0
Fork 0
mirror of https://github.com/willnorris/imageproxy.git synced 2024-12-16 21:56:43 -05:00
Commit graph

383 commits

Author SHA1 Message Date
Will Norris
a81add5d96 lint: improve error handling 2022-02-16 11:15:36 -08:00
Will Norris
ef8aec77a9 lint: explain hash alg exclusion better 2022-02-16 11:15:36 -08:00
Jacopo
13bafdbf9e Add MaxRedirects option
Add `MaxRedirects` option to set maximum redirection-followings allowed.
The option is only valid when `FollowRedirects` is `true`.

Being able to limit the amount of redirections is helpful in order to
avoid possible loops of redirections or just too long round trips.
2021-12-10 09:25:11 -08:00
Will Norris
8fd838a5cc ci: try signing docker image with cosign 2021-12-07 11:27:49 -08:00
Will Norris
e155a719ee ci: fix default branch name for workflow
The $default-branch variable is apparently only for workflow templates.
2021-12-07 11:20:20 -08:00
Will Norris
7c14835b43 ci: update docker image workflow
Align a little bit more to
https://github.com/actions/starter-workflows/blob/main/ci/docker-publish.yml
in preparation for trying out cosign support
2021-12-07 10:16:14 -08:00
Will Norris
a4d659dafd style: remove unnecessary type declaration 2021-11-05 08:33:21 -07:00
Will Norris
0f2deb14d2 remove behavior of copyHeaders to copy all headers
Previously, when no keys were specified, copyHeaders would copy all
headers from src to dst.  I believe this is a remnant of some old code,
as we don't actually ever use that behavior today.

I'm removing this as it seems too likely to accidentally pass along
headers that shouldn't be.  Instead, let's always be explicit about
which headers to copy (which is what we currently do anyway).
2021-11-05 08:33:21 -07:00
Geras Ghulyan
d94e5610d6 Add support for passing headers to remote server
Add a new passRequestHeaders field to Proxy that identifies headers to
pass from inbound request to remote servers.  Also add associated flag
to imageproxy CLI.

This is initially added to support remote servers that require an
authorization token.

Fixes #321
2021-11-05 08:32:59 -07:00
dependabot[bot]
006b99f6a2 build(deps): bump cloud.google.com/go/storage from 1.16.1 to 1.18.2
Bumps [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go) from 1.16.1 to 1.18.2.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/storage/v1.16.1...storage/v1.18.2)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/storage
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-10-27 19:03:33 -07:00
dependabot[bot]
49c4bb8ac5 build(deps): bump github.com/aws/aws-sdk-go from 1.40.42 to 1.41.12
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.40.42 to 1.41.12.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.40.42...v1.41.12)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-10-27 13:27:36 -07:00
Will Norris
77e26e44f5 ci: add explicit permissions to codeql config
also remove extra comments that aren't really needed
2021-10-13 09:15:12 -07:00
Will Norris
2174b956f3 docs: point out env var config option for docker 2021-10-13 08:44:00 -07:00
Will Norris
3f2e270fb2 docs: update install instructions for both go and docker 2021-10-12 21:03:22 -07:00
Will Norris
851396b044 actions: switch to publish docker image to github packages
docker integration has gotten too finicky and not worth the trouble
2021-10-12 20:59:49 -07:00
Will Norris
3dd327fafc actions: combine docker workflows 2021-10-12 20:48:18 -07:00
Will Norris
d9b179c9d1 docker: remove envy go.mod file 2021-10-12 20:40:59 -07:00
Will Norris
7aacb8b520 actions: update docker workflow 2021-10-12 20:39:23 -07:00
Will Norris
e5da3b920b bump docker build to go1.17, and actions to latest 2021-10-12 20:30:52 -07:00
Will Norris
66818a786d
change envy package to avoid replace directive 2021-10-12 20:26:12 -07:00
dependabot[bot]
5f85069fde
Bump github.com/aws/aws-sdk-go from 1.38.64 to 1.40.42 (#306)
* Bump github.com/aws/aws-sdk-go from 1.38.64 to 1.40.42

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.38.64 to 1.40.42.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.38.64...v1.40.42)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* bump minimum go version to 1.13

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Will Norris <will@willnorris.com>
2021-09-14 07:59:29 -07:00
dependabot[bot]
bbb026ef38 Bump cloud.google.com/go/storage from 1.15.0 to 1.16.1
Bumps [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go) from 1.15.0 to 1.16.1.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/pubsub/v1.15.0...storage/v1.16.1)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/storage
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-09-14 07:39:15 -07:00
Will Norris
09d247ca30 go.mod: update indirect dependencies 2021-06-23 11:40:07 -07:00
Will Norris
95bcf70004
modules: update prometheus and tidy (#294)
also bump minimum go version and limit platform matrix in actions
2021-06-20 15:45:26 -07:00
dependabot[bot]
85f1fd1334 Bump github.com/aws/aws-sdk-go from 1.38.51 to 1.38.64
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.38.51 to 1.38.64.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.38.51...v1.38.64)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-20 13:53:33 -07:00
dependabot[bot]
7cfc99c270 Bump github.com/aws/aws-sdk-go from 1.37.10 to 1.38.51
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.37.10 to 1.38.51.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.37.10...v1.38.51)

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-20 13:42:58 -07:00
dependabot[bot]
4bee838c8e Bump cloud.google.com/go/storage from 1.13.0 to 1.15.0
Bumps [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go) from 1.13.0 to 1.15.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/spanner/v1.13.0...spanner/v1.15.0)

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-20 13:42:28 -07:00
dependabot[bot]
2d76bb14a2 Bump github.com/fcjr/aia-transport-go from 1.2.1 to 1.2.2
Bumps [github.com/fcjr/aia-transport-go](https://github.com/fcjr/aia-transport-go) from 1.2.1 to 1.2.2.
- [Release notes](https://github.com/fcjr/aia-transport-go/releases)
- [Commits](https://github.com/fcjr/aia-transport-go/compare/v1.2.1...v1.2.2)

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-20 13:41:17 -07:00
Will Norris
7ba3f124eb cleanup license headers and contributing docs
- switch to "project authors" style copyright.  Instead of an AUTHORS
  file (https://opensource.google/docs/releasing/authors/), I just list
  Google as a major copyright holder in the README.
- use SPDX style license headers in source files
- remove CLA requirement from contributing docs
2021-03-10 12:24:13 -08:00
dependabot[bot]
3a30ba791e Bump github.com/aws/aws-sdk-go from 1.37.8 to 1.37.10
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.37.8 to 1.37.10.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.37.8...v1.37.10)

Signed-off-by: dependabot[bot] <support@github.com>
2021-02-18 10:42:09 -08:00
Will Norris
b328d1a467 dependabot: back off to monthly 2021-02-18 10:41:17 -08:00
Will Norris
762e5cf299 actions: print go version being used 2021-02-18 09:01:35 -08:00
Will Norris
e307e617d6 bump go version in Dockerfile and tests for go1.16 2021-02-18 08:50:53 -08:00
Will Norris
c34c3dd593 readme: add statement about supported go versions 2021-02-11 15:01:55 -08:00
Will Norris
87f0c62a3e actions: bump to actions/cache@v2 2021-02-11 14:45:05 -08:00
Will Norris
bb65766878 actions: only update test coverage on recent go version 2021-02-11 14:45:05 -08:00
Will Norris
f41a60b471 actions: update which go versions we test with
bump to 1.x and 1.14.x, the two most recent major go versions.  Also add
go1.11 on linux, which should still work, but is not actually supported.
2021-02-11 14:45:05 -08:00
Will Norris
e72ae6fde5 go get -u ./... 2021-02-11 08:50:07 -08:00
Will Norris
3999c5bd80 run goimports 2021-01-24 13:44:39 -08:00
Alexandre Testu
5bb32547c9 updated heroku instructons / added eb instructions 2021-01-24 12:32:17 -08:00
Yassine ABOUKIR
2203979b9c Add X-XSS-Protection HTTP response header to block potential XSS 2021-01-24 12:18:42 -08:00
Will Norris
dd798db002
dependabot: move to weekly updates 2021-01-20 11:43:59 -08:00
dependabot[bot]
2d534353f5 Bump github.com/prometheus/client_golang from 1.7.1 to 1.9.0
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.7.1 to 1.9.0.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/master/CHANGELOG.md)
- [Commits](https://github.com/prometheus/client_golang/compare/v1.7.1...v1.9.0)

Signed-off-by: dependabot[bot] <support@github.com>
2021-01-13 16:49:01 -08:00
dependabot[bot]
c2e0ac1208 Bump github.com/aws/aws-sdk-go from 1.34.20 to 1.36.26
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.34.20 to 1.36.26.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.34.20...v1.36.26)

Signed-off-by: dependabot[bot] <support@github.com>
2021-01-13 16:31:23 -08:00
dependabot[bot]
2afbc71f37 Bump cloud.google.com/go/storage from 1.11.0 to 1.12.0
Bumps [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go) from 1.11.0 to 1.12.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/spanner/v1.11.0...spanner/v1.12.0)

Signed-off-by: dependabot[bot] <support@github.com>
2021-01-13 13:12:07 -08:00
dependabot-preview[bot]
7c98d50e98 Create Dependabot config file 2021-01-13 10:37:49 -08:00
Will Norris
31e8faa098 codecov token not required for public repos 2021-01-13 09:10:47 -08:00
Blake Stoddard
c08b3c505a Disable browser MIME confusion attacks via content-type sniffing 2020-10-16 07:11:59 -07:00
Blake Stoddard
c6206ea30c Set a strict Content-Security-Policy 2020-10-16 07:11:59 -07:00
Will Norris
66c549e07b
Setup GitHub Action for code scanning (#247) 2020-09-16 12:39:41 -07:00