Releases: goharbor/harbor
v2.8.5-rc1
What's Changed
Component updates ⬆️
- [Cherry-pick]Add new uri path to ShouldNotReuseRoute array by @AllForNothing in #19219
- (cherry-pick) Remove job status track information from redis after stop the job in the queue by @stonezdj in #19305
- (cherry-pick)fix storage.redirect.disable migrate template error release-2.8.0 by @MinerYang in #19337
- [cherry-pick] Allow POST method to request service/token in readonly mode by @stonezdj in #19562
- [cherry-pick] fix: increase beego max memory and upload size (#19578) by @stonezdj in #19670
- [cherry-pick]Limit URL to local site by @stonezdj in #20024
- feat: bump up golang-runtime from 1.20.7 to 1.21.7 by @zyyw in #20046
- fix: update TRIVYVERSION=v0.49.1 && TRIVYADAPTERVERSION=v0.30.22 by @zyyw in #20040
- fix: update go.mod by @zyyw in #20071
Full Changelog: v2.8.4...v2.8.5-rc1
v2.9.3-rc1
What's Changed
Component updates ⬆️
- add ip_family config in harbor.yml on release-2.9.0 by @MinerYang in #19940
- Refresh base images on release-2.9.0 by @zyyw in #19941
- reverse ip_family config for release-2.9 by @MinerYang in #19951
- [Cherry-pick] feat: enable configuration of skip_java_db_update by @zyyw in #19997
- [cherry-pick] Limit URL to local site by @stonezdj in #20023
- Move strong_ssl_ciphers to top level in harbor.yml by @stonezdj in #20021
Other Changes
- fix: change filter_label_xpath to vulnerabilities_filter_label_xpath … by @zyyw in #19930
- update retry of get_scan_data_export_execution from 5 to 15 by @zyyw in #19958
- Refresh base images on release-2.9.0 by @zyyw in #20005
Full Changelog: v2.9.2...v2.9.3-rc1
v2.9.2
Known issue
- known issue #19932 will affect nginx component of offline-installer where installed the harbor on the machine only supported ipv4. Impact version is v2.9.2, will be fixed version v2.9.3. As a workaround please refer to reconfigure-nginx
- known issue #19912 will affect nginx component of offline-installer when specify
strong_cipher.enabled
inharbor.yml
but not been rendered in config file properly. Impact version are v2.9.0, v2.9.1, v2.9.2, v2.10.0. Will be fixed in v2.10.1. if you do need set strong_cipher, please refer to manually-add-strong-cipher
What's Changed
Enhancement 🚀
- [cherry-pick]remove the log for ScannerSkipUpdatePullTime by @wy65701436 in #19847
Component updates ⬆️
- [cherry-pick] Allow POST method to request service/token in readonly mode by @stonezdj in #19563
- [cherry-pick] Cache image list with digest key by @stonezdj in #19837
- [Cherry pick] add repository read permission to limitedGuest by @tpoxa in #19815
- Refresh base images on release-2.9.0 by @YangJiao0817 in #19851
- fix: update to TRIVYVERSION=v0.48.3 and TRIVYADAPTERVERSION=v0.30.21 by @zyyw in #19857
- [cherry-pick]fix label select bugs (#19850) by @YangJiao0817 in #19861
- Refresh base images on release-2.9.0 by @zyyw in #19891
- [cherry-pick]add v6 port for nginx ad portal config by @MinerYang in #19893
- [cherry-pick] ] support accessory in either order by @wy65701436 in #19906
Other Changes
- [cherry-pick]Add banner message UI test case by @YangJiao0817 in #19530
- [cherry-pick]Add notation sign artifact API test case by @YangJiao0817 in #19550
- [cherry-pick]Add notation accessory copy test case by @YangJiao0817 in #19606
- [cherry-pick]Add notation pull policy test case by @YangJiao0817 in #19626
- [cherry-pick]Add jump to CNAB Bundle index artifact list test case by @YangJiao0817 in #19628
- [cherry-pick]Add user API test case by @YangJiao0817 in #19637
- [cherry-pick]Add notation replication test case by @YangJiao0817 in #19740
- [cherry-pick]Add multi-tier accessory replication test cases by @YangJiao0817 in #19737
- Fix Init Chrome Driver error by @YangJiao0817 in #19900
- [cherry-pick]Update replication rule filter label xpath by @YangJiao0817 in #19901
- fix: cve export label filter xpath by @zyyw in #19913
Full Changelog: v2.9.1...v2.9.2
v2.9.2-rc1
What's Changed
Enhancement 🚀
- [cherry-pick]remove the log for ScannerSkipUpdatePullTime by @wy65701436 in #19847
Component updates ⬆️
- [cherry-pick] Allow POST method to request service/token in readonly mode by @stonezdj in #19563
- [cherry-pick] Cache image list with digest key by @stonezdj in #19837
- [Cherry pick] add repository read permission to limitedGuest by @tpoxa in #19815
- Refresh base images on release-2.9.0 by @YangJiao0817 in #19851
- fix: update to TRIVYVERSION=v0.48.3 and TRIVYADAPTERVERSION=v0.30.21 by @zyyw in #19857
- [cherry-pick]fix label select bugs (#19850) by @YangJiao0817 in #19861
- Refresh base images on release-2.9.0 by @zyyw in #19891
- [cherry-pick]add v6 port for nginx ad portal config by @MinerYang in #19893
- [cherry-pick] ] support accessory in either order by @wy65701436 in #19906
Other Changes
- [cherry-pick]Add banner message UI test case by @YangJiao0817 in #19530
- [cherry-pick]Add notation sign artifact API test case by @YangJiao0817 in #19550
- [cherry-pick]Add notation accessory copy test case by @YangJiao0817 in #19606
- [cherry-pick]Add notation pull policy test case by @YangJiao0817 in #19626
- [cherry-pick]Add jump to CNAB Bundle index artifact list test case by @YangJiao0817 in #19628
- [cherry-pick]Add user API test case by @YangJiao0817 in #19637
- [cherry-pick]Add notation replication test case by @YangJiao0817 in #19740
- [cherry-pick]Add multi-tier accessory replication test cases by @YangJiao0817 in #19737
- Fix Init Chrome Driver error by @YangJiao0817 in #19900
- [cherry-pick]Update replication rule filter label xpath by @YangJiao0817 in #19901
Full Changelog: v2.9.1...v2.9.2-rc1
v2.10.0
Known issue
- known issue #19912 will affect nginx component of offline-installer when specify
strong_cipher.enabled
inharbor.yml
but not been rendered in config file properly. Impact version are v2.9.0, v2.9.1, v2.9.2, v2.10.0. Will fixed in v2.10.1. if you do need set strong_cipher, please refer to manually-add-strong-cipher
What's Changed
Exciting New Features 🎉
Robot Account Full Access
Delivers a user-friendly tutorial that walks you through the creation of a new robot. With a simple click, you can seamlessly customize permission sets at both system and project levels.
- Add full permissions for the robot account by @AllForNothing in #19507
- subject: fix missing media type recognition for nydus by @imeoer in #19453
Supporting OCI Distribution Spec v1.1.0-rc3
Harbor now supports OCI Distribution Spec v1.1.0-rc3
- change Referrers Content-Type to application/vnd.oci.image.index.v1+json by @MinerYang in #19212
- support accessory in either order by @wy65701436 in #19375
Additional Features
Quota Sorting
Enable storage sorting in the quota management page
- Add quota sorting to the project quotas list by @AllForNothing in #19576
Allow customization of the OIDC provider name
- Add oidc provider name to systeminfo API by @stonezdj in #19575
- Show OIDC provider name on the OIDC login button by @AllForNothing in #19581
Enable support for large-size blobs
Harbor now facilitates uploads of layers up to 128GB by default, with configurable options if required.
Ensure audit logs comply with GDPR regulations for data privacy.
Enhancement 🚀
- feat: enhance the replication webhook payload by @chlins in #19433
- fix: Accessibility - change color for WCAG AA by @SphinxKnight in #19472
- perf: optimize the trigger retention API by @chlins in #19533
- Add a placeholder to the cards for the security-hub by @AllForNothing in #19536
- perf: optimize the performance of accessory query by @chlins in #19557
Component updates ⬆️
- Add label's description as tooltip by @Nhqml in #19421
- fix: privileges member successfully typo by @testwill in #19091
- fix: add storage_limit check by @zyyw in #19095
- fix: cron string validation by @zyyw in #19071
- ignore spaces for vulnerability filters by @AllForNothing in #19180
- Update zh-tw (Traditional Chinese) locale by @PeterDaveHello in #19161
- chore: fix incorrect otel timeout in harbor yaml template by @chlins in #19120
- Update the max length for the filters by @AllForNothing in #19194
- Filter artifact without CVE from top 5 dangerous artifacts by @stonezdj in #19187
- log: change log level to reduce the noise logs by @chlins in #19146
- Wrong artifact scanned count by @stonezdj in #19198
- fix: support customize cache db for business by @chlins in #19182
- fix gc dry run issue by @wy65701436 in #19208
- Add new uri path to ShouldNotReuseRoute array by @AllForNothing in #19217
- Refine total artifact and scanned artifact by @stonezdj in #19228
- i18n: fix typo for CONFIRM_SECRET by @liubin in #19140
- Add a tooltip for the page title of security hub by @AllForNothing in #19231
- change JOB_ID to Task_ID by @lengrongfu in #19127
- fix typo in ROADMAP.md by @liubin in #19247
- Delete unused code by @liubin in #19061
- exporter: add field alias for count(*) func by @liubin in #18840
- Switch to a new chart library by @AllForNothing in #19262
- Remove job status track information from redis after stop by @stonezdj in #19227
- remove chart-museum related to logic by @lengrongfu in #18722
- fix storage.redirect.disable migrate template error by @MinerYang in #19335
- Upgrade UI packages by @AllForNothing in #19330
- Remove duplicated sort fields from order by clause by @liubin in #19347
- fix user resource by @wy65701436 in #19366
- update default processor for unknwon type config by @MinerYang in #19372
- Hide version property if the value is undefined by @AllForNothing in #19395
- feat(i18n): update french translations by @Nhqml in #19418
- bump golang to 1.20.10 by @MinerYang in #19430
- Change fixed_version to package_version in query dangerous CVE sql by @stonezdj in #19397
- fix issue 19392 by @wy65701436 in #19437
- fix: bump up TRIVYVERSION=v0.46.0 && TRIVYADAPTERVERSION=v0.30.17 by @zyyw in #19446
- Update the style for operation-component by @AllForNothing in #19445
- bump golang.org/x/net to v0.17.0 && go.opentelemetry.io/contrib by @MinerYang in #19461
- Use batch to list the job id in the job queue to avoid crash redis by @stonezdj in #19444
- Delete tag retention rule and tag immutable rule when deleting project by @stonezdj in #19390
- bump go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/m… by @MinerYang in #19477
- Not allow comma for the user name by @AllForNothing in #19501
- bump golang to 1.21.3 by @MinerYang in #19504
- Add a tooltip for the replication rule by @AllForNothing in #19509
- Replace comma in username to avoid casbin issue by @stonezdj in #19505
- Update the style for severity by @AllForNothing in #19525
- Remove vendor folder from harbor code base by @reasonerjt in #19508
- fix: bump up TRIVYVERSION=v0.46.1 && TRIVYADAPTERVERSION=v0.30.18 by @zyyw in #19500
- Skip to validate username when update user profile by @stonezdj in #19552
- Update UI package to clear security alerts by @AllForNothing in #19553
- Delete project member when delete project by @stonezdj in #19523
- add permission api by @wy65701436 in #19543
- Allow POST method to request service/token in readonly mode by @stonezdj in #19556
- 19559 cannot see full label easily by @jmichot-exotec in #19564
- fix: sorting quota by @zyyw in #19538
- Avoid menu closure when filtering labels by @AllForNothing in #19561
- Correct loop condition for replication tasks by @AllForNothing in #19570
- Return empty result when no scanner configured by @stonezdj in #19577
- bump golang to 1.21.4 by @MinerYang in #19601
- add permission validation for robot creating and updating. by @wy65701436 in #19598
- add prepare migration script for 2.10 by @MinerYang in #19600
- Update the permission scope by @AllForNothing in #19603
- fix system label resource by @wy65701436 in #19621
- Bump golang.org/x/time from 0.0.0-20220210224613-90d013bbcef8 to 0.4.0 in /src by @dependabot in #19541
- fix robot account access issue by @wy65701436 in #19627
- fix: update TRIVYVERSION=v0.47.0 && TRIVYADAPTERVERSION=v0.30.19 by @zyyw in #19624
- Bump github.com/coreos/go-oidc/v3 from 3.0.0 to 3...
v2.10.0-rc2
What's Changed
Exciting New Features 🎉
Robot Account Full Access
Delivers a user-friendly tutorial that walks you through the creation of a new robot. With a simple click, you can seamlessly customize permission sets at both system and project levels.
- Add full permissions for the robot account by @AllForNothing in #19507
- subject: fix missing media type recognition for nydus by @imeoer in #19453
Supporting OCI Distribution Spec v1.1.0-rc3
Harbor now supports OCI Distribution Spec v1.1.0-rc3
- change Referrers Content-Type to application/vnd.oci.image.index.v1+json by @MinerYang in #19212
- support accessory in either order by @wy65701436 in #19375
Additional Features
Quota Sorting
Enable storage sorting in the quota management page
- Add quota sorting to the project quotas list by @AllForNothing in #19576
Allow customization of the OIDC provider name
- Add oidc provider name to systeminfo API by @stonezdj in #19575
- Show OIDC provider name on the OIDC login button by @AllForNothing in #19581
Enable support for large-size blobs
Harbor now facilitates uploads of layers up to 128GB by default, with configurable options if required.
Ensure audit logs comply with GDPR regulations for data privacy.
Enhancement 🚀
- feat: enhance the replication webhook payload by @chlins in #19433
- fix: Accessibility - change color for WCAG AA by @SphinxKnight in #19472
- perf: optimize the trigger retention API by @chlins in #19533
- Add a placeholder to the cards for the security-hub by @AllForNothing in #19536
- perf: optimize the performance of accessory query by @chlins in #19557
Component updates ⬆️
- Add label's description as tooltip by @Nhqml in #19421
- fix: privileges member successfully typo by @testwill in #19091
- fix: add storage_limit check by @zyyw in #19095
- fix: cron string validation by @zyyw in #19071
- ignore spaces for vulnerability filters by @AllForNothing in #19180
- Update zh-tw (Traditional Chinese) locale by @PeterDaveHello in #19161
- chore: fix incorrect otel timeout in harbor yaml template by @chlins in #19120
- Update the max length for the filters by @AllForNothing in #19194
- Filter artifact without CVE from top 5 dangerous artifacts by @stonezdj in #19187
- log: change log level to reduce the noise logs by @chlins in #19146
- Wrong artifact scanned count by @stonezdj in #19198
- fix: support customize cache db for business by @chlins in #19182
- fix gc dry run issue by @wy65701436 in #19208
- Add new uri path to ShouldNotReuseRoute array by @AllForNothing in #19217
- Refine total artifact and scanned artifact by @stonezdj in #19228
- i18n: fix typo for CONFIRM_SECRET by @liubin in #19140
- Add a tooltip for the page title of security hub by @AllForNothing in #19231
- change JOB_ID to Task_ID by @lengrongfu in #19127
- fix typo in ROADMAP.md by @liubin in #19247
- Delete unused code by @liubin in #19061
- exporter: add field alias for count(*) func by @liubin in #18840
- Switch to a new chart library by @AllForNothing in #19262
- Remove job status track information from redis after stop by @stonezdj in #19227
- remove chart-museum related to logic by @lengrongfu in #18722
- fix storage.redirect.disable migrate template error by @MinerYang in #19335
- Upgrade UI packages by @AllForNothing in #19330
- Remove duplicated sort fields from order by clause by @liubin in #19347
- fix user resource by @wy65701436 in #19366
- update default processor for unknwon type config by @MinerYang in #19372
- Hide version property if the value is undefined by @AllForNothing in #19395
- feat(i18n): update french translations by @Nhqml in #19418
- bump golang to 1.20.10 by @MinerYang in #19430
- Change fixed_version to package_version in query dangerous CVE sql by @stonezdj in #19397
- fix issue 19392 by @wy65701436 in #19437
- fix: bump up TRIVYVERSION=v0.46.0 && TRIVYADAPTERVERSION=v0.30.17 by @zyyw in #19446
- Update the style for operation-component by @AllForNothing in #19445
- bump golang.org/x/net to v0.17.0 && go.opentelemetry.io/contrib by @MinerYang in #19461
- Use batch to list the job id in the job queue to avoid crash redis by @stonezdj in #19444
- Delete tag retention rule and tag immutable rule when deleting project by @stonezdj in #19390
- bump go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/m… by @MinerYang in #19477
- Not allow comma for the user name by @AllForNothing in #19501
- bump golang to 1.21.3 by @MinerYang in #19504
- Add a tooltip for the replication rule by @AllForNothing in #19509
- Replace comma in username to avoid casbin issue by @stonezdj in #19505
- Update the style for severity by @AllForNothing in #19525
- Remove vendor folder from harbor code base by @reasonerjt in #19508
- fix: bump up TRIVYVERSION=v0.46.1 && TRIVYADAPTERVERSION=v0.30.18 by @zyyw in #19500
- Skip to validate username when update user profile by @stonezdj in #19552
- Update UI package to clear security alerts by @AllForNothing in #19553
- Delete project member when delete project by @stonezdj in #19523
- add permission api by @wy65701436 in #19543
- Allow POST method to request service/token in readonly mode by @stonezdj in #19556
- 19559 cannot see full label easily by @jmichot-exotec in #19564
- fix: sorting quota by @zyyw in #19538
- Avoid menu closure when filtering labels by @AllForNothing in #19561
- Correct loop condition for replication tasks by @AllForNothing in #19570
- Return empty result when no scanner configured by @stonezdj in #19577
- bump golang to 1.21.4 by @MinerYang in #19601
- add permission validation for robot creating and updating. by @wy65701436 in #19598
- add prepare migration script for 2.10 by @MinerYang in #19600
- Update the permission scope by @AllForNothing in #19603
- fix system label resource by @wy65701436 in #19621
- Bump golang.org/x/time from 0.0.0-20220210224613-90d013bbcef8 to 0.4.0 in /src by @dependabot in #19541
- fix robot account access issue by @wy65701436 in #19627
- fix: update TRIVYVERSION=v0.47.0 && TRIVYADAPTERVERSION=v0.30.19 by @zyyw in #19624
- Bump github.com/coreos/go-oidc/v3 from 3.0.0 to 3.7.0 in /src by @dependabot in #19542
- Update the name checking for the robot account by @AllForNothing in #19645
- fix 2.10 prepare migration version by @MinerYang in #19665
- fix: upgrade google.golang.org/grpc by @zyyw in #19648
- Update the style for the robot acccount ui by @AllForNothing in https://...
v2.10.0-rc1
What's Changed
Exciting New Features 🎉
Robot Account Full Access
Delivers a user-friendly tutorial that walks you through the creation of a new robot. With a simple click, you can seamlessly customize permission sets at both system and project levels.
- Add full permissions for the robot account by @AllForNothing in #19507
- subject: fix missing media type recognition for nydus by @imeoer in #19453
Supporting OCI Distribution Spec v1.1.0-rc3
Harbor now supports OCI Distribution Spec v1.1.0-rc3
- change Referrers Content-Type to application/vnd.oci.image.index.v1+json by @MinerYang in #19212
- support accessory in either order by @wy65701436 in #19375
Additional Features
Quota Sorting
Enable storage sorting in the quota management page
- Add quota sorting to the project quotas list by @AllForNothing in #19576
Allow customization of the OIDC provider name
Enable support for large-size blobs
Harbor now facilitates uploads of layers up to 128GB by default, with configurable options if required.
- Show OIDC provider name on the OIDC login button by @AllForNothing in #19581
Ensure audit logs comply with GDPR regulations for data privacy.
Enhancement 🚀
- feat: enhance the replication webhook payload by @chlins in #19433
- fix: Accessibility - change color for WCAG AA by @SphinxKnight in #19472
- perf: optimize the trigger retention API by @chlins in #19533
- Add a placeholder to the cards for the security-hub by @AllForNothing in #19536
- perf: optimize the performance of accessory query by @chlins in #19557
Component updates ⬆️
- Add label's description as tooltip by @Nhqml in #19421
- fix: privileges member successfully typo by @testwill in #19091
- fix: add storage_limit check by @zyyw in #19095
- fix: cron string validation by @zyyw in #19071
- ignore spaces for vulnerability filters by @AllForNothing in #19180
- Update zh-tw (Traditional Chinese) locale by @PeterDaveHello in #19161
- chore: fix incorrect otel timeout in harbor yaml template by @chlins in #19120
- Update the max length for the filters by @AllForNothing in #19194
- Filter artifact without CVE from top 5 dangerous artifacts by @stonezdj in #19187
- log: change log level to reduce the noise logs by @chlins in #19146
- Wrong artifact scanned count by @stonezdj in #19198
- fix: support customize cache db for business by @chlins in #19182
- fix gc dry run issue by @wy65701436 in #19208
- Add new uri path to ShouldNotReuseRoute array by @AllForNothing in #19217
- Refine total artifact and scanned artifact by @stonezdj in #19228
- i18n: fix typo for CONFIRM_SECRET by @liubin in #19140
- Add a tooltip for the page title of security hub by @AllForNothing in #19231
- change JOB_ID to Task_ID by @lengrongfu in #19127
- fix typo in ROADMAP.md by @liubin in #19247
- Delete unused code by @liubin in #19061
- exporter: add field alias for count(*) func by @liubin in #18840
- Switch to a new chart library by @AllForNothing in #19262
- Remove job status track information from redis after stop by @stonezdj in #19227
- remove chart-museum related to logic by @lengrongfu in #18722
- fix storage.redirect.disable migrate template error by @MinerYang in #19335
- Upgrade UI packages by @AllForNothing in #19330
- Remove duplicated sort fields from order by clause by @liubin in #19347
- fix user resource by @wy65701436 in #19366
- update default processor for unknwon type config by @MinerYang in #19372
- Hide version property if the value is undefined by @AllForNothing in #19395
- feat(i18n): update french translations by @Nhqml in #19418
- bump golang to 1.20.10 by @MinerYang in #19430
- Change fixed_version to package_version in query dangerous CVE sql by @stonezdj in #19397
- fix issue 19392 by @wy65701436 in #19437
- fix: bump up TRIVYVERSION=v0.46.0 && TRIVYADAPTERVERSION=v0.30.17 by @zyyw in #19446
- Update the style for operation-component by @AllForNothing in #19445
- bump golang.org/x/net to v0.17.0 && go.opentelemetry.io/contrib by @MinerYang in #19461
- Use batch to list the job id in the job queue to avoid crash redis by @stonezdj in #19444
- Delete tag retention rule and tag immutable rule when deleting project by @stonezdj in #19390
- bump go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/m… by @MinerYang in #19477
- Not allow comma for the user name by @AllForNothing in #19501
- bump golang to 1.21.3 by @MinerYang in #19504
- Add a tooltip for the replication rule by @AllForNothing in #19509
- Replace comma in username to avoid casbin issue by @stonezdj in #19505
- Update the style for severity by @AllForNothing in #19525
- Remove vendor folder from harbor code base by @reasonerjt in #19508
- fix: bump up TRIVYVERSION=v0.46.1 && TRIVYADAPTERVERSION=v0.30.18 by @zyyw in #19500
- Skip to validate username when update user profile by @stonezdj in #19552
- Update UI package to clear security alerts by @AllForNothing in #19553
- Delete project member when delete project by @stonezdj in #19523
- add permission api by @wy65701436 in #19543
- Allow POST method to request service/token in readonly mode by @stonezdj in #19556
- 19559 cannot see full label easily by @jmichot-exotec in #19564
- fix: sorting quota by @zyyw in #19538
- Avoid menu closure when filtering labels by @AllForNothing in #19561
- Correct loop condition for replication tasks by @AllForNothing in #19570
- Return empty result when no scanner configured by @stonezdj in #19577
- bump golang to 1.21.4 by @MinerYang in #19601
- add permission validation for robot creating and updating. by @wy65701436 in #19598
- add prepare migration script for 2.10 by @MinerYang in #19600
- Update the permission scope by @AllForNothing in #19603
- fix system label resource by @wy65701436 in #19621
- Bump golang.org/x/time from 0.0.0-20220210224613-90d013bbcef8 to 0.4.0 in /src by @dependabot in #19541
- fix robot account access issue by @wy65701436 in #19627
- fix: update TRIVYVERSION=v0.47.0 && TRIVYADAPTERVERSION=v0.30.19 by @zyyw in #19624
- Bump github.com/coreos/go-oidc/v3 from 3.0.0 to 3.7.0 in /src by @dependabot in #19542
- Update the name checking for the robot account by @AllForNothing in #19645
- fix 2.10 prepare migration version by @MinerYang in #19665
- fix: upgrade google.golang.org/grpc by @zyyw in #19648
- Update the style for the robot acccount ui by @AllForNothing in https:...
v2.7.4
Known issue
- Due to the change of querying for listing tasks of scan by this PR, vulnerability scan report that's done in v2.7.4 cannot be retrieved in v2.8.0, but it's still available in v2.8.1 (applied the same logic in this PR) and onwards. Please do not upgrade from v2.7.4 to v2.8.0, instead, directly upgrading to v2.8.1 or v2.9.0.
What's Changed
Component updates ⬆️
- feat: bump up golang-runtime from 1.19.3 to 1.21.4; upgrade MOCKERY_VERSION; upgrade golangci-lint; fix mock issue by @zyyw in #19608
- fix: bump TRIVYVERSION=v0.46.1 & TRIVYADAPTERVERSION=v0.30.18 by @zyyw in #19607
- fix: upgrade dependency library version and run \go mod vendor\ by @zyyw in #19613
- fix: upgrade github.com/gorilla/mux/otelmux to v0.44.0 by @zyyw in #19620
Other Changes
- Refresh base images on release-2.7.0 by @YangJiao0817 in #19644
Full Changelog: v2.7.3...v2.7.4
v2.7.4-rc1
What's Changed
Component updates ⬆️
- feat: bump up golang-runtime from 1.19.3 to 1.21.4; upgrade MOCKERY_VERSION; upgrade golangci-lint; fix mock issue by @zyyw in #19608
- fix: bump TRIVYVERSION=v0.46.1 & TRIVYADAPTERVERSION=v0.30.18 by @zyyw in #19607
- fix: upgrade dependency library version and run \go mod vendor\ by @zyyw in #19613
- fix: upgrade github.com/gorilla/mux/otelmux to v0.44.0 by @zyyw in #19620
Other Changes
- Refresh base images on release-2.7.0 by @YangJiao0817 in #19644
Full Changelog: v2.7.3...v2.7.4-rc1
v2.9.1
Known issue
- known issue #19912 will affect nginx component of offline-installer when specify
strong_cipher.enabled
inharbor.yml
but not been rendered in config file properly. Impact version are v2.9.0, v2.9.1, v2.9.2, v2.10.0. Will fixed in v2.10.1. if you do need set strong_cipher, please refer to manually-add-strong-cipher
What's Changed
Component updates ⬆️
- (cherry-pick) Remove job status track information from redis after stop the job in the queue by @stonezdj in #19307
- (cherry-pick) fix storage.redirect.disable migrate template error release-2.9.0 by @MinerYang in #19336
- [Cherry-pick]Hide version property if the value is undefined by @AllForNothing in #19396
- (cherry-pick) Change fixed_version to package_version by @stonezdj in #19432
- [cherry-pick]bump golang to 1.20.10 by @MinerYang in #19431
- fix: bump up TRIVYVERSION=v0.46.0 && TRIVYADAPTERVERSION=v0.30.17 by @zyyw in #19447
- [cherry-pick] Use batch to list the job id in the job queue to avoid crash redis by @stonezdj in #19455
- bump golang.org/x/net to v0.17.0 && go.opentelemetry.io/contrib on release-2.9.0 by @MinerYang in #19460
- bump go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/m… by @MinerYang in #19476
- bump golang to 1.21.3 on release-2.9.0 by @MinerYang in #19503
- fix: bump up TRIVYVERSION=v0.46.1 && TRIVYADAPTERVERSION=v0.30.18 by @zyyw in #19499
- update ut mock anything by @MinerYang in #19506
- bump google.golang.org/grpc by @MinerYang in #19513
Other Changes
- [cherry-pick]Refactor unstable test cases by @YangJiao0817 in #19351
- [cherry-pick]Add security hub API test case by @YangJiao0817 in #19377
- [cherry-pick]Add security hub UI test case by @YangJiao0817 in #19449
- Bump up version to v2.9.1 by @YangJiao0817 in #19451
- [cherry-pick]Add GC accessory API test case by @YangJiao0817 in #19463
- [cherry-pick]Add GC accessory UI test case by @YangJiao0817 in #19471
- Refresh base images on release-2.9.0 by @YangJiao0817 in #19475
- [cherry-pick]Add GC details and GC workers API test case by @YangJiao0817 in #19483
- [cherry-pick]Add GC details and GC workers UI test case by @YangJiao0817 in #19488
- [cherry-pick]Add banner message API test case by @YangJiao0817 in #19514
Full Changelog: v2.9.0...v2.9.1