Will Norris
a81add5d96
lint: improve error handling
2022-02-16 11:15:36 -08:00
Will Norris
ef8aec77a9
lint: explain hash alg exclusion better
2022-02-16 11:15:36 -08:00
Jacopo
13bafdbf9e
Add MaxRedirects option
...
Add `MaxRedirects` option to set maximum redirection-followings allowed.
The option is only valid when `FollowRedirects` is `true`.
Being able to limit the amount of redirections is helpful in order to
avoid possible loops of redirections or just too long round trips.
2021-12-10 09:25:11 -08:00
Will Norris
8fd838a5cc
ci: try signing docker image with cosign
2021-12-07 11:27:49 -08:00
Will Norris
e155a719ee
ci: fix default branch name for workflow
...
The $default-branch variable is apparently only for workflow templates.
2021-12-07 11:20:20 -08:00
Will Norris
7c14835b43
ci: update docker image workflow
...
Align a little bit more to
https://github.com/actions/starter-workflows/blob/main/ci/docker-publish.yml
in preparation for trying out cosign support
2021-12-07 10:16:14 -08:00
Will Norris
a4d659dafd
style: remove unnecessary type declaration
2021-11-05 08:33:21 -07:00
Will Norris
0f2deb14d2
remove behavior of copyHeaders to copy all headers
...
Previously, when no keys were specified, copyHeaders would copy all
headers from src to dst. I believe this is a remnant of some old code,
as we don't actually ever use that behavior today.
I'm removing this as it seems too likely to accidentally pass along
headers that shouldn't be. Instead, let's always be explicit about
which headers to copy (which is what we currently do anyway).
2021-11-05 08:33:21 -07:00
Geras Ghulyan
d94e5610d6
Add support for passing headers to remote server
...
Add a new passRequestHeaders field to Proxy that identifies headers to
pass from inbound request to remote servers. Also add associated flag
to imageproxy CLI.
This is initially added to support remote servers that require an
authorization token.
Fixes #321
2021-11-05 08:32:59 -07:00
dependabot[bot]
006b99f6a2
build(deps): bump cloud.google.com/go/storage from 1.16.1 to 1.18.2
...
Bumps [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go ) from 1.16.1 to 1.18.2.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/storage/v1.16.1...storage/v1.18.2 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/storage
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-10-27 19:03:33 -07:00
dependabot[bot]
49c4bb8ac5
build(deps): bump github.com/aws/aws-sdk-go from 1.40.42 to 1.41.12
...
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go ) from 1.40.42 to 1.41.12.
- [Release notes](https://github.com/aws/aws-sdk-go/releases )
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.40.42...v1.41.12 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-10-27 13:27:36 -07:00
Will Norris
77e26e44f5
ci: add explicit permissions to codeql config
...
also remove extra comments that aren't really needed
2021-10-13 09:15:12 -07:00
Will Norris
2174b956f3
docs: point out env var config option for docker
2021-10-13 08:44:00 -07:00
Will Norris
3f2e270fb2
docs: update install instructions for both go and docker
2021-10-12 21:03:22 -07:00
Will Norris
851396b044
actions: switch to publish docker image to github packages
...
docker integration has gotten too finicky and not worth the trouble
2021-10-12 20:59:49 -07:00
Will Norris
3dd327fafc
actions: combine docker workflows
2021-10-12 20:48:18 -07:00
Will Norris
d9b179c9d1
docker: remove envy go.mod file
2021-10-12 20:40:59 -07:00
Will Norris
7aacb8b520
actions: update docker workflow
2021-10-12 20:39:23 -07:00
Will Norris
e5da3b920b
bump docker build to go1.17, and actions to latest
2021-10-12 20:30:52 -07:00
Will Norris
66818a786d
change envy package to avoid replace directive
2021-10-12 20:26:12 -07:00
dependabot[bot]
5f85069fde
Bump github.com/aws/aws-sdk-go from 1.38.64 to 1.40.42 ( #306 )
...
* Bump github.com/aws/aws-sdk-go from 1.38.64 to 1.40.42
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go ) from 1.38.64 to 1.40.42.
- [Release notes](https://github.com/aws/aws-sdk-go/releases )
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.38.64...v1.40.42 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* bump minimum go version to 1.13
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Will Norris <will@willnorris.com>
2021-09-14 07:59:29 -07:00
dependabot[bot]
bbb026ef38
Bump cloud.google.com/go/storage from 1.15.0 to 1.16.1
...
Bumps [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go ) from 1.15.0 to 1.16.1.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/pubsub/v1.15.0...storage/v1.16.1 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/storage
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-09-14 07:39:15 -07:00
Will Norris
09d247ca30
go.mod: update indirect dependencies
2021-06-23 11:40:07 -07:00
Will Norris
95bcf70004
modules: update prometheus and tidy ( #294 )
...
also bump minimum go version and limit platform matrix in actions
2021-06-20 15:45:26 -07:00
dependabot[bot]
85f1fd1334
Bump github.com/aws/aws-sdk-go from 1.38.51 to 1.38.64
...
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go ) from 1.38.51 to 1.38.64.
- [Release notes](https://github.com/aws/aws-sdk-go/releases )
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.38.51...v1.38.64 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-06-20 13:53:33 -07:00
dependabot[bot]
7cfc99c270
Bump github.com/aws/aws-sdk-go from 1.37.10 to 1.38.51
...
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go ) from 1.37.10 to 1.38.51.
- [Release notes](https://github.com/aws/aws-sdk-go/releases )
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.37.10...v1.38.51 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-06-20 13:42:58 -07:00
dependabot[bot]
4bee838c8e
Bump cloud.google.com/go/storage from 1.13.0 to 1.15.0
...
Bumps [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go ) from 1.13.0 to 1.15.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/spanner/v1.13.0...spanner/v1.15.0 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-06-20 13:42:28 -07:00
dependabot[bot]
2d76bb14a2
Bump github.com/fcjr/aia-transport-go from 1.2.1 to 1.2.2
...
Bumps [github.com/fcjr/aia-transport-go](https://github.com/fcjr/aia-transport-go ) from 1.2.1 to 1.2.2.
- [Release notes](https://github.com/fcjr/aia-transport-go/releases )
- [Commits](https://github.com/fcjr/aia-transport-go/compare/v1.2.1...v1.2.2 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-06-20 13:41:17 -07:00
Will Norris
7ba3f124eb
cleanup license headers and contributing docs
...
- switch to "project authors" style copyright. Instead of an AUTHORS
file (https://opensource.google/docs/releasing/authors/ ), I just list
Google as a major copyright holder in the README.
- use SPDX style license headers in source files
- remove CLA requirement from contributing docs
2021-03-10 12:24:13 -08:00
dependabot[bot]
3a30ba791e
Bump github.com/aws/aws-sdk-go from 1.37.8 to 1.37.10
...
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go ) from 1.37.8 to 1.37.10.
- [Release notes](https://github.com/aws/aws-sdk-go/releases )
- [Changelog](https://github.com/aws/aws-sdk-go/blob/master/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.37.8...v1.37.10 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-02-18 10:42:09 -08:00
Will Norris
b328d1a467
dependabot: back off to monthly
2021-02-18 10:41:17 -08:00
Will Norris
762e5cf299
actions: print go version being used
2021-02-18 09:01:35 -08:00
Will Norris
e307e617d6
bump go version in Dockerfile and tests for go1.16
2021-02-18 08:50:53 -08:00
Will Norris
c34c3dd593
readme: add statement about supported go versions
2021-02-11 15:01:55 -08:00
Will Norris
87f0c62a3e
actions: bump to actions/cache@v2
2021-02-11 14:45:05 -08:00
Will Norris
bb65766878
actions: only update test coverage on recent go version
2021-02-11 14:45:05 -08:00
Will Norris
f41a60b471
actions: update which go versions we test with
...
bump to 1.x and 1.14.x, the two most recent major go versions. Also add
go1.11 on linux, which should still work, but is not actually supported.
2021-02-11 14:45:05 -08:00
Will Norris
e72ae6fde5
go get -u ./...
2021-02-11 08:50:07 -08:00
Will Norris
3999c5bd80
run goimports
2021-01-24 13:44:39 -08:00
Alexandre Testu
5bb32547c9
updated heroku instructons / added eb instructions
2021-01-24 12:32:17 -08:00
Yassine ABOUKIR
2203979b9c
Add X-XSS-Protection HTTP response header to block potential XSS
2021-01-24 12:18:42 -08:00
Will Norris
dd798db002
dependabot: move to weekly updates
2021-01-20 11:43:59 -08:00
dependabot[bot]
2d534353f5
Bump github.com/prometheus/client_golang from 1.7.1 to 1.9.0
...
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang ) from 1.7.1 to 1.9.0.
- [Release notes](https://github.com/prometheus/client_golang/releases )
- [Changelog](https://github.com/prometheus/client_golang/blob/master/CHANGELOG.md )
- [Commits](https://github.com/prometheus/client_golang/compare/v1.7.1...v1.9.0 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-01-13 16:49:01 -08:00
dependabot[bot]
c2e0ac1208
Bump github.com/aws/aws-sdk-go from 1.34.20 to 1.36.26
...
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go ) from 1.34.20 to 1.36.26.
- [Release notes](https://github.com/aws/aws-sdk-go/releases )
- [Changelog](https://github.com/aws/aws-sdk-go/blob/master/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.34.20...v1.36.26 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-01-13 16:31:23 -08:00
dependabot[bot]
2afbc71f37
Bump cloud.google.com/go/storage from 1.11.0 to 1.12.0
...
Bumps [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go ) from 1.11.0 to 1.12.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/spanner/v1.11.0...spanner/v1.12.0 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-01-13 13:12:07 -08:00
dependabot-preview[bot]
7c98d50e98
Create Dependabot config file
2021-01-13 10:37:49 -08:00
Will Norris
31e8faa098
codecov token not required for public repos
2021-01-13 09:10:47 -08:00
Blake Stoddard
c08b3c505a
Disable browser MIME confusion attacks via content-type sniffing
2020-10-16 07:11:59 -07:00
Blake Stoddard
c6206ea30c
Set a strict Content-Security-Policy
2020-10-16 07:11:59 -07:00
Will Norris
66c549e07b
Setup GitHub Action for code scanning ( #247 )
2020-09-16 12:39:41 -07:00