harbor

mirror of https://github.com/goharbor/harbor.git synced 2024-11-28 21:25:55 +01:00

Author	SHA1	Message	Date
Wang Yan	2977fec006	fix issue 19928 (#20409 ) * fix issue 19928 it needs to consider the user who is in any group that has been granted with the project admin role. Signed-off-by: wang yan <wangyan@vmware.com>	2024-05-15 13:07:30 +08:00
stonezdj(Daojun Zhang)	232f9ba7ea	Skip scan in-toto sbom artifact (#20415 ) fixes #20337 Signed-off-by: stonezdj <stone.zhang@broadcom.com> Co-authored-by: Wang Yan <wangyan@vmware.com>	2024-05-13 17:12:04 +08:00
Wang Yan	65e266fecf	fix issue 20407 (#20416 ) fixes #20407 It needs to specify the insecure option on parsing the reference Signed-off-by: wang yan <wangyan@vmware.com>	2024-05-13 14:44:51 +08:00
MinerYang	068ae006fe	Update scan job request log for enabled_capabilities (#20414 ) update scan job request log Signed-off-by: yminer <yminer@vmware.com>	2024-05-10 17:17:47 +08:00
dependabot[bot]	c4409c053b	Bump helm.sh/helm/v3 from 3.14.2 to 3.14.4 in /src (#20373 ) Bumps [helm.sh/helm/v3](https://github.com/helm/helm) from 3.14.2 to 3.14.4. - [Release notes](https://github.com/helm/helm/releases) - [Commits](https://github.com/helm/helm/compare/v3.14.2...v3.14.4) --- updated-dependencies: - dependency-name: helm.sh/helm/v3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Shengwen YU <yshengwen@vmware.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-05-06 15:49:37 +08:00
dependabot[bot]	1ef61995b8	Bump github.com/go-asn1-ber/asn1-ber from 1.5.5 to 1.5.6 in /src (#20372 ) Bumps [github.com/go-asn1-ber/asn1-ber](https://github.com/go-asn1-ber/asn1-ber) from 1.5.5 to 1.5.6. - [Release notes](https://github.com/go-asn1-ber/asn1-ber/releases) - [Commits](https://github.com/go-asn1-ber/asn1-ber/compare/v1.5.5...v1.5.6) --- updated-dependencies: - dependency-name: github.com/go-asn1-ber/asn1-ber dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-05-06 14:45:37 +08:00
dependabot[bot]	34cb462cd9	Bump github.com/gorilla/csrf from 1.6.2 to 1.7.2 in /src (#20376 ) Bumps [github.com/gorilla/csrf](https://github.com/gorilla/csrf) from 1.6.2 to 1.7.2. - [Release notes](https://github.com/gorilla/csrf/releases) - [Commits](https://github.com/gorilla/csrf/compare/v1.6.2...v1.7.2) --- updated-dependencies: - dependency-name: github.com/gorilla/csrf dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Shengwen YU <yshengwen@vmware.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-05-06 14:08:10 +08:00
dependabot[bot]	132c389216	Bump k8s.io/api from 0.29.3 to 0.30.0 in /src (#20375 ) Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.29.3 to 0.30.0. - [Commits](https://github.com/kubernetes/api/compare/v0.29.3...v0.30.0) --- updated-dependencies: - dependency-name: k8s.io/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-05-06 13:18:42 +08:00
dependabot[bot]	50dc773a5a	Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp from 1.24.0 to 1.26.0 in /src (#20374 ) Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp Bumps [go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp](https://github.com/open-telemetry/opentelemetry-go) from 1.24.0 to 1.26.0. - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.24.0...v1.26.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-05-06 10:53:35 +08:00
stonezdj(Daojun Zhang)	8431c9c30a	Rename harbor.sbom to sbom.harbor (#20359 ) Signed-off-by: stonezdj <stone.zhang@broadcom.com>	2024-05-02 23:48:07 +00:00
MinerYang	d01dfd450a	do not delete accessory relationship while still referenced (#20360 ) Signed-off-by: yminer <yminer@vmware.com> Co-authored-by: Wang Yan <wangyan@vmware.com>	2024-04-30 01:18:09 +00:00
stonezdj(Daojun Zhang)	d154c27362	Add scan type in webhook event (#20363 ) fixes #20331 Signed-off-by: stonezdj <stone.zhang@broadcom.com>	2024-04-29 13:51:09 +00:00
Lichao Xue	9b5dd7951e	Fix UI sbom status not updated to grid item after job done (#20368 ) Fix UI sbom status not updated after job done Signed-off-by: xuelichao <xuel@vmware.com>	2024-04-29 17:26:01 +08:00
dependabot[bot]	1146cbeca1	Bump github.com/cenkalti/backoff/v4 from 4.2.1 to 4.3.0 in /src (#20316 ) Bumps [github.com/cenkalti/backoff/v4](https://github.com/cenkalti/backoff) from 4.2.1 to 4.3.0. - [Commits](https://github.com/cenkalti/backoff/compare/v4.2.1...v4.3.0) --- updated-dependencies: - dependency-name: github.com/cenkalti/backoff/v4 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Shengwen YU <yshengwen@vmware.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-04-29 12:49:55 +08:00
dependabot[bot]	01a28dc66d	Bump go.opentelemetry.io/otel/sdk from 1.24.0 to 1.26.0 in /src (#20370 ) Bumps [go.opentelemetry.io/otel/sdk](https://github.com/open-telemetry/opentelemetry-go) from 1.24.0 to 1.26.0. - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.24.0...v1.26.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel/sdk dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-04-29 10:19:48 +08:00
dependabot[bot]	7306f6d7d9	Bump github.com/golang-migrate/migrate/v4 from 4.16.2 to 4.17.1 in /src (#20317 ) Bumps [github.com/golang-migrate/migrate/v4](https://github.com/golang-migrate/migrate) from 4.16.2 to 4.17.1. - [Release notes](https://github.com/golang-migrate/migrate/releases) - [Changelog](https://github.com/golang-migrate/migrate/blob/master/.goreleaser.yml) - [Commits](https://github.com/golang-migrate/migrate/compare/v4.16.2...v4.17.1) --- updated-dependencies: - dependency-name: github.com/golang-migrate/migrate/v4 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Shengwen YU <yshengwen@vmware.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-04-28 17:32:58 +08:00
dependabot[bot]	d7ab8254cc	Bump golang.org/x/net from 0.22.0 to 0.24.0 in /src (#20318 ) Bumps [golang.org/x/net](https://github.com/golang/net) from 0.22.0 to 0.24.0. - [Commits](https://github.com/golang/net/compare/v0.22.0...v0.24.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-04-28 15:47:57 +08:00
stonezdj(Daojun Zhang)	fba4c40c65	Delete scan_report when accessory is removed (#20365 ) Signed-off-by: stonezdj <stone.zhang@broadcom.com>	2024-04-27 01:56:30 +00:00
Lichao Xue	dee73a44f3	Fix UI bugs (#20364 ) Signed-off-by: xuelichao <xuel@vmware.com>	2024-04-26 06:56:23 +00:00
stonezdj(Daojun Zhang)	ec8d692fe6	Add scanner info and report_id to sbom_overview on listing artifact (#20358 ) Add scan_status and report_id when scan has a failed task Signed-off-by: stonezdj <stone.zhang@broadcom.com>	2024-04-25 17:00:35 +08:00
Shengwen YU	2af02f3b25	fix: update image reference to "@" in audit log when pushing & deleting images (#20348 ) Signed-off-by: Shengwen Yu <yshengwen@vmware.com>	2024-04-24 16:05:14 +08:00
stonezdj(Daojun Zhang)	c80e9bf477	Add 422 in the swagger.yaml (#20344 ) change log level with no content message fix time in sbom accessory fixes #20342 #20332 #20328 Signed-off-by: stonezdj <stone.zhang@broadcom.com>	2024-04-24 09:57:46 +08:00
stonezdj(Daojun Zhang)	b7d4bf0d07	Log and skip adapter ping error when retrieve adapter capability (#20314 ) Signed-off-by: stonezdj <stone.zhang@broadcom.com>	2024-04-22 09:43:04 +00:00
Lichao Xue	e7fce62723	Wrong values shown for the columns of support_sbom and support_vulnerability in scanner list (#20308 ) Fix wrong value shown for the columns of support_sbom and support_vulnerability in scanner list Signed-off-by: xuelichao <xuel@vmware.com>	2024-04-22 13:29:48 +08:00
stonezdj(Daojun Zhang)	d759429831	Set default capability for old scanners (#20306 ) Signed-off-by: stonezdj <stone.zhang@broadcom.com> Co-authored-by: Wang Yan <wangyan@vmware.com>	2024-04-20 10:37:30 +08:00
stonezdj(Daojun Zhang)	0d9dc4b4a4	Add enableCapabilities to extraAttrs for stop (#20299 ) Signed-off-by: stonezdj <stone.zhang@broadcom.com>	2024-04-19 07:36:56 +00:00
Lichao Xue	b3dc183f47	Fixed an issue where the scan stop button can only be clicked once (#20302 ) Signed-off-by: xuelichao <xuel@vmware.com>	2024-04-19 13:01:54 +08:00
stonezdj(Daojun Zhang)	9c3fc28250	Allow generate sbom in proxy cache project (#20298 ) Signed-off-by: stonezdj <stone.zhang@broadcom.com>	2024-04-19 02:14:28 +00:00
Lichao Xue	e8907a47ab	SBOM UI feature implementation (#19946 ) * draft: sbom UI feature implementation Signed-off-by: xuelichao <xuel@vmware.com> * refactor based on swagger yaml changes Signed-off-by: xuelichao <xuel@vmware.com> * update scan type for scan and stop sbom request Signed-off-by: xuelichao <xuel@vmware.com> --------- Signed-off-by: xuelichao <xuel@vmware.com>	2024-04-18 08:22:11 +00:00
Ikko Eltociear Ashimine	4fd11ce072	refactor: update controller.go (#20297 ) minor fix Signed-off-by: Ikko Eltociear Ashimine <eltociear@gmail.com> Co-authored-by: MinerYang <yminer@vmware.com>	2024-04-18 14:26:03 +08:00
stonezdj(Daojun Zhang)	2ea7d09412	skip to log scan sbom accessory for sbom accessory (#20290 ) Avoid to log the generate SBOM failure message when the artifact is SBOM in webhook event Signed-off-by: stonezdj <stone.zhang@broadcom.com>	2024-04-17 14:51:11 +00:00
stonezdj(Daojun Zhang)	fb2e0042d0	Rename scan request type (#20288 ) Signed-off-by: stonezdj <stone.zhang@broadcom.com>	2024-04-17 09:52:50 +00:00
stonezdj(Daojun Zhang)	654aa8edcf	Add generate SBOM feature (#20251 ) * Add SBOM scan feature Add scan handler for sbom Delete previous sbom accessory before the job service Signed-off-by: stonezdj <daojunz@vmware.com> * fix issue Signed-off-by: stonezdj <stone.zhang@broadcom.com> --------- Signed-off-by: stonezdj <daojunz@vmware.com> Signed-off-by: stonezdj <stone.zhang@broadcom.com> Co-authored-by: stonezdj <daojunz@vmware.com>	2024-04-16 13:34:19 +00:00
Wang Yan	550bf1d750	fix issue 20269 (#20274 ) By default, use the nvd score as the primary score, and if it is unavailable, fallback to the redhat score. fix #20269 Signed-off-by: wang yan <wangyan@vmware.com>	2024-04-16 16:49:52 +08:00
Shengwen YU	91efec1e2a	fix: update the image reference format for audit log when pulling image (#20278 ) Signed-off-by: Shengwen Yu <yshengwen@vmware.com>	2024-04-16 11:11:59 +08:00
dependabot[bot]	938c804513	Bump go.uber.org/ratelimit from 0.2.0 to 0.3.1 in /src (#20204 ) Bumps [go.uber.org/ratelimit](https://github.com/uber-go/ratelimit) from 0.2.0 to 0.3.1. - [Changelog](https://github.com/uber-go/ratelimit/blob/main/CHANGELOG.md) - [Commits](https://github.com/uber-go/ratelimit/compare/v0.2.0...v0.3.1) --- updated-dependencies: - dependency-name: go.uber.org/ratelimit dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com> Co-authored-by: Wang Yan <wangyan@vmware.com>	2024-04-16 10:11:19 +08:00
Iceber Gu	a2507dc3fc	Sending signals by closing the channel (#17917 ) Signed-off-by: Iceber Gu <wei.cai-nat@daocloud.io>	2024-04-15 12:37:59 +00:00
dependabot[bot]	79dbebd48d	Bump golang.org/x/oauth2 from 0.15.0 to 0.19.0 in /src (#20247 ) Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.15.0 to 0.19.0. - [Commits](https://github.com/golang/oauth2/compare/v0.15.0...v0.19.0) --- updated-dependencies: - dependency-name: golang.org/x/oauth2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-04-15 19:04:22 +08:00
dependabot[bot]	b8392968ac	Bump github.com/coreos/go-oidc/v3 from 3.9.0 to 3.10.0 in /src (#20202 ) Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc) from 3.9.0 to 3.10.0. - [Release notes](https://github.com/coreos/go-oidc/releases) - [Commits](https://github.com/coreos/go-oidc/compare/v3.9.0...v3.10.0) --- updated-dependencies: - dependency-name: github.com/coreos/go-oidc/v3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-04-15 18:18:53 +08:00
dependabot[bot]	8bf26c0d1d	Bump k8s.io/api from 0.29.0 to 0.29.3 in /src (#20205 ) Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.29.0 to 0.29.3. - [Commits](https://github.com/kubernetes/api/compare/v0.29.0...v0.29.3) --- updated-dependencies: - dependency-name: k8s.io/api dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-04-15 16:47:55 +08:00
MinerYang	7465a29919	add SBOM icon (#20270 ) Signed-off-by: yminer <yminer@vmware.com>	2024-04-12 20:12:46 +08:00
MinerYang	7e8032b144	bump golang to 1.22.2 (#20256 ) Signed-off-by: yminer <yminer@vmware.com> replace go get to go install update go.mod	2024-04-12 13:46:29 +08:00
MinerYang	e9d2f50669	update mockery to v2.42.2 (#20258 ) Signed-off-by: yminer <yminer@vmware.com>	2024-04-11 03:37:59 +00:00
stonezdj(Daojun Zhang)	5d7c668028	Support list artifact with_sbom_overview option (#20244 ) Signed-off-by: stonezdj <stone.zhang@broadcom.com> Co-authored-by: stonezdj <daojunz@vmware.com>	2024-04-10 14:47:45 +00:00
stonezdj(Daojun Zhang)	89995075a7	Update swagger API to display SBOM content in addition API (#20234 ) complete task #20066 Signed-off-by: stonezdj <daojunz@vmware.com> Co-authored-by: stonezdj <daojunz@vmware.com>	2024-04-10 12:39:25 +00:00
tostt	a858fb4f4d	Updated internationalisation : fr-fr (#20179 ) * Update french translation Signed-off-by: tostt <tostt@users.noreply.github.com> * More updates french language Signed-off-by: tostt <tostt@users.noreply.github.com> * Corr. spelling Signed-off-by: tostt <tostt@users.noreply.github.com> * Update src/portal/src/i18n/lang/fr-fr-lang.json Co-authored-by: Florian Blampey <flbla@users.noreply.github.com> Signed-off-by: tostt <tostt@users.noreply.github.com> * Update src/portal/src/i18n/lang/fr-fr-lang.json Co-authored-by: Florian Blampey <flbla@users.noreply.github.com> Signed-off-by: tostt <tostt@users.noreply.github.com> * Update src/portal/src/i18n/lang/fr-fr-lang.json Co-authored-by: Thomas Coudert <couderthomas@gmail.com> Signed-off-by: tostt <tostt@users.noreply.github.com> * Update src/portal/src/i18n/lang/fr-fr-lang.json Co-authored-by: Thomas Coudert <couderthomas@gmail.com> Signed-off-by: tostt <tostt@users.noreply.github.com> * Update src/portal/src/i18n/lang/fr-fr-lang.json Co-authored-by: Thomas Coudert <couderthomas@gmail.com> Signed-off-by: tostt <tostt@users.noreply.github.com> * Update src/portal/src/i18n/lang/fr-fr-lang.json Co-authored-by: Thomas Coudert <couderthomas@gmail.com> Signed-off-by: tostt <tostt@users.noreply.github.com> * Update src/portal/src/i18n/lang/fr-fr-lang.json Co-authored-by: Thomas Coudert <couderthomas@gmail.com> Signed-off-by: tostt <tostt@users.noreply.github.com> * Update src/portal/src/i18n/lang/fr-fr-lang.json Co-authored-by: Thomas Coudert <couderthomas@gmail.com> Signed-off-by: tostt <tostt@users.noreply.github.com> * Update fr-fr-lang.json : further changes following thcdrt's review Signed-off-by: tostt <tostt@users.noreply.github.com> * Update src/portal/src/i18n/lang/fr-fr-lang.json Co-authored-by: Thomas Coudert <couderthomas@gmail.com> Signed-off-by: tostt <tostt@users.noreply.github.com> * Update fr-fr-lang.json: translate Expand to Déplier Signed-off-by: tostt <tostt@users.noreply.github.com> * Update fr-fr-lang.json: Remove duplicate portion of text Signed-off-by: tostt <tostt@users.noreply.github.com> --------- Signed-off-by: tostt <tostt@users.noreply.github.com> Co-authored-by: Vadim Bauer <vb@container-registry.com> Co-authored-by: Florian Blampey <flbla@users.noreply.github.com> Co-authored-by: Thomas Coudert <couderthomas@gmail.com> Co-authored-by: Wang Yan <wangyan@vmware.com>	2024-04-10 15:17:30 +08:00
MinerYang	2bb5166c80	adopt cosign with oci-spec 1.1 (#20245 ) Signed-off-by: yminer <yminer@vmware.com> add comment for cosign middlware	2024-04-10 13:46:00 +08:00
stonezdj(Daojun Zhang)	2e7db335b3	Add auto generate SBOM on push feature (#20250 ) Signed-off-by: stonezdj <daojunz@vmware.com> Co-authored-by: stonezdj <daojunz@vmware.com> Co-authored-by: Wang Yan <wangyan@vmware.com>	2024-04-09 09:30:53 +00:00
MinerYang	03d9575d84	update referrer manifest descriptor size (#20207 ) cache manifest when first time pull if cacheEnabled Signed-off-by: yminer <yminer@vmware.com>	2024-04-09 08:50:46 +00:00
Wang Yan	461a5fa50d	add stop sbom scanning API (#20200 ) * add stop sbom scanning API 1. [UI] support to stop sbom scanning #20200 2. add type for stop scanning api, make it able to support both vulnerability and sbom. 3. refactor the db query to support multiple extra attributes. Signed-off-by: wang yan <wangyan@vmware.com> Signed-off-by: xuelichao <xuel@vmware.com> Co-authored-by: xuelichao <xuel@vmware.com>	2024-04-09 16:07:47 +08:00
stonezdj(Daojun Zhang)	be648ea47f	Refactor scan job service make it easy to add new scan type (#20177 ) Signed-off-by: stonezdj <daojunz@vmware.com> Signed-off-by: stonezdj(Daojun Zhang) <stonezdj@gmail.com> Co-authored-by: stonezdj <daojunz@vmware.com>	2024-04-09 16:05:30 +08:00
guangwu	ff1a5056d7	fix: close blob io ReadCloser (#20225 ) Signed-off-by: guoguangwu <guoguangwug@gmail.com> Co-authored-by: Wang Yan <wangyan@vmware.com>	2024-04-09 14:27:46 +08:00
stonezdj(Daojun Zhang)	96ba34a93c	Allow empty path in redirect_url (#20238 ) fixes #20226 Signed-off-by: stonezdj <daojunz@vmware.com> Co-authored-by: stonezdj <daojunz@vmware.com>	2024-04-09 02:24:57 +00:00
Prima Adi Pradana	7b8a322a88	delete membership=0 in getProjectsByName (#20153 ) delete membership=0 in getProjectsByName but lets getProjects still using membership=1 for reserve if getProjectsByName not found any Signed-off-by: prima <prima101112@gmail.com>	2024-04-05 15:29:07 +00:00
stonezdj(Daojun Zhang)	dd76fe47ce	Add SBOM scan REST API (#20215 ) Update swagger API for generate SBOM Signed-off-by: stonezdj <daojunz@vmware.com> Co-authored-by: stonezdj <daojunz@vmware.com>	2024-04-03 08:38:09 +00:00
stonezdj(Daojun Zhang)	b6366e03e9	Update GenAccessoryArt API to generate valid accessory for SBOM (#20214 ) Signed-off-by: stonezdj <daojunz@vmware.com> Co-authored-by: stonezdj <daojunz@vmware.com>	2024-04-03 07:59:15 +00:00
guangwu	9778176ff1	fix: close file (#20189 ) Signed-off-by: guoguangwu <guoguangwug@gmail.com> Co-authored-by: Wang Yan <wangyan@vmware.com>	2024-04-03 11:45:59 +08:00
stonezdj(Daojun Zhang)	cea47c7db3	Add accessory type for sbom (#20208 ) Signed-off-by: stonezdj <daojunz@vmware.com> Co-authored-by: stonezdj <daojunz@vmware.com>	2024-04-02 18:11:27 +08:00
guangwu	b66d14d9f3	fix: typo (#20190 ) Signed-off-by: guoguangwu <guoguangwug@gmail.com>	2024-04-01 10:03:24 +08:00
Taras Katkov	da3c85be5a	fix image name extraction (#18992 ) * Update replication.go It also could be 'library/bitnami/fluentd:1.13.3-debian-10-r0' so we need to split resource to only 2 parts - possible namespace and image name which may include slashes for example - namespace: library, image: bitnami/fluentd:1.13.3-debian-10-r0 Signed-off-by: Taras Katkov <tkatkov@gmail.com> * Update replication_test.go Adding namespace and resource extraction tests. Signed-off-by: Taras Katkov <tkatkov@gmail.com> * Reformat only Signed-off-by: Taras Katkov <tkatkov@gmail.com> --------- Signed-off-by: Taras Katkov <tkatkov@gmail.com>	2024-03-30 13:41:50 +00:00
dependabot[bot]	7c2158bdf9	Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp from 1.21.0 to 1.24.0 in /src (#20037 ) Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp Bumps [go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp](https://github.com/open-telemetry/opentelemetry-go) from 1.21.0 to 1.24.0. - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.21.0...v1.24.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Shengwen YU <yshengwen@vmware.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-03-29 18:08:06 +08:00
dependabot[bot]	6c2cafe7ba	Bump github.com/docker/docker from 24.0.7+incompatible to 24.0.9+incompatible in /src (#20147 ) Bump github.com/docker/docker in /src Bumps [github.com/docker/docker](https://github.com/docker/docker) from 24.0.7+incompatible to 24.0.9+incompatible. - [Release notes](https://github.com/docker/docker/releases) - [Commits](https://github.com/docker/docker/compare/v24.0.7...v24.0.9) --- updated-dependencies: - dependency-name: github.com/docker/docker dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-03-29 17:29:09 +08:00
dependabot[bot]	290b22cf17	Bump google.golang.org/protobuf from 1.31.0 to 1.33.0 in /src (#20124 ) Bumps google.golang.org/protobuf from 1.31.0 to 1.33.0. --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-03-29 16:51:51 +08:00
dependabot[bot]	6a0ee091d8	Bump github.com/jackc/pgx/v4 from 4.18.1 to 4.18.3 in /src (#20139 ) Bumps [github.com/jackc/pgx/v4](https://github.com/jackc/pgx) from 4.18.1 to 4.18.3. - [Changelog](https://github.com/jackc/pgx/blob/v4.18.3/CHANGELOG.md) - [Commits](https://github.com/jackc/pgx/compare/v4.18.1...v4.18.3) --- updated-dependencies: - dependency-name: github.com/jackc/pgx/v4 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Shengwen YU <yshengwen@vmware.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-03-29 16:14:23 +08:00
dependabot[bot]	ebb8050068	Bump golang.org/x/net from 0.17.0 to 0.22.0 in /src (#20113 ) Bumps [golang.org/x/net](https://github.com/golang/net) from 0.17.0 to 0.22.0. - [Commits](https://github.com/golang/net/compare/v0.17.0...v0.22.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Shengwen YU <yshengwen@vmware.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-03-29 15:15:28 +08:00
dependabot[bot]	9beede0d82	Bump github.com/cloudevents/sdk-go/v2 from 2.14.0 to 2.15.2 in /src (#20099 ) Bumps [github.com/cloudevents/sdk-go/v2](https://github.com/cloudevents/sdk-go) from 2.14.0 to 2.15.2. - [Release notes](https://github.com/cloudevents/sdk-go/releases) - [Commits](https://github.com/cloudevents/sdk-go/compare/v2.14.0...v2.15.2) --- updated-dependencies: - dependency-name: github.com/cloudevents/sdk-go/v2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-03-28 11:02:43 +00:00
dependabot[bot]	4acde986a9	Bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.3 in /src (#20104 ) Bumps [github.com/go-jose/go-jose/v3](https://github.com/go-jose/go-jose) from 3.0.1 to 3.0.3. - [Release notes](https://github.com/go-jose/go-jose/releases) - [Changelog](https://github.com/go-jose/go-jose/blob/v3.0.3/CHANGELOG.md) - [Commits](https://github.com/go-jose/go-jose/compare/v3.0.1...v3.0.3) --- updated-dependencies: - dependency-name: github.com/go-jose/go-jose/v3 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-03-28 18:24:03 +08:00
dependabot[bot]	8b8b88d86a	Bump golang.org/x/sync from 0.3.0 to 0.6.0 in /src (#20036 ) Bumps [golang.org/x/sync](https://github.com/golang/sync) from 0.3.0 to 0.6.0. - [Commits](https://github.com/golang/sync/compare/v0.3.0...v0.6.0) --- updated-dependencies: - dependency-name: golang.org/x/sync dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-03-28 17:46:37 +08:00
dependabot[bot]	d58172c112	Bump github.com/tencentcloud/tencentcloud-sdk-go from 1.0.62 to 3.0.233+incompatible in /src (#20035 ) Bump github.com/tencentcloud/tencentcloud-sdk-go in /src Bumps [github.com/tencentcloud/tencentcloud-sdk-go](https://github.com/tencentcloud/tencentcloud-sdk-go) from 1.0.62 to 3.0.233+incompatible. - [Commits](https://github.com/tencentcloud/tencentcloud-sdk-go/commits) --- updated-dependencies: - dependency-name: github.com/tencentcloud/tencentcloud-sdk-go dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-03-28 17:01:37 +08:00
dependabot[bot]	b9659b455b	Bump express from 4.18.2 to 4.19.2 in /src/portal (#20167 ) Bumps [express](https://github.com/expressjs/express) from 4.18.2 to 4.19.2. - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](https://github.com/expressjs/express/compare/4.18.2...4.19.2) --- updated-dependencies: - dependency-name: express dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-03-28 07:02:17 +00:00
Todd Whiteman	06f53368cd	ScanAll should only log an error when an error occurs (#20087 ) Signed-off-by: Todd Whiteman <todd.whiteman@joyent.com> Co-authored-by: Wang Yan <wangyan@vmware.com>	2024-03-27 15:15:14 +08:00
Lichao Xue	aa4a142bc1	Add two columns to display capability type for scanner (#20111 ) Signed-off-by: xuelichao <xuel@vmware.com> Signed-off-by: Lichao Xue <68891670+xuelichao@users.noreply.github.com> Co-authored-by: Wang Yan <wangyan@vmware.com>	2024-03-26 14:36:18 +08:00
James Kang	fd81e7c43e	chore: fix function names (#20159 ) Signed-off-by: majorteach <csgcgl@126.com> Co-authored-by: Wang Yan <wangyan@vmware.com>	2024-03-26 13:53:44 +08:00
stonezdj(Daojun Zhang)	80a9c688fc	panic due to mark retention task error (#20161 ) panic due to mark retention task error fixes #20129 Signed-off-by: stonezdj <daojunz@vmware.com>	2024-03-26 04:52:17 +00:00
Wang Yan	2eb5464603	add type for scanner metadata (#20108 ) Signed-off-by: wang yan <wangyan@vmware.com>	2024-03-25 07:02:39 +00:00
okestro-yj.yoo	69fc957d7e	[new-feature]Add Korean Translation (#19883 ) * Add Korean Translation Signed-off-by: Youngjun <yj.yoo@okestro.com> * Add Korean Translation Signed-off-by: Youngjun <yj.yoo@okestro.com> * Update src/portal/src/i18n/lang/ko-kr-lang.json Co-authored-by: Brian Hong <ushiii111798@gmail.com> Signed-off-by: okestro-yj.yoo <153485739+yj-yoo@users.noreply.github.com> * Update src/portal/src/i18n/lang/ko-kr-lang.json Co-authored-by: Brian Hong <ushiii111798@gmail.com> Signed-off-by: okestro-yj.yoo <153485739+yj-yoo@users.noreply.github.com> * Update src/portal/src/i18n/lang/ko-kr-lang.json Co-authored-by: Brian Hong <ushiii111798@gmail.com> Signed-off-by: okestro-yj.yoo <153485739+yj-yoo@users.noreply.github.com> * Update src/portal/src/i18n/lang/ko-kr-lang.json Co-authored-by: Brian Hong <ushiii111798@gmail.com> Signed-off-by: okestro-yj.yoo <153485739+yj-yoo@users.noreply.github.com> * Update src/portal/src/i18n/lang/ko-kr-lang.json Co-authored-by: Brian Hong <ushiii111798@gmail.com> Signed-off-by: okestro-yj.yoo <153485739+yj-yoo@users.noreply.github.com> * Update src/portal/src/i18n/lang/ko-kr-lang.json Co-authored-by: Brian Hong <ushiii111798@gmail.com> Signed-off-by: okestro-yj.yoo <153485739+yj-yoo@users.noreply.github.com> * Update src/portal/src/i18n/lang/ko-kr-lang.json Co-authored-by: Brian Hong <ushiii111798@gmail.com> Signed-off-by: okestro-yj.yoo <153485739+yj-yoo@users.noreply.github.com> * Update src/portal/src/i18n/lang/ko-kr-lang.json Co-authored-by: Brian Hong <ushiii111798@gmail.com> Signed-off-by: okestro-yj.yoo <153485739+yj-yoo@users.noreply.github.com> * Update src/portal/src/i18n/lang/ko-kr-lang.json Co-authored-by: Brian Hong <ushiii111798@gmail.com> Signed-off-by: okestro-yj.yoo <153485739+yj-yoo@users.noreply.github.com> * Update src/portal/src/i18n/lang/ko-kr-lang.json Co-authored-by: Brian Hong <ushiii111798@gmail.com> Signed-off-by: okestro-yj.yoo <153485739+yj-yoo@users.noreply.github.com> * Change '푸쉬' to '푸시' Signed-off-by: Youngjun <yj.yoo@okestro.com> * Update src/portal/src/i18n/lang/ko-kr-lang.json Co-authored-by: Brian Hong <ushiii111798@gmail.com> Signed-off-by: okestro-yj.yoo <153485739+yj-yoo@users.noreply.github.com> * Update src/portal/src/i18n/lang/ko-kr-lang.json Co-authored-by: Sion Kang <siontama@gmail.com> Signed-off-by: okestro-yj.yoo <153485739+yj-yoo@users.noreply.github.com> * Update src/portal/src/i18n/lang/ko-kr-lang.json Co-authored-by: Sion Kang <siontama@gmail.com> Signed-off-by: okestro-yj.yoo <153485739+yj-yoo@users.noreply.github.com> * Update src/portal/src/i18n/lang/ko-kr-lang.json Co-authored-by: Sion Kang <siontama@gmail.com> Signed-off-by: okestro-yj.yoo <153485739+yj-yoo@users.noreply.github.com> * Update src/portal/src/i18n/lang/ko-kr-lang.json Co-authored-by: Sion Kang <siontama@gmail.com> Signed-off-by: okestro-yj.yoo <153485739+yj-yoo@users.noreply.github.com> * Update src/portal/src/i18n/lang/ko-kr-lang.json Co-authored-by: Sion Kang <siontama@gmail.com> Signed-off-by: okestro-yj.yoo <153485739+yj-yoo@users.noreply.github.com> * Update src/portal/src/i18n/lang/ko-kr-lang.json Co-authored-by: Sion Kang <siontama@gmail.com> Signed-off-by: okestro-yj.yoo <153485739+yj-yoo@users.noreply.github.com> * unify technical vocabulary consistently. Signed-off-by: Youngjun <yj.yoo@okestro.com> --------- Signed-off-by: Youngjun <yj.yoo@okestro.com> Signed-off-by: okestro-yj.yoo <153485739+yj-yoo@users.noreply.github.com> Co-authored-by: Brian Hong <ushiii111798@gmail.com> Co-authored-by: Sion Kang <siontama@gmail.com> Co-authored-by: MinerYang <yminer@vmware.com>	2024-03-14 11:52:45 +08:00
MinerYang	f7a3392020	Update deletion for index type of accessory (#20073 ) update delete for index accessory Signed-off-by: yminer <yminer@vmware.com> revert error code update lint and comments	2024-03-13 14:46:11 +08:00
MinerYang	a269b4f31c	Update support for artifactType for both manifest and index (#20030 ) add artifact_type for artifact model to support artifactType filter Signed-off-by: yminer <yminer@vmware.com> add 2.11 sql schema & update index artifactType omitted Signed-off-by: yminer <yminer@vmware.com> update UT update migrate sql for artifact_type Signed-off-by: yminer <yminer@vmware.com> remove debug line	2024-03-12 13:52:56 +00:00
Wang Yan	dbe9790147	add generate sbom object utility (#20097 ) * add generate sbom object utility Leverage the go-containerregistry to generate the oci object for sbom and add it as an accessory of the subject artifact. Signed-off-by: wang yan <wangyan@vmware.com> * remove vendor Signed-off-by: wang yan <wangyan@vmware.com> * resolve comments Signed-off-by: wang yan <wangyan@vmware.com> * fix ut Signed-off-by: wang yan <wangyan@vmware.com> * resolve comments Signed-off-by: wang yan <wangyan@vmware.com> * remove the todo comments Signed-off-by: wang yan <wangyan@vmware.com> --------- Signed-off-by: wang yan <wangyan@vmware.com>	2024-03-12 12:27:34 +08:00
Lichao Xue	9b7c1a2274	Configure to auto generate SBOM or not on project configuration page. (#20059 ) Signed-off-by: xuelichao <xuel@vmware.com> Co-authored-by: Wang Yan <wangyan@vmware.com>	2024-03-06 08:06:25 +00:00
Wang Yan	d25f3556a9	update referrers api (#20068 ) Update the referrers API according to the changeset in distribution spec 1.1, available at https://github.com/opencontainers/distribution-spec/pull/491/files. Signed-off-by: wang yan <wangyan@vmware.com>	2024-03-01 15:25:38 +08:00
Wang Yan	3782bab80a	add sbom settings for project (#20069 ) Add a new switcher for sbom generation, by default is false. Signed-off-by: wang yan <wangyan@vmware.com>	2024-03-01 14:40:02 +08:00
Lichao Xue	d79e4b1176	revise the tags of Interrogation Services (#20049 ) Signed-off-by: xuelichao <xuel@vmware.com> Co-authored-by: Wang Yan <wangyan@vmware.com>	2024-02-29 14:37:26 +08:00
Lichao Xue	47546a5f9d	update help message for bandwidth of replication rule (#20016 ) Signed-off-by: xuelichao <xuel@vmware.com> Co-authored-by: Wang Yan <wangyan@vmware.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-02-26 16:57:24 +08:00
dependabot[bot]	c5790ced14	Bump github.com/aws/aws-sdk-go from 1.50.5 to 1.50.24 in /src (#20018 ) Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.50.5 to 1.50.24. - [Release notes](https://github.com/aws/aws-sdk-go/releases) - [Commits](https://github.com/aws/aws-sdk-go/compare/v1.50.5...v1.50.24) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-02-26 12:05:17 +08:00
dependabot[bot]	2fd4588782	Bump helm.sh/helm/v3 from 3.11.3 to 3.14.2 in /src (#20017 ) Bumps [helm.sh/helm/v3](https://github.com/helm/helm) from 3.11.3 to 3.14.2. - [Release notes](https://github.com/helm/helm/releases) - [Commits](https://github.com/helm/helm/compare/v3.11.3...v3.14.2) --- updated-dependencies: - dependency-name: helm.sh/helm/v3 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-02-26 10:08:51 +08:00
stonezdj(Daojun Zhang)	5b832c1724	Limit url to local path (#20025 )	2024-02-24 01:34:30 +00:00
dependabot[bot]	056c41fd80	Bump github.com/google/uuid from 1.3.1 to 1.6.0 in /src (#19954 ) Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.3.1 to 1.6.0. - [Release notes](https://github.com/google/uuid/releases) - [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md) - [Commits](https://github.com/google/uuid/compare/v1.3.1...v1.6.0) --- updated-dependencies: - dependency-name: github.com/google/uuid dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Shengwen YU <yshengwen@vmware.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-02-23 18:19:40 +08:00
dependabot[bot]	cb04005098	Bump github.com/go-openapi/strfmt from 0.21.8 to 0.22.0 in /src (#19955 ) Bumps [github.com/go-openapi/strfmt](https://github.com/go-openapi/strfmt) from 0.21.8 to 0.22.0. - [Commits](https://github.com/go-openapi/strfmt/compare/v0.21.8...v0.22.0) --- updated-dependencies: - dependency-name: github.com/go-openapi/strfmt dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-02-23 17:40:46 +08:00
dependabot[bot]	35f98344e6	Bump go.opentelemetry.io/otel from 1.21.0 to 1.23.1 in /src (#19972 ) Bumps [go.opentelemetry.io/otel](https://github.com/open-telemetry/opentelemetry-go) from 1.21.0 to 1.23.1. - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.21.0...v1.23.1) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-02-23 16:54:30 +08:00
stonezdj(Daojun Zhang)	54819ba8cd	Limit url to local site (#20013 ) Signed-off-by: stonezdj <daojunz@vmware.com> Co-authored-by: stonezdj <daojunz@vmware.com>	2024-02-23 07:40:13 +00:00
Antoine Jouve	73c2884e58	[Token/JWT] Update to golang-jwt v5.2.0 (#19802 ) * feat: update to golang-jwt v5.2.0 Signed-off-by: Antoine Jouve <ant.jouve@gmail.com> * fix: module issues and robot claims Signed-off-by: Antoine Jouve <ant.jouve@gmail.com> * fix: add missing time import Signed-off-by: Antoine Jouve <ant.jouve@gmail.com> * feat: set jwt validation leeway to 60s Signed-off-by: Antoine Jouve <ant.jouve@gmail.com> * fix: update leeways that were still set to 10s Signed-off-by: Antoine Jouve <ant.jouve@gmail.com> * feat: update go.sum Signed-off-by: Antoine Jouve <ant.jouve@gmail.com> * feat: add two leeway related test cases Signed-off-by: Antoine Jouve <ant.jouve@gmail.com> * fix: correct jwt audience validation Signed-off-by: Antoine Jouve <ant.jouve@gmail.com> * fix: gofmt v2_token.go Signed-off-by: Antoine Jouve <ant.jouve@gmail.com> * feat: take into account review comments Signed-off-by: Antoine Jouve <ant.jouve@gmail.com> * feat: use a common constant to store JWT leeway Signed-off-by: Antoine Jouve <ant.jouve@gmail.com> --------- Signed-off-by: Antoine Jouve <ant.jouve@gmail.com> Signed-off-by: Antoine Jouve <an-toine@users.noreply.github.com> Co-authored-by: MinerYang <yminer@vmware.com>	2024-02-23 11:30:13 +08:00
tostt	0e580836bb	Updated internationalisation : fr-fr (#19915 ) * Internationalisation : fr-fr Edited file fr-fr-lang.json: - Translation of new strings in French - Entries have been sorted the same way as en-us-lang.json Signed-off-by: tostt <tostt@users.noreply.github.com> * Update fr-fr-lang.json Corrections Signed-off-by: tostt <tostt@users.noreply.github.com> * Update src/portal/src/i18n/lang/fr-fr-lang.json Co-authored-by: Thomas Coudert <couderthomas@gmail.com> Signed-off-by: tostt <tostt@users.noreply.github.com> * Update src/portal/src/i18n/lang/fr-fr-lang.json Co-authored-by: Thomas Coudert <couderthomas@gmail.com> Signed-off-by: tostt <tostt@users.noreply.github.com> * Added missing translation Signed-off-by: tostt <tostt@users.noreply.github.com> --------- Signed-off-by: tostt <tostt@users.noreply.github.com> Co-authored-by: Thomas Coudert <couderthomas@gmail.com>	2024-02-11 14:21:10 +00:00
dependabot[bot]	f910c5654b	Bump vite and @angular-devkit/build-angular in /src/portal (#19945 ) Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) to 4.5.2 and updates ancestor dependency [@angular-devkit/build-angular](https://github.com/angular/angular-cli). These dependencies need to be updated together. Updates `vite` from 4.4.7 to 4.5.2 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v4.5.2/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v4.5.2/packages/vite) Updates `@angular-devkit/build-angular` from 16.2.9 to 16.2.12 - [Release notes](https://github.com/angular/angular-cli/releases) - [Changelog](https://github.com/angular/angular-cli/blob/main/CHANGELOG.md) - [Commits](https://github.com/angular/angular-cli/compare/16.2.9...16.2.12) --- updated-dependencies: - dependency-name: vite dependency-type: indirect - dependency-name: "@angular-devkit/build-angular" dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-02-05 10:03:07 +08:00
dependabot[bot]	db20b3b6ac	Bump github.com/go-ldap/ldap/v3 from 3.2.4 to 3.4.6 in /src (#19889 ) Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.2.4 to 3.4.6. - [Release notes](https://github.com/go-ldap/ldap/releases) - [Commits](https://github.com/go-ldap/ldap/compare/v3.2.4...v3.4.6) --- updated-dependencies: - dependency-name: github.com/go-ldap/ldap/v3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Shengwen YU <yshengwen@vmware.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-02-04 20:08:50 +08:00
dependabot[bot]	7cfc685b7a	Bump github.com/go-openapi/errors from 0.20.4 to 0.21.0 in /src (#19890 ) Bumps [github.com/go-openapi/errors](https://github.com/go-openapi/errors) from 0.20.4 to 0.21.0. - [Commits](https://github.com/go-openapi/errors/compare/v0.20.4...v0.21.0) --- updated-dependencies: - dependency-name: github.com/go-openapi/errors dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Shengwen YU <yshengwen@vmware.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-02-04 19:27:48 +08:00
dependabot[bot]	f562c3016d	Bump github.com/aws/aws-sdk-go from 1.34.28 to 1.50.5 in /src (#19920 ) Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.34.28 to 1.50.5. - [Release notes](https://github.com/aws/aws-sdk-go/releases) - [Commits](https://github.com/aws/aws-sdk-go/compare/v1.34.28...v1.50.5) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-02-04 18:32:12 +08:00
Bin Liu	5a576174b1	skip transaction for POST /service/token (#19339 ) Habor doesnot support POST /service/token endpoint, put this request into a transaction will consume extra database resources and generate many logs. Signed-off-by: bin liu <liubin0329@gmail.com>	2024-01-19 07:11:32 +00:00
zycupup	ee6f61c502	feat: volc cr adapter (#19456 ) feat: support volcEngine replication Signed-off-by: zhuyuchen.1 <zhuyuchen.1@bytedance.com>	2024-01-19 14:15:49 +08:00
dependabot[bot]	6d854a5534	Bump github.com/go-openapi/swag from 0.22.4 to 0.22.7 in /src (#19809 ) Bumps [github.com/go-openapi/swag](https://github.com/go-openapi/swag) from 0.22.4 to 0.22.7. - [Commits](https://github.com/go-openapi/swag/compare/v0.22.4...v0.22.7) --- updated-dependencies: - dependency-name: github.com/go-openapi/swag dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-01-18 14:14:44 +08:00
dependabot[bot]	6b1e5d2312	Bump github.com/vmihailenco/msgpack/v5 from 5.0.0-rc.2 to 5.4.1 in /src (#19810 ) Bumps [github.com/vmihailenco/msgpack/v5](https://github.com/vmihailenco/msgpack) from 5.0.0-rc.2 to 5.4.1. - [Release notes](https://github.com/vmihailenco/msgpack/releases) - [Changelog](https://github.com/vmihailenco/msgpack/blob/v5/CHANGELOG.md) - [Commits](https://github.com/vmihailenco/msgpack/compare/v5.0.0-rc.2...v5.4.1) --- updated-dependencies: - dependency-name: github.com/vmihailenco/msgpack/v5 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-01-18 13:34:33 +08:00
dependabot[bot]	6f6e85863e	Bump k8s.io/client-go from 0.26.2 to 0.29.0 in /src (#19813 ) Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.26.2 to 0.29.0. - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](https://github.com/kubernetes/client-go/compare/v0.26.2...v0.29.0) --- updated-dependencies: - dependency-name: k8s.io/client-go dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Wang Yan <wangyan@vmware.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-01-18 12:54:39 +08:00
ShengqiWang	caaa641521	fix label select bugs (#19850 ) Signed-off-by: shengqiw <shengqiw@vmware.com>	2024-01-18 02:46:25 +00:00
Yang Jiao	308c6cf657	Update isValidDuration function (#19843 ) Signed-off-by: Yang Jiao <yang.jiao@broadcom.com>	2024-01-17 08:41:45 +00:00
Ha Son Hai	7e0f6cc501	Fixing typo for About UI (#19840 ) Signed-off-by: Ha, Son Hai <sonhaiha@kpmg.com> Co-authored-by: Ha, Son Hai <sonhaiha@kpmg.com> Co-authored-by: MinerYang <yminer@vmware.com>	2024-01-15 15:16:23 +00:00
Shuaiyi	f17d90fadf	Log ensureArtifact ConflictErr (#19294 ) * Log ensureArtifact ConflictErr Signed-off-by: Shuaiyi Liu <liushuaiyi@gmail.com> * Log ensureArtifact ConflictErr Signed-off-by: Shuaiyi Liu <liushuaiyi@gmail.com> --------- Signed-off-by: Shuaiyi Liu <liushuaiyi@gmail.com> Co-authored-by: Wang Yan <wangyan@vmware.com>	2024-01-15 18:39:01 +08:00
Wang Yan	fdc012c237	remove the log for ScannerSkipUpdatePullTime (#19845 ) fixes #19795, remove the noise in the log Signed-off-by: wang yan <wangyan@vmware.com>	2024-01-15 17:47:16 +08:00
ShengqiWang	04a140332e	fix artifact page bug (#19807 ) * fix artifact page bug * update testcase	2024-01-15 06:09:56 +00:00
Yang Jiao	eb125419cc	Add verification that robot account duration is not 0 (#19829 ) Signed-off-by: Yang Jiao <yang.jiao@broadcom.com>	2024-01-15 13:25:56 +08:00
stonezdj(Daojun Zhang)	891f6785f2	Cache image list with digest key (#19801 ) fixes #19429 Signed-off-by: stonezdj <daojunz@vmware.com> Co-authored-by: stonezdj <daojunz@vmware.com>	2024-01-11 06:55:35 +00:00
Yang Jiao	7268a3f3e2	Remove robot account update quota permission (#19819 ) Signed-off-by: Yang Jiao <yang.jiao@broadcom.com> Co-authored-by: Yang Jiao <yang.jiao@broadcom.com>	2024-01-10 03:07:24 +00:00
Lars Lehtonen	49c5a068ad	registryctl/api/registry/blob: fix dropped test error (#19721 ) Signed-off-by: Lars Lehtonen <lars.lehtonen@gmail.com>	2024-01-09 12:45:24 +00:00
Maksym Trofimenko	9e5efc99e8	add repository read permission to limitedGuest (#19757 ) Signed-off-by: Maksym Trofimenko <maksym@container-registry.com> Co-authored-by: Maksym Trofimenko <maksym@container-registry.com>	2024-01-08 11:42:39 +00:00
dependabot[bot]	f8d2169712	Bump github.com/go-openapi/runtime from 0.19.20 to 0.26.2 in /src (#19763 ) Bumps [github.com/go-openapi/runtime](https://github.com/go-openapi/runtime) from 0.19.20 to 0.26.2. - [Release notes](https://github.com/go-openapi/runtime/releases) - [Commits](https://github.com/go-openapi/runtime/compare/v0.19.20...v0.26.2) --- updated-dependencies: - dependency-name: github.com/go-openapi/runtime dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Shengwen YU <yshengwen@vmware.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-01-08 16:02:08 +08:00
dependabot[bot]	bb2581c669	Bump gopkg.in/h2non/gock.v1 from 1.0.16 to 1.1.2 in /src (#19765 ) Bumps gopkg.in/h2non/gock.v1 from 1.0.16 to 1.1.2. --- updated-dependencies: - dependency-name: gopkg.in/h2non/gock.v1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-01-08 14:42:26 +08:00
Yang Jiao	64a2296b58	Add quota permissions to robot account (#19799 ) Fix #19792 Signed-off-by: Yang Jiao <yang.jiao@broadcom.com> Co-authored-by: Yang Jiao <yang.jiao@broadcom.com>	2024-01-08 11:43:22 +08:00
dependabot[bot]	de7ea2849e	Bump github.com/cloudevents/sdk-go/v2 from 2.13.0 to 2.14.0 in /src (#19764 ) Bumps [github.com/cloudevents/sdk-go/v2](https://github.com/cloudevents/sdk-go) from 2.13.0 to 2.14.0. - [Release notes](https://github.com/cloudevents/sdk-go/releases) - [Commits](https://github.com/cloudevents/sdk-go/compare/v2.13.0...v2.14.0) --- updated-dependencies: - dependency-name: github.com/cloudevents/sdk-go/v2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-01-08 09:46:21 +08:00
dependabot[bot]	88a4cabcaf	Bump github.com/golang-jwt/jwt/v4 from 4.4.2 to 4.5.0 in /src (#19766 ) Bumps [github.com/golang-jwt/jwt/v4](https://github.com/golang-jwt/jwt) from 4.4.2 to 4.5.0. - [Release notes](https://github.com/golang-jwt/jwt/releases) - [Changelog](https://github.com/golang-jwt/jwt/blob/main/VERSION_HISTORY.md) - [Commits](https://github.com/golang-jwt/jwt/compare/v4.4.2...v4.5.0) --- updated-dependencies: - dependency-name: github.com/golang-jwt/jwt/v4 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-01-05 17:20:40 +08:00
dependabot[bot]	378ff62350	Bump golang.org/x/time from 0.4.0 to 0.5.0 in /src (#19767 ) Bumps [golang.org/x/time](https://github.com/golang/time) from 0.4.0 to 0.5.0. - [Commits](https://github.com/golang/time/compare/v0.4.0...v0.5.0) --- updated-dependencies: - dependency-name: golang.org/x/time dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2024-01-05 16:15:15 +08:00
ShengqiWang	ed4587b491	update project-SelectScanner modal Default field css (#19753 ) Co-authored-by: Wang Yan <wangyan@vmware.com>	2024-01-04 02:23:55 +00:00
ShengqiWang	923295c990	add description in scanner page (#19733 ) Signed-off-by: shengqiw <shengqiw@vmware.com>	2023-12-21 14:52:11 +08:00
dependabot[bot]	49ee3b7759	Bump go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux from 0.45.0 to 0.46.1 in /src (#19727 ) Bump go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux Bumps [go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux](https://github.com/open-telemetry/opentelemetry-go-contrib) from 0.45.0 to 0.46.1. - [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go-contrib/compare/zpages/v0.45.0...zpages/v0.46.1) --- updated-dependencies: - dependency-name: go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2023-12-21 10:09:50 +08:00
Yang Jiao	6793da72e3	Fix project metadata validate bug (#19746 ) Signed-off-by: Yang Jiao <yang.jiao@broadcom.com> Co-authored-by: Yang Jiao <yang.jiao@broadcom.com>	2023-12-20 15:28:07 +08:00
dependabot[bot]	2f2a6462ad	Bump github.com/bmatcuk/doublestar from 1.1.1 to 1.3.4 in /src (#19698 ) Bumps [github.com/bmatcuk/doublestar](https://github.com/bmatcuk/doublestar) from 1.1.1 to 1.3.4. - [Release notes](https://github.com/bmatcuk/doublestar/releases) - [Commits](https://github.com/bmatcuk/doublestar/compare/v1.1.1...v1.3.4) --- updated-dependencies: - dependency-name: github.com/bmatcuk/doublestar dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2023-12-20 13:33:53 +08:00
dependabot[bot]	41adc7508a	Bump github.com/prometheus/client_golang from 1.14.0 to 1.17.0 in /src (#19699 ) Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.14.0 to 1.17.0. - [Release notes](https://github.com/prometheus/client_golang/releases) - [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md) - [Commits](https://github.com/prometheus/client_golang/compare/v1.14.0...v1.17.0) --- updated-dependencies: - dependency-name: github.com/prometheus/client_golang dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2023-12-20 10:48:20 +08:00
dependabot[bot]	dcd3c3dbfd	Bump github.com/coreos/go-oidc/v3 from 3.7.0 to 3.9.0 in /src (#19701 ) Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc) from 3.7.0 to 3.9.0. - [Release notes](https://github.com/coreos/go-oidc/releases) - [Commits](https://github.com/coreos/go-oidc/compare/v3.7.0...v3.9.0) --- updated-dependencies: - dependency-name: github.com/coreos/go-oidc/v3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2023-12-19 17:06:32 +08:00
dependabot[bot]	80b3ea5501	Bump golang.org/x/crypto from 0.14.0 to 0.17.0 in /src (#19729 ) Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.14.0 to 0.17.0. - [Commits](https://github.com/golang/crypto/compare/v0.14.0...v0.17.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2023-12-19 14:19:48 +08:00
MinerYang	b38de22054	bump golang 1.21.5 & fix golangci-lint error (#19722 ) bump golang 1.21.5 update golangci-lint && fix revive error fix white space lint Signed-off-by: yminer <yminer@vmware.com>	2023-12-19 09:41:26 +08:00
dependabot[bot]	5f828ea72f	Bump github.com/go-openapi/errors from 0.19.6 to 0.20.4 in /src (#19697 ) Bumps [github.com/go-openapi/errors](https://github.com/go-openapi/errors) from 0.19.6 to 0.20.4. - [Commits](https://github.com/go-openapi/errors/compare/v0.19.6...v0.20.4) --- updated-dependencies: - dependency-name: github.com/go-openapi/errors dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2023-12-14 12:10:51 +08:00
dependabot[bot]	6b41277b03	Bump sigs.k8s.io/yaml from 1.3.0 to 1.4.0 in /src (#19631 ) Bumps [sigs.k8s.io/yaml](https://github.com/kubernetes-sigs/yaml) from 1.3.0 to 1.4.0. - [Release notes](https://github.com/kubernetes-sigs/yaml/releases) - [Changelog](https://github.com/kubernetes-sigs/yaml/blob/master/RELEASE.md) - [Commits](https://github.com/kubernetes-sigs/yaml/compare/v1.3.0...v1.4.0) --- updated-dependencies: - dependency-name: sigs.k8s.io/yaml dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2023-12-08 15:11:38 +08:00
dependabot[bot]	8859f69668	Bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.1 in /src (#19636 ) Bumps [github.com/go-jose/go-jose/v3](https://github.com/go-jose/go-jose) from 3.0.0 to 3.0.1. - [Release notes](https://github.com/go-jose/go-jose/releases) - [Changelog](https://github.com/go-jose/go-jose/blob/v3/CHANGELOG.md) - [Commits](https://github.com/go-jose/go-jose/compare/v3.0.0...v3.0.1) --- updated-dependencies: - dependency-name: github.com/go-jose/go-jose/v3 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2023-12-08 13:20:20 +08:00
dependabot[bot]	af4c6b6f0f	Bump github.com/gorilla/handlers from 1.5.1 to 1.5.2 in /src (#19632 ) Bumps [github.com/gorilla/handlers](https://github.com/gorilla/handlers) from 1.5.1 to 1.5.2. - [Release notes](https://github.com/gorilla/handlers/releases) - [Commits](https://github.com/gorilla/handlers/compare/v1.5.1...v1.5.2) --- updated-dependencies: - dependency-name: github.com/gorilla/handlers dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2023-12-08 09:59:06 +08:00
dependabot[bot]	2984c2e04b	Bump github.com/robfig/cron/v3 from 3.0.0 to 3.0.1 in /src (#19633 ) Bumps [github.com/robfig/cron/v3](https://github.com/robfig/cron) from 3.0.0 to 3.0.1. - [Commits](https://github.com/robfig/cron/compare/v3.0.0...v3.0.1) --- updated-dependencies: - dependency-name: github.com/robfig/cron/v3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2023-12-07 17:49:21 +08:00
Shijun Sun	f99a619bc6	Add min-width to the permission column (#19675 ) 1. To avoid style confusion Signed-off-by: AllForNothing <shijun.sun@broadcom.com>	2023-12-07 05:37:45 +00:00
Shijun Sun	323e11fefb	Update the wording text for the system robot account (#19666 ) Signed-off-by: AllForNothing <shijun.sun@broadcom.com>	2023-12-05 09:43:02 +00:00
Shijun Sun	469b6a495b	Update the style for the robot acccount ui (#19663 ) 1. Fixes #19614 2. Fixes #19617 Signed-off-by: AllForNothing <shijun.sun@broadcom.com>	2023-12-05 09:00:17 +00:00
Shengwen YU	1cbc901599	fix: upgrade google.golang.org/grpc (#19648 ) fix: upgrade google.golang.org/grpc and go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp Signed-off-by: Shengwen Yu <yshengwen@vmware.com>	2023-12-05 16:22:39 +08:00
Wang Yan	7b40dc6f46	fix the landing accessory data (#19661 ) Fix the keywords when to list accessories belong to the subject manifest. Signed-off-by: wang yan <wangyan@vmware.com>	2023-12-05 14:14:32 +08:00
Shijun Sun	7fee99b5fe	Update the name checking for the robot account (#19645 ) 1. Fixes #19612 Signed-off-by: AllForNothing <shijun.sun@broadcom.com>	2023-12-05 03:01:40 +00:00
dependabot[bot]	bf251ef0aa	Bump github.com/coreos/go-oidc/v3 from 3.0.0 to 3.7.0 in /src (#19542 ) Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc) from 3.0.0 to 3.7.0. - [Release notes](https://github.com/coreos/go-oidc/releases) - [Commits](https://github.com/coreos/go-oidc/compare/v3.0.0...v3.7.0) --- updated-dependencies: - dependency-name: github.com/coreos/go-oidc/v3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2023-11-28 09:31:16 +08:00
Wang Yan	3f72604d57	fix robot account access issue (#19627 ) fixes #19622 Resolve the 403 issue occurring when a robot account, equipped with both system and project scope, attempts to access project resources. Signed-off-by: wang yan <wangyan@vmware.com>	2023-11-27 19:16:37 +08:00
dependabot[bot]	e1df9b0a73	Bump golang.org/x/time from 0.0.0-20220210224613-90d013bbcef8 to 0.4.0 in /src (#19541 ) Bump golang.org/x/time in /src Bumps [golang.org/x/time](https://github.com/golang/time) from 0.0.0-20220210224613-90d013bbcef8 to 0.4.0. - [Commits](https://github.com/golang/time/commits/v0.4.0) --- updated-dependencies: - dependency-name: golang.org/x/time dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shengwen YU <yshengwen@vmware.com>	2023-11-27 16:58:28 +08:00
Wang Yan	e6900301ce	fix system label resource (#19621 ) Make sure robot can use rbac.Resource(label) to access system level label Signed-off-by: wang yan <wangyan@vmware.com>	2023-11-27 13:34:17 +08:00
Shijun Sun	d967ac0fb6	Update the permission scope (#19603 ) 1. Update the permission scope 2. Sort the resources and actions by unicode Signed-off-by: AllForNothing <sshijun@vmware.com>	2023-11-22 06:37:31 +00:00
Wang Yan	062d144d22	add permission validation for robot creating and updating. (#19598 ) * add permission validation for robot creating and updating. It is not allowed to create an new robot with the access outside the predefined scope. Signed-off-by: wang yan <wangyan@vmware.com> * Fix robot testcase and update robot permission metadata (#167) 1. Fix robot testcase 2. update robot permission metadata Signed-off-by: Yang Jiao <jiaoya@vmware.com> Signed-off-by: wang yan <wangyan@vmware.com> --------- Signed-off-by: wang yan <wangyan@vmware.com> Signed-off-by: Yang Jiao <jiaoya@vmware.com> Co-authored-by: Yang Jiao <72076317+YangJiao0817@users.noreply.github.com>	2023-11-22 12:51:03 +08:00
Chlins Zhang	43ccd2f09f	perf: optimize the performance of accessory query (#19557 ) 1. Add db index for subject_artifact_id in table artifact_accessory. 2. Optimize the SQL of excluding the accessory for artifact count. Signed-off-by: chlins <chenyuzh@vmware.com>	2023-11-22 02:11:11 +00:00
Chlins Zhang	553c85eed0	fix: increase beego max memory and upload size (#19578 ) 1. Increase the default beego max memory and upload size from 32GB to 128GB. 2. Support customize the two beego configs from env. Signed-off-by: chlins <chenyuzh@vmware.com> Co-authored-by: Wang Yan <wangyan@vmware.com>	2023-11-21 15:36:06 +08:00
Maksym Trofimenko	996e57b511	Feature: GDPR compliant audit logs (#17396 )	2023-11-20 21:31:22 +01:00
stonezdj(Daojun Zhang)	307a3121aa	Return empty result when no scanner configured (#19577 ) fixes #19534 Signed-off-by: stonezdj <daojunz@vmware.com>	2023-11-17 07:29:19 +00:00
Shijun Sun	95b4032201	Correct loop condition for replication tasks (#19570 ) Signed-off-by: AllForNothing <sshijun@vmware.com>	2023-11-15 09:50:06 +00:00

1 2 3 4 5 ...

6029 Commits