6.0 in /src ( #19954 )
...
Bumps [github.com/google/uuid](https://github.com/google/uuid ) from 1.3.1 to 1.6.0.
- [Release notes](https://github.com/google/uuid/releases )
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md )
- [Commits](https://github.com/google/uuid/compare/v1.3.1...v1.6.0 )
---
updated-dependencies:
- dependency-name: github.com/google/uuid
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Shengwen YU <yshengwen@vmware.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-02-23 18:19:40 +08:00
dependabot[bot]
cb04005098
Bump github.com/go-openapi/strfmt from 0.21.8 to 0.22.0 in /src ( #19955 )
...
Bumps [github.com/go-openapi/strfmt](https://github.com/go-openapi/strfmt ) from 0.21.8 to 0.22.0.
- [Commits](https://github.com/go-openapi/strfmt/compare/v0.21.8...v0.22.0 )
---
updated-dependencies:
- dependency-name: github.com/go-openapi/strfmt
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-02-23 17:40:46 +08:00
dependabot[bot]
35f98344e6
Bump go.opentelemetry.io/otel from 1.21.0 to 1.23.1 in /src ( #19972 )
...
Bumps [go.opentelemetry.io/otel](https://github.com/open-telemetry/opentelemetry-go ) from 1.21.0 to 1.23.1.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases )
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.21.0...v1.23.1 )
---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-02-23 16:54:30 +08:00
Antoine Jouve
73c2884e58
[Token/JWT] Update to golang-jwt v5.2.0 ( #19802 )
...
* feat: update to golang-jwt v5.2.0
Signed-off-by: Antoine Jouve <ant.jouve@gmail.com>
* fix: module issues and robot claims
Signed-off-by: Antoine Jouve <ant.jouve@gmail.com>
* fix: add missing time import
Signed-off-by: Antoine Jouve <ant.jouve@gmail.com>
* feat: set jwt validation leeway to 60s
Signed-off-by: Antoine Jouve <ant.jouve@gmail.com>
* fix: update leeways that were still set to 10s
Signed-off-by: Antoine Jouve <ant.jouve@gmail.com>
* feat: update go.sum
Signed-off-by: Antoine Jouve <ant.jouve@gmail.com>
* feat: add two leeway related test cases
Signed-off-by: Antoine Jouve <ant.jouve@gmail.com>
* fix: correct jwt audience validation
Signed-off-by: Antoine Jouve <ant.jouve@gmail.com>
* fix: gofmt v2_token.go
Signed-off-by: Antoine Jouve <ant.jouve@gmail.com>
* feat: take into account review comments
Signed-off-by: Antoine Jouve <ant.jouve@gmail.com>
* feat: use a common constant to store JWT leeway
Signed-off-by: Antoine Jouve <ant.jouve@gmail.com>
---------
Signed-off-by: Antoine Jouve <ant.jouve@gmail.com>
Signed-off-by: Antoine Jouve <an-toine@users.noreply.github.com>
Co-authored-by: MinerYang <yminer@vmware.com>
2024-02-23 11:30:13 +08:00
dependabot[bot]
db20b3b6ac
Bump github.com/go-ldap/ldap/v3 from 3.2.4 to 3.4.6 in /src ( #19889 )
...
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap ) from 3.2.4 to 3.4.6.
- [Release notes](https://github.com/go-ldap/ldap/releases )
- [Commits](https://github.com/go-ldap/ldap/compare/v3.2.4...v3.4.6 )
---
updated-dependencies:
- dependency-name: github.com/go-ldap/ldap/v3
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Shengwen YU <yshengwen@vmware.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-02-04 20:08:50 +08:00
dependabot[bot]
7cfc685b7a
Bump github.com/go-openapi/errors from 0.20.4 to 0.21.0 in /src ( #19890 )
...
Bumps [github.com/go-openapi/errors](https://github.com/go-openapi/errors ) from 0.20.4 to 0.21.0.
- [Commits](https://github.com/go-openapi/errors/compare/v0.20.4...v0.21.0 )
---
updated-dependencies:
- dependency-name: github.com/go-openapi/errors
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Shengwen YU <yshengwen@vmware.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-02-04 19:27:48 +08:00
dependabot[bot]
f562c3016d
Bump github.com/aws/aws-sdk-go from 1.34.28 to 1.50.5 in /src ( #19920 )
...
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go ) from 1.34.28 to 1.50.5.
- [Release notes](https://github.com/aws/aws-sdk-go/releases )
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.34.28...v1.50.5 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-02-04 18:32:12 +08:00
zycupup
ee6f61c502
feat: volc cr adapter ( #19456 )
...
feat: support volcEngine replication
Signed-off-by: zhuyuchen.1 <zhuyuchen.1@bytedance.com>
2024-01-19 14:15:49 +08:00
dependabot[bot]
6d854a5534
Bump github.com/go-openapi/swag from 0.22.4 to 0.22.7 in /src ( #19809 )
...
Bumps [github.com/go-openapi/swag](https://github.com/go-openapi/swag ) from 0.22.4 to 0.22.7.
- [Commits](https://github.com/go-openapi/swag/compare/v0.22.4...v0.22.7 )
---
updated-dependencies:
- dependency-name: github.com/go-openapi/swag
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-01-18 14:14:44 +08:00
dependabot[bot]
6b1e5d2312
Bump github.com/vmihailenco/msgpack/v5 from 5.0.0-rc.2 to 5.4.1 in /src ( #19810 )
...
Bumps [github.com/vmihailenco/msgpack/v5](https://github.com/vmihailenco/msgpack ) from 5.0.0-rc.2 to 5.4.1.
- [Release notes](https://github.com/vmihailenco/msgpack/releases )
- [Changelog](https://github.com/vmihailenco/msgpack/blob/v5/CHANGELOG.md )
- [Commits](https://github.com/vmihailenco/msgpack/compare/v5.0.0-rc.2...v5.4.1 )
---
updated-dependencies:
- dependency-name: github.com/vmihailenco/msgpack/v5
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-01-18 13:34:33 +08:00
dependabot[bot]
6f6e85863e
Bump k8s.io/client-go from 0.26.2 to 0.29.0 in /src ( #19813 )
...
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go ) from 0.26.2 to 0.29.0.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md )
- [Commits](https://github.com/kubernetes/client-go/compare/v0.26.2...v0.29.0 )
---
updated-dependencies:
- dependency-name: k8s.io/client-go
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-01-18 12:54:39 +08:00
dependabot[bot]
f8d2169712
Bump github.com/go-openapi/runtime from 0.19.20 to 0.26.2 in /src ( #19763 )
...
Bumps [github.com/go-openapi/runtime](https://github.com/go-openapi/runtime ) from 0.19.20 to 0.26.2.
- [Release notes](https://github.com/go-openapi/runtime/releases )
- [Commits](https://github.com/go-openapi/runtime/compare/v0.19.20...v0.26.2 )
---
updated-dependencies:
- dependency-name: github.com/go-openapi/runtime
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Shengwen YU <yshengwen@vmware.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-01-08 16:02:08 +08:00
dependabot[bot]
bb2581c669
Bump gopkg.in/h2non/gock.v1 from 1.0.16 to 1.1.2 in /src ( #19765 )
...
Bumps gopkg.in/h2non/gock.v1 from 1.0.16 to 1.1.2.
---
updated-dependencies:
- dependency-name: gopkg.in/h2non/gock.v1
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-01-08 14:42:26 +08:00
dependabot[bot]
de7ea2849e
Bump github.com/cloudevents/sdk-go/v2 from 2.13.0 to 2.14.0 in /src ( #19764 )
...
Bumps [github.com/cloudevents/sdk-go/v2](https://github.com/cloudevents/sdk-go ) from 2.13.0 to 2.14.0.
- [Release notes](https://github.com/cloudevents/sdk-go/releases )
- [Commits](https://github.com/cloudevents/sdk-go/compare/v2.13.0...v2.14.0 )
---
updated-dependencies:
- dependency-name: github.com/cloudevents/sdk-go/v2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-01-08 09:46:21 +08:00
dependabot[bot]
88a4cabcaf
Bump github.com/golang-jwt/jwt/v4 from 4.4.2 to 4.5.0 in /src ( #19766 )
...
Bumps [github.com/golang-jwt/jwt/v4](https://github.com/golang-jwt/jwt ) from 4.4.2 to 4.5.0.
- [Release notes](https://github.com/golang-jwt/jwt/releases )
- [Changelog](https://github.com/golang-jwt/jwt/blob/main/VERSION_HISTORY.md )
- [Commits](https://github.com/golang-jwt/jwt/compare/v4.4.2...v4.5.0 )
---
updated-dependencies:
- dependency-name: github.com/golang-jwt/jwt/v4
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-05 17:20:40 +08:00
dependabot[bot]
378ff62350
Bump golang.org/x/time from 0.4.0 to 0.5.0 in /src ( #19767 )
...
Bumps [golang.org/x/time](https://github.com/golang/time ) from 0.4.0 to 0.5.0.
- [Commits](https://github.com/golang/time/compare/v0.4.0...v0.5.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/time
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2024-01-05 16:15:15 +08:00
dependabot[bot]
49ee3b7759
Bump go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux from 0.45.0 to 0.46.1 in /src ( #19727 )
...
Bump go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux
Bumps [go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux](https://github.com/open-telemetry/opentelemetry-go-contrib ) from 0.45.0 to 0.46.1.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases )
- [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md )
- [Commits](https://github.com/open-telemetry/opentelemetry-go-contrib/compare/zpages/v0.45.0...zpages/v0.46.1 )
---
updated-dependencies:
- dependency-name: go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2023-12-21 10:09:50 +08:00
dependabot[bot]
2f2a6462ad
Bump github.com/bmatcuk/doublestar from 1.1.1 to 1.3.4 in /src ( #19698 )
...
Bumps [github.com/bmatcuk/doublestar](https://github.com/bmatcuk/doublestar ) from 1.1.1 to 1.3.4.
- [Release notes](https://github.com/bmatcuk/doublestar/releases )
- [Commits](https://github.com/bmatcuk/doublestar/compare/v1.1.1...v1.3.4 )
---
updated-dependencies:
- dependency-name: github.com/bmatcuk/doublestar
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2023-12-20 13:33:53 +08:00
dependabot[bot]
41adc7508a
Bump github.com/prometheus/client_golang from 1.14.0 to 1.17.0 in /src ( #19699 )
...
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang ) from 1.14.0 to 1.17.0.
- [Release notes](https://github.com/prometheus/client_golang/releases )
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md )
- [Commits](https://github.com/prometheus/client_golang/compare/v1.14.0...v1.17.0 )
---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2023-12-20 10:48:20 +08:00
dependabot[bot]
dcd3c3dbfd
Bump github.com/coreos/go-oidc/v3 from 3.7.0 to 3.9.0 in /src ( #19701 )
...
Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc ) from 3.7.0 to 3.9.0.
- [Release notes](https://github.com/coreos/go-oidc/releases )
- [Commits](https://github.com/coreos/go-oidc/compare/v3.7.0...v3.9.0 )
---
updated-dependencies:
- dependency-name: github.com/coreos/go-oidc/v3
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2023-12-19 17:06:32 +08:00
dependabot[bot]
80b3ea5501
Bump golang.org/x/crypto from 0.14.0 to 0.17.0 in /src ( #19729 )
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.14.0 to 0.17.0.
- [Commits](https://github.com/golang/crypto/compare/v0.14.0...v0.17.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2023-12-19 14:19:48 +08:00
dependabot[bot]
5f828ea72f
Bump github.com/go-openapi/errors from 0.19.6 to 0.20.4 in /src ( #19697 )
...
Bumps [github.com/go-openapi/errors](https://github.com/go-openapi/errors ) from 0.19.6 to 0.20.4.
- [Commits](https://github.com/go-openapi/errors/compare/v0.19.6...v0.20.4 )
---
updated-dependencies:
- dependency-name: github.com/go-openapi/errors
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2023-12-14 12:10:51 +08:00
dependabot[bot]
6b41277b03
Bump sigs.k8s.io/yaml from 1.3.0 to 1.4.0 in /src ( #19631 )
...
Bumps [sigs.k8s.io/yaml](https://github.com/kubernetes-sigs/yaml ) from 1.3.0 to 1.4.0.
- [Release notes](https://github.com/kubernetes-sigs/yaml/releases )
- [Changelog](https://github.com/kubernetes-sigs/yaml/blob/master/RELEASE.md )
- [Commits](https://github.com/kubernetes-sigs/yaml/compare/v1.3.0...v1.4.0 )
---
updated-dependencies:
- dependency-name: sigs.k8s.io/yaml
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2023-12-08 15:11:38 +08:00
dependabot[bot]
8859f69668
Bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.1 in /src ( #19636 )
...
Bumps [github.com/go-jose/go-jose/v3](https://github.com/go-jose/go-jose ) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/go-jose/go-jose/releases )
- [Changelog](https://github.com/go-jose/go-jose/blob/v3/CHANGELOG.md )
- [Commits](https://github.com/go-jose/go-jose/compare/v3.0.0...v3.0.1 )
---
updated-dependencies:
- dependency-name: github.com/go-jose/go-jose/v3
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2023-12-08 13:20:20 +08:00
dependabot[bot]
af4c6b6f0f
Bump github.com/gorilla/handlers from 1.5.1 to 1.5.2 in /src ( #19632 )
...
Bumps [github.com/gorilla/handlers](https://github.com/gorilla/handlers ) from 1.5.1 to 1.5.2.
- [Release notes](https://github.com/gorilla/handlers/releases )
- [Commits](https://github.com/gorilla/handlers/compare/v1.5.1...v1.5.2 )
---
updated-dependencies:
- dependency-name: github.com/gorilla/handlers
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2023-12-08 09:59:06 +08:00
dependabot[bot]
2984c2e04b
Bump github.com/robfig/cron/v3 from 3.0.0 to 3.0.1 in /src ( #19633 )
...
Bumps [github.com/robfig/cron/v3](https://github.com/robfig/cron ) from 3.0.0 to 3.0.1.
- [Commits](https://github.com/robfig/cron/compare/v3.0.0...v3.0.1 )
---
updated-dependencies:
- dependency-name: github.com/robfig/cron/v3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2023-12-07 17:49:21 +08:00
Shengwen YU
1cbc901599
fix: upgrade google.golang.org/grpc ( #19648 )
...
fix: upgrade google.golang.org/grpc and go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
2023-12-05 16:22:39 +08:00
dependabot[bot]
bf251ef0aa
Bump github.com/coreos/go-oidc/v3 from 3.0.0 to 3.7.0 in /src ( #19542 )
...
Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc ) from 3.0.0 to 3.7.0.
- [Release notes](https://github.com/coreos/go-oidc/releases )
- [Commits](https://github.com/coreos/go-oidc/compare/v3.0.0...v3.7.0 )
---
updated-dependencies:
- dependency-name: github.com/coreos/go-oidc/v3
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2023-11-28 09:31:16 +08:00
dependabot[bot]
e1df9b0a73
Bump golang.org/x/time from 0.0.0-20220210224613-90d013bbcef8 to 0.4.0 in /src ( #19541 )
...
Bump golang.org/x/time in /src
Bumps [golang.org/x/time](https://github.com/golang/time ) from 0.0.0-20220210224613-90d013bbcef8 to 0.4.0.
- [Commits](https://github.com/golang/time/commits/v0.4.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/time
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
2023-11-27 16:58:28 +08:00
Chlins Zhang
43ccd2f09f
perf: optimize the performance of accessory query ( #19557 )
...
1. Add db index for subject_artifact_id in table artifact_accessory.
2. Optimize the SQL of excluding the accessory for artifact count.
Signed-off-by: chlins <chenyuzh@vmware.com>
2023-11-22 02:11:11 +00:00
Daniel Jiang
3f7c605cf5
[WIP] Remove vendor folder from harbor code base ( #19508 )
...
* Remove vendor folder from harbor code base
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
* debug ut failure
* debug failure
* debug failure
---------
Signed-off-by: Daniel Jiang <jiangd@vmware.com>
2023-11-05 14:37:25 +08:00
MinerYang
193b00b9e6
bump golang to 1.21.3 ( #19504 )
...
update ut mock
update go mod
Signed-off-by: yminer <yminer@vmware.com>
2023-10-31 15:01:23 +08:00
MinerYang
adb066cf50
bump go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/m… ( #19477 )
...
bump go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux
Signed-off-by: yminer <yminer@vmware.com>
2023-10-24 08:21:34 +00:00
MinerYang
84a85fb299
bump golang.org/x/net to v0.17.0 && go.opentelemetry.io/contrib ( #19461 )
...
bump golang.org/x/net to v0.17.0
Signed-off-by: yminer <yminer@vmware.com>
bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp to v0.45.0
2023-10-18 14:34:51 +08:00
Chlins Zhang
98f592f94f
chore: upgrade golang-migrate to v4.16.2 ( #18879 )
...
Signed-off-by: chlins <chenyuzh@vmware.com>
2023-07-11 10:21:12 +08:00
Chlins Zhang
78799ccb2f
perf: introduce update quota by redis ( #18871 )
...
Introduce the quota update provider, improve the performance of pushing
artifacts to same project with high concurrency by implementing
optimistic lock in redis. By default the function is disabled, open it
by set env 'QUOTA_UPDATE_PROVIDER=Redis' for the core container.
Fixes : #18440
Signed-off-by: chlins <chenyuzh@vmware.com>
2023-07-10 13:24:37 +08:00
Wang Yan
7435c8c5ab
add multiple deletion of GC ( #18855 )
...
User can specify the workers when to issue an GC execution, the maxium count of workers is 5.
Signed-off-by: wang yan <wangyan@vmware.com>
2023-06-29 16:22:18 +08:00
Chlins Zhang
02a1c417d4
refactor: migrate the redis command keys to scan ( #18825 )
...
Refine the cache interface, migrate the Keys to Scan, change the redis
underlying keys command to scan.
Signed-off-by: chlins <chenyuzh@vmware.com>
2023-06-29 11:28:19 +08:00
Wang Yan
bf7c82b9a8
remove the notary from backend ( #18668 )
...
Since harbor deprecates notary since v2.9.0, this pull request targets to remove the code related with notary.
Signed-off-by: Wang Yan <wangyan@vmware.com>
2023-05-18 18:47:42 +08:00
MinerYang
954f1f3d06
bump up github.com/distribution/distribution v2.8.2 ( #18687 )
...
Signed-off-by: yminer <yminer@vmware.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
2023-05-17 11:58:43 +08:00