upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor synced 2024-09-20 10:45:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
12,199 Commits 51 Branches 310 Tags 355 MiB
main
Commit Graph

6009 Commits

Author SHA1 Message Date
dependabot[bot]
b3698d15c5
chore(deps): bump go.opentelemetry.io/otel from 1.26.0 to 1.27.0 in /src (#20488) 
Bumps [go.opentelemetry.io/otel](https://github.com/open-telemetry/opentelemetry-go) from 1.26.0 to 1.27.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.26.0...v1.27.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-06-06 04:51:27 +00:00
dependabot[bot]
65bbe120d5
chore(deps): bump github.com/volcengine/volcengine-go-sdk from 1.0.97 to 1.0.138 in /src (#20541) 
chore(deps): bump github.com/volcengine/volcengine-go-sdk in /src

Bumps [github.com/volcengine/volcengine-go-sdk](https://github.com/volcengine/volcengine-go-sdk) from 1.0.97 to 1.0.138.
- [Release notes](https://github.com/volcengine/volcengine-go-sdk/releases)
- [Commits](https://github.com/volcengine/volcengine-go-sdk/compare/v1.0.97...v1.0.138)

---
updated-dependencies:
- dependency-name: github.com/volcengine/volcengine-go-sdk
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-06-06 12:15:43 +08:00
dependabot[bot]
bd82ba7071
chore(deps): bump github.com/aws/aws-sdk-go from 1.50.24 to 1.53.14 in /src (#20542) 
chore(deps): bump github.com/aws/aws-sdk-go in /src

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.50.24 to 1.53.14.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.50.24...v1.53.14)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-06-06 11:32:34 +08:00
dependabot[bot]
83c3c2bf26
chore(deps): bump github.com/go-asn1-ber/asn1-ber from 1.5.6 to 1.5.7 in /src (#20487) 
chore(deps): bump github.com/go-asn1-ber/asn1-ber in /src

Bumps [github.com/go-asn1-ber/asn1-ber](https://github.com/go-asn1-ber/asn1-ber) from 1.5.6 to 1.5.7.
- [Release notes](https://github.com/go-asn1-ber/asn1-ber/releases)
- [Commits](https://github.com/go-asn1-ber/asn1-ber/compare/v1.5.6...v1.5.7)

---
updated-dependencies:
- dependency-name: github.com/go-asn1-ber/asn1-ber
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-06-06 10:32:52 +08:00
Lichao Xue
115827cac7
Fixes-20537 SBOM tab should not exist when the artifact is helm package (#20538) 
Fixes-20537 SBOM tab should not exist when the artifact is oci-compliant helm-chart

Signed-off-by: xuelichao <xuel@vmware.com>
 2024-06-03 19:44:38 +08:00
stonezdj(Daojun Zhang)
74f4a358f8
No sbom_overview when sbom is deleted (#20533) 
fixes #20529

Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2024-06-03 13:38:30 +08:00
stonezdj(Daojun Zhang)
30767f6612
Response an error message when there is incomplete sbom generate job (#20526) 
Response an error message when there is uncomplete sbom generate job

Signed-off-by: stonezdj <stone.zhang@broadcom.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
 2024-05-31 17:20:53 +08:00
Wang Yan
7645ec7ccc
fix http client to push sbom accessory (#20525) 
Signed-off-by: wang yan <wangyan@vmware.com>
 2024-05-31 16:43:13 +08:00
Wang Yan
d8475906ba
fix 20518 (#20521) 
fixes #20518
Since there is no report for the replicated artifact, update to use the artifact id to remove accessories.

Signed-off-by: wang yan <wangyan@vmware.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-05-30 19:50:03 +08:00
Lichao Xue
1a36a95a2b
Fix UI bugs - Pagination is missing on tag immutability rules (#20501) 
Fix UI bugs- Pagination is missing on tag immutability rules

Signed-off-by: xuelichao <xuel@vmware.com>
 2024-05-30 18:18:57 +08:00
Wang Yan
8bc76a6548
tls support for pushing sbom (#20514) 
Make it supports the tls configuration for the client for pushing sbom object

Signed-off-by: wang yan <wangyan@vmware.com>
 2024-05-30 13:40:37 +08:00
stonezdj(Daojun Zhang)
05c1c2825f
Fix tooltip issue related to SBOM.Details (#20510) 
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2024-05-30 03:35:04 +00:00
Wang Yan
7339bfa9b0
Fix multiple SBOM (#20503) 
fix 20496

fixes #20496

Harbor will reserve one SBOM accessory artifact for each subject artifact. Ensure all existing SBOMs are removed before generating the next set.

Signed-off-by: wang yan <wangyan@vmware.com>
 2024-05-29 18:25:26 +08:00
stonezdj(Daojun Zhang)
6d782ae695
Separate the execution vendor type sbom from image_scan (#20504) 
Add vendor type SBOM for execution
  fixes #20495

Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2024-05-29 15:45:28 +08:00
stonezdj(Daojun Zhang)
1f0c8289a5
Add sbom_report table to store sbom related information (#20473) 
fixes #20445
  Refactor scan/base_controller.go
  Move MakeReportPlaceholder, GetReportPlaceholder, GetSummary to vul and sbom scanHandler

Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2024-05-24 08:48:55 +00:00
dependabot[bot]
0a4c31682a
chore(deps): bump github.com/go-openapi/swag from 0.22.7 to 0.23.0 in /src (#20453) 
chore(deps): bump github.com/go-openapi/swag in /src

Bumps [github.com/go-openapi/swag](https://github.com/go-openapi/swag) from 0.22.7 to 0.23.0.
- [Commits](https://github.com/go-openapi/swag/compare/v0.22.7...v0.23.0)

---
updated-dependencies:
- dependency-name: github.com/go-openapi/swag
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-05-23 16:07:20 +08:00
dependabot[bot]
8bb7586b0b
chore(deps): bump github.com/prometheus/client_golang from 1.17.0 to 1.19.1 in /src (#20451) 
chore(deps): bump github.com/prometheus/client_golang in /src

Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.17.0 to 1.19.1.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prometheus/client_golang/compare/v1.17.0...v1.19.1)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-05-23 15:19:09 +08:00
dependabot[bot]
00b5725edd
chore(deps): bump golang.org/x/net from 0.24.0 to 0.25.0 in /src (#20455) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.24.0 to 0.25.0.
- [Commits](https://github.com/golang/net/compare/v0.24.0...v0.25.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-05-23 14:38:43 +08:00
Lichao Xue
3352a72b7a
Fix - 20469 sbom status and download issue (#20471) 
Fix sbom status and download issue

Signed-off-by: xuelichao <xuel@vmware.com>
 2024-05-23 13:23:45 +08:00
Lichao Xue
3875b1ac1d
Fix-20459 Wrong sbom status displayed in UI (#20460) 
Signed-off-by: xuelichao <xuel@vmware.com>
 2024-05-21 17:55:46 +08:00
Lichao Xue
be839e677c
fix ui test failure (#20441) 
Signed-off-by: xuelichao <xuel@vmware.com>
 2024-05-20 15:42:42 +08:00
Lichao Xue
840d4085f0
Fix and Should to display Unsupported if no SBOM accessories found (#20426) 
Should this be Unsupported either for SBOM

Signed-off-by: xuelichao <xuel@vmware.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-05-16 17:40:42 +08:00
stonezdj(Daojun Zhang)
8ccf98a2ac
Initialize execution Manager in Report Assembler (#20437) 
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2024-05-16 16:08:06 +08:00
MinerYang
2da4d5883f
bump golang 1.22.3 (#20433) 
* bump golang 1.22.3

Signed-off-by: yminer <yminer@vmware.com>

* debug api_common_install.sh

Signed-off-by: yminer <yminer@vmware.com>

* remove set DNS for docker v20

Signed-off-by: yminer <yminer@vmware.com>

---------

Signed-off-by: yminer <yminer@vmware.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
 2024-05-16 14:32:59 +08:00
stonezdj(Daojun Zhang)
2b4fe6ced7
Add additional link for sboms (#20423) 
artifact object's addition_links has sboms item when it support to generate sbom
  fixes #20346

Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2024-05-15 13:34:22 +00:00
stonezdj(Daojun Zhang)
df5b3618c7
Display status in sbom_overview for image index (#20425) 
fixes #20418

Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2024-05-15 11:52:39 +00:00
Shengwen YU
bb6c7242a4
add membership=true back for gitlab replication adapter (#20400) 
fix: add membership=true back for gitlab replication adapter

Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2024-05-15 10:38:01 +00:00
dependabot[bot]
0fc87eaf35
chore(deps): bump github.com/go-openapi/strfmt from 0.22.0 to 0.23.0 in /src (#20396) 
chore(deps): bump github.com/go-openapi/strfmt in /src

Bumps [github.com/go-openapi/strfmt](https://github.com/go-openapi/strfmt) from 0.22.0 to 0.23.0.
- [Commits](https://github.com/go-openapi/strfmt/compare/v0.22.0...v0.23.0)

---
updated-dependencies:
- dependency-name: github.com/go-openapi/strfmt
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-15 09:11:11 +00:00
dependabot[bot]
372102c824
chore(deps): bump go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux from 0.46.1 to 0.51.0 in /src (#20394) 
chore(deps): bump go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux

Bumps [go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux](https://github.com/open-telemetry/opentelemetry-go-contrib) from 0.46.1 to 0.51.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go-contrib/compare/zpages/v0.46.1...zpages/v0.51.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: MinerYang <yminer@vmware.com>
 2024-05-15 08:33:53 +00:00
dependabot[bot]
34dfbfd6bd
chore(deps): bump github.com/golang-jwt/jwt/v5 from 5.2.0 to 5.2.1 in /src (#20397) 
chore(deps): bump github.com/golang-jwt/jwt/v5 in /src

Bumps [github.com/golang-jwt/jwt/v5](https://github.com/golang-jwt/jwt) from 5.2.0 to 5.2.1.
- [Release notes](https://github.com/golang-jwt/jwt/releases)
- [Changelog](https://github.com/golang-jwt/jwt/blob/main/VERSION_HISTORY.md)
- [Commits](https://github.com/golang-jwt/jwt/compare/v5.2.0...v5.2.1)

---
updated-dependencies:
- dependency-name: github.com/golang-jwt/jwt/v5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: MinerYang <yminer@vmware.com>
 2024-05-15 15:57:04 +08:00
Wang Yan
2977fec006
fix issue 19928 (#20409) 
* fix issue 19928

it needs to consider the user who is in any group that has been granted with the project admin role.

Signed-off-by: wang yan <wangyan@vmware.com>
 2024-05-15 13:07:30 +08:00
stonezdj(Daojun Zhang)
232f9ba7ea
Skip scan in-toto sbom artifact (#20415) 
fixes #20337

Signed-off-by: stonezdj <stone.zhang@broadcom.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
 2024-05-13 17:12:04 +08:00
Wang Yan
65e266fecf
fix issue 20407 (#20416) 
fixes #20407
It needs to specify the insecure option on parsing the reference

Signed-off-by: wang yan <wangyan@vmware.com>
 2024-05-13 14:44:51 +08:00
MinerYang
068ae006fe
Update scan job request log for enabled_capabilities (#20414) 
update scan job request log

Signed-off-by: yminer <yminer@vmware.com>
 2024-05-10 17:17:47 +08:00
dependabot[bot]
c4409c053b
Bump helm.sh/helm/v3 from 3.14.2 to 3.14.4 in /src (#20373) 
Bumps [helm.sh/helm/v3](https://github.com/helm/helm) from 3.14.2 to 3.14.4.
- [Release notes](https://github.com/helm/helm/releases)
- [Commits](https://github.com/helm/helm/compare/v3.14.2...v3.14.4)

---
updated-dependencies:
- dependency-name: helm.sh/helm/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Shengwen YU <yshengwen@vmware.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-05-06 15:49:37 +08:00
dependabot[bot]
1ef61995b8
Bump github.com/go-asn1-ber/asn1-ber from 1.5.5 to 1.5.6 in /src (#20372) 
Bumps [github.com/go-asn1-ber/asn1-ber](https://github.com/go-asn1-ber/asn1-ber) from 1.5.5 to 1.5.6.
- [Release notes](https://github.com/go-asn1-ber/asn1-ber/releases)
- [Commits](https://github.com/go-asn1-ber/asn1-ber/compare/v1.5.5...v1.5.6)

---
updated-dependencies:
- dependency-name: github.com/go-asn1-ber/asn1-ber
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-05-06 14:45:37 +08:00
dependabot[bot]
34cb462cd9
Bump github.com/gorilla/csrf from 1.6.2 to 1.7.2 in /src (#20376) 
Bumps [github.com/gorilla/csrf](https://github.com/gorilla/csrf) from 1.6.2 to 1.7.2.
- [Release notes](https://github.com/gorilla/csrf/releases)
- [Commits](https://github.com/gorilla/csrf/compare/v1.6.2...v1.7.2)

---
updated-dependencies:
- dependency-name: github.com/gorilla/csrf
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Shengwen YU <yshengwen@vmware.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-05-06 14:08:10 +08:00
dependabot[bot]
132c389216
Bump k8s.io/api from 0.29.3 to 0.30.0 in /src (#20375) 
Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.29.3 to 0.30.0.
- [Commits](https://github.com/kubernetes/api/compare/v0.29.3...v0.30.0)

---
updated-dependencies:
- dependency-name: k8s.io/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-05-06 13:18:42 +08:00
dependabot[bot]
50dc773a5a
Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp from 1.24.0 to 1.26.0 in /src (#20374) 
Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp

Bumps [go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp](https://github.com/open-telemetry/opentelemetry-go) from 1.24.0 to 1.26.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.24.0...v1.26.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-05-06 10:53:35 +08:00
stonezdj(Daojun Zhang)
8431c9c30a
Rename harbor.sbom to sbom.harbor (#20359) 
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2024-05-02 23:48:07 +00:00
MinerYang
d01dfd450a
do not delete accessory relationship while still referenced (#20360) 
Signed-off-by: yminer <yminer@vmware.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
 2024-04-30 01:18:09 +00:00
stonezdj(Daojun Zhang)
d154c27362
Add scan type in webhook event (#20363) 
fixes #20331

Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2024-04-29 13:51:09 +00:00
Lichao Xue
9b5dd7951e
Fix UI sbom status not updated to grid item after job done (#20368) 
Fix UI sbom status not updated after job done

Signed-off-by: xuelichao <xuel@vmware.com>
 2024-04-29 17:26:01 +08:00
dependabot[bot]
1146cbeca1
Bump github.com/cenkalti/backoff/v4 from 4.2.1 to 4.3.0 in /src (#20316) 
Bumps [github.com/cenkalti/backoff/v4](https://github.com/cenkalti/backoff) from 4.2.1 to 4.3.0.
- [Commits](https://github.com/cenkalti/backoff/compare/v4.2.1...v4.3.0)

---
updated-dependencies:
- dependency-name: github.com/cenkalti/backoff/v4
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Shengwen YU <yshengwen@vmware.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-04-29 12:49:55 +08:00
dependabot[bot]
01a28dc66d
Bump go.opentelemetry.io/otel/sdk from 1.24.0 to 1.26.0 in /src (#20370) 
Bumps [go.opentelemetry.io/otel/sdk](https://github.com/open-telemetry/opentelemetry-go) from 1.24.0 to 1.26.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.24.0...v1.26.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/sdk
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-04-29 10:19:48 +08:00
dependabot[bot]
7306f6d7d9
Bump github.com/golang-migrate/migrate/v4 from 4.16.2 to 4.17.1 in /src (#20317) 
Bumps [github.com/golang-migrate/migrate/v4](https://github.com/golang-migrate/migrate) from 4.16.2 to 4.17.1.
- [Release notes](https://github.com/golang-migrate/migrate/releases)
- [Changelog](https://github.com/golang-migrate/migrate/blob/master/.goreleaser.yml)
- [Commits](https://github.com/golang-migrate/migrate/compare/v4.16.2...v4.17.1)

---
updated-dependencies:
- dependency-name: github.com/golang-migrate/migrate/v4
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Shengwen YU <yshengwen@vmware.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-04-28 17:32:58 +08:00
dependabot[bot]
d7ab8254cc
Bump golang.org/x/net from 0.22.0 to 0.24.0 in /src (#20318) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.22.0 to 0.24.0.
- [Commits](https://github.com/golang/net/compare/v0.22.0...v0.24.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-04-28 15:47:57 +08:00
stonezdj(Daojun Zhang)
fba4c40c65
Delete scan_report when accessory is removed (#20365) 
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2024-04-27 01:56:30 +00:00
Lichao Xue
dee73a44f3
Fix UI bugs (#20364) 
Signed-off-by: xuelichao <xuel@vmware.com>
 2024-04-26 06:56:23 +00:00
stonezdj(Daojun Zhang)
ec8d692fe6
Add scanner info and report_id to sbom_overview on listing artifact (#20358) 
Add scan_status and report_id when scan has a failed task

Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2024-04-25 17:00:35 +08:00
Shengwen YU
2af02f3b25
fix: update image reference to "@" in audit log when pushing & deleting images (#20348) 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2024-04-24 16:05:14 +08:00
stonezdj(Daojun Zhang)
c80e9bf477
Add 422 in the swagger.yaml (#20344) 
change log level with no content message
  fix time in sbom accessory
  fixes #20342 #20332 #20328

Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2024-04-24 09:57:46 +08:00
stonezdj(Daojun Zhang)
b7d4bf0d07
Log and skip adapter ping error when retrieve adapter capability (#20314) 
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2024-04-22 09:43:04 +00:00
Lichao Xue
e7fce62723
Wrong values shown for the columns of support_sbom and support_vulnerability in scanner list (#20308) 
Fix wrong value shown for the columns of support_sbom and support_vulnerability in scanner list

Signed-off-by: xuelichao <xuel@vmware.com>
 2024-04-22 13:29:48 +08:00
stonezdj(Daojun Zhang)
d759429831
Set default capability for old scanners (#20306) 
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
 2024-04-20 10:37:30 +08:00
stonezdj(Daojun Zhang)
0d9dc4b4a4
Add enableCapabilities to extraAttrs for stop (#20299) 
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2024-04-19 07:36:56 +00:00
Lichao Xue
b3dc183f47
Fixed an issue where the scan stop button can only be clicked once (#20302) 
Signed-off-by: xuelichao <xuel@vmware.com>
 2024-04-19 13:01:54 +08:00
stonezdj(Daojun Zhang)
9c3fc28250
Allow generate sbom in proxy cache project (#20298) 
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2024-04-19 02:14:28 +00:00
Lichao Xue
e8907a47ab
SBOM UI feature implementation (#19946) 
* draft: sbom UI feature implementation

Signed-off-by: xuelichao <xuel@vmware.com>

* refactor based on swagger yaml changes

Signed-off-by: xuelichao <xuel@vmware.com>

* update scan type for scan and stop sbom request

Signed-off-by: xuelichao <xuel@vmware.com>

---------

Signed-off-by: xuelichao <xuel@vmware.com>
 2024-04-18 08:22:11 +00:00
Ikko Eltociear Ashimine
4fd11ce072
refactor: update controller.go (#20297) 
minor fix

Signed-off-by: Ikko Eltociear Ashimine <eltociear@gmail.com>
Co-authored-by: MinerYang <yminer@vmware.com>
 2024-04-18 14:26:03 +08:00
stonezdj(Daojun Zhang)
2ea7d09412
skip to log scan sbom accessory for sbom accessory (#20290) 
Avoid to log the generate SBOM failure message when the artifact is SBOM in webhook event

Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2024-04-17 14:51:11 +00:00
stonezdj(Daojun Zhang)
fb2e0042d0
Rename scan request type (#20288) 
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
 2024-04-17 09:52:50 +00:00
stonezdj(Daojun Zhang)
654aa8edcf
Add generate SBOM feature (#20251) 
* Add SBOM scan feature

  Add scan handler for sbom
  Delete previous sbom accessory before the job service

Signed-off-by: stonezdj <daojunz@vmware.com>

* fix issue

Signed-off-by: stonezdj <stone.zhang@broadcom.com>

---------

Signed-off-by: stonezdj <daojunz@vmware.com>
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
Co-authored-by: stonezdj <daojunz@vmware.com>
 2024-04-16 13:34:19 +00:00
Wang Yan
550bf1d750
fix issue 20269 (#20274) 
By default, use the nvd score as the primary score, and if it is unavailable, fallback to the redhat score.
fix #20269

Signed-off-by: wang yan <wangyan@vmware.com>
 2024-04-16 16:49:52 +08:00
Shengwen YU
91efec1e2a
fix: update the image reference format for audit log when pulling image (#20278) 
Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
 2024-04-16 11:11:59 +08:00
dependabot[bot]
938c804513
Bump go.uber.org/ratelimit from 0.2.0 to 0.3.1 in /src (#20204) 
Bumps [go.uber.org/ratelimit](https://github.com/uber-go/ratelimit) from 0.2.0 to 0.3.1.
- [Changelog](https://github.com/uber-go/ratelimit/blob/main/CHANGELOG.md)
- [Commits](https://github.com/uber-go/ratelimit/compare/v0.2.0...v0.3.1)

---
updated-dependencies:
- dependency-name: go.uber.org/ratelimit
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
 2024-04-16 10:11:19 +08:00
Iceber Gu
a2507dc3fc
Sending signals by closing the channel (#17917) 
Signed-off-by: Iceber Gu <wei.cai-nat@daocloud.io>
 2024-04-15 12:37:59 +00:00
dependabot[bot]
79dbebd48d
Bump golang.org/x/oauth2 from 0.15.0 to 0.19.0 in /src (#20247) 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.15.0 to 0.19.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.15.0...v0.19.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-04-15 19:04:22 +08:00
dependabot[bot]
b8392968ac
Bump github.com/coreos/go-oidc/v3 from 3.9.0 to 3.10.0 in /src (#20202) 
Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc) from 3.9.0 to 3.10.0.
- [Release notes](https://github.com/coreos/go-oidc/releases)
- [Commits](https://github.com/coreos/go-oidc/compare/v3.9.0...v3.10.0)

---
updated-dependencies:
- dependency-name: github.com/coreos/go-oidc/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-04-15 18:18:53 +08:00
dependabot[bot]
8bf26c0d1d
Bump k8s.io/api from 0.29.0 to 0.29.3 in /src (#20205) 
Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.29.0 to 0.29.3.
- [Commits](https://github.com/kubernetes/api/compare/v0.29.0...v0.29.3)

---
updated-dependencies:
- dependency-name: k8s.io/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-04-15 16:47:55 +08:00
MinerYang
7465a29919
add SBOM icon (#20270) 
Signed-off-by: yminer <yminer@vmware.com>
 2024-04-12 20:12:46 +08:00
MinerYang
7e8032b144
bump golang to 1.22.2 (#20256) 
Signed-off-by: yminer <yminer@vmware.com>

replace go get to go install

update go.mod
 2024-04-12 13:46:29 +08:00
MinerYang
e9d2f50669
update mockery to v2.42.2 (#20258) 
Signed-off-by: yminer <yminer@vmware.com>
 2024-04-11 03:37:59 +00:00
stonezdj(Daojun Zhang)
5d7c668028
Support list artifact with_sbom_overview option (#20244) 
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
Co-authored-by: stonezdj <daojunz@vmware.com>
 2024-04-10 14:47:45 +00:00
stonezdj(Daojun Zhang)
89995075a7
Update swagger API to display SBOM content in addition API (#20234) 
complete task #20066

Signed-off-by: stonezdj <daojunz@vmware.com>
Co-authored-by: stonezdj <daojunz@vmware.com>
 2024-04-10 12:39:25 +00:00
tostt
a858fb4f4d
Updated internationalisation : fr-fr (#20179) 
* Update french translation

Signed-off-by: tostt <tostt@users.noreply.github.com>

* More updates french language

Signed-off-by: tostt <tostt@users.noreply.github.com>

* Corr. spelling

Signed-off-by: tostt <tostt@users.noreply.github.com>

* Update src/portal/src/i18n/lang/fr-fr-lang.json

Co-authored-by: Florian Blampey <flbla@users.noreply.github.com>
Signed-off-by: tostt <tostt@users.noreply.github.com>

* Update src/portal/src/i18n/lang/fr-fr-lang.json

Co-authored-by: Florian Blampey <flbla@users.noreply.github.com>
Signed-off-by: tostt <tostt@users.noreply.github.com>

* Update src/portal/src/i18n/lang/fr-fr-lang.json

Co-authored-by: Thomas Coudert <couderthomas@gmail.com>
Signed-off-by: tostt <tostt@users.noreply.github.com>

* Update src/portal/src/i18n/lang/fr-fr-lang.json

Co-authored-by: Thomas Coudert <couderthomas@gmail.com>
Signed-off-by: tostt <tostt@users.noreply.github.com>

* Update src/portal/src/i18n/lang/fr-fr-lang.json

Co-authored-by: Thomas Coudert <couderthomas@gmail.com>
Signed-off-by: tostt <tostt@users.noreply.github.com>

* Update src/portal/src/i18n/lang/fr-fr-lang.json

Co-authored-by: Thomas Coudert <couderthomas@gmail.com>
Signed-off-by: tostt <tostt@users.noreply.github.com>

* Update src/portal/src/i18n/lang/fr-fr-lang.json

Co-authored-by: Thomas Coudert <couderthomas@gmail.com>
Signed-off-by: tostt <tostt@users.noreply.github.com>

* Update src/portal/src/i18n/lang/fr-fr-lang.json

Co-authored-by: Thomas Coudert <couderthomas@gmail.com>
Signed-off-by: tostt <tostt@users.noreply.github.com>

* Update fr-fr-lang.json : further changes following thcdrt's review

Signed-off-by: tostt <tostt@users.noreply.github.com>

* Update src/portal/src/i18n/lang/fr-fr-lang.json

Co-authored-by: Thomas Coudert <couderthomas@gmail.com>
Signed-off-by: tostt <tostt@users.noreply.github.com>

* Update fr-fr-lang.json: translate Expand to Déplier

Signed-off-by: tostt <tostt@users.noreply.github.com>

* Update fr-fr-lang.json: Remove duplicate portion of text

Signed-off-by: tostt <tostt@users.noreply.github.com>

---------

Signed-off-by: tostt <tostt@users.noreply.github.com>
Co-authored-by: Vadim Bauer <vb@container-registry.com>
Co-authored-by: Florian Blampey <flbla@users.noreply.github.com>
Co-authored-by: Thomas Coudert <couderthomas@gmail.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
 2024-04-10 15:17:30 +08:00
MinerYang
2bb5166c80
adopt cosign with oci-spec 1.1 (#20245) 
Signed-off-by: yminer <yminer@vmware.com>

add comment for cosign middlware
 2024-04-10 13:46:00 +08:00
stonezdj(Daojun Zhang)
2e7db335b3
Add auto generate SBOM on push feature (#20250) 
Signed-off-by: stonezdj <daojunz@vmware.com>
Co-authored-by: stonezdj <daojunz@vmware.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
 2024-04-09 09:30:53 +00:00
MinerYang
03d9575d84
update referrer manifest descriptor size (#20207) 
cache manifest when first time pull if cacheEnabled

Signed-off-by: yminer <yminer@vmware.com>
 2024-04-09 08:50:46 +00:00
Wang Yan
461a5fa50d
add stop sbom scanning API (#20200) 
* add stop sbom scanning API

1. [UI] support to stop sbom scanning #20200
2. add type for stop scanning api, make it able to support both vulnerability and sbom.
3. refactor the db query to support multiple extra attributes.

Signed-off-by: wang yan <wangyan@vmware.com>
Signed-off-by: xuelichao <xuel@vmware.com>
Co-authored-by: xuelichao <xuel@vmware.com>
 2024-04-09 16:07:47 +08:00
stonezdj(Daojun Zhang)
be648ea47f
Refactor scan job service make it easy to add new scan type (#20177) 
Signed-off-by: stonezdj <daojunz@vmware.com>
Signed-off-by: stonezdj(Daojun Zhang) <stonezdj@gmail.com>
Co-authored-by: stonezdj <daojunz@vmware.com>
 2024-04-09 16:05:30 +08:00
guangwu
ff1a5056d7
fix: close blob io ReadCloser (#20225) 
Signed-off-by: guoguangwu <guoguangwug@gmail.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
 2024-04-09 14:27:46 +08:00
stonezdj(Daojun Zhang)
96ba34a93c
Allow empty path in redirect_url (#20238) 
fixes #20226

Signed-off-by: stonezdj <daojunz@vmware.com>
Co-authored-by: stonezdj <daojunz@vmware.com>
 2024-04-09 02:24:57 +00:00
Prima Adi Pradana
7b8a322a88
delete membership=0 in getProjectsByName (#20153) 
delete membership=0 in getProjectsByName but lets getProjects still using membership=1 for reserve if getProjectsByName not found any

Signed-off-by: prima <prima101112@gmail.com>
 2024-04-05 15:29:07 +00:00
stonezdj(Daojun Zhang)
dd76fe47ce
Add SBOM scan REST API (#20215) 
Update swagger API for generate SBOM

Signed-off-by: stonezdj <daojunz@vmware.com>
Co-authored-by: stonezdj <daojunz@vmware.com>
 2024-04-03 08:38:09 +00:00
stonezdj(Daojun Zhang)
b6366e03e9
Update GenAccessoryArt API to generate valid accessory for SBOM (#20214) 
Signed-off-by: stonezdj <daojunz@vmware.com>
Co-authored-by: stonezdj <daojunz@vmware.com>
 2024-04-03 07:59:15 +00:00
guangwu
9778176ff1
fix: close file (#20189) 
Signed-off-by: guoguangwu <guoguangwug@gmail.com>
Co-authored-by: Wang Yan <wangyan@vmware.com>
 2024-04-03 11:45:59 +08:00
stonezdj(Daojun Zhang)
cea47c7db3
Add accessory type for sbom (#20208) 
Signed-off-by: stonezdj <daojunz@vmware.com>
Co-authored-by: stonezdj <daojunz@vmware.com>
 2024-04-02 18:11:27 +08:00
guangwu
b66d14d9f3
fix: typo (#20190) 
Signed-off-by: guoguangwu <guoguangwug@gmail.com>
 2024-04-01 10:03:24 +08:00
Taras Katkov
da3c85be5a
fix image name extraction (#18992) 
* Update replication.go

It also could be 'library/bitnami/fluentd:1.13.3-debian-10-r0' so we need to split resource to only 2 parts - possible namespace and image name which may include slashes for example -
namespace: library, image: bitnami/fluentd:1.13.3-debian-10-r0

Signed-off-by: Taras Katkov <tkatkov@gmail.com>

* Update replication_test.go

Adding namespace and resource extraction tests.

Signed-off-by: Taras Katkov <tkatkov@gmail.com>

* Reformat only

Signed-off-by: Taras Katkov <tkatkov@gmail.com>

---------

Signed-off-by: Taras Katkov <tkatkov@gmail.com>
 2024-03-30 13:41:50 +00:00
dependabot[bot]
7c2158bdf9
Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp from 1.21.0 to 1.24.0 in /src (#20037) 
Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp

Bumps [go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp](https://github.com/open-telemetry/opentelemetry-go) from 1.21.0 to 1.24.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.21.0...v1.24.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Shengwen YU <yshengwen@vmware.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-03-29 18:08:06 +08:00
dependabot[bot]
6c2cafe7ba
Bump github.com/docker/docker from 24.0.7+incompatible to 24.0.9+incompatible in /src (#20147) 
Bump github.com/docker/docker in /src

Bumps [github.com/docker/docker](https://github.com/docker/docker) from 24.0.7+incompatible to 24.0.9+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v24.0.7...v24.0.9)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-03-29 17:29:09 +08:00
dependabot[bot]
290b22cf17
Bump google.golang.org/protobuf from 1.31.0 to 1.33.0 in /src (#20124) 
Bumps google.golang.org/protobuf from 1.31.0 to 1.33.0.

---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-03-29 16:51:51 +08:00
dependabot[bot]
6a0ee091d8
Bump github.com/jackc/pgx/v4 from 4.18.1 to 4.18.3 in /src (#20139) 
Bumps [github.com/jackc/pgx/v4](https://github.com/jackc/pgx) from 4.18.1 to 4.18.3.
- [Changelog](https://github.com/jackc/pgx/blob/v4.18.3/CHANGELOG.md)
- [Commits](https://github.com/jackc/pgx/compare/v4.18.1...v4.18.3)

---
updated-dependencies:
- dependency-name: github.com/jackc/pgx/v4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Shengwen YU <yshengwen@vmware.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-03-29 16:14:23 +08:00
dependabot[bot]
ebb8050068
Bump golang.org/x/net from 0.17.0 to 0.22.0 in /src (#20113) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.17.0 to 0.22.0.
- [Commits](https://github.com/golang/net/compare/v0.17.0...v0.22.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Shengwen YU <yshengwen@vmware.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-03-29 15:15:28 +08:00
dependabot[bot]
9beede0d82
Bump github.com/cloudevents/sdk-go/v2 from 2.14.0 to 2.15.2 in /src (#20099) 
Bumps [github.com/cloudevents/sdk-go/v2](https://github.com/cloudevents/sdk-go) from 2.14.0 to 2.15.2.
- [Release notes](https://github.com/cloudevents/sdk-go/releases)
- [Commits](https://github.com/cloudevents/sdk-go/compare/v2.14.0...v2.15.2)

---
updated-dependencies:
- dependency-name: github.com/cloudevents/sdk-go/v2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-03-28 11:02:43 +00:00
dependabot[bot]
4acde986a9
Bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.3 in /src (#20104) 
Bumps [github.com/go-jose/go-jose/v3](https://github.com/go-jose/go-jose) from 3.0.1 to 3.0.3.
- [Release notes](https://github.com/go-jose/go-jose/releases)
- [Changelog](https://github.com/go-jose/go-jose/blob/v3.0.3/CHANGELOG.md)
- [Commits](https://github.com/go-jose/go-jose/compare/v3.0.1...v3.0.3)

---
updated-dependencies:
- dependency-name: github.com/go-jose/go-jose/v3
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-03-28 18:24:03 +08:00
dependabot[bot]
8b8b88d86a
Bump golang.org/x/sync from 0.3.0 to 0.6.0 in /src (#20036) 
Bumps [golang.org/x/sync](https://github.com/golang/sync) from 0.3.0 to 0.6.0.
- [Commits](https://github.com/golang/sync/compare/v0.3.0...v0.6.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sync
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-03-28 17:46:37 +08:00
dependabot[bot]
d58172c112
Bump github.com/tencentcloud/tencentcloud-sdk-go from 1.0.62 to 3.0.233+incompatible in /src (#20035) 
Bump github.com/tencentcloud/tencentcloud-sdk-go in /src

Bumps [github.com/tencentcloud/tencentcloud-sdk-go](https://github.com/tencentcloud/tencentcloud-sdk-go) from 1.0.62 to 3.0.233+incompatible.
- [Commits](https://github.com/tencentcloud/tencentcloud-sdk-go/commits)

---
updated-dependencies:
- dependency-name: github.com/tencentcloud/tencentcloud-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-03-28 17:01:37 +08:00
dependabot[bot]
b9659b455b
Bump express from 4.18.2 to 4.19.2 in /src/portal (#20167) 
Bumps [express](https://github.com/expressjs/express) from 4.18.2 to 4.19.2.
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](https://github.com/expressjs/express/compare/4.18.2...4.19.2)

---
updated-dependencies:
- dependency-name: express
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
 2024-03-28 07:02:17 +00:00