mirror of
https://github.com/project-zot/zot.git
synced 2024-12-16 21:56:37 -05:00
zot - A scale-out production-ready vendor-neutral OCI-native container image/artifact registry (purely based on OCI Distribution Specification)
aaee0220e4
when a client pushes an image zot's inline dedupe will try to find the blob path corresponding with the blob digest that it's currently pushed and if it's found in the cache then zot will make a symbolic link to that cache entry and report to the client that the blob already exists on the location. Before this patch authorization was not applied on this process meaning that a user could copy blobs without having permissions on the source repo. Added a rule which says that the client should have read permissions on the source repo before deduping, otherwise just Stat() the blob and return the corresponding status code. Signed-off-by: Petu Eusebiu <peusebiu@cisco.com> Co-authored-by: Petu Eusebiu <peusebiu@cisco.com> |
||
|---|---|---|
| .github | ||
| .zap | ||
| build | ||
| cmd | ||
| demos | ||
| docs | ||
| errors | ||
| examples | ||
| pkg | ||
| scripts | ||
| swagger | ||
| test | ||
| .gitignore | ||
| CODE_OF_CONDUCT.md | ||
| codecov.yml | ||
| CODEOWNERS | ||
| COMPARISON.md | ||
| CONTRIBUTING.md | ||
| go.mod | ||
| go.sum | ||
| golangcilint.yaml | ||
| LICENSE | ||
| MAINTAINERS.md | ||
| Makefile | ||
| NOTICE | ||
| README.md | ||
| README_fuzz.md | ||
| SECURITY.md | ||
| THIRD-PARTY-LICENSES.md | ||
| tools.go | ||
| zot.go | ||
zot 
zot: a production-ready vendor-neutral OCI image registry - images stored in OCI image format, distribution specification on-the-wire, that's it!
Documentation for zot is located at: https://zotregistry.dev
Code of conduct details are here.