chore(deps): bump dompurify and ngx-markdown in /src/portal #11
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: wang yan <wangyan@vmware.com>
* deps: update src/portal/app-swagger-ui Signed-off-by: bupd <bupdprasanth@gmail.com> * deps: update swagger-ui Signed-off-by: bupd <bupdprasanth@gmail.com> * deps: update src/portal Signed-off-by: bupd <bupdprasanth@gmail.com> --------- Signed-off-by: bupd <bupdprasanth@gmail.com>
…ult (goharbor#21846) Signed-off-by: stonezdj <stone.zhang@broadcom.com>
Signed-off-by: chlins <chlins.zhang@gmail.com>
…1874) Signed-off-by: yminer <miner.yang@broadcom.com>
Signed-off-by: chlins <chlins.zhang@gmail.com>
Per actions/runner-images#11101, the ubuntu 20.04 is out of support. Up it to the 22.04 Signed-off-by: wang yan <wangyan@vmware.com>
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
…oharbor#21883) `copyBlobByChunk()` should like `copyBlob()`, first try to mount an exists layer, if not mounted or exist, then copy the layer monolithic or by chunks. Signed-off-by: Bin Liu <liubin0329@gmail.com> Signed-off-by: Bin Liu <lb203159@antfin.com>
Decouple the lint from the api generation step in the makefile. Signed-off-by: wang yan <wangyan@vmware.com>
add missing step in e2e Signed-off-by: bupd <bupdprasanth@gmail.com>
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
the query parameter cannot contains orm.ExerSep which is key characters that used by orm. the pull request enhances the validation for query parameters. Signed-off-by: wang yan <wangyan@vmware.com>
fix: handle multi-arch images with SBOMs in HarborUI * Updated the `hasChild` method to check for the presence of `child_digest` in the `references` array. * This ensures that SBOMs are correctly displayed for multi-arch images, where child artifacts may contain their own SBOMs. * Previously, No SBOM label was displayed for multi-arch images. Signed-off-by: bupd <bupdprasanth@gmail.com>
Signed-off-by: stonezdj <stone.zhang@broadcom.com>
Make the golang version as a unified parameter to build all harbor components Signed-off-by: wang yan <wangyan@vmware.com>
This commit update the flow to generate URL of token service, which will first try to use the Host in request. This will help the situation when Harbor is configured to serve via a hostname but some client needs to pull artifacts from Harbor via IP due to limitations in the environment. Signed-off-by: Daniel Jiang <daniel.jiang@broadcom.com>
…oharbor#21952) Signed-off-by: stonezdj <stone.zhang@broadcom.com>
…or#21141) Signed-off-by: Raphael Zöllner <raphael.zoellner@regiocom.com>
fix goharbor#21411 Signed-off-by: stonezdj <stone.zhang@broadcom.com>
Signed-off-by: chlins <chlins.zhang@gmail.com>
* fix: helm chart copy btn in UI Signed-off-by: bupd <bupdprasanth@gmail.com> * add: tests for pull command component in UI Signed-off-by: bupd <bupdprasanth@gmail.com> --------- Signed-off-by: bupd <bupdprasanth@gmail.com>
As the harbor exporter is not a core component for installation, so like the trivy, add a flag to controller whether package it into the offline installer. Signed-off-by: wang yan <wangyan@vmware.com>
fixes goharbor#21947 Signed-off-by: wang yan <wangyan@vmware.com>
* bump up golang version to v1.24.3 Signed-off-by: wang yan <wangyan@vmware.com> * bump mockery version to support golang v2.14 Signed-off-by: wang yan <wangyan@vmware.com> --------- Signed-off-by: wang yan <wangyan@vmware.com>
* increase docker client timeout for robot case Signed-off-by: my036811 <miner.yang@broadcom.com> Signed-off-by: miner <miner.yang@broadcom.com>
test list update Signed-off-by: miledxz <zedsprogramms@gmail.com> Co-authored-by: Wang Yan <wangyan@vmware.com>
move the build storage from google storage to the CNCF S3 storage Currently, we use the internal GCR to store all dev builds for nightly testing, development, and as candidates for RC and GA releases. However, this internal Google storage will no longer be available, this pull request it to move to the CNCF-hosted S3 storage. Signed-off-by: wang yan <wangyan@vmware.com>
… 4.2.1 (goharbor#22003) chore(deps): bump aws-actions/configure-aws-credentials Bumps [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) from 4.1.0 to 4.2.1. - [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases) - [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md) - [Commits](aws-actions/configure-aws-credentials@v4.1.0...v4.2.1) --- updated-dependencies: - dependency-name: aws-actions/configure-aws-credentials dependency-version: 4.2.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
… to 1.63.107 in /src (goharbor#21943) chore(deps): bump github.com/aliyun/alibaba-cloud-sdk-go in /src Bumps [github.com/aliyun/alibaba-cloud-sdk-go](https://github.com/aliyun/alibaba-cloud-sdk-go) from 1.63.84 to 1.63.107. - [Release notes](https://github.com/aliyun/alibaba-cloud-sdk-go/releases) - [Changelog](https://github.com/aliyun/alibaba-cloud-sdk-go/blob/master/ChangeLog.txt) - [Commits](aliyun/alibaba-cloud-sdk-go@v1.63.84...v1.63.107) --- updated-dependencies: - dependency-name: github.com/aliyun/alibaba-cloud-sdk-go dependency-version: 1.63.107 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Orlix <7236111+OrlinVasilev@users.noreply.github.com>
In this commit, we add the artifact hub badge for the harbor project to improve their discoverability and the best practices index on [clomonitor.io](https://clomonitor.io/projects/cncf/harbor) Signed-off-by: Mohamed Awnallah <mohamedmohey2352@gmail.com> Co-authored-by: Vadim Bauer <vb@container-registry.com>
refactor: simplify SearchAndOnBoardGroup logic Signed-off-by: bupd <bupdprasanth@gmail.com>
fixes goharbor#22001 Signed-off-by: stonezdj <stone.zhang@broadcom.com>
…rbor#22060) Bumps [helm.sh/helm/v3](https://github.com/helm/helm) from 3.17.2 to 3.18.2. - [Release notes](https://github.com/helm/helm/releases) - [Commits](helm/helm@v3.17.2...v3.18.2) --- updated-dependencies: - dependency-name: helm.sh/helm/v3 dependency-version: 3.18.2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Fix minor errors in CONTRIBUTING.md Signed-off-by: chethanm99 <chethanm1399@gmail.com>
fix: empty cve allowlist validation - fixes empty and cves with only spaces fix: cve allowlist validation add: tests for cve allowlist validation fix: types for projectCVEAllowlist Signed-off-by: bupd <bupdprasanth@gmail.com>
Enhance readability of swagger Readme.md file by fixing minor errors Signed-off-by: chethanm99 <chethanm1399@gmail.com>
…or#21998) Signed-off-by: chlins <chlins.zhang@gmail.com>
Use test_network_type to adapt to various network conditions in the test environment. Signed-off-by: stonezdj <stone.zhang@broadcom.com>
… to 1.1.17 in /src (goharbor#22089) chore(deps): bump github.com/volcengine/volcengine-go-sdk in /src Bumps [github.com/volcengine/volcengine-go-sdk](https://github.com/volcengine/volcengine-go-sdk) from 1.1.11 to 1.1.17. - [Release notes](https://github.com/volcengine/volcengine-go-sdk/releases) - [Commits](volcengine/volcengine-go-sdk@v1.1.11...v1.1.17) --- updated-dependencies: - dependency-name: github.com/volcengine/volcengine-go-sdk dependency-version: 1.1.17 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: miner <yminer@vmware.com>
Signed-off-by: chethanm99 <chethanm1399@gmail.com>
…der (goharbor#22121) Change the pass-CI rules to exclude the resources and robot-cases folder Pass HARBOR_ADMIN env to robot testcases Signed-off-by: stonezdj <stone.zhang@broadcom.com>
* update pipenv and lock Signed-off-by: my036811 <miner.yang@broadcom.com> * update pipenv Signed-off-by: my036811 <miner.yang@broadcom.com> --------- Signed-off-by: my036811 <miner.yang@broadcom.com>
…arbor#22129) Signed-off-by: chlins <chlins.zhang@gmail.com>
… to 1.1.19 in /src (goharbor#22133) chore(deps): bump github.com/volcengine/volcengine-go-sdk in /src --- updated-dependencies: - dependency-name: github.com/volcengine/volcengine-go-sdk dependency-version: 1.1.19 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: miner <yminer@vmware.com>
* Add Russian language support Signed-off-by: Sergey Akhmineev <ssakhmineev@rt-dc.ru> * Update ru-ru-lang.json Made edits to the translation based on comments Signed-off-by: Sergey <81344204+sergey-akhmineev@users.noreply.github.com> * Update ru-ru-lang.json Signed-off-by: Sergey <81344204+sergey-akhmineev@users.noreply.github.com> * Update ru-ru-lang.json Signed-off-by: Sergey <81344204+sergey-akhmineev@users.noreply.github.com> * Update ru-ru-lang.json Signed-off-by: Sergey <81344204+sergey-akhmineev@users.noreply.github.com> --------- Signed-off-by: Sergey Akhmineev <ssakhmineev@rt-dc.ru> Signed-off-by: Sergey <81344204+sergey-akhmineev@users.noreply.github.com> Co-authored-by: Sergey Akhmineev <ssakhmineev@rt-dc.ru> Co-authored-by: Orlix <7236111+OrlinVasilev@users.noreply.github.com>
add dockernetwork parameter for makefile Signed-off-by: my036811 <miner.yang@broadcom.com>
…ntainer (goharbor#22148) add BUILD_INSTALLER parameter to optionally build prepare and log container only when we need to build offline_installer Signed-off-by: my036811 <miner.yang@broadcom.com>
--- updated-dependencies: - dependency-name: dompurify dependency-version: 3.2.6 dependency-type: indirect - dependency-name: ngx-markdown dependency-version: 20.0.0 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
dependencies
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
Strainy
force-pushed
the
groq_release
branch
3 times, most recently
from
04170ed to
96b9f96
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.