chore(deps): bump helm.sh/helm/v3 from 3.18.3 to 3.18.4 in /src #22188
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- updated-dependencies: - dependency-name: helm.sh/helm/v3 dependency-version: 3.18.4 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
stonezdj
approved these changes
Jul 21, 2025
dependabot
bot
deleted the
dependabot/go_modules/src/helm.sh/helm/v3-3.18.4
branch
Vad1mo
added a commit
to container-registry/harbor-next
that referenced
this pull request
Sep 3, 2025
* Add 400 code response in swagger.yaml for updateRegistry updateReplicationPolicy and headProject (goharbor#22165) Signed-off-by: yuzhipeng <yuzp1996@gmail.com> * Update FixVersion and ScoreV3 (goharbor#22007) Set Fix and CVE3Score in VulnerabilityRecord from VulnerabilityItem. Follow-up of goharbor#21915 Fixes goharbor#21463 Signed-off-by: Spyros Trigazis <spyridon.trigazis@cern.ch> * Add "status" of CVEs to artfact scan report (goharbor#22177) This commit adds the field "status" to the struct of a vulnerability and adds column "status" to vulnerability record table. It makes sure the statuses of CVEs returned by trivy scanner are persisted and can be returned via the vulnerabilities addition API of an artifact. Signed-off-by: Daniel Jiang <daniel.jiang@broadcom.com> * Improve portal README.md formatting and clarity (goharbor#22173) improving the portal readme file Signed-off-by: rgcr <roger.dev@pm.me> * chore: Updated RELEASE.md by updating Minor Release Support Map (goharbor#22145) Updated the Minor Release Support Matrix to include v2.13 Signed-off-by: Mooneeb Hussain <mooneeb.hussain@gmail.com> * Add status field to the API on secyurityHub (goharbor#22182) This commit makes change to the API GET /api/v2.0/vul to make it include "status" of CVEs in the response. It also makes update in the UI to add the "Status" column to the data grids in security hub and artifact details page. Signed-off-by: Daniel Jiang <daniel.jiang@broadcom.com> * Set MAX_JOB_DURATION_SECONDS from jobservice config.yml (goharbor#22116) Signed-off-by: stonezdj <stone.zhang@broadcom.com> * clean up project metadata for tag retention policy after deletion (goharbor#22174) Signed-off-by: my036811 <miner.yang@broadcom.com> * chore(deps): bump helm.sh/helm/v3 from 3.18.2 to 3.18.3 in /src (goharbor#22113) --- updated-dependencies: - dependency-name: helm.sh/helm/v3 dependency-version: 3.18.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: miner <yminer@vmware.com> * chore(deps): bump helm.sh/helm/v3 from 3.18.3 to 3.18.4 in /src (goharbor#22188) --- updated-dependencies: - dependency-name: helm.sh/helm/v3 dependency-version: 3.18.4 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Remove testcase Open Image Scanners doc page (goharbor#22180) Signed-off-by: stonezdj <stone.zhang@broadcom.com> * Don't always skip vuln check when artifact is not scannable (goharbor#22187) fixes goharbor#22143 This commit makes update to the vulnerable policy middleware. So that it will skip the sheck only when the artifact is not scannable AND it does not have a scan report. Signed-off-by: Daniel Jiang <daniel.jiang@broadcom.com> * Display download url for BUILD_PACKAGE action (goharbor#22197) Signed-off-by: stonezdj <stone.zhang@broadcom.com> * add the replicaiton adapter whitelist (goharbor#22198) fixes goharbor#21925 According to https://github.com/goharbor/harbor/wiki/Harbor-Replicaiton-Adapter-Owner, some replication adapters are no longer actively maintained by the Harbor community. To address this, a whitelist environment variable is introduced to define the list of actively supported adapters, which will be used by the Harbor portal and API to display and allow usage. If you still wish to view and use the unsupported or inactive adapters, you must manually update the whitelist and include the desired adapter names. For the list of adapter names, refer to https://github.com/goharbor/harbor/blob/main/src/pkg/reg/model/registry.go#L22 Signed-off-by: wang yan <wangyan@vmware.com> * fix: correct the permission of project maintainer role for webhook policy (goharbor#22135) Signed-off-by: chlins <chlins.zhang@gmail.com> * update the orm filter func (goharbor#22208) to extend the enhancement from goharbor#21924 to fuzzy and range match. After the enhance, the orm.ExerSep is not supported in any sort of query keywords. Signed-off-by: wy65701436 <wangyan@vmware.com> * bump golang version (goharbor#22205) to the latest golang version v1.24.5 from v1.24.3 Signed-off-by: wy65701436 <wangyan@vmware.com> * Add HTTP 409 error when creating robot account (goharbor#22201) fixes goharbor#22107 Signed-off-by: stonezdj <stone.zhang@broadcom.com> * feat: support raw format for CNAI model (goharbor#22040) Signed-off-by: chlins <chlins.zhang@gmail.com> * The tag retention job failed with 403 error message (goharbor#22159) fixes goharbor#22141 Signed-off-by: stonezdj <stone.zhang@broadcom.com> * remove extra build_base=false && pull_base_from_dockerhub=false check logic (goharbor#22233) remove extra build_base=false && pull_base_from_dockerhub=false logic we do not block the case using local chached image(docker build --pull=false) while build_base=false However we need gurantee always pull latest image while build package And when there's some rate limit issue in the CICD situation we could set pull_base_from_dockerhub=false Signed-off-by: my036811 <miner.yang@broadcom.com> * chore(deps): bump github.com/volcengine/volcengine-go-sdk from 1.1.19 to 1.1.25 in /src (goharbor#22225) chore(deps): bump github.com/volcengine/volcengine-go-sdk in /src Bumps [github.com/volcengine/volcengine-go-sdk](https://github.com/volcengine/volcengine-go-sdk) from 1.1.19 to 1.1.25. - [Release notes](https://github.com/volcengine/volcengine-go-sdk/releases) - [Commits](volcengine/volcengine-go-sdk@v1.1.19...v1.1.25) --- updated-dependencies: - dependency-name: github.com/volcengine/volcengine-go-sdk dependency-version: 1.1.25 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: miner <miner.yang@broadcom.com> * Delete local cache if the artifact doesn't exist in upstream registry (goharbor#22175) fixes goharbor#20596 Signed-off-by: stonezdj <stonezdj@gmail.com> * update the support list of proxy cache (goharbor#22237) According to PR goharbor#22198, some inactive adapters have been removed from the default adapter list. This pull request updates PERMITTED_REGISTRY_TYPES_FOR_PROXY_CACHE accordingly, since the list of proxy cache adapters should be a subset of the replication adapters. Signed-off-by: wy65701436 <wangyan@vmware.com> * bump go version (goharbor#22238) * feat: Single Active Replication (goharbor#21347) feat(replication): add Single Active Replication per policy * Added single_active_replication field to schema & DB table * Updated API, controller & handler to enforce single execution per policy * Added checkbox in UI to enable/disable single_active_replication for a policy * Implemented necessary backend & frontend tests * Prevents parallel runs per policy if single_active_replication is enabled Signed-off-by: bupd <bupdprasanth@gmail.com> * bump base verson for v2.15.0 (goharbor#22241) Signed-off-by: wy65701436 <wangyan@vmware.com> * build base images (goharbor#22249) 1, downgrade the base version to 2.14, and update it whenever we have the release-2.14.0 branch. 2, refresh the base images bses on the latest code. Signed-off-by: wy65701436 <wangyan@vmware.com> * Upload build logs to github artifact (goharbor#22223) Upload log files to github with 5 day retention Signed-off-by: stonezdj <stone.zhang@broadcom.com> * add prepare migration script for 2.14.0 (goharbor#22247) Signed-off-by: my036811 <miner.yang@broadcom.com> * chore(deps): bump helm.sh/helm/v3 from 3.18.4 to 3.18.5 in /src (goharbor#22258) Bumps [helm.sh/helm/v3](https://github.com/helm/helm) from 3.18.4 to 3.18.5. - [Release notes](https://github.com/helm/helm/releases) - [Commits](helm/helm@v3.18.4...v3.18.5) --- updated-dependencies: - dependency-name: helm.sh/helm/v3 dependency-version: 3.18.5 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump actions/checkout from 3 to 5 (goharbor#22250) Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 5. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v3...v5) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump github.com/volcengine/volcengine-go-sdk from 1.1.25 to 1.1.26 in /src (goharbor#22244) chore(deps): bump github.com/volcengine/volcengine-go-sdk in /src Bumps [github.com/volcengine/volcengine-go-sdk](https://github.com/volcengine/volcengine-go-sdk) from 1.1.25 to 1.1.26. - [Release notes](https://github.com/volcengine/volcengine-go-sdk/releases) - [Commits](volcengine/volcengine-go-sdk@v1.1.25...v1.1.26) --- updated-dependencies: - dependency-name: github.com/volcengine/volcengine-go-sdk dependency-version: 1.1.26 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Return the Resport when the scanner is unhealthy (goharbor#22255) This commit fixes goharbor#22254 It updates the "GetReport" function, such that when the scanner is unhealthy, and we can't know the the artifact is supported, we will still try to return the report stored in DB. Signed-off-by: Daniel Jiang <daniel.jiang@broadcom.com> * Refine the sql to query non empty repositories (goharbor#22269) use exists instead of in condition Signed-off-by: stonezdj <stone.zhang@broadcom.com> * chore(deps): bump github.com/beego/beego/v2 from 2.3.6 to 2.3.8 in /src (goharbor#22282) Bumps [github.com/beego/beego/v2](https://github.com/beego/beego) from 2.3.6 to 2.3.8. - [Release notes](https://github.com/beego/beego/releases) - [Changelog](https://github.com/beego/beego/blob/master/CHANGELOG.md) - [Commits](beego/beego@v2.3.6...v2.3.8) --- updated-dependencies: - dependency-name: github.com/beego/beego/v2 dependency-version: 2.3.8 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump github.com/prometheus/client_model from 0.6.1 to 0.6.2 in /src (goharbor#22283) chore(deps): bump github.com/prometheus/client_model in /src Bumps [github.com/prometheus/client_model](https://github.com/prometheus/client_model) from 0.6.1 to 0.6.2. - [Release notes](https://github.com/prometheus/client_model/releases) - [Commits](prometheus/client_model@v0.6.1...v0.6.2) --- updated-dependencies: - dependency-name: github.com/prometheus/client_model dependency-version: 0.6.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump github.com/cloudevents/sdk-go/v2 from 2.15.2 to 2.16.1 in /src (goharbor#22281) chore(deps): bump github.com/cloudevents/sdk-go/v2 in /src Bumps [github.com/cloudevents/sdk-go/v2](https://github.com/cloudevents/sdk-go) from 2.15.2 to 2.16.1. - [Release notes](https://github.com/cloudevents/sdk-go/releases) - [Commits](cloudevents/sdk-go@v2.15.2...v2.16.1) --- updated-dependencies: - dependency-name: github.com/cloudevents/sdk-go/v2 dependency-version: 2.16.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump github.com/go-openapi/swag from 0.23.0 to 0.23.1 in /src (goharbor#22243) chore(deps): bump github.com/go-openapi/swag in /src Bumps [github.com/go-openapi/swag](https://github.com/go-openapi/swag) from 0.23.0 to 0.23.1. - [Commits](go-openapi/swag@v0.23.0...v0.23.1) --- updated-dependencies: - dependency-name: github.com/go-openapi/swag dependency-version: 0.23.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump github.com/volcengine/volcengine-go-sdk from 1.1.26 to 1.1.29 in /src (goharbor#22284) chore(deps): bump github.com/volcengine/volcengine-go-sdk in /src Bumps [github.com/volcengine/volcengine-go-sdk](https://github.com/volcengine/volcengine-go-sdk) from 1.1.26 to 1.1.29. - [Release notes](https://github.com/volcengine/volcengine-go-sdk/releases) - [Commits](volcengine/volcengine-go-sdk@v1.1.26...v1.1.29) --- updated-dependencies: - dependency-name: github.com/volcengine/volcengine-go-sdk dependency-version: 1.1.29 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update README.md (#48) Describe whats different in next Signed-off-by: Vadim Bauer <vb@container-registry.com> * Update README.md (#54) Signed-off-by: Vadim Bauer <vb@container-registry.com> * Correct conformance_test GitHub Actions workflow at line 31 (merges into #64) --------- Signed-off-by: yuzhipeng <yuzp1996@gmail.com> Signed-off-by: Spyros Trigazis <spyridon.trigazis@cern.ch> Signed-off-by: Daniel Jiang <daniel.jiang@broadcom.com> Signed-off-by: rgcr <roger.dev@pm.me> Signed-off-by: Mooneeb Hussain <mooneeb.hussain@gmail.com> Signed-off-by: stonezdj <stone.zhang@broadcom.com> Signed-off-by: my036811 <miner.yang@broadcom.com> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: wang yan <wangyan@vmware.com> Signed-off-by: chlins <chlins.zhang@gmail.com> Signed-off-by: wy65701436 <wangyan@vmware.com> Signed-off-by: stonezdj <stonezdj@gmail.com> Signed-off-by: bupd <bupdprasanth@gmail.com> Signed-off-by: Vadim Bauer <vb@container-registry.com> Signed-off-by: Prasanth Baskar <bupdprasanth@gmail.com> Co-authored-by: yuzhipeng <yuzp1996@gmail.com> Co-authored-by: Spyros Trigazis <strigazi@gmail.com> Co-authored-by: Daniel Jiang <daniel.jiang@broadcom.com> Co-authored-by: Roger <roger.dev@pm.me> Co-authored-by: Moon <mooneeb@chkk.io> Co-authored-by: stonezdj(Daojun Zhang) <stonezdj@gmail.com> Co-authored-by: miner <miner.yang@broadcom.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: miner <yminer@vmware.com> Co-authored-by: Wang Yan <wangyan@vmware.com> Co-authored-by: Chlins Zhang <chlins.zhang@gmail.com> Co-authored-by: Vadim Bauer <vb@container-registry.com> Co-authored-by: cubic Bot <contact@cubic.dev>
Vad1mo
added a commit
to container-registry/harbor-next
that referenced
this pull request
Sep 3, 2025
* Add 400 code response in swagger.yaml for updateRegistry updateReplicationPolicy and headProject (goharbor#22165) Signed-off-by: yuzhipeng <yuzp1996@gmail.com> * Update FixVersion and ScoreV3 (goharbor#22007) Set Fix and CVE3Score in VulnerabilityRecord from VulnerabilityItem. Follow-up of goharbor#21915 Fixes goharbor#21463 Signed-off-by: Spyros Trigazis <spyridon.trigazis@cern.ch> * Add "status" of CVEs to artfact scan report (goharbor#22177) This commit adds the field "status" to the struct of a vulnerability and adds column "status" to vulnerability record table. It makes sure the statuses of CVEs returned by trivy scanner are persisted and can be returned via the vulnerabilities addition API of an artifact. Signed-off-by: Daniel Jiang <daniel.jiang@broadcom.com> * Improve portal README.md formatting and clarity (goharbor#22173) improving the portal readme file Signed-off-by: rgcr <roger.dev@pm.me> * chore: Updated RELEASE.md by updating Minor Release Support Map (goharbor#22145) Updated the Minor Release Support Matrix to include v2.13 Signed-off-by: Mooneeb Hussain <mooneeb.hussain@gmail.com> * Add status field to the API on secyurityHub (goharbor#22182) This commit makes change to the API GET /api/v2.0/vul to make it include "status" of CVEs in the response. It also makes update in the UI to add the "Status" column to the data grids in security hub and artifact details page. Signed-off-by: Daniel Jiang <daniel.jiang@broadcom.com> * Set MAX_JOB_DURATION_SECONDS from jobservice config.yml (goharbor#22116) Signed-off-by: stonezdj <stone.zhang@broadcom.com> * clean up project metadata for tag retention policy after deletion (goharbor#22174) Signed-off-by: my036811 <miner.yang@broadcom.com> * chore(deps): bump helm.sh/helm/v3 from 3.18.2 to 3.18.3 in /src (goharbor#22113) --- updated-dependencies: - dependency-name: helm.sh/helm/v3 dependency-version: 3.18.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: miner <yminer@vmware.com> * chore(deps): bump helm.sh/helm/v3 from 3.18.3 to 3.18.4 in /src (goharbor#22188) --- updated-dependencies: - dependency-name: helm.sh/helm/v3 dependency-version: 3.18.4 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Remove testcase Open Image Scanners doc page (goharbor#22180) Signed-off-by: stonezdj <stone.zhang@broadcom.com> * Don't always skip vuln check when artifact is not scannable (goharbor#22187) fixes goharbor#22143 This commit makes update to the vulnerable policy middleware. So that it will skip the sheck only when the artifact is not scannable AND it does not have a scan report. Signed-off-by: Daniel Jiang <daniel.jiang@broadcom.com> * Display download url for BUILD_PACKAGE action (goharbor#22197) Signed-off-by: stonezdj <stone.zhang@broadcom.com> * add the replicaiton adapter whitelist (goharbor#22198) fixes goharbor#21925 According to https://github.com/goharbor/harbor/wiki/Harbor-Replicaiton-Adapter-Owner, some replication adapters are no longer actively maintained by the Harbor community. To address this, a whitelist environment variable is introduced to define the list of actively supported adapters, which will be used by the Harbor portal and API to display and allow usage. If you still wish to view and use the unsupported or inactive adapters, you must manually update the whitelist and include the desired adapter names. For the list of adapter names, refer to https://github.com/goharbor/harbor/blob/main/src/pkg/reg/model/registry.go#L22 Signed-off-by: wang yan <wangyan@vmware.com> * fix: correct the permission of project maintainer role for webhook policy (goharbor#22135) Signed-off-by: chlins <chlins.zhang@gmail.com> * update the orm filter func (goharbor#22208) to extend the enhancement from goharbor#21924 to fuzzy and range match. After the enhance, the orm.ExerSep is not supported in any sort of query keywords. Signed-off-by: wy65701436 <wangyan@vmware.com> * bump golang version (goharbor#22205) to the latest golang version v1.24.5 from v1.24.3 Signed-off-by: wy65701436 <wangyan@vmware.com> * Add HTTP 409 error when creating robot account (goharbor#22201) fixes goharbor#22107 Signed-off-by: stonezdj <stone.zhang@broadcom.com> * feat: support raw format for CNAI model (goharbor#22040) Signed-off-by: chlins <chlins.zhang@gmail.com> * The tag retention job failed with 403 error message (goharbor#22159) fixes goharbor#22141 Signed-off-by: stonezdj <stone.zhang@broadcom.com> * remove extra build_base=false && pull_base_from_dockerhub=false check logic (goharbor#22233) remove extra build_base=false && pull_base_from_dockerhub=false logic we do not block the case using local chached image(docker build --pull=false) while build_base=false However we need gurantee always pull latest image while build package And when there's some rate limit issue in the CICD situation we could set pull_base_from_dockerhub=false Signed-off-by: my036811 <miner.yang@broadcom.com> * chore(deps): bump github.com/volcengine/volcengine-go-sdk from 1.1.19 to 1.1.25 in /src (goharbor#22225) chore(deps): bump github.com/volcengine/volcengine-go-sdk in /src Bumps [github.com/volcengine/volcengine-go-sdk](https://github.com/volcengine/volcengine-go-sdk) from 1.1.19 to 1.1.25. - [Release notes](https://github.com/volcengine/volcengine-go-sdk/releases) - [Commits](volcengine/volcengine-go-sdk@v1.1.19...v1.1.25) --- updated-dependencies: - dependency-name: github.com/volcengine/volcengine-go-sdk dependency-version: 1.1.25 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: miner <miner.yang@broadcom.com> * Delete local cache if the artifact doesn't exist in upstream registry (goharbor#22175) fixes goharbor#20596 Signed-off-by: stonezdj <stonezdj@gmail.com> * update the support list of proxy cache (goharbor#22237) According to PR goharbor#22198, some inactive adapters have been removed from the default adapter list. This pull request updates PERMITTED_REGISTRY_TYPES_FOR_PROXY_CACHE accordingly, since the list of proxy cache adapters should be a subset of the replication adapters. Signed-off-by: wy65701436 <wangyan@vmware.com> * bump go version (goharbor#22238) * feat: Single Active Replication (goharbor#21347) feat(replication): add Single Active Replication per policy * Added single_active_replication field to schema & DB table * Updated API, controller & handler to enforce single execution per policy * Added checkbox in UI to enable/disable single_active_replication for a policy * Implemented necessary backend & frontend tests * Prevents parallel runs per policy if single_active_replication is enabled Signed-off-by: bupd <bupdprasanth@gmail.com> * bump base verson for v2.15.0 (goharbor#22241) Signed-off-by: wy65701436 <wangyan@vmware.com> * build base images (goharbor#22249) 1, downgrade the base version to 2.14, and update it whenever we have the release-2.14.0 branch. 2, refresh the base images bses on the latest code. Signed-off-by: wy65701436 <wangyan@vmware.com> * Upload build logs to github artifact (goharbor#22223) Upload log files to github with 5 day retention Signed-off-by: stonezdj <stone.zhang@broadcom.com> * add prepare migration script for 2.14.0 (goharbor#22247) Signed-off-by: my036811 <miner.yang@broadcom.com> * chore(deps): bump helm.sh/helm/v3 from 3.18.4 to 3.18.5 in /src (goharbor#22258) Bumps [helm.sh/helm/v3](https://github.com/helm/helm) from 3.18.4 to 3.18.5. - [Release notes](https://github.com/helm/helm/releases) - [Commits](helm/helm@v3.18.4...v3.18.5) --- updated-dependencies: - dependency-name: helm.sh/helm/v3 dependency-version: 3.18.5 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump actions/checkout from 3 to 5 (goharbor#22250) Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 5. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v3...v5) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump github.com/volcengine/volcengine-go-sdk from 1.1.25 to 1.1.26 in /src (goharbor#22244) chore(deps): bump github.com/volcengine/volcengine-go-sdk in /src Bumps [github.com/volcengine/volcengine-go-sdk](https://github.com/volcengine/volcengine-go-sdk) from 1.1.25 to 1.1.26. - [Release notes](https://github.com/volcengine/volcengine-go-sdk/releases) - [Commits](volcengine/volcengine-go-sdk@v1.1.25...v1.1.26) --- updated-dependencies: - dependency-name: github.com/volcengine/volcengine-go-sdk dependency-version: 1.1.26 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Return the Resport when the scanner is unhealthy (goharbor#22255) This commit fixes goharbor#22254 It updates the "GetReport" function, such that when the scanner is unhealthy, and we can't know the the artifact is supported, we will still try to return the report stored in DB. Signed-off-by: Daniel Jiang <daniel.jiang@broadcom.com> * Refine the sql to query non empty repositories (goharbor#22269) use exists instead of in condition Signed-off-by: stonezdj <stone.zhang@broadcom.com> * chore(deps): bump github.com/beego/beego/v2 from 2.3.6 to 2.3.8 in /src (goharbor#22282) Bumps [github.com/beego/beego/v2](https://github.com/beego/beego) from 2.3.6 to 2.3.8. - [Release notes](https://github.com/beego/beego/releases) - [Changelog](https://github.com/beego/beego/blob/master/CHANGELOG.md) - [Commits](beego/beego@v2.3.6...v2.3.8) --- updated-dependencies: - dependency-name: github.com/beego/beego/v2 dependency-version: 2.3.8 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump github.com/prometheus/client_model from 0.6.1 to 0.6.2 in /src (goharbor#22283) chore(deps): bump github.com/prometheus/client_model in /src Bumps [github.com/prometheus/client_model](https://github.com/prometheus/client_model) from 0.6.1 to 0.6.2. - [Release notes](https://github.com/prometheus/client_model/releases) - [Commits](prometheus/client_model@v0.6.1...v0.6.2) --- updated-dependencies: - dependency-name: github.com/prometheus/client_model dependency-version: 0.6.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump github.com/cloudevents/sdk-go/v2 from 2.15.2 to 2.16.1 in /src (goharbor#22281) chore(deps): bump github.com/cloudevents/sdk-go/v2 in /src Bumps [github.com/cloudevents/sdk-go/v2](https://github.com/cloudevents/sdk-go) from 2.15.2 to 2.16.1. - [Release notes](https://github.com/cloudevents/sdk-go/releases) - [Commits](cloudevents/sdk-go@v2.15.2...v2.16.1) --- updated-dependencies: - dependency-name: github.com/cloudevents/sdk-go/v2 dependency-version: 2.16.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump github.com/go-openapi/swag from 0.23.0 to 0.23.1 in /src (goharbor#22243) chore(deps): bump github.com/go-openapi/swag in /src Bumps [github.com/go-openapi/swag](https://github.com/go-openapi/swag) from 0.23.0 to 0.23.1. - [Commits](go-openapi/swag@v0.23.0...v0.23.1) --- updated-dependencies: - dependency-name: github.com/go-openapi/swag dependency-version: 0.23.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump github.com/volcengine/volcengine-go-sdk from 1.1.26 to 1.1.29 in /src (goharbor#22284) chore(deps): bump github.com/volcengine/volcengine-go-sdk in /src Bumps [github.com/volcengine/volcengine-go-sdk](https://github.com/volcengine/volcengine-go-sdk) from 1.1.26 to 1.1.29. - [Release notes](https://github.com/volcengine/volcengine-go-sdk/releases) - [Commits](volcengine/volcengine-go-sdk@v1.1.26...v1.1.29) --- updated-dependencies: - dependency-name: github.com/volcengine/volcengine-go-sdk dependency-version: 1.1.29 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update README.md (#48) Describe whats different in next Signed-off-by: Vadim Bauer <vb@container-registry.com> * Update README.md (#54) Signed-off-by: Vadim Bauer <vb@container-registry.com> * feat: daggerize harbor Signed-off-by: bupd <bupdprasanth@gmail.com> * fix: dagger cmds Signed-off-by: bupd <bupdprasanth@gmail.com> * feat: add publish pipeline with dagger Signed-off-by: bupd <bupdprasanth@gmail.com> * fix: pipeline Signed-off-by: bupd <bupdprasanth@gmail.com> --------- Signed-off-by: yuzhipeng <yuzp1996@gmail.com> Signed-off-by: Spyros Trigazis <spyridon.trigazis@cern.ch> Signed-off-by: Daniel Jiang <daniel.jiang@broadcom.com> Signed-off-by: rgcr <roger.dev@pm.me> Signed-off-by: Mooneeb Hussain <mooneeb.hussain@gmail.com> Signed-off-by: stonezdj <stone.zhang@broadcom.com> Signed-off-by: my036811 <miner.yang@broadcom.com> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: wang yan <wangyan@vmware.com> Signed-off-by: chlins <chlins.zhang@gmail.com> Signed-off-by: wy65701436 <wangyan@vmware.com> Signed-off-by: stonezdj <stonezdj@gmail.com> Signed-off-by: bupd <bupdprasanth@gmail.com> Signed-off-by: Vadim Bauer <vb@container-registry.com> Signed-off-by: Prasanth Baskar <bupdprasanth@gmail.com> Co-authored-by: yuzhipeng <yuzp1996@gmail.com> Co-authored-by: Spyros Trigazis <strigazi@gmail.com> Co-authored-by: Daniel Jiang <daniel.jiang@broadcom.com> Co-authored-by: Roger <roger.dev@pm.me> Co-authored-by: Moon <mooneeb@chkk.io> Co-authored-by: stonezdj(Daojun Zhang) <stonezdj@gmail.com> Co-authored-by: miner <miner.yang@broadcom.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: miner <yminer@vmware.com> Co-authored-by: Wang Yan <wangyan@vmware.com> Co-authored-by: Chlins Zhang <chlins.zhang@gmail.com> Co-authored-by: Vadim Bauer <vb@container-registry.com>
AYDEV-FR
pushed a commit
to AYDEV-FR/harbor
that referenced
this pull request
Sep 19, 2025
…rbor#22188) --- updated-dependencies: - dependency-name: helm.sh/helm/v3 dependency-version: 3.18.4 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
AYDEV-FR
pushed a commit
to AYDEV-FR/harbor
that referenced
this pull request
Sep 19, 2025
…rbor#22188) --- updated-dependencies: - dependency-name: helm.sh/helm/v3 dependency-version: 3.18.4 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
AYDEV-FR
pushed a commit
to AYDEV-FR/harbor
that referenced
this pull request
Sep 19, 2025
…rbor#22188) --- updated-dependencies: - dependency-name: helm.sh/helm/v3 dependency-version: 3.18.4 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
OrlinVasilev
pushed a commit
to OrlinVasilev/harbor
that referenced
this pull request
Oct 29, 2025
…rbor#22188) --- updated-dependencies: - dependency-name: helm.sh/helm/v3 dependency-version: 3.18.4 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.