github/skopeo
1
0
Fork 0
mirror of https://github.com/containers/skopeo.git synced 2025-08-28 02:52:41 +00:00
Code Issues Projects Releases Wiki Activity
2,085 Commits 19 Branches 102 Tags 121 MiB
release-1.6
Commit Graph

70 Commits

Author SHA1 Message Date
Lokesh Mandvekar
6153a02cef
bump golang.org/x/net to v0.7.0 
Resolves: CVE-2022-41723
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-41723

bumped golang to 1.17

Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
 2023-03-24 10:06:32 +05:30
dependabot[bot]
1bf18b7ef8
Bump github.com/containers/storage from 1.37.0 to 1.38.0 
Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.37.0 to 1.38.0.
- [Release notes](https://github.com/containers/storage/releases)
- [Changelog](https://github.com/containers/storage/blob/main/docs/containers-storage-changes.md)
- [Commits](https://github.com/containers/storage/compare/v1.37.0...v1.38.0)

---
updated-dependencies:
- dependency-name: github.com/containers/storage
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-20 09:10:51 +00:00
James Hewitt
2046bfdaaa Add option to preserve digests on copy 
When enabled, if digests can't be preserved an error will be raised.

Signed-off-by: James Hewitt <james.hewitt@uk.ibm.com>
 2021-12-07 13:16:10 +00:00
Miloslav Trmač
37d801c90b Update opencontainers/image-spec 
... to a version past 1.0.2, just to keep various
dependency checkers happy.

> go get github.com/opencontainers/image-spec@v1.0.2-0.20211123152302-43a7dee1ec31

The commit is intended to match https://github.com/containers/image/pull/1419
to minimize churn.

NOTE: This is NOT a fix for CVE-2021-41190 / GHSA-77vh-xpmg-72qh ,
that was fixed in Skopeo 1.5.2.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2021-12-02 18:56:36 +01:00
Paul Fisher
c8777f3bf7 bump containers/image to 2541165 
Signed-off-by: Paul Fisher <pfisher@lyft.com>
 2021-10-21 17:29:03 -07:00
dependabot[bot]
a837fbe28b
Bump github.com/containers/storage from 1.35.0 to 1.36.0 
Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.35.0 to 1.36.0.
- [Release notes](https://github.com/containers/storage/releases)
- [Changelog](https://github.com/containers/storage/blob/main/docs/containers-storage-changes.md)
- [Commits](https://github.com/containers/storage/compare/v1.35.0...v1.36.0)

---
updated-dependencies:
- dependency-name: github.com/containers/storage
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-09-13 08:31:20 +00:00
Miloslav Trmač
c399909f04 Update non-module dependencies 
Dependabot was apparently not picking these up (and
several haven't had a release for a long time anyway).

Also move from github.com/go-check/check to its newly
declared (and go.mod-enforced) name gopkg.in/check.v1.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2021-08-23 15:52:48 +02:00
dependabot[bot]
9acb8b6a15
Bump github.com/containers/common from 0.42.1 to 0.43.0 
Bumps [github.com/containers/common](https://github.com/containers/common) from 0.42.1 to 0.43.0.
- [Release notes](https://github.com/containers/common/releases)
- [Commits](https://github.com/containers/common/compare/v0.42.1...v0.43.0)

---
updated-dependencies:
- dependency-name: github.com/containers/common
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-08-11 08:23:50 +00:00
dependabot[bot]
be821b4f59
Bump github.com/containers/storage from 1.33.1 to 1.33.2 
Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.33.1 to 1.33.2.
- [Release notes](https://github.com/containers/storage/releases)
- [Changelog](https://github.com/containers/storage/blob/main/docs/containers-storage-changes.md)
- [Commits](https://github.com/containers/storage/compare/v1.33.1...v1.33.2)

---
updated-dependencies:
- dependency-name: github.com/containers/storage
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2021-08-06 11:15:28 -04:00
dependabot[bot]
d82c662101
Bump github.com/containers/storage from 1.32.6 to 1.33.0 
Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.32.6 to 1.33.0.
- [Release notes](https://github.com/containers/storage/releases)
- [Changelog](https://github.com/containers/storage/blob/main/docs/containers-storage-changes.md)
- [Commits](https://github.com/containers/storage/compare/v1.32.6...v1.33.0)

---
updated-dependencies:
- dependency-name: github.com/containers/storage
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-07-28 12:33:17 +00:00
dependabot[bot]
e7c5e9f7e6
Bump github.com/containers/storage from 1.32.3 to 1.32.4 
Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.32.3 to 1.32.4.
- [Release notes](https://github.com/containers/storage/releases)
- [Changelog](https://github.com/containers/storage/blob/main/docs/containers-storage-changes.md)
- [Commits](https://github.com/containers/storage/compare/v1.32.3...v1.32.4)

---
updated-dependencies:
- dependency-name: github.com/containers/storage
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-06-23 08:27:06 +00:00
dependabot[bot]
865407cad0
Bump github.com/containers/storage from 1.32.1 to 1.32.2 
Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.32.1 to 1.32.2.
- [Release notes](https://github.com/containers/storage/releases)
- [Changelog](https://github.com/containers/storage/blob/master/docs/containers-storage-changes.md)
- [Commits](https://github.com/containers/storage/compare/v1.32.1...v1.32.2)

---
updated-dependencies:
- dependency-name: github.com/containers/storage
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-06-10 08:21:38 +00:00
dependabot[bot]
68f188ae77
Bump github.com/containers/common from 0.38.0 to 0.38.1 
Bumps [github.com/containers/common](https://github.com/containers/common) from 0.38.0 to 0.38.1.
- [Release notes](https://github.com/containers/common/releases)
- [Commits](https://github.com/containers/common/compare/v0.38.0...v0.38.1)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-05-13 08:17:04 +00:00
dependabot-preview[bot]
be600975a9 Bump github.com/containers/storage from 1.25.0 to 1.26.0 
Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.25.0 to 1.26.0.
- [Release notes](https://github.com/containers/storage/releases)
- [Changelog](https://github.com/containers/storage/blob/master/docs/containers-storage-changes.md)
- [Commits](https://github.com/containers/storage/compare/v1.25.0...v1.26.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2021-02-22 16:54:52 +01:00
dependabot-preview[bot]
131b2b8c63
Bump github.com/containers/common from 0.31.0 to 0.31.1 
Bumps [github.com/containers/common](https://github.com/containers/common) from 0.31.0 to 0.31.1.
- [Release notes](https://github.com/containers/common/releases)
- [Commits](https://github.com/containers/common/compare/v0.31.0...v0.31.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2020-12-21 15:58:05 -05:00
dependabot-preview[bot]
c24363ccda
Bump github.com/containers/storage from 1.21.2 to 1.22.0 
Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.21.2 to 1.22.0.
- [Release notes](https://github.com/containers/storage/releases)
- [Changelog](https://github.com/containers/storage/blob/master/docs/containers-storage-changes.md)
- [Commits](https://github.com/containers/storage/compare/v1.21.2...v1.22.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2020-08-07 08:21:01 -04:00
Daniel J Walsh
5e2264d2b5
Bump github.com/containers/storage from 1.20.2 to 1.21.0 
Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.20.2 to 1.21.0.
- [Release notes](https://github.com/containers/storage/releases)
- [Changelog](https://github.com/containers/storage/blob/master/docs/containers-storage-changes.md)
- [Commits](https://github.com/containers/storage/compare/v1.20.2...v1.21.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2020-07-11 07:38:43 -04:00
dependabot-preview[bot]
142142c040
Bump github.com/containers/common from 0.15.1 to 0.15.2 
Bumps [github.com/containers/common](https://github.com/containers/common) from 0.15.1 to 0.15.2.
- [Release notes](https://github.com/containers/common/releases)
- [Commits](https://github.com/containers/common/compare/v0.15.1...v0.15.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2020-07-06 14:53:30 -04:00
dependabot-preview[bot]
ae97c667e3
Bump github.com/containers/common from 0.11.4 to 0.12.0 
Bumps [github.com/containers/common](https://github.com/containers/common) from 0.11.4 to 0.12.0.
- [Release notes](https://github.com/containers/common/releases)
- [Commits](https://github.com/containers/common/compare/v0.11.4...v0.12.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2020-05-29 05:55:57 -04:00
dependabot-preview[bot]
4244d68240
Bump github.com/opencontainers/go-digest from 1.0.0-rc1 to 1.0.0 
Bumps [github.com/opencontainers/go-digest](https://github.com/opencontainers/go-digest) from 1.0.0-rc1 to 1.0.0.
- [Release notes](https://github.com/opencontainers/go-digest/releases)
- [Commits](https://github.com/opencontainers/go-digest/compare/v1.0.0-rc1...v1.0.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2020-05-14 06:42:55 -04:00
Daniel J Walsh
5b479b1090
Bump containers/image to v5.4.3 
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2020-04-07 16:20:29 -04:00
Valentin Rothberg
6569236642 vendor c/image v5.4.2 
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
 2020-04-07 12:25:12 +02:00
dependabot-preview[bot]
ebeb1c3f59 Bump github.com/containers/storage from 1.16.2 to 1.16.3 
Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.16.2 to 1.16.3.
- [Release notes](https://github.com/containers/storage/releases)
- [Changelog](https://github.com/containers/storage/blob/master/docs/containers-storage-changes.md)
- [Commits](https://github.com/containers/storage/compare/v1.16.2...v1.16.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2020-03-13 00:00:20 +01:00
dependabot-preview[bot]
7dcfc18309
Bump github.com/containers/storage from 1.16.0 to 1.16.1 
Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.16.0 to 1.16.1.
- [Release notes](https://github.com/containers/storage/releases)
- [Changelog](https://github.com/containers/storage/blob/master/docs/containers-storage-changes.md)
- [Commits](https://github.com/containers/storage/compare/v1.16.0...v1.16.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2020-03-04 09:24:57 -05:00
dependabot-preview[bot]
ef1b005c95 Bump github.com/containers/common from 0.2.1 to 0.4.2 
Bumps [github.com/containers/common](https://github.com/containers/common) from 0.2.1 to 0.4.2.
- [Release notes](https://github.com/containers/common/releases)
- [Commits](https://github.com/containers/common/compare/v0.2.1...v0.4.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2020-02-25 22:53:25 +01:00
Valentin Rothberg
a7297d4db7 vendor github.com/containers/image/v5@v5.2.0 
See release notes:
https://github.com/containers/image/releases/tag/v5.2.0

Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
 2020-02-03 16:49:05 +01:00
Harshal Patil
39ff039b3b Image encryption/decryption support in skopeo 
Signed-off-by: Harshal Patil <harshal.patil@in.ibm.com>
Signed-off-by: Brandon Lum <lumjjb@gmail.com>
 2019-11-26 15:17:38 +05:30
dependabot-preview[bot]
05ae513b18 Bump github.com/containers/buildah from 1.8.4 to 1.11.4 
Bumps [github.com/containers/buildah](https://github.com/containers/buildah) from 1.8.4 to 1.11.4.
- [Release notes](https://github.com/containers/buildah/releases)
- [Changelog](https://github.com/containers/buildah/blob/master/CHANGELOG.md)
- [Commits](https://github.com/containers/buildah/compare/v1.8.4...v1.11.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
 2019-11-02 07:41:01 +01:00
Valentin Rothberg
f1d8451b09 update OCI image-spec to 775207bd45b6cb8153ce218cc59351799217451f 
This mainly pulls in the latest support for zstd-compressed layers and
eases testing of containers/image.

Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
 2019-08-26 12:43:24 +02:00
Valentin Rothberg
700b3102af update github.com/containers/{image,storage} 
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
 2019-08-06 14:13:03 +02:00
Valentin Rothberg
033b290217 migrate to go modules 
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
 2019-06-21 13:58:19 +02:00
Valentin Rothberg
ebfa1e936b vendor.conf: pin branches to releases or commits 
Most of the dependencies have been copied from libpod's vendor.conf
where such a cleanup has been executed recently.

Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
 2019-02-21 14:03:14 +01:00
Giuseppe Scrivano
5675895460
vendor: update containers/storage and containers/image 
some tests I've done to try out the difference in performance:

I am using a directory repository so to not depend on the network.

User time (seconds): 39.40
System time (seconds): 6.83
Percent of CPU this job got: 121%
Elapsed (wall clock) time (h:mm:ss or m:ss): 0:38.07
User time (seconds): 8.32
System time (seconds): 1.62
Percent of CPU this job got: 128%
Elapsed (wall clock) time (h:mm:ss or m:ss): 0:07.72

User time (seconds): 42.68
System time (seconds): 6.64
Percent of CPU this job got: 162%
Elapsed (wall clock) time (h:mm:ss or m:ss): 0:30.44
User time (seconds): 8.94
System time (seconds): 1.51
Percent of CPU this job got: 178%
Elapsed (wall clock) time (h:mm:ss or m:ss): 0:05.85

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
 2018-12-18 10:45:39 +01:00
Miloslav Trmač
72468d6817 Vendor c/image after merging vrothberg/image:regsv2-docker 
Also update the user and tests for the API change.
 2018-11-29 13:28:04 +01:00
Daniel J Walsh
65d28709c3
Update vendor for skopeo release 
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2018-09-21 08:49:55 -04:00
Miloslav Trmač
67ffa00b1d Run (make vendor) 
Temporarily vendor opencontainers/image-spec from a fork
to fix "id" value duplication, which is detected and
refused by gojsonschema now
( https://github.com/opencontainers/image-spec/pull/750 ).

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2018-09-17 16:16:19 +02:00
Miloslav Trmač
1a259b76da Vendor after merging mtrmac/image:docker-archive-auto-compression 
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2018-07-18 01:02:26 +02:00
Daniel J Walsh
976d57ea45 Vendor in latest go-selinux and containers/storage 
skopeo is failing to build now on 32 bit systems.  go-selinux update
should fix this.  Also container/storage has had some cleanup fixes
to devicemapper support.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2018-05-22 11:09:34 -04:00
Miloslav Trmač
14ea9f8bfd Run (make vendor) for the first time. 
This primarily adds vendor/github.com/containers/image/docs/ ,
but also updates other dependencies that are not pinned to a specific
commit.
 2018-05-19 04:24:17 +02:00
Miloslav Trmač
7aba888e99 Vendor after merging containers/image#436 
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2018-04-05 21:33:04 +02:00
Antoine Eiche
61351d44d7 Vendor after merging https://github.com/containers/image/pull/370 
Signed-off-by: Antoine Eiche <lewo@abesis.fr>
 2018-03-28 18:46:26 +02:00
Miloslav Trmač
60aa4aa82d Vendor after merging mtrmac/image:305-cleanup 
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2018-03-15 15:25:31 +01:00
Miloslav Trmač
dc1567c8bc Re-vendor, and use mtrmac/image-spec:id-based-loader to fix tests 
Anyone running (vndr) currently ends up with failing tests in OCI schema
validation because gojsonschema has fixed its "$ref" interpretation, exposing
inconsistent URI usage inside image-spec/schema.

So, this runs (vndr), and uses mtrmac/image-spec:id-based-loader
( https://github.com/opencontainers/image-spec/pull/739 ) to make the tests pass
again.  As soon as that PR is merged we should revert to using the upstream
image-spec repo again.
 2018-02-09 18:34:31 +01:00
Miloslav Trmač
27f320b27f Vendor after merging mtrmac/image:manifest-lists 2017-11-16 16:27:52 +01:00
Miloslav Trmač
700199c944 Update image-tools, and remove the duplicate Sirupsen/logrus vendor 2017-10-30 17:24:44 +01:00
Aleksa Sarai
96ce8b63bc
vendor: revendor github.com/opencontainers/image-tools@da84dc9dddc823a32f543e60323f841d12429c51 
This requires re-vendoring a bunch of other things (as well as the old
Sirupsen/logrus path), the relevant commits being:

* github.com/xeipuuv/gojsonschema@0c8571ac0ce161a5feb57375a9cdf148c98c0f70
* github.com/xeipuuv/gojsonpointer@6fe8760cad3569743d51ddbb243b26f8456742dc
* github.com/xeipuuv/gojsonreference@e02fc20de94c78484cd5ffb007f8af96be030a45
* go4.org@034d17a462f7b2dcd1a4a73553ec5357ff6e6c6e

Signed-off-by: Aleksa Sarai <asarai@suse.de>
 2017-08-15 02:08:12 +10:00
Miloslav Trmač
2c1ede8449 Update to image-spec v1.0.0 and revendor 2017-07-19 23:50:50 +02:00
Miloslav Trmač
63272a10d7 Vendor after merging mtrmac/image:docker-certs.d 2017-05-30 18:26:43 +02:00
Antonio Murdaca
405b912f7e
update image-spec to v1.0.0-rc6 
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
 2017-05-24 16:35:57 +02:00
Miloslav Trmač
ffb01385dd Vendor after merging https://github.com/containers/image/pull/275 2017-05-17 17:12:23 +02:00