github/skopeo
1
0
Fork 0
mirror of https://github.com/containers/skopeo.git synced 2025-04-27 19:05:32 +00:00
Code Issues Projects Releases Wiki Activity
3,159 Commits 19 Branches 100 Tags 84 MiB
bb26ea90f9
Commit Graph

75 Commits

Author SHA1 Message Date
renovate[bot]
4c55fce106
chore(deps): update module golang.org/x/net to v0.38.0 [security] 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-04-17 15:12:35 +00:00
renovate[bot]
03fa889da5
chore(deps): update module golang.org/x/net to v0.36.0 [security] 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-03-18 18:51:45 +00:00
renovate[bot]
b78a415987 fix(deps): update module github.com/containers/image/v5 to v5.34.0 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2025-01-31 21:34:59 +01:00
renovate[bot]
568d5d1c6f
chore(deps): update module golang.org/x/net to v0.33.0 [security] 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-12-22 19:13:46 +00:00
tomsweeneyredhat
34f0644177 Bump c/common to v0.60.0 
As the title says.  In preparation of Skopeo v1.17.0 to go
out with Podman v5.3, this gets the c/* projects to:

containers/storage:  v1.56.0
containers/image:    v5.33.0
containers/common:   v0.61.0

Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
 2024-11-12 17:58:45 -05:00
renovate[bot]
17da582650
fix(deps): update module github.com/containers/common to v0.60.1 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-12 19:44:29 +00:00
renovate[bot]
b97655fa16
chore(deps): update module google.golang.org/grpc to v1.64.1 [security] 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-07-11 17:15:06 +00:00
renovate[bot]
ea61840040
fix(deps): update module golang.org/x/exp to v0.0.0-20240506185415-9bf2ced13842 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-05-06 23:20:45 +00:00
renovate[bot]
5848194b9b
chore(deps): update module golang.org/x/net to v0.23.0 [security] 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-04-22 18:19:00 +00:00
renovate[bot]
086701bd75
fix(deps): update module github.com/containers/image/v5 to v5.30.0 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-03-05 15:28:48 +00:00
renovate[bot]
4d80bf8c7d
fix(deps): update github.com/containers/image/v5 digest to faa4f4f 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-03-01 18:22:38 +00:00
renovate[bot]
58ff9fdb27 fix(deps): update module github.com/containers/storage to v1.52.0 
... and c/image/v5 to main

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2024-01-20 00:15:27 +01:00
Miloslav Trmač
518181e595 Update c/image and c/common to latest 
... to include https://github.com/containers/image/pull/2173
and https://github.com/containers/common/pull/1731 .

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2023-11-16 18:21:43 +01:00
renovate[bot]
fa3e62f21b
chore(deps): update module golang.org/x/net to v0.17.0 [security] 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-10-16 14:21:02 +00:00
renovate[bot]
427e58f5f5
fix(deps): update golang.org/x/exp digest to 9212866 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-09-06 00:23:35 +00:00
Miloslav Trmač
4ee2946bbc Update c/image after https://github.com/containers/image/pull/2070 
> go get github.com/containers/image/v5@main
> make vendor

This moves c/image to a commit that includes both the work on main
that we were already vendoring, and the last tagged version 5.27.0.

That should prevent Renovate from proposing downgrades which fail tests:
- https://github.com/containers/skopeo/pull/2065
- https://github.com/containers/skopeo/pull/2066

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2023-08-14 20:24:51 +02:00
Miloslav Trmač
60ee543f7f Update c/image for golang.org/x/exp 
> go get github.com/containers/image/v5@main
> go mod tidy && go mod vendor

This updates c/image with a new version of x/exp.
That package has changed API in an incompatible way,
so just bumping x/exp (as in https://github.com/containers/skopeo/pull/2060 )
would break Skopeo builds.

This updates both c/image and x/exp in lockstep (and nothing
needs updating in Skopeo itself for the x/exp breakage).

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2023-08-02 22:41:44 +02:00
renovate[bot]
1d5458fa7c
Update module github.com/containers/image/v5 to v5.26.0 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-06-28 19:04:12 +00:00
renovate[bot]
1c7388064a
Update github.com/containers/image/v5 digest to e14c1c5 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-06-01 01:10:03 +00:00
renovate[bot]
5f0314f342
Update module github.com/containers/common to v0.52.0 
Signed-off-by: Renovate Bot <bot@renovateapp.com>
 2023-04-11 17:35:08 +00:00
Lokesh Mandvekar
20447df139
bump golang.org/x/net to v0.8.0 
Resolves: CVE-2022-41723
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-41723

Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
 2023-03-15 18:58:10 +05:30
Miloslav Trmač
643a2359e4 Update c/image after https://github.com/containers/image/pull/1816 
... to work around some of the "unexpected EOF" failures.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2023-02-09 20:36:27 +01:00
Miloslav Trmač
bb1ac89327 Add support for Fulcio and Rekor, and --sign-by-sigstore=param-file 
(skopeo copy) and (skopeo sync) now support --sign-by-sigstore=param-file,
using the containers-sigstore-signing-params.yaml(5) file format.

That notably adds support for Fulcio and Rekor signing.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2023-01-14 13:33:57 +01:00
Miloslav Trmač
03b5bdec24 Update c/image after https://github.com/containers/image/pull/1787 
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2023-01-14 13:33:00 +01:00
Colin Walters
960713da32 vendor: Bump golang.org/x/net to 4.0 
I originally thought I needed this to fix a build, but that
was apparently not the case.

Signed-off-by: Colin Walters <walters@verbum.org>
 2022-12-13 16:36:57 -05:00
Miloslav Trmač
5c69302d75 Update to c/image main branch 
> go get github.com/containers/image/v5@main
> make vendor

... to make sure that we don't regress against Skopeo 1.9.3.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2022-10-20 20:09:25 +02:00
Daniel J Walsh
ee84302b60
Update vendor containers/(common,image) 
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2022-09-30 06:38:07 -04:00
Miloslav Trmač
4b9ffac0cc Update for c/image's update of github.com/gobuffalo/pop 
> go get github.com/containers/image/v5@main
> go mod tidy -go=1.16 && go mod tidy -go=1.17
> make vendor

The (go mod tidy) pair is necessary to keep c/image CI working.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2022-08-23 22:00:00 +02:00
Miloslav Trmač
06be7a1559 Vendor in c/image with sigstore support 
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2022-07-12 13:46:56 +02:00
Miloslav Trmač
5200272846 Update github.com/containerd/containerd 
$ go get -u github.ccom/containerd/containerd
$ make vendor

... to silence warnings about https://github.com/advisories/GHSA-crp2-qrr5-8pq7 ,
in code we don't use.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2022-03-04 19:26:12 +01:00
Daniel J Walsh
923c58a8ee
Update the vendor of containers/common 
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2022-01-20 13:30:07 -05:00
Miloslav Trmač
e19b57c3b9 Update github.com/containerd/containerd to v1.5.7 
... to include a fix for
https://github.com/advisories/GHSA-c2h3-6mxw-7mvq .

(Note that Skopeo doesn't depend on the vulnerable code,
so this is primarily to avoid dependency checker warnings.)

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2021-10-05 18:45:24 +02:00
dependabot[bot]
69decaeb1d
Bump github.com/containers/common from 0.37.1 to 0.38.0 
Bumps [github.com/containers/common](https://github.com/containers/common) from 0.37.1 to 0.38.0.
- [Release notes](https://github.com/containers/common/releases)
- [Commits](https://github.com/containers/common/compare/v0.37.1...v0.38.0)

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2021-05-10 15:56:42 -04:00
dependabot-preview[bot]
5485daff13
Bump github.com/containers/storage from 1.26.0 to 1.29.0 
Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.26.0 to 1.29.0.
- [Release notes](https://github.com/containers/storage/releases)
- [Changelog](https://github.com/containers/storage/blob/master/docs/containers-storage-changes.md)
- [Commits](https://github.com/containers/storage/compare/v1.26.0...v1.29.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2021-04-15 14:05:51 -04:00
dependabot-preview[bot]
aff1b6215b Bump github.com/containers/ocicrypt from 1.0.3 to 1.1.0 
Bumps [github.com/containers/ocicrypt](https://github.com/containers/ocicrypt) from 1.0.3 to 1.1.0.
- [Release notes](https://github.com/containers/ocicrypt/releases)
- [Commits](https://github.com/containers/ocicrypt/compare/v1.0.3...v1.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2021-02-03 12:42:56 +01:00
dependabot-preview[bot]
131b2b8c63
Bump github.com/containers/common from 0.31.0 to 0.31.1 
Bumps [github.com/containers/common](https://github.com/containers/common) from 0.31.0 to 0.31.1.
- [Release notes](https://github.com/containers/common/releases)
- [Commits](https://github.com/containers/common/compare/v0.31.0...v0.31.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2020-12-21 15:58:05 -05:00
dependabot-preview[bot]
a75daba386
Bump github.com/containers/common from 0.24.0 to 0.26.0 
Bumps [github.com/containers/common](https://github.com/containers/common) from 0.24.0 to 0.26.0.
- [Release notes](https://github.com/containers/common/releases)
- [Commits](https://github.com/containers/common/compare/v0.24.0...v0.26.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2020-10-19 06:02:04 -04:00
dependabot-preview[bot]
a31d6069dc
Bump github.com/containers/common from 0.11.2 to 0.11.4 
Bumps [github.com/containers/common](https://github.com/containers/common) from 0.11.2 to 0.11.4.
- [Release notes](https://github.com/containers/common/releases)
- [Commits](https://github.com/containers/common/compare/v0.11.2...v0.11.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2020-05-22 13:35:57 -04:00
dependabot-preview[bot]
325327dc3f Bump github.com/containers/image/v5 from 5.3.1 to 5.4.0 
Bumps [github.com/containers/image/v5](https://github.com/containers/image) from 5.3.1 to 5.4.0.
- [Release notes](https://github.com/containers/image/releases)
- [Commits](https://github.com/containers/image/compare/v5.3.1...v5.4.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2020-03-31 22:19:09 +02:00
Miloslav Trmač
27b330f6f1 Revert the removal of buildah dependency 
We currently need it to drag in recent versions of other dependencies,
per https://github.com/containers/skopeo/issues/796 .

I'll work to update the relevant dependencies in c/image, but that will
only propagate to skopeo in the next c/image release; in the meantime,
this at least undoes the downgrades.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2020-03-30 16:04:24 +02:00
Daniel J Walsh
274efdf28f
Update containers/image v5.3.1 
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2020-03-28 06:28:49 -04:00
Miloslav Trmač
7cbb8ad3ba Manually update buildah to v1.13.1 
Should help with #791.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2020-01-23 16:13:01 +01:00
dependabot-preview[bot]
05ae513b18 Bump github.com/containers/buildah from 1.8.4 to 1.11.4 
Bumps [github.com/containers/buildah](https://github.com/containers/buildah) from 1.8.4 to 1.11.4.
- [Release notes](https://github.com/containers/buildah/releases)
- [Changelog](https://github.com/containers/buildah/blob/master/CHANGELOG.md)
- [Commits](https://github.com/containers/buildah/compare/v1.8.4...v1.11.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
 2019-11-02 07:41:01 +01:00
Valentin Rothberg
700b3102af update github.com/containers/{image,storage} 
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
 2019-08-06 14:13:03 +02:00
Valentin Rothberg
033b290217 migrate to go modules 
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
 2019-06-21 13:58:19 +02:00
Valentin Rothberg
ebfa1e936b vendor.conf: pin branches to releases or commits 
Most of the dependencies have been copied from libpod's vendor.conf
where such a cleanup has been executed recently.

Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
 2019-02-21 14:03:14 +01:00
Miloslav Trmač
bcf3dbbb93 Vendor after merging c/image#536 
... which adds blob info caching

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2018-12-06 23:26:31 +01:00
Miloslav Trmač
72468d6817 Vendor c/image after merging vrothberg/image:regsv2-docker 
Also update the user and tests for the API change.
 2018-11-29 13:28:04 +01:00
Miloslav Trmač
67ffa00b1d Run (make vendor) 
Temporarily vendor opencontainers/image-spec from a fork
to fix "id" value duplication, which is detected and
refused by gojsonschema now
( https://github.com/opencontainers/image-spec/pull/750 ).

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2018-09-17 16:16:19 +02:00
Miloslav Trmač
1a259b76da Vendor after merging mtrmac/image:docker-archive-auto-compression 
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2018-07-18 01:02:26 +02:00