Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package regclient for openSUSE:Factory
checked in at 2025-08-25 20:38:07
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/regclient (Old)
and /work/SRC/openSUSE:Factory/.regclient.new.30751 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "regclient"
Mon Aug 25 20:38:07 2025 rev:8 rq:1301169 version:0.9.1
Changes:
--------
--- /work/SRC/openSUSE:Factory/regclient/regclient.changes 2025-07-01
11:35:57.257791193 +0200
+++ /work/SRC/openSUSE:Factory/.regclient.new.30751/regclient.changes
2025-08-25 20:39:04.790558645 +0200
@@ -1,0 +2,11 @@
+Mon Aug 25 04:49:53 UTC 2025 - Johannes Kastl
<opensuse_buildserv...@ojkastl.de>
+
+- Update to version 0.9.1:
+ * Features:
+ - Allow relative urls in bearer auth. (PR 963)
+ - Add "ns" query param to registry mirror requests. (PR 976)
+ * Miscellaneous:
+ - Update to SLSA v1 provenance. (PR 968)
+ - Add a "make clean" command. (PR 969)
+
+-------------------------------------------------------------------
Old:
----
regclient-0.9.0.obscpio
New:
----
regclient-0.9.1.obscpio
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ regclient.spec ++++++
--- /var/tmp/diff_new_pack.MJXbkq/_old 2025-08-25 20:39:05.650594674 +0200
+++ /var/tmp/diff_new_pack.MJXbkq/_new 2025-08-25 20:39:05.650594674 +0200
@@ -1,7 +1,7 @@
#
# spec file for package regclient
#
-# Copyright (c) 2025 SUSE LLC
+# Copyright (c) 2025 SUSE LLC and contributors
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +17,7 @@
Name: regclient
-Version: 0.9.0
+Version: 0.9.1
Release: 0
Summary: OCI Registry Client in Go and tooling using those libraries
License: Apache-2.0
++++++ _service ++++++
--- /var/tmp/diff_new_pack.MJXbkq/_old 2025-08-25 20:39:05.686596183 +0200
+++ /var/tmp/diff_new_pack.MJXbkq/_new 2025-08-25 20:39:05.686596183 +0200
@@ -3,7 +3,7 @@
<param name="url">https://github.com/regclient/regclient</param>
<param name="scm">git</param>
<param name="package-meta">yes</param>
- <param name="revision">v0.9.0</param>
+ <param name="revision">v0.9.1</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="versionrewrite-pattern">v(.*)</param>
<param name="changesgenerate">enable</param>
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.MJXbkq/_old 2025-08-25 20:39:05.706597020 +0200
+++ /var/tmp/diff_new_pack.MJXbkq/_new 2025-08-25 20:39:05.710597188 +0200
@@ -1,6 +1,6 @@
<servicedata>
<service name="tar_scm">
<param
name="url">https://github.com/regclient/regclient</param>
- <param
name="changesrevision">ad4e3d926030f76419211838494434974f17db67</param></service></servicedata>
+ <param
name="changesrevision">51df886b5e3b138ac168540ccef5997e0d383c86</param></service></servicedata>
(No newline at EOF)
++++++ regclient-0.9.0.obscpio -> regclient-0.9.1.obscpio ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/.git/HEAD
new/regclient-0.9.1/.git/HEAD
--- old/regclient-0.9.0/.git/HEAD 2025-06-30 16:25:30.000000000 +0200
+++ new/regclient-0.9.1/.git/HEAD 2025-08-24 21:20:38.000000000 +0200
@@ -1 +1 @@
-ad4e3d926030f76419211838494434974f17db67
+51df886b5e3b138ac168540ccef5997e0d383c86
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/.git/ORIG_HEAD
new/regclient-0.9.1/.git/ORIG_HEAD
--- old/regclient-0.9.0/.git/ORIG_HEAD 2025-06-30 16:25:30.000000000 +0200
+++ new/regclient-0.9.1/.git/ORIG_HEAD 2025-08-24 21:20:38.000000000 +0200
@@ -1 +1 @@
-ad4e3d926030f76419211838494434974f17db67
+51df886b5e3b138ac168540ccef5997e0d383c86
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/.git/hooks/applypatch-msg.sample
new/regclient-0.9.1/.git/hooks/applypatch-msg.sample
--- old/regclient-0.9.0/.git/hooks/applypatch-msg.sample 2025-06-30
16:25:30.000000000 +0200
+++ new/regclient-0.9.1/.git/hooks/applypatch-msg.sample 2025-08-24
21:20:38.000000000 +0200
@@ -1,4 +1,4 @@
-#!/nix/store/xy4jjgw87sbgwylm5kn047d9gkbhsr9x-bash-5.2p37/bin/bash
+#!/nix/store/cfqbabpc7xwg8akbcchqbq3cai6qq2vs-bash-5.2p37/bin/bash
#
# An example hook script to check the commit log message taken by
# applypatch from an e-mail message.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/.git/hooks/commit-msg.sample
new/regclient-0.9.1/.git/hooks/commit-msg.sample
--- old/regclient-0.9.0/.git/hooks/commit-msg.sample 2025-06-30
16:25:30.000000000 +0200
+++ new/regclient-0.9.1/.git/hooks/commit-msg.sample 2025-08-24
21:20:38.000000000 +0200
@@ -1,4 +1,4 @@
-#!/nix/store/xy4jjgw87sbgwylm5kn047d9gkbhsr9x-bash-5.2p37/bin/bash
+#!/nix/store/cfqbabpc7xwg8akbcchqbq3cai6qq2vs-bash-5.2p37/bin/bash
#
# An example hook script to check the commit log message.
# Called by "git commit" with one argument, the name of the file
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/.git/hooks/fsmonitor-watchman.sample
new/regclient-0.9.1/.git/hooks/fsmonitor-watchman.sample
--- old/regclient-0.9.0/.git/hooks/fsmonitor-watchman.sample 2025-06-30
16:25:30.000000000 +0200
+++ new/regclient-0.9.1/.git/hooks/fsmonitor-watchman.sample 2025-08-24
21:20:38.000000000 +0200
@@ -1,4 +1,4 @@
-#!/nix/store/al9x8cr5xifp3qd2f5cdzh6z603kb5ps-perl-5.40.0/bin/perl
+#!/nix/store/nxw1xxfxkd6bm570nb6gv0g6pghp7i4c-perl-5.40.0/bin/perl
use strict;
use warnings;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/.git/hooks/post-update.sample
new/regclient-0.9.1/.git/hooks/post-update.sample
--- old/regclient-0.9.0/.git/hooks/post-update.sample 2025-06-30
16:25:30.000000000 +0200
+++ new/regclient-0.9.1/.git/hooks/post-update.sample 2025-08-24
21:20:38.000000000 +0200
@@ -1,4 +1,4 @@
-#!/nix/store/xy4jjgw87sbgwylm5kn047d9gkbhsr9x-bash-5.2p37/bin/bash
+#!/nix/store/cfqbabpc7xwg8akbcchqbq3cai6qq2vs-bash-5.2p37/bin/bash
#
# An example hook script to prepare a packed repository for use over
# dumb transports.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/.git/hooks/pre-applypatch.sample
new/regclient-0.9.1/.git/hooks/pre-applypatch.sample
--- old/regclient-0.9.0/.git/hooks/pre-applypatch.sample 2025-06-30
16:25:30.000000000 +0200
+++ new/regclient-0.9.1/.git/hooks/pre-applypatch.sample 2025-08-24
21:20:38.000000000 +0200
@@ -1,4 +1,4 @@
-#!/nix/store/xy4jjgw87sbgwylm5kn047d9gkbhsr9x-bash-5.2p37/bin/bash
+#!/nix/store/cfqbabpc7xwg8akbcchqbq3cai6qq2vs-bash-5.2p37/bin/bash
#
# An example hook script to verify what is about to be committed
# by applypatch from an e-mail message.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/.git/hooks/pre-commit.sample
new/regclient-0.9.1/.git/hooks/pre-commit.sample
--- old/regclient-0.9.0/.git/hooks/pre-commit.sample 2025-06-30
16:25:30.000000000 +0200
+++ new/regclient-0.9.1/.git/hooks/pre-commit.sample 2025-08-24
21:20:38.000000000 +0200
@@ -1,4 +1,4 @@
-#!/nix/store/xy4jjgw87sbgwylm5kn047d9gkbhsr9x-bash-5.2p37/bin/bash
+#!/nix/store/cfqbabpc7xwg8akbcchqbq3cai6qq2vs-bash-5.2p37/bin/bash
#
# An example hook script to verify what is about to be committed.
# Called by "git commit" with no arguments. The hook should
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/.git/hooks/pre-merge-commit.sample
new/regclient-0.9.1/.git/hooks/pre-merge-commit.sample
--- old/regclient-0.9.0/.git/hooks/pre-merge-commit.sample 2025-06-30
16:25:30.000000000 +0200
+++ new/regclient-0.9.1/.git/hooks/pre-merge-commit.sample 2025-08-24
21:20:38.000000000 +0200
@@ -1,4 +1,4 @@
-#!/nix/store/xy4jjgw87sbgwylm5kn047d9gkbhsr9x-bash-5.2p37/bin/bash
+#!/nix/store/cfqbabpc7xwg8akbcchqbq3cai6qq2vs-bash-5.2p37/bin/bash
#
# An example hook script to verify what is about to be committed.
# Called by "git merge" with no arguments. The hook should
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/.git/hooks/pre-push.sample
new/regclient-0.9.1/.git/hooks/pre-push.sample
--- old/regclient-0.9.0/.git/hooks/pre-push.sample 2025-06-30
16:25:30.000000000 +0200
+++ new/regclient-0.9.1/.git/hooks/pre-push.sample 2025-08-24
21:20:38.000000000 +0200
@@ -1,4 +1,4 @@
-#!/nix/store/xy4jjgw87sbgwylm5kn047d9gkbhsr9x-bash-5.2p37/bin/bash
+#!/nix/store/cfqbabpc7xwg8akbcchqbq3cai6qq2vs-bash-5.2p37/bin/bash
# An example hook script to verify what is about to be pushed. Called by "git
# push" after it has checked the remote status, but before anything has been
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/.git/hooks/pre-rebase.sample
new/regclient-0.9.1/.git/hooks/pre-rebase.sample
--- old/regclient-0.9.0/.git/hooks/pre-rebase.sample 2025-06-30
16:25:30.000000000 +0200
+++ new/regclient-0.9.1/.git/hooks/pre-rebase.sample 2025-08-24
21:20:38.000000000 +0200
@@ -1,4 +1,4 @@
-#!/nix/store/xy4jjgw87sbgwylm5kn047d9gkbhsr9x-bash-5.2p37/bin/bash
+#!/nix/store/cfqbabpc7xwg8akbcchqbq3cai6qq2vs-bash-5.2p37/bin/bash
#
# Copyright (c) 2006, 2008 Junio C Hamano
#
@@ -65,7 +65,7 @@
fi
else
not_in_next=`git rev-list --pretty=oneline ^${publish} "$topic"`
- /nix/store/al9x8cr5xifp3qd2f5cdzh6z603kb5ps-perl-5.40.0/bin/perl -e '
+ /nix/store/nxw1xxfxkd6bm570nb6gv0g6pghp7i4c-perl-5.40.0/bin/perl -e '
my $topic = $ARGV[0];
my $msg = "* $topic has commits already merged to public
branch:\n";
my (%not_in_next) = map {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/.git/hooks/pre-receive.sample
new/regclient-0.9.1/.git/hooks/pre-receive.sample
--- old/regclient-0.9.0/.git/hooks/pre-receive.sample 2025-06-30
16:25:30.000000000 +0200
+++ new/regclient-0.9.1/.git/hooks/pre-receive.sample 2025-08-24
21:20:38.000000000 +0200
@@ -1,4 +1,4 @@
-#!/nix/store/xy4jjgw87sbgwylm5kn047d9gkbhsr9x-bash-5.2p37/bin/bash
+#!/nix/store/cfqbabpc7xwg8akbcchqbq3cai6qq2vs-bash-5.2p37/bin/bash
#
# An example hook script to make use of push options.
# The example simply echoes all push options that start with 'echoback='
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/.git/hooks/prepare-commit-msg.sample
new/regclient-0.9.1/.git/hooks/prepare-commit-msg.sample
--- old/regclient-0.9.0/.git/hooks/prepare-commit-msg.sample 2025-06-30
16:25:30.000000000 +0200
+++ new/regclient-0.9.1/.git/hooks/prepare-commit-msg.sample 2025-08-24
21:20:38.000000000 +0200
@@ -1,4 +1,4 @@
-#!/nix/store/xy4jjgw87sbgwylm5kn047d9gkbhsr9x-bash-5.2p37/bin/bash
+#!/nix/store/cfqbabpc7xwg8akbcchqbq3cai6qq2vs-bash-5.2p37/bin/bash
#
# An example hook script to prepare the commit log message.
# Called by "git commit" with the name of the file that has the
@@ -24,11 +24,11 @@
COMMIT_SOURCE=$2
SHA1=$3
-/nix/store/al9x8cr5xifp3qd2f5cdzh6z603kb5ps-perl-5.40.0/bin/perl -i.bak -ne
'print unless(m/^. Please enter the commit message/..m/^#$/)' "$COMMIT_MSG_FILE"
+/nix/store/nxw1xxfxkd6bm570nb6gv0g6pghp7i4c-perl-5.40.0/bin/perl -i.bak -ne
'print unless(m/^. Please enter the commit message/..m/^#$/)' "$COMMIT_MSG_FILE"
# case "$COMMIT_SOURCE,$SHA1" in
# ,|template,)
-# /nix/store/al9x8cr5xifp3qd2f5cdzh6z603kb5ps-perl-5.40.0/bin/perl -i.bak
-pe '
+# /nix/store/nxw1xxfxkd6bm570nb6gv0g6pghp7i4c-perl-5.40.0/bin/perl -i.bak
-pe '
# print "\n" . `git diff --cached --name-status -r`
# if /^#/ && $first++ == 0' "$COMMIT_MSG_FILE" ;;
# *) ;;
@@ -38,5 +38,5 @@
# git interpret-trailers --in-place --trailer "$SOB" "$COMMIT_MSG_FILE"
# if test -z "$COMMIT_SOURCE"
# then
-# /nix/store/al9x8cr5xifp3qd2f5cdzh6z603kb5ps-perl-5.40.0/bin/perl -i.bak
-pe 'print "\n" if !$first_line++' "$COMMIT_MSG_FILE"
+# /nix/store/nxw1xxfxkd6bm570nb6gv0g6pghp7i4c-perl-5.40.0/bin/perl -i.bak
-pe 'print "\n" if !$first_line++' "$COMMIT_MSG_FILE"
# fi
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/.git/hooks/push-to-checkout.sample
new/regclient-0.9.1/.git/hooks/push-to-checkout.sample
--- old/regclient-0.9.0/.git/hooks/push-to-checkout.sample 2025-06-30
16:25:30.000000000 +0200
+++ new/regclient-0.9.1/.git/hooks/push-to-checkout.sample 2025-08-24
21:20:38.000000000 +0200
@@ -1,4 +1,4 @@
-#!/nix/store/xy4jjgw87sbgwylm5kn047d9gkbhsr9x-bash-5.2p37/bin/bash
+#!/nix/store/cfqbabpc7xwg8akbcchqbq3cai6qq2vs-bash-5.2p37/bin/bash
# An example hook script to update a checked-out tree on a git push.
#
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/.git/hooks/sendemail-validate.sample
new/regclient-0.9.1/.git/hooks/sendemail-validate.sample
--- old/regclient-0.9.0/.git/hooks/sendemail-validate.sample 2025-06-30
16:25:30.000000000 +0200
+++ new/regclient-0.9.1/.git/hooks/sendemail-validate.sample 2025-08-24
21:20:38.000000000 +0200
@@ -1,4 +1,4 @@
-#!/nix/store/xy4jjgw87sbgwylm5kn047d9gkbhsr9x-bash-5.2p37/bin/bash
+#!/nix/store/cfqbabpc7xwg8akbcchqbq3cai6qq2vs-bash-5.2p37/bin/bash
# An example hook script to validate a patch (and/or patch series) before
# sending it via email.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/.git/hooks/update.sample
new/regclient-0.9.1/.git/hooks/update.sample
--- old/regclient-0.9.0/.git/hooks/update.sample 2025-06-30
16:25:30.000000000 +0200
+++ new/regclient-0.9.1/.git/hooks/update.sample 2025-08-24
21:20:38.000000000 +0200
@@ -1,4 +1,4 @@
-#!/nix/store/xy4jjgw87sbgwylm5kn047d9gkbhsr9x-bash-5.2p37/bin/bash
+#!/nix/store/cfqbabpc7xwg8akbcchqbq3cai6qq2vs-bash-5.2p37/bin/bash
#
# An example hook script to block unannotated tags from entering.
# Called by "git receive-pack" with arguments: refname sha1-old sha1-new
Binary files old/regclient-0.9.0/.git/index and new/regclient-0.9.1/.git/index
differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/.git/logs/HEAD
new/regclient-0.9.1/.git/logs/HEAD
--- old/regclient-0.9.0/.git/logs/HEAD 2025-06-30 16:25:30.000000000 +0200
+++ new/regclient-0.9.1/.git/logs/HEAD 2025-08-24 21:20:38.000000000 +0200
@@ -1,2 +1,2 @@
-0000000000000000000000000000000000000000
34a3470a35433200295de35494febfdde6a65b9d kastl <kastl@baten.(none)> 1751294008
+0200 clone: from https://github.com/regclient/regclient
-34a3470a35433200295de35494febfdde6a65b9d
ad4e3d926030f76419211838494434974f17db67 kastl <kastl@baten.(none)> 1751294008
+0200 checkout: moving from main to v0.9.0
+0000000000000000000000000000000000000000
9c9bcc2f705c704826a86a25ab23822de10c0b9f kastl <kastl@tumbleweed-pkg.baten>
1756097393 +0200 clone: from https://github.com/regclient/regclient
+9c9bcc2f705c704826a86a25ab23822de10c0b9f
51df886b5e3b138ac168540ccef5997e0d383c86 kastl <kastl@tumbleweed-pkg.baten>
1756097393 +0200 checkout: moving from main to v0.9.1
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/.git/logs/refs/heads/main
new/regclient-0.9.1/.git/logs/refs/heads/main
--- old/regclient-0.9.0/.git/logs/refs/heads/main 2025-06-30
16:25:30.000000000 +0200
+++ new/regclient-0.9.1/.git/logs/refs/heads/main 2025-08-24
21:20:38.000000000 +0200
@@ -1 +1 @@
-0000000000000000000000000000000000000000
34a3470a35433200295de35494febfdde6a65b9d kastl <kastl@baten.(none)> 1751294008
+0200 clone: from https://github.com/regclient/regclient
+0000000000000000000000000000000000000000
9c9bcc2f705c704826a86a25ab23822de10c0b9f kastl <kastl@tumbleweed-pkg.baten>
1756097393 +0200 clone: from https://github.com/regclient/regclient
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/.git/logs/refs/remotes/origin/HEAD
new/regclient-0.9.1/.git/logs/refs/remotes/origin/HEAD
--- old/regclient-0.9.0/.git/logs/refs/remotes/origin/HEAD 2025-06-30
16:25:30.000000000 +0200
+++ new/regclient-0.9.1/.git/logs/refs/remotes/origin/HEAD 2025-08-24
21:20:38.000000000 +0200
@@ -1 +1 @@
-0000000000000000000000000000000000000000
34a3470a35433200295de35494febfdde6a65b9d kastl <kastl@baten.(none)> 1751294008
+0200 clone: from https://github.com/regclient/regclient
+0000000000000000000000000000000000000000
9c9bcc2f705c704826a86a25ab23822de10c0b9f kastl <kastl@tumbleweed-pkg.baten>
1756097393 +0200 clone: from https://github.com/regclient/regclient
Binary files
old/regclient-0.9.0/.git/objects/pack/pack-95bba161e97c815614f6e72094960e73ebea4924.idx
and
new/regclient-0.9.1/.git/objects/pack/pack-95bba161e97c815614f6e72094960e73ebea4924.idx
differ
Binary files
old/regclient-0.9.0/.git/objects/pack/pack-95bba161e97c815614f6e72094960e73ebea4924.pack
and
new/regclient-0.9.1/.git/objects/pack/pack-95bba161e97c815614f6e72094960e73ebea4924.pack
differ
Binary files
old/regclient-0.9.0/.git/objects/pack/pack-95bba161e97c815614f6e72094960e73ebea4924.rev
and
new/regclient-0.9.1/.git/objects/pack/pack-95bba161e97c815614f6e72094960e73ebea4924.rev
differ
Binary files
old/regclient-0.9.0/.git/objects/pack/pack-9c8884d5d964272483aebd976510c53f55d58d42.idx
and
new/regclient-0.9.1/.git/objects/pack/pack-9c8884d5d964272483aebd976510c53f55d58d42.idx
differ
Binary files
old/regclient-0.9.0/.git/objects/pack/pack-9c8884d5d964272483aebd976510c53f55d58d42.pack
and
new/regclient-0.9.1/.git/objects/pack/pack-9c8884d5d964272483aebd976510c53f55d58d42.pack
differ
Binary files
old/regclient-0.9.0/.git/objects/pack/pack-9c8884d5d964272483aebd976510c53f55d58d42.rev
and
new/regclient-0.9.1/.git/objects/pack/pack-9c8884d5d964272483aebd976510c53f55d58d42.rev
differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/.git/packed-refs
new/regclient-0.9.1/.git/packed-refs
--- old/regclient-0.9.0/.git/packed-refs 2025-06-30 16:25:30.000000000
+0200
+++ new/regclient-0.9.1/.git/packed-refs 2025-08-24 21:20:38.000000000
+0200
@@ -1,5 +1,5 @@
# pack-refs with: peeled fully-peeled sorted
-34a3470a35433200295de35494febfdde6a65b9d refs/remotes/origin/main
+9c9bcc2f705c704826a86a25ab23822de10c0b9f refs/remotes/origin/main
daa734a0b4dc9c19231cfe691a241f0ce2a7b2f4 refs/remotes/origin/releases/0.0
4c6dd972a3c609f7c0997bb6e464aee431f8c971 refs/remotes/origin/releases/0.2
6a1a13c410f734f5e18a6032936bc6764814eae7 refs/remotes/origin/releases/0.3
@@ -8,7 +8,7 @@
766ee6291f882778207ff42207f9ca8b1da54e57 refs/remotes/origin/releases/0.6
6b1f7bd9a3b2972605f04a534143f7fed522b680 refs/remotes/origin/releases/0.7
ba184b305aaad55b40bf517d06e4d8d1afd35bf9 refs/remotes/origin/releases/0.8
-ad4e3d926030f76419211838494434974f17db67 refs/remotes/origin/releases/0.9
+51df886b5e3b138ac168540ccef5997e0d383c86 refs/remotes/origin/releases/0.9
54d924682eb6425847db8dd4acdfcd2beea4c83a refs/tags/v0.0.1
^f4dd0b8c5836798787b73dbec754be1d8a93695f
4fc2fa04faba545e279745f2afd8faad7ca7d296 refs/tags/v0.0.2
@@ -101,3 +101,5 @@
^ba184b305aaad55b40bf517d06e4d8d1afd35bf9
ecf7b1e0da3315e5601ce8c01e82d3dcd4916c7d refs/tags/v0.9.0
^ad4e3d926030f76419211838494434974f17db67
+f0fc5276b3f9824a7dbe90f2f19c6b793327a2ab refs/tags/v0.9.1
+^51df886b5e3b138ac168540ccef5997e0d383c86
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/.git/refs/heads/main
new/regclient-0.9.1/.git/refs/heads/main
--- old/regclient-0.9.0/.git/refs/heads/main 2025-06-30 16:25:30.000000000
+0200
+++ new/regclient-0.9.1/.git/refs/heads/main 2025-08-24 21:20:38.000000000
+0200
@@ -1 +1 @@
-34a3470a35433200295de35494febfdde6a65b9d
+9c9bcc2f705c704826a86a25ab23822de10c0b9f
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/.github/workflows/ci-registry.yml
new/regclient-0.9.1/.github/workflows/ci-registry.yml
--- old/regclient-0.9.0/.github/workflows/ci-registry.yml 2025-06-30
16:25:30.000000000 +0200
+++ new/regclient-0.9.1/.github/workflows/ci-registry.yml 2025-08-24
21:20:38.000000000 +0200
@@ -19,11 +19,11 @@
runs-on: ubuntu-latest
env:
- RELEASE_GO_VER: "1.24"
+ RELEASE_GO_VER: "1.25"
steps:
- name: Check out code
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+ uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
- name: "Set up Go ${{ env.RELEASE_GO_VER }}"
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/.github/workflows/docker.yml
new/regclient-0.9.1/.github/workflows/docker.yml
--- old/regclient-0.9.0/.github/workflows/docker.yml 2025-06-30
16:25:30.000000000 +0200
+++ new/regclient-0.9.1/.github/workflows/docker.yml 2025-08-24
21:20:38.000000000 +0200
@@ -29,11 +29,11 @@
env:
ALPINE_NAME: "alpine:3"
- ALPINE_DIGEST:
"sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715" #
3.22.0
+ ALPINE_DIGEST:
"sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1" #
3.22.1
steps:
- name: Check out code
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+ uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
- name: Prepare
id: prep
@@ -89,14 +89,14 @@
- name: Login to DockerHub
if: github.repository_owner == 'regclient'
- uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 #
v3.4.0
+ uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 #
v3.5.0
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Login to GHCR
if: github.repository_owner == 'regclient'
- uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 #
v3.4.0
+ uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 #
v3.5.0
with:
registry: ghcr.io
username: ${{ secrets.GHCR_USERNAME }}
@@ -111,6 +111,7 @@
platforms:
linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/ppc64le,linux/s390x
target: release-${{ matrix.type }}
outputs:
type=oci,oci-artifact=true,dest=output/${{matrix.image}}-${{matrix.type}}.tar
+ provenance: version=v1,mode=max
build-args: |
SOURCE_DATE_EPOCH=${{ steps.prep.outputs.vcs_sec }}
BUILD_DATE=${{ steps.prep.outputs.created }}
@@ -119,20 +120,20 @@
- name: Install cosign
if: github.event_name != 'pull_request' && github.repository_owner ==
'regclient'
- uses: sigstore/cosign-installer@398d4b0eeef1380460a10c8013a76f728fb906ac
# v3.9.1
+ uses: sigstore/cosign-installer@d58896d6a1865668819e1d91763c7751a165e159
# v3.9.2
with:
- cosign-release: "v2.5.2"
+ cosign-release: "v2.5.3"
- name: Install syft
if: github.event_name != 'pull_request' && github.repository_owner ==
'regclient'
- uses:
anchore/sbom-action/download-syft@9246b90769f852b3a8921f330c59e0b3f439d6e9 #
v0.20.1
+ uses:
anchore/sbom-action/download-syft@da167eac915b4e86f08b264dbdbc867b61be6f0c #
v0.20.5
id: syft
with:
- syft-version: "v1.27.1"
+ syft-version: "v1.31.0"
# Dogfooding, use regctl to modify regclient images to improve
reproducibility
- name: Install regctl
- uses:
regclient/actions/regctl-installer@0a960cee89b1ef446f3d33b58064083fdd7728cb #
main
+ uses:
regclient/actions/regctl-installer@03ca0eeb8348921b9447b7d5d6b6d350550ddb3b #
main
if: github.event_name != 'pull_request' && github.repository_owner ==
'regclient'
with:
release: main
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/.github/workflows/go.yml
new/regclient-0.9.1/.github/workflows/go.yml
--- old/regclient-0.9.0/.github/workflows/go.yml 2025-06-30
16:25:30.000000000 +0200
+++ new/regclient-0.9.1/.github/workflows/go.yml 2025-08-24
21:20:38.000000000 +0200
@@ -19,10 +19,10 @@
runs-on: ubuntu-latest
strategy:
matrix:
- gover: ["1.23", "1.24"]
+ gover: ["1.24", "1.25"]
env:
- RELEASE_GO_VER: "1.24"
+ RELEASE_GO_VER: "1.25"
# do not automatically upgrade go to a different version:
https://go.dev/doc/toolchain
GOTOOLCHAIN: "local"
@@ -32,7 +32,7 @@
steps:
- name: Check out code
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+ uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
- name: "Set up Go ${{ matrix.gover }}"
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
@@ -60,10 +60,10 @@
- name: Install syft
if: startsWith( github.ref, 'refs/tags/v' ) || github.ref ==
'refs/heads/main'
- uses:
anchore/sbom-action/download-syft@9246b90769f852b3a8921f330c59e0b3f439d6e9 #
v0.20.1
+ uses:
anchore/sbom-action/download-syft@da167eac915b4e86f08b264dbdbc867b61be6f0c #
v0.20.5
id: syft
with:
- syft-version: "v1.27.1"
+ syft-version: "v1.31.0"
- name: Build artifacts
if: startsWith( github.ref, 'refs/tags/v' ) || github.ref ==
'refs/heads/main'
@@ -71,9 +71,9 @@
- name: Install cosign
if: ( startsWith( github.ref, 'refs/tags/v' ) || github.ref ==
'refs/heads/main' ) && matrix.gover == env.RELEASE_GO_VER
- uses: sigstore/cosign-installer@398d4b0eeef1380460a10c8013a76f728fb906ac
# v3.9.1
+ uses: sigstore/cosign-installer@d58896d6a1865668819e1d91763c7751a165e159
# v3.9.2
with:
- cosign-release: "v2.5.2"
+ cosign-release: "v2.5.3"
- name: Package artifacts
if: ( startsWith( github.ref, 'refs/tags/v' ) || github.ref ==
'refs/heads/main' ) && matrix.gover == env.RELEASE_GO_VER
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/.github/workflows/version-check.yml
new/regclient-0.9.1/.github/workflows/version-check.yml
--- old/regclient-0.9.0/.github/workflows/version-check.yml 2025-06-30
16:25:30.000000000 +0200
+++ new/regclient-0.9.1/.github/workflows/version-check.yml 2025-08-24
21:20:38.000000000 +0200
@@ -15,7 +15,7 @@
steps:
- name: Check out code
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 #
v4.2.2
+ uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #
v5.0.0
- name: Version Check
uses: docker://ghcr.io/sudo-bmitch/version-bump:edge
with:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/.github/workflows/vulnscans.yml
new/regclient-0.9.1/.github/workflows/vulnscans.yml
--- old/regclient-0.9.0/.github/workflows/vulnscans.yml 2025-06-30
16:25:30.000000000 +0200
+++ new/regclient-0.9.1/.github/workflows/vulnscans.yml 2025-08-24
21:20:38.000000000 +0200
@@ -13,11 +13,11 @@
name: Run vulnerability scans
runs-on: ubuntu-latest
env:
- RELEASE_GO_VER: "1.24"
+ RELEASE_GO_VER: "1.25"
steps:
- name: Check out code
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+ uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
- name: "Set up Go"
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/.osv-scanner.toml
new/regclient-0.9.1/.osv-scanner.toml
--- old/regclient-0.9.0/.osv-scanner.toml 2025-06-30 16:25:30.000000000
+0200
+++ new/regclient-0.9.1/.osv-scanner.toml 2025-08-24 21:20:38.000000000
+0200
@@ -1 +1 @@
-GoVersionOverride = "1.24.4"
+GoVersionOverride = "1.25.0"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/.version-bump.lock
new/regclient-0.9.1/.version-bump.lock
--- old/regclient-0.9.0/.version-bump.lock 2025-06-30 16:25:30.000000000
+0200
+++ new/regclient-0.9.1/.version-bump.lock 2025-08-24 21:20:38.000000000
+0200
@@ -1,52 +1,52 @@
-{"name":"docker-arg-alpine-digest","key":"docker.io/library/alpine:3.22.0","version":"sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715"}
-{"name":"docker-arg-alpine-tag","key":"docker.io/library/alpine","version":"3.22.0"}
-{"name":"docker-arg-ecr","key":"https://github.com/awslabs/amazon-ecr-credential-helper.git:main","version":"96d88b484b17635a8ce06b0605e9ba1b2a0c85f6"}
+{"name":"docker-arg-alpine-digest","key":"docker.io/library/alpine:3.22.1","version":"sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1"}
+{"name":"docker-arg-alpine-tag","key":"docker.io/library/alpine","version":"3.22.1"}
+{"name":"docker-arg-ecr","key":"https://github.com/awslabs/amazon-ecr-credential-helper.git:main","version":"64b08bad70174a1849fe597f0c59288eb7b7cf91"}
{"name":"docker-arg-gcr","key":"https://github.com/GoogleCloudPlatform/docker-credential-gcr.git","version":"v2.1.30"}
-{"name":"docker-arg-go-digest","key":"docker.io/library/golang:1.24.4-alpine","version":"sha256:68932fa6d4d4059845c8f40ad7e654e626f3ebd3706eef7846f319293ab5cb7a"}
-{"name":"docker-arg-go-tag","key":"docker.io/library/golang","version":"1.24.4"}
+{"name":"docker-arg-go-digest","key":"docker.io/library/golang:1.25.0-alpine","version":"sha256:f18a072054848d87a8077455f0ac8a25886f2397f88bfdd222d6fafbb5bba440"}
+{"name":"docker-arg-go-tag","key":"docker.io/library/golang","version":"1.25.0"}
{"name":"docker-arg-lunajson","key":"https://github.com/grafi-tt/lunajson.git:master","version":"3d10600874527d71519b33ecbb314eb93ccd1df6"}
{"name":"docker-arg-semver","key":"https://github.com/kikito/semver.lua.git:master","version":"a4b708ba243208d46e575da870af969dca46a94d"}
-{"name":"gha-alpine-digest","key":"docker.io/library/alpine:3.22.0","version":"sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715"}
+{"name":"gha-alpine-digest","key":"docker.io/library/alpine:3.22.1","version":"sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1"}
{"name":"gha-alpine-tag-base","key":"docker.io/library/alpine","version":"3"}
-{"name":"gha-alpine-tag-comment","key":"docker.io/library/alpine","version":"3.22.0"}
-{"name":"gha-cosign-version","key":"https://github.com/sigstore/cosign.git","version":"v2.5.2"}
-{"name":"gha-golang-matrix","key":"golang-matrix","version":"[\"1.23\",
\"1.24\"]"}
-{"name":"gha-golang-release","key":"golang-latest","version":"1.24"}
-{"name":"gha-syft-version","key":"docker.io/anchore/syft","version":"v1.27.1"}
-{"name":"gha-uses-commit","key":"https://github.com/actions/checkout.git:v4.2.2","version":"11bd71901bbe5b1630ceea73d27597364c9af683"}
+{"name":"gha-alpine-tag-comment","key":"docker.io/library/alpine","version":"3.22.1"}
+{"name":"gha-cosign-version","key":"https://github.com/sigstore/cosign.git","version":"v2.5.3"}
+{"name":"gha-golang-matrix","key":"golang-matrix","version":"[\"1.24\",
\"1.25\"]"}
+{"name":"gha-golang-release","key":"golang-latest","version":"1.25"}
+{"name":"gha-syft-version","key":"docker.io/anchore/syft","version":"v1.31.0"}
+{"name":"gha-uses-commit","key":"https://github.com/actions/checkout.git:v5.0.0","version":"08c6903cd8c0fde910a37f88322edcfb5dd907a8"}
{"name":"gha-uses-commit","key":"https://github.com/actions/setup-go.git:v5.5.0","version":"d35c59abb061a4a6fb18e82ac0862c26744d6ab5"}
{"name":"gha-uses-commit","key":"https://github.com/actions/stale.git:v9.1.0","version":"5bef64f19d7facfb25b37b414482c7164d639639"}
{"name":"gha-uses-commit","key":"https://github.com/actions/upload-artifact.git:v4.6.2","version":"ea165f8d65b6e75b540449e92b4886f43607fa02"}
-{"name":"gha-uses-commit","key":"https://github.com/anchore/sbom-action.git:v0.20.1","version":"9246b90769f852b3a8921f330c59e0b3f439d6e9"}
+{"name":"gha-uses-commit","key":"https://github.com/anchore/sbom-action.git:v0.20.5","version":"da167eac915b4e86f08b264dbdbc867b61be6f0c"}
{"name":"gha-uses-commit","key":"https://github.com/docker/build-push-action.git:v6.18.0","version":"263435318d21b8e681c14492fe198d362a7d2c83"}
-{"name":"gha-uses-commit","key":"https://github.com/docker/login-action.git:v3.4.0","version":"74a5d142397b4f367a81961eba4e8cd7edddf772"}
+{"name":"gha-uses-commit","key":"https://github.com/docker/login-action.git:v3.5.0","version":"184bdaa0721073962dff0199f1fb9940f07167d1"}
{"name":"gha-uses-commit","key":"https://github.com/docker/setup-buildx-action.git:v3.11.1","version":"e468171a9de216ec08956ac3ada2f0791b6bd435"}
-{"name":"gha-uses-commit","key":"https://github.com/regclient/actions.git:main","version":"0a960cee89b1ef446f3d33b58064083fdd7728cb"}
-{"name":"gha-uses-commit","key":"https://github.com/sigstore/cosign-installer.git:v3.9.1","version":"398d4b0eeef1380460a10c8013a76f728fb906ac"}
+{"name":"gha-uses-commit","key":"https://github.com/regclient/actions.git:main","version":"03ca0eeb8348921b9447b7d5d6b6d350550ddb3b"}
+{"name":"gha-uses-commit","key":"https://github.com/sigstore/cosign-installer.git:v3.9.2","version":"d58896d6a1865668819e1d91763c7751a165e159"}
{"name":"gha-uses-commit","key":"https://github.com/softprops/action-gh-release.git:v2.3.2","version":"72f2c25fcb47643c292f7107632f7a47c1df5cd8"}
-{"name":"gha-uses-semver","key":"https://github.com/actions/checkout.git","version":"v4.2.2"}
+{"name":"gha-uses-semver","key":"https://github.com/actions/checkout.git","version":"v5.0.0"}
{"name":"gha-uses-semver","key":"https://github.com/actions/setup-go.git","version":"v5.5.0"}
{"name":"gha-uses-semver","key":"https://github.com/actions/stale.git","version":"v9.1.0"}
{"name":"gha-uses-semver","key":"https://github.com/actions/upload-artifact.git","version":"v4.6.2"}
-{"name":"gha-uses-semver","key":"https://github.com/anchore/sbom-action.git","version":"v0.20.1"}
+{"name":"gha-uses-semver","key":"https://github.com/anchore/sbom-action.git","version":"v0.20.5"}
{"name":"gha-uses-semver","key":"https://github.com/docker/build-push-action.git","version":"v6.18.0"}
-{"name":"gha-uses-semver","key":"https://github.com/docker/login-action.git","version":"v3.4.0"}
+{"name":"gha-uses-semver","key":"https://github.com/docker/login-action.git","version":"v3.5.0"}
{"name":"gha-uses-semver","key":"https://github.com/docker/setup-buildx-action.git","version":"v3.11.1"}
-{"name":"gha-uses-semver","key":"https://github.com/sigstore/cosign-installer.git","version":"v3.9.1"}
+{"name":"gha-uses-semver","key":"https://github.com/sigstore/cosign-installer.git","version":"v3.9.2"}
{"name":"gha-uses-semver","key":"https://github.com/softprops/action-gh-release.git","version":"v2.3.2"}
-{"name":"go-mod-golang-release","key":"golang-oldest","version":"1.23.0"}
+{"name":"go-mod-golang-release","key":"golang-oldest","version":"1.24.0"}
{"name":"makefile-ci-distribution","key":"docker.io/library/registry","version":"3.0.0"}
-{"name":"makefile-ci-zot","key":"ghcr.io/project-zot/zot-linux-amd64","version":"v2.1.5"}
+{"name":"makefile-ci-zot","key":"ghcr.io/project-zot/zot-linux-amd64","version":"v2.1.7"}
{"name":"makefile-go-vulncheck","key":"https://go.googlesource.com/vuln.git","version":"v1.1.4"}
{"name":"makefile-gomajor","key":"https://github.com/icholy/gomajor.git","version":"v0.14.0"}
-{"name":"makefile-gosec","key":"https://github.com/securego/gosec.git","version":"v2.22.5"}
+{"name":"makefile-gosec","key":"https://github.com/securego/gosec.git","version":"v2.22.8"}
{"name":"makefile-markdown-lint","key":"docker.io/davidanson/markdownlint-cli2","version":"v0.18.1"}
-{"name":"makefile-osv-scanner","key":"https://github.com/google/osv-scanner.git","version":"v2.0.3"}
+{"name":"makefile-osv-scanner","key":"https://github.com/google/osv-scanner.git","version":"v2.2.1"}
{"name":"makefile-staticcheck","key":"https://github.com/dominikh/go-tools.git","version":"v0.6.1"}
-{"name":"makefile-syft-container-digest","key":"anchore/syft:v1.27.1","version":"sha256:844ed6a928ef9396fac26d1de374e71dcaf80df14f05841670ed41619c5a718f"}
-{"name":"makefile-syft-container-tag","key":"anchore/syft","version":"v1.27.1"}
-{"name":"makefile-syft-version","key":"docker.io/anchore/syft","version":"v1.27.1"}
-{"name":"osv-golang-release","key":"docker.io/library/golang","version":"1.24.4"}
-{"name":"shell-alpine-digest","key":"docker.io/library/alpine:3.22.0","version":"sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715"}
+{"name":"makefile-syft-container-digest","key":"anchore/syft:v1.31.0","version":"sha256:c15fa8af4c25edd72c0daf026d095fe51adbcfc7ad5d79a66e93d88f249e5abb"}
+{"name":"makefile-syft-container-tag","key":"anchore/syft","version":"v1.31.0"}
+{"name":"makefile-syft-version","key":"docker.io/anchore/syft","version":"v1.31.0"}
+{"name":"osv-golang-release","key":"docker.io/library/golang","version":"1.25.0"}
+{"name":"shell-alpine-digest","key":"docker.io/library/alpine:3.22.1","version":"sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1"}
{"name":"shell-alpine-tag-base","key":"docker.io/library/alpine","version":"3"}
-{"name":"shell-alpine-tag-comment","key":"docker.io/library/alpine","version":"3.22.0"}
+{"name":"shell-alpine-tag-comment","key":"docker.io/library/alpine","version":"3.22.1"}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/Makefile new/regclient-0.9.1/Makefile
--- old/regclient-0.9.0/Makefile 2025-06-30 16:25:30.000000000 +0200
+++ new/regclient-0.9.1/Makefile 2025-08-24 21:20:38.000000000 +0200
@@ -35,13 +35,13 @@
endif
MARKDOWN_LINT_VER?=v0.18.1
GOMAJOR_VER?=v0.14.0
-GOSEC_VER?=v2.22.5
+GOSEC_VER?=v2.22.8
GO_VULNCHECK_VER?=v1.1.4
-OSV_SCANNER_VER?=v2.0.3
+OSV_SCANNER_VER?=v2.2.1
SYFT?=$(shell command -v syft 2>/dev/null)
SYFT_CMD_VER:=$(shell [ -x "$(SYFT)" ] && echo "v$$($(SYFT) version | awk
'/^Version: / {print $$2}')" || echo "0")
-SYFT_VERSION?=v1.27.1
-SYFT_CONTAINER?=anchore/syft:v1.27.1@sha256:844ed6a928ef9396fac26d1de374e71dcaf80df14f05841670ed41619c5a718f
+SYFT_VERSION?=v1.31.0
+SYFT_CONTAINER?=anchore/syft:v1.31.0@sha256:c15fa8af4c25edd72c0daf026d095fe51adbcfc7ad5d79a66e93d88f249e5abb
ifneq "$(SYFT_CMD_VER)" "$(SYFT_VERSION)"
SYFT=docker run --rm \
-v "$(shell pwd)/:$(shell pwd)/" -w "$(shell pwd)" \
@@ -50,7 +50,7 @@
endif
STATICCHECK_VER?=v0.6.1
CI_DISTRIBUTION_VER?=3.0.0
-CI_ZOT_VER?=v2.1.5
+CI_ZOT_VER?=v2.1.7
.PHONY: .FORCE
.FORCE:
@@ -182,6 +182,13 @@
$(SYFT) scan -q "file:$@" --source-name "$${command}" -o cyclonedx-json
>"artifacts/$${command}-$${platform}.cyclonedx.json"; \
$(SYFT) scan -q "file:$@" --source-name "$${command}" -o spdx-json
>"artifacts/$${command}-$${platform}.spdx.json"
+.PHONY: clean
+clean: ## delete generated content
+ [ ! -d artifacts ] || rm -r artifacts
+ [ ! -d bin ] || rm -r bin
+ [ ! -d output ] || rm -r output
+ [ ! -d vendor ] || rm -r vendor
+
.PHONY: plugin-user
plugin-user:
mkdir -p ${HOME}/.docker/cli-plugins/
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/build/Dockerfile.regbot
new/regclient-0.9.1/build/Dockerfile.regbot
--- old/regclient-0.9.0/build/Dockerfile.regbot 2025-06-30 16:25:30.000000000
+0200
+++ new/regclient-0.9.1/build/Dockerfile.regbot 2025-08-24 21:20:38.000000000
+0200
@@ -1,7 +1,7 @@
ARG REGISTRY=docker.io
-ARG
ALPINE_VER=3.22.0@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715
-ARG
GO_VER=1.24.4-alpine@sha256:68932fa6d4d4059845c8f40ad7e654e626f3ebd3706eef7846f319293ab5cb7a
-ARG ECR_HELPER_VER=96d88b484b17635a8ce06b0605e9ba1b2a0c85f6
+ARG
ALPINE_VER=3.22.1@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1
+ARG
GO_VER=1.25.0-alpine@sha256:f18a072054848d87a8077455f0ac8a25886f2397f88bfdd222d6fafbb5bba440
+ARG ECR_HELPER_VER=64b08bad70174a1849fe597f0c59288eb7b7cf91
ARG GCR_HELPER_VER=v2.1.30
ARG LUNAJSON_COMMIT=3d10600874527d71519b33ecbb314eb93ccd1df6
ARG SEMVER_COMMIT=a4b708ba243208d46e575da870af969dca46a94d
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/build/Dockerfile.regbot.buildkit
new/regclient-0.9.1/build/Dockerfile.regbot.buildkit
--- old/regclient-0.9.0/build/Dockerfile.regbot.buildkit 2025-06-30
16:25:30.000000000 +0200
+++ new/regclient-0.9.1/build/Dockerfile.regbot.buildkit 2025-08-24
21:20:38.000000000 +0200
@@ -1,9 +1,9 @@
# syntax=docker/dockerfile:1
ARG REGISTRY=docker.io
-ARG
ALPINE_VER=3.22.0@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715
-ARG
GO_VER=1.24.4-alpine@sha256:68932fa6d4d4059845c8f40ad7e654e626f3ebd3706eef7846f319293ab5cb7a
-ARG ECR_HELPER_VER=96d88b484b17635a8ce06b0605e9ba1b2a0c85f6
+ARG
ALPINE_VER=3.22.1@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1
+ARG
GO_VER=1.25.0-alpine@sha256:f18a072054848d87a8077455f0ac8a25886f2397f88bfdd222d6fafbb5bba440
+ARG ECR_HELPER_VER=64b08bad70174a1849fe597f0c59288eb7b7cf91
ARG GCR_HELPER_VER=v2.1.30
ARG LUNAJSON_COMMIT=3d10600874527d71519b33ecbb314eb93ccd1df6
ARG SEMVER_COMMIT=a4b708ba243208d46e575da870af969dca46a94d
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/build/Dockerfile.regctl
new/regclient-0.9.1/build/Dockerfile.regctl
--- old/regclient-0.9.0/build/Dockerfile.regctl 2025-06-30 16:25:30.000000000
+0200
+++ new/regclient-0.9.1/build/Dockerfile.regctl 2025-08-24 21:20:38.000000000
+0200
@@ -1,7 +1,7 @@
ARG REGISTRY=docker.io
-ARG
ALPINE_VER=3.22.0@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715
-ARG
GO_VER=1.24.4-alpine@sha256:68932fa6d4d4059845c8f40ad7e654e626f3ebd3706eef7846f319293ab5cb7a
-ARG ECR_HELPER_VER=96d88b484b17635a8ce06b0605e9ba1b2a0c85f6
+ARG
ALPINE_VER=3.22.1@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1
+ARG
GO_VER=1.25.0-alpine@sha256:f18a072054848d87a8077455f0ac8a25886f2397f88bfdd222d6fafbb5bba440
+ARG ECR_HELPER_VER=64b08bad70174a1849fe597f0c59288eb7b7cf91
ARG GCR_HELPER_VER=v2.1.30
FROM ${REGISTRY}/library/golang:${GO_VER} AS golang
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/build/Dockerfile.regctl.buildkit
new/regclient-0.9.1/build/Dockerfile.regctl.buildkit
--- old/regclient-0.9.0/build/Dockerfile.regctl.buildkit 2025-06-30
16:25:30.000000000 +0200
+++ new/regclient-0.9.1/build/Dockerfile.regctl.buildkit 2025-08-24
21:20:38.000000000 +0200
@@ -1,9 +1,9 @@
# syntax=docker/dockerfile:1
ARG REGISTRY=docker.io
-ARG
ALPINE_VER=3.22.0@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715
-ARG
GO_VER=1.24.4-alpine@sha256:68932fa6d4d4059845c8f40ad7e654e626f3ebd3706eef7846f319293ab5cb7a
-ARG ECR_HELPER_VER=96d88b484b17635a8ce06b0605e9ba1b2a0c85f6
+ARG
ALPINE_VER=3.22.1@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1
+ARG
GO_VER=1.25.0-alpine@sha256:f18a072054848d87a8077455f0ac8a25886f2397f88bfdd222d6fafbb5bba440
+ARG ECR_HELPER_VER=64b08bad70174a1849fe597f0c59288eb7b7cf91
ARG GCR_HELPER_VER=v2.1.30
FROM --platform=$BUILDPLATFORM ${REGISTRY}/library/golang:${GO_VER} AS golang
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/build/Dockerfile.regsync
new/regclient-0.9.1/build/Dockerfile.regsync
--- old/regclient-0.9.0/build/Dockerfile.regsync 2025-06-30
16:25:30.000000000 +0200
+++ new/regclient-0.9.1/build/Dockerfile.regsync 2025-08-24
21:20:38.000000000 +0200
@@ -1,7 +1,7 @@
ARG REGISTRY=docker.io
-ARG
ALPINE_VER=3.22.0@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715
-ARG
GO_VER=1.24.4-alpine@sha256:68932fa6d4d4059845c8f40ad7e654e626f3ebd3706eef7846f319293ab5cb7a
-ARG ECR_HELPER_VER=96d88b484b17635a8ce06b0605e9ba1b2a0c85f6
+ARG
ALPINE_VER=3.22.1@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1
+ARG
GO_VER=1.25.0-alpine@sha256:f18a072054848d87a8077455f0ac8a25886f2397f88bfdd222d6fafbb5bba440
+ARG ECR_HELPER_VER=64b08bad70174a1849fe597f0c59288eb7b7cf91
ARG GCR_HELPER_VER=v2.1.30
FROM ${REGISTRY}/library/golang:${GO_VER} AS golang
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/build/Dockerfile.regsync.buildkit
new/regclient-0.9.1/build/Dockerfile.regsync.buildkit
--- old/regclient-0.9.0/build/Dockerfile.regsync.buildkit 2025-06-30
16:25:30.000000000 +0200
+++ new/regclient-0.9.1/build/Dockerfile.regsync.buildkit 2025-08-24
21:20:38.000000000 +0200
@@ -1,9 +1,9 @@
# syntax=docker/dockerfile:1
ARG REGISTRY=docker.io
-ARG
ALPINE_VER=3.22.0@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715
-ARG
GO_VER=1.24.4-alpine@sha256:68932fa6d4d4059845c8f40ad7e654e626f3ebd3706eef7846f319293ab5cb7a
-ARG ECR_HELPER_VER=96d88b484b17635a8ce06b0605e9ba1b2a0c85f6
+ARG
ALPINE_VER=3.22.1@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1
+ARG
GO_VER=1.25.0-alpine@sha256:f18a072054848d87a8077455f0ac8a25886f2397f88bfdd222d6fafbb5bba440
+ARG ECR_HELPER_VER=64b08bad70174a1849fe597f0c59288eb7b7cf91
ARG GCR_HELPER_VER=v2.1.30
FROM --platform=$BUILDPLATFORM ${REGISTRY}/library/golang:${GO_VER} AS golang
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/build/oci-image.sh
new/regclient-0.9.1/build/oci-image.sh
--- old/regclient-0.9.0/build/oci-image.sh 2025-06-30 16:25:30.000000000
+0200
+++ new/regclient-0.9.1/build/oci-image.sh 2025-08-24 21:20:38.000000000
+0200
@@ -7,7 +7,7 @@
release="scratch"
push_tags=""
ALPINE_NAME="alpine:3"
-ALPINE_DIGEST="sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715"
# 3.22.0
+ALPINE_DIGEST="sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1"
# 3.22.1
# CLI options to override image, platform, base digest, and comma separated
list of tags to push
opt_c=0
@@ -82,6 +82,7 @@
docker buildx build --platform="$platforms" \
-f "build/Dockerfile.${image}.buildkit" \
-o "type=oci,oci-artifact=true,dest=output/${image}-${release}.tar" \
+ --provenance version=v1,mode=max \
--target "release-${release}" \
--build-arg "SOURCE_DATE_EPOCH=${vcs_sec}" \
--build-arg "BUILD_DATE=${vcs_date}" \
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/go.mod new/regclient-0.9.1/go.mod
--- old/regclient-0.9.0/go.mod 2025-06-30 16:25:30.000000000 +0200
+++ new/regclient-0.9.1/go.mod 2025-08-24 21:20:38.000000000 +0200
@@ -1,6 +1,6 @@
module github.com/regclient/regclient
-go 1.23.0
+go 1.24.0
require (
github.com/docker/libtrust v0.0.0-20160708172513-aabc10ec26b7
@@ -11,13 +11,13 @@
github.com/robfig/cron/v3 v3.0.1
github.com/sirupsen/logrus v1.9.3
github.com/spf13/cobra v1.9.1
- github.com/ulikunitz/xz v0.5.12
+ github.com/ulikunitz/xz v0.5.13
github.com/yuin/gopher-lua v1.1.1
- golang.org/x/sys v0.33.0
- golang.org/x/term v0.32.0
+ golang.org/x/sys v0.35.0
+ golang.org/x/term v0.34.0
)
require (
github.com/inconshreveable/mousetrap v1.1.0 // indirect
- github.com/spf13/pflag v1.0.6 // indirect
+ github.com/spf13/pflag v1.0.7 // indirect
)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/go.sum new/regclient-0.9.1/go.sum
--- old/regclient-0.9.0/go.sum 2025-06-30 16:25:30.000000000 +0200
+++ new/regclient-0.9.1/go.sum 2025-08-24 21:20:38.000000000 +0200
@@ -23,20 +23,21 @@
github.com/sirupsen/logrus v1.9.3/go.mod
h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
github.com/spf13/cobra v1.9.1 h1:CXSaggrXdbHK9CF+8ywj8Amf7PBRmPCOJugH954Nnlo=
github.com/spf13/cobra v1.9.1/go.mod
h1:nDyEzZ8ogv936Cinf6g1RU9MRY64Ir93oCnqb9wxYW0=
-github.com/spf13/pflag v1.0.6 h1:jFzHGLGAlb3ruxLB8MhbI6A8+AQX/2eW4qeyNZXNp2o=
github.com/spf13/pflag v1.0.6/go.mod
h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
+github.com/spf13/pflag v1.0.7 h1:vN6T9TfwStFPFM5XzjsvmzZkLuaLX+HS+0SeFLRgU6M=
+github.com/spf13/pflag v1.0.7/go.mod
h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
github.com/stretchr/objx v0.1.0/go.mod
h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
github.com/stretchr/testify v1.7.0
h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
github.com/stretchr/testify v1.7.0/go.mod
h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-github.com/ulikunitz/xz v0.5.12 h1:37Nm15o69RwBkXM0J6A5OlE67RZTfzUxTj8fB3dfcsc=
-github.com/ulikunitz/xz v0.5.12/go.mod
h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14=
+github.com/ulikunitz/xz v0.5.13 h1:ar98gWrjf4H1ev05fYP/o29PDZw9DrI3niHtnEqyuXA=
+github.com/ulikunitz/xz v0.5.13/go.mod
h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14=
github.com/yuin/gopher-lua v1.1.1
h1:kYKnWBjvbNP4XLT3+bPEwAXJx262OhaHDWDVOPjL46M=
github.com/yuin/gopher-lua v1.1.1/go.mod
h1:GBR0iDaNXjAgGg9zfCvksxSRnQx76gclCIb7kdAd1Pw=
golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod
h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.33.0 h1:q3i8TbbEz+JRD9ywIRlyRAQbM0qF7hu24q3teo2hbuw=
-golang.org/x/sys v0.33.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
-golang.org/x/term v0.32.0 h1:DR4lr0TjUs3epypdhTOkMmuF5CDFJ/8pOnbzMZPQ7bg=
-golang.org/x/term v0.32.0/go.mod
h1:uZG1FhGx848Sqfsq4/DlJr3xGGsYMu/L5GW4abiaEPQ=
+golang.org/x/sys v0.35.0 h1:vz1N37gP5bs89s7He8XuIYXpyY0+QlsKmzipCbUtyxI=
+golang.org/x/sys v0.35.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
+golang.org/x/term v0.34.0 h1:O/2T7POpk0ZZ7MAzMeWFSg6S5IpWd/RXDlM9hgM3DR4=
+golang.org/x/term v0.34.0/go.mod
h1:5jC53AEywhIVebHgPVeg0mj8OD3VO9OzclacVrqpaAw=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod
h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod
h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/internal/auth/auth.go
new/regclient-0.9.1/internal/auth/auth.go
--- old/regclient-0.9.0/internal/auth/auth.go 2025-06-30 16:25:30.000000000
+0200
+++ new/regclient-0.9.1/internal/auth/auth.go 2025-08-24 21:20:38.000000000
+0200
@@ -69,7 +69,7 @@
type handler interface {
AddScope(scope string) error
ProcessChallenge(challenge) error
- GenerateAuth() (string, error)
+ UpdateRequest(*http.Request) error
}
// handlerBuild is used to make a new handler for a specific authType and URL
@@ -239,8 +239,8 @@
// handle race condition when another request updates
the challenge
// detect that by seeing the current auth header is
different
prevAH := resp.Request.Header.Get("Authorization")
- ah, err := a.hs[host][c.authType].GenerateAuth()
- if err == nil && prevAH != ah {
+ err :=
a.hs[host][c.authType].UpdateRequest(resp.Request)
+ if err == nil && prevAH !=
resp.Request.Header.Get("Authorization") {
goodChallenge = true
}
} else {
@@ -263,10 +263,9 @@
return nil
}
var err error
- var ah string
for _, at := range a.authTypes {
if a.hs[host][at] != nil {
- ah, err = a.hs[host][at].GenerateAuth()
+ err = a.hs[host][at].UpdateRequest(req)
if err != nil {
a.slog.Debug("Failed to generate auth",
slog.String("err", err.Error()),
@@ -274,7 +273,6 @@
slog.String("authtype", at))
continue
}
- req.Header.Set("Authorization", ah)
break
}
}
@@ -480,14 +478,15 @@
return errs.ErrNoNewChallenge
}
-// GenerateAuth for BasicHandler generates base64 encoded user/pass for a host
-func (b *basicHandler) GenerateAuth() (string, error) {
+// UpdateRequest for BasicHandler generates base64 encoded user/pass for a host
+func (b *basicHandler) UpdateRequest(req *http.Request) error {
cred := b.credsFn(b.host)
if cred.User == "" || cred.Password == "" {
- return "", fmt.Errorf("no credentials available: %w",
errs.ErrHTTPUnauthorized)
+ return fmt.Errorf("no credentials available: %w",
errs.ErrHTTPUnauthorized)
}
- auth := base64.StdEncoding.EncodeToString([]byte(cred.User + ":" +
cred.Password))
- return fmt.Sprintf("Basic %s", auth), nil
+ req.Header.Set("Authorization", fmt.Sprintf("Basic %s",
+
base64.StdEncoding.EncodeToString([]byte(cred.User+":"+cred.Password))))
+ return nil
}
// bearerHandler supports Bearer auth type requests
@@ -498,6 +497,7 @@
host string
credsFn CredsFn
scopes []string
+ tokenURL *url.URL
token bearerToken
slog *slog.Logger
}
@@ -628,31 +628,39 @@
return nil
}
-// GenerateAuth for BasicHandler generates base64 encoded user/pass for a host
-func (b *bearerHandler) GenerateAuth() (string, error) {
+// UpdateRequest for BearerHandler adds a bearer token to the request.
+func (b *bearerHandler) UpdateRequest(req *http.Request) error {
+ // handle relative realm values
+ if b.tokenURL == nil {
+ u, err := req.URL.Parse(b.realm)
+ if err != nil {
+ return err
+ }
+ b.tokenURL = u
+ }
// if unexpired token already exists, return it
if b.token.Token != "" && !b.isExpired() {
- return fmt.Sprintf("Bearer %s", b.token.Token), nil
+ req.Header.Set("Authorization", fmt.Sprintf("Bearer %s",
b.token.Token))
+ return nil
}
-
// attempt to post if a refresh token is available or token auth is
being used
cred := b.credsFn(b.host)
if b.token.RefreshToken != "" || cred.Token != "" {
if err := b.tryPost(cred); err == nil {
- return fmt.Sprintf("Bearer %s", b.token.Token), nil
+ req.Header.Set("Authorization", fmt.Sprintf("Bearer
%s", b.token.Token))
+ return nil
} else if err != errs.ErrHTTPUnauthorized {
- return "", fmt.Errorf("failed to request auth token
(post): %w%.0w", err, errs.ErrHTTPUnauthorized)
+ return fmt.Errorf("failed to request auth token (post):
%w%.0w", err, errs.ErrHTTPUnauthorized)
}
}
-
// attempt a get (with basic auth if user/pass available)
if err := b.tryGet(cred); err == nil {
- return fmt.Sprintf("Bearer %s", b.token.Token), nil
+ req.Header.Set("Authorization", fmt.Sprintf("Bearer %s",
b.token.Token))
+ return nil
} else if err != errs.ErrHTTPUnauthorized {
- return "", fmt.Errorf("failed to request auth token (get):
%w%.0w", err, errs.ErrHTTPUnauthorized)
+ return fmt.Errorf("failed to request auth token (get): %w%.0w",
err, errs.ErrHTTPUnauthorized)
}
-
- return "", errs.ErrHTTPUnauthorized
+ return errs.ErrHTTPUnauthorized
}
// isExpired returns true when token issue date is either 0, token has expired,
@@ -668,7 +676,7 @@
// tryGet requests a new token with a GET request
func (b *bearerHandler) tryGet(cred Cred) error {
- req, err := http.NewRequest("GET", b.realm, nil)
+ req, err := http.NewRequest("GET", b.tokenURL.String(), nil)
if err != nil {
return err
}
@@ -723,7 +731,7 @@
form.Set("password", cred.Password)
}
- req, err := http.NewRequest("POST", b.realm,
strings.NewReader(form.Encode()))
+ req, err := http.NewRequest("POST", b.tokenURL.String(),
strings.NewReader(form.Encode()))
if err != nil {
return err
}
@@ -894,10 +902,11 @@
return nil
}
-// GenerateAuth for JWTHubHandler adds JWT header
-func (j *jwtHubHandler) GenerateAuth() (string, error) {
+// UpdateRequest for JWTHubHandler adds JWT header
+func (j *jwtHubHandler) UpdateRequest(req *http.Request) error {
if len(j.jwt) > 0 {
- return fmt.Sprintf("JWT %s", j.jwt), nil
+ req.Header.Set("Authorization", fmt.Sprintf("JWT %s", j.jwt))
+ return nil
}
- return "", errs.ErrHTTPUnauthorized
+ return errs.ErrHTTPUnauthorized
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/internal/auth/auth_test.go
new/regclient-0.9.1/internal/auth/auth_test.go
--- old/regclient-0.9.0/internal/auth/auth_test.go 2025-06-30
16:25:30.000000000 +0200
+++ new/regclient-0.9.1/internal/auth/auth_test.go 2025-08-24
21:20:38.000000000 +0200
@@ -286,7 +286,7 @@
wantAuthHeader: "Bearer token1",
},
{
- name: "bearer2",
+ name: "bearer2 relative path",
auth: NewAuth(
WithClientID(clientID),
WithCreds(credsFn),
@@ -298,7 +298,7 @@
StatusCode: http.StatusUnauthorized,
Header: http.Header{
http.CanonicalHeaderKey("WWW-Authenticate"): []string{
- `Bearer realm="` +
tsURL.String() + `/token2",service="` + tsHost +
`",scope="repository:reponame:pull"`,
+ `Bearer realm="` +
`/token2",service="` + tsHost + `",scope="repository:reponame:pull"`,
},
},
},
@@ -524,9 +524,13 @@
func(h string) Cred { return Cred{User: user, Password: pass} },
slog.New(slog.NewTextHandler(io.Discard,
&slog.HandlerOptions{})),
).(*bearerHandler)
+ req, err := http.NewRequest("GET", tsURL.String(), nil)
+ if err != nil {
+ t.Fatalf("failed to setup request: %v", err)
+ }
// handle token1, verify expired token gets current time and isn't
expired
- err := bearer.AddScope("repository:reponame:pull")
+ err = bearer.AddScope("repository:reponame:pull")
if err != nil {
t.Errorf("failed adding scope: %v", err)
}
@@ -541,10 +545,11 @@
if err != nil {
t.Errorf("failed on response to token1: %v", err)
}
- resp1, err := bearer.GenerateAuth()
+ err = bearer.UpdateRequest(req)
if err != nil {
t.Errorf("failed to generate auth response1: %v", err)
}
+ resp1 := req.Header.Get("Authorization")
if resp1 != "Bearer token1" {
t.Errorf("token1 is invalid, expected %s, received %s", "Bearer
token1", resp1)
}
@@ -557,10 +562,11 @@
if err != nil && !errors.Is(err, errs.ErrNoNewChallenge) {
t.Errorf("failed adding scope: %v", err)
}
- resp1a, err := bearer.GenerateAuth()
+ err = bearer.UpdateRequest(req)
if err != nil {
t.Errorf("failed to generate auth response1 (rerun): %v", err)
}
+ resp1a := req.Header.Get("Authorization")
if resp1a != "Bearer token1" {
t.Errorf("token1 (rerun) is invalid, expected %s, received %s",
"Bearer token1", resp1a)
}
@@ -578,10 +584,11 @@
if err != nil {
t.Errorf("failed reprocess challenge on expired token: %v", err)
}
- resp1b, err := bearer.GenerateAuth()
+ err = bearer.UpdateRequest(req)
if err != nil {
t.Errorf("failed to generate auth response1 (expired): %v", err)
}
+ resp1b := req.Header.Get("Authorization")
if resp1b != "Bearer token1" {
t.Errorf("token1 (expired) is invalid, expected %s, received
%s", "Bearer token1", resp1b)
}
@@ -594,10 +601,11 @@
if err != nil {
t.Errorf("failed adding scope: %v", err)
}
- resp2, err := bearer.GenerateAuth()
+ err = bearer.UpdateRequest(req)
if err != nil {
t.Errorf("failed to generate auth response2 (push): %v", err)
}
+ resp2 := req.Header.Get("Authorization")
if resp2 != "Bearer token2" {
t.Errorf("token2 (push) is invalid, expected %s, received %s",
"Bearer token2", resp2)
}
@@ -616,10 +624,11 @@
if err != nil {
t.Errorf("failed adding scope: %v", err)
}
- resp3, err := bearer.GenerateAuth()
+ err = bearer.UpdateRequest(req)
if err != nil {
t.Errorf("failed to generate auth response3 (delete): %v", err)
}
+ resp3 := req.Header.Get("Authorization")
if resp3 != "Bearer token3" {
t.Errorf("token3 (delete) is invalid, expected %s, received
%s", "Bearer token3", resp3)
}
@@ -638,10 +647,11 @@
if err != nil {
t.Errorf("failed adding scope: %v", err)
}
- resp4, err := bearer.GenerateAuth()
+ err = bearer.UpdateRequest(req)
if err != nil {
t.Errorf("failed to generate auth response4 (custom): %v", err)
}
+ resp4 := req.Header.Get("Authorization")
if resp4 != "Bearer token4" {
t.Errorf("token4 (custom) is invalid, expected %s, received
%s", "Bearer token4", resp4)
}
@@ -660,10 +670,11 @@
if err != nil {
t.Errorf("failed adding scope: %v", err)
}
- resp5, err := bearer.GenerateAuth()
+ err = bearer.UpdateRequest(req)
if err != nil {
t.Errorf("failed to generate auth response5 (push,pull): %v",
err)
}
+ resp5 := req.Header.Get("Authorization")
if resp5 != "Bearer token5" {
t.Errorf("token5 (push,pull) is invalid, expected %s, received
%s", "Bearer token5", resp5)
}
@@ -682,10 +693,11 @@
if !errors.Is(err, errs.ErrNoNewChallenge) {
t.Errorf("unexpected error when adding scope: expected err: %v,
received: %v", errs.ErrNoNewChallenge, err)
}
- resp5a, err := bearer.GenerateAuth()
+ err = bearer.UpdateRequest(req)
if err != nil {
t.Errorf("failed to generate auth response5 (rerun): %v", err)
}
+ resp5a := req.Header.Get("Authorization")
if resp5a != "Bearer token5" {
t.Errorf("token5 (rerun) is invalid, expected %s, received %s",
"Bearer token5", resp5a)
}
@@ -753,12 +765,17 @@
if err != nil {
t.Errorf("failed on response to token: %v", err)
}
- resp, err := bearer.GenerateAuth()
+ req, err := http.NewRequest("GET", "http://localhost:5000";, nil)
+ if err != nil {
+ t.Fatalf("failed to generate new request: %v", err)
+ }
+ err = bearer.UpdateRequest(req)
if err != nil {
t.Errorf("failed to generate auth response: %v", err)
}
- bearerResp := fmt.Sprintf("Bearer %s", token)
- if resp != bearerResp {
+ resp := req.Header.Get("Authorization")
+ want := fmt.Sprintf("Bearer %s", token)
+ if resp != want {
t.Errorf("token1 is invalid, expected %s, received %s", "Bearer
token1", resp)
}
if bearer.isExpired() {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/internal/reghttp/http.go
new/regclient-0.9.1/internal/reghttp/http.go
--- old/regclient-0.9.0/internal/reghttp/http.go 2025-06-30
16:25:30.000000000 +0200
+++ new/regclient-0.9.1/internal/reghttp/http.go 2025-08-24
21:20:38.000000000 +0200
@@ -324,9 +324,14 @@
if h.config.TLS == config.TLSDisabled {
u.Scheme = "http"
}
+ query := url.Values{}
if req.Query != nil {
- u.RawQuery = req.Query.Encode()
+ query = req.Query
}
+ if h.config.Hostname != reqHost.config.Hostname
{
+ query.Set("ns", reqHost.config.Hostname)
+ }
+ u.RawQuery = query.Encode()
}
// close previous response
if resp.resp != nil && resp.resp.Body != nil {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/internal/reghttp/http_test.go
new/regclient-0.9.1/internal/reghttp/http_test.go
--- old/regclient-0.9.0/internal/reghttp/http_test.go 2025-06-30
16:25:30.000000000 +0200
+++ new/regclient-0.9.1/internal/reghttp/http_test.go 2025-08-24
21:20:38.000000000 +0200
@@ -719,6 +719,27 @@
tsURL, _ := url.Parse(ts.URL)
tsHost := tsURL.Host
+ // create a second server to validate ns query set to upstream hostname
(different hostnames)
+ rrs2 := []reqresp.ReqResp{
+ {
+ ReqEntry: reqresp.ReqEntry{
+ Method: "GET",
+ Path:
"/v2/ns-check/project-ns/manifests/tag-get",
+ Query: map[string][]string{
+ "ns": {tsHost},
+ },
+ },
+ RespEntry: reqresp.RespEntry{
+ Status: http.StatusOK,
+ Body: getBody,
+ },
+ },
+ }
+ ts2 := httptest.NewServer(reqresp.NewHandler(t, rrs2))
+ defer ts2.Close()
+ ts2URL, _ := url.Parse(ts2.URL)
+ ts2Host := ts2URL.Host
+
// create config for various hosts, different host pointing to same dns
hostname
configHosts := map[string]*config.Host{
tsHost: {
@@ -892,6 +913,22 @@
TLS: config.TLSDisabled,
ReqPerSec: reqPerSec,
},
+ "expectns." + ts2Host: {
+ Name: "expectns." + ts2Host,
+ Hostname: ts2Host,
+ TLS: config.TLSDisabled,
+ PathPrefix: "ns-check",
+ Priority: 1,
+ },
+ "mirror-ns." + tsHost: {
+ Name: "mirror-ns." + tsHost,
+ Hostname: tsHost,
+ TLS: config.TLSDisabled,
+ Priority: 5,
+ Mirrors: []string{
+ "expectns." + ts2Host,
+ },
+ },
}
// create APIs for requests to run
@@ -1695,5 +1732,27 @@
t.Errorf("requests finished faster than expected time,
expected %s, received %s", expectMin.String(), dur.String())
}
})
+ // validate ns set to upstream hostname when mirror hostname differs
+ t.Run("Mirror ns hostname differs", func(t *testing.T) {
+ getReq := &Req{
+ Host: "mirror-ns." + tsHost,
+ Method: "GET",
+ Repository: "project-ns",
+ Path: "manifests/tag-get",
+ Headers: headers,
+ }
+ resp, err := hc.Do(ctx, getReq)
+ if err != nil {
+ t.Fatalf("failed to run get: %v", err)
+ }
+ if resp.HTTPResponse().StatusCode != 200 {
+ t.Errorf("invalid status code, expected 200, received
%d", resp.HTTPResponse().StatusCode)
+ }
+ err = resp.Close()
+ if err != nil {
+ t.Errorf("error closing request: %v", err)
+ }
+ })
+
// TODO: test various TLS configs (custom root for all hosts, custom
root for one host, insecure)
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/regclient-0.9.0/release.md
new/regclient-0.9.1/release.md
--- old/regclient-0.9.0/release.md 2025-06-30 16:25:30.000000000 +0200
+++ new/regclient-0.9.1/release.md 2025-08-24 21:20:38.000000000 +0200
@@ -1,33 +1,21 @@
-# Release v0.9.0
-
-Breaking:
-
-- Drop support for 3rd Go release because of upstream forced upgrades (see
<https://github.com/golang/go/issues/69095>). ([PR 948][pr-948])
+# Release v0.9.1
Features:
-- Add a script to reproduce regclient images. ([PR 940][pr-940])
-- Support IPv6 hosts. ([PR 956][pr-956])
-
-Fixes:
-
-- Convert docker attestations built with `oci-artifact=true`. ([PR
949][pr-949])
-- Allow duplicate keys in yaml config. ([PR 952][pr-952])
+- Allow relative urls in bearer auth. ([PR 963][pr-963])
+- Add "ns" query param to registry mirror requests. ([PR 976][pr-976])
Miscellaneous:
-- Migrate yaml library. ([PR 947][pr-947])
-- Convert the build to use OCI style attestations. ([PR 950][pr-950])
+- Update to SLSA v1 provenance. ([PR 968][pr-968])
+- Add a "make clean" command. ([PR 969][pr-969])
Contributors:
-- @JimmyMa
- @sudo-bmitch
+- @wjordan
-[pr-940]: https://github.com/regclient/regclient/pull/940
-[pr-947]: https://github.com/regclient/regclient/pull/947
-[pr-948]: https://github.com/regclient/regclient/pull/948
-[pr-949]: https://github.com/regclient/regclient/pull/949
-[pr-950]: https://github.com/regclient/regclient/pull/950
-[pr-952]: https://github.com/regclient/regclient/pull/952
-[pr-956]: https://github.com/regclient/regclient/pull/956
+[pr-963]: https://github.com/regclient/regclient/pull/963
+[pr-968]: https://github.com/regclient/regclient/pull/968
+[pr-969]: https://github.com/regclient/regclient/pull/969
+[pr-976]: https://github.com/regclient/regclient/pull/976
++++++ regclient.obsinfo ++++++
--- /var/tmp/diff_new_pack.MJXbkq/_old 2025-08-25 20:39:06.418626849 +0200
+++ /var/tmp/diff_new_pack.MJXbkq/_new 2025-08-25 20:39:06.426627185 +0200
@@ -1,5 +1,5 @@
name: regclient
-version: 0.9.0
-mtime: 1751293530
-commit: ad4e3d926030f76419211838494434974f17db67
+version: 0.9.1
+mtime: 1756063238
+commit: 51df886b5e3b138ac168540ccef5997e0d383c86
++++++ vendor.tar.gz ++++++
++++ 2813 lines of diff (skipped)
