This repository was archived by the owner on Apr 19, 2024. It is now read-only.
Merge upstream conflicts#11
Open
10d9e wants to merge 1246 commits into
Open
Conversation
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.4.1 to 2.4.2. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](ossf/scorecard-action@f49aabe...05b42c6) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-version: 2.4.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Artem Khoroshev <horoshev.artem@yandex.ru>
Summary: We see from the code and code comment in proxyblobstore.go that: "If the blob has been serving in other requests. Will return the blob from the remote store directly". That means concurrent pulls will pull from remote multiple times. Signed-off-by: Sam Jia <yiyunj@twitter.com>
`configureRedis` currently sets `RequireAndVerifyClientCert` and `ClientCAs`, however these are server side mTLS configurations, and do not apply for the client initiating the handshake. Since we never actually set client side `RootCAs`, connecting to Redis with a self-signed CA results in: ``` "error": "tls: failed to verify certificate: x509: certificate signed by unknown authority", ``` Fixed by switching Redis TLS config to use `RootCAs` instead, and updating configuration accordingly. Signed-off-by: ChandonPierre <cpierre@coreweave.com>
Signed-off-by: Pat Riehecky <riehecky@fnal.gov>
If you want to enable traces, you can still set the env to your collector. Signed-off-by: Pat Riehecky <riehecky@fnal.gov>
square brackets and the respective parentheses for a markdown link were falsely typed in causing readability issues. This commit fixes the markdown syntax for the same Signed-off-by: Shan Desai <shantanoo.desai@gmail.com>
Signed-off-by: Raj Siva-Rajah <raj@zapzap.cloud>
Signed-off-by: Guillaume Pelletier <guillaume.pelletier@genaiz.com>
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5. - [Release notes](https://github.com/actions/checkout/releases) - [Commits](actions/checkout@v4...v5) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Andy Castille <me@andycc.dev>
Signed-off-by: evanebb <git@evanus.nl>
Signed-off-by: evanebb <git@evanus.nl>
Signed-off-by: evanebb <git@evanus.nl>
Signed-off-by: evanebb <git@evanus.nl>
Bumps [actions/upload-pages-artifact](https://github.com/actions/upload-pages-artifact) from 3 to 4. - [Release notes](https://github.com/actions/upload-pages-artifact/releases) - [Commits](actions/upload-pages-artifact@v3...v4) --- updated-dependencies: - dependency-name: actions/upload-pages-artifact dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Joonas Bergius <joonas@defenseunicorns.com>
fix: prevent tag deletion when `storage.delete.enabled` is false
* Release notes added * AUTHORS updated * Version bump in the `version` package Signed-off-by: Milos Gajdos <milosthegajdos@gmail.com>
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.35.2 to 4.35.3. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@95e58e9...e46ed2c) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.35.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.35.3 to 4.35.4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@e46ed2c...68bde55) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.35.4 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Currently, the Azure driver always creates blobs as an AppendBlob, but in previous versions, it used to create them as BlockBlobs. There is migration logic to handle this, but it's currently inversed, so if the blob exists as a BlockBlob, we don't delete it, and get an error back from Azure: ``` RESPONSE 409: 409 The blob type is invalid for this operation. ERROR CODE: InvalidBlobType ``` Since the check is inversed, this also means that any operation against AppendBlobs does an extra delete -> create for no reason. Signed-off-by: David Marby <david@dmarby.se>
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.35.4 to 4.35.5. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@68bde55...9e0d7b8) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.35.5 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
This PR changes the code based on the `go fix` suggestions to modernize the codebase and keep up with the latest Go features. Signed-off-by: Milos Gajdos <milosthegajdos@gmail.com>
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 6.0.0 to 6.0.1. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@57e3a13...e79a696) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-version: 6.0.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [docker/bake-action](https://github.com/docker/bake-action) from 7.1.0 to 7.2.0. - [Release notes](https://github.com/docker/bake-action/releases) - [Commits](docker/bake-action@a66e1c8...6614cfa) --- updated-dependencies: - dependency-name: docker/bake-action dependency-version: 7.2.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: darsh <darshanravichandran07@gmail.com>
Write PutContent objects as block blobs so Azure retries overwrite small objects instead of appending duplicate link contents. Delete legacy append-blob objects before uploading because Azure cannot replace an AppendBlob with a BlockBlob in place. Preserve zero-byte append compatibility and add Azure regression coverage for link-style content, legacy migration, and concurrent same-path writes. Signed-off-by: Baptiste Girard-Carrabin <baptiste.girardcarrabin@datadoghq.com>
The S3 driver's Walk used a bare strings.HasPrefix to decide whether a walkInfo was under the last ErrSkipDir directory. Without a trailing "/" on the parent, a sibling whose name starts with the skipped directory's name (e.g. "0.1.20" after "0.1.2") falsely matched and was skipped, so its tag dir was never emitted to handleTag and the tag was omitted from /v2/<name>/tags/list. Replace the prefix check with isSubpath, which appends "/" to the parent so only true descendants match. Add a unit test pinning the sibling-with-lexical-prefix case. The bug is S3-only because the filesystem and inmemory drivers list directories recursively via WalkFallback and don't use this skip mechanism. It surfaced in 3.1.0 when the tags handler switched from tagService.All() (driver List with delimiter) to tagService.List() (driver Walk) for pagination support. Fixes #4891 Signed-off-by: Milos Gajdos <milosthegajdos@gmail.com>
Signed-off-by: alhudz <al.hudz.k@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.