0
Fork 0
mirror of https://github.com/project-zot/zot.git synced 2024-12-16 21:56:37 -05:00
zot - A scale-out production-ready vendor-neutral OCI-native container image/artifact registry (purely based on OCI Distribution Specification)
Find a file
Andrei Aaron bcdd9988f5
fix(cve): cummulative fixes and improvements for CVE scanning logic (#1810)
1. Only scan CVEs for images returned by graphql calls
Since pagination was refactored to account for image indexes, we had started
to run the CVE scanner before pagination was applied, resulting in
decreased ZOT performance if CVE information was requested

2. Increase in medory-cache of cve results to 1m, from 10k digests.

3. Update CVE model to use CVSS severity values in our code.
Previously we relied upon the strings returned by trivy directly,
and the sorting they implemented.
Since CVE severities are standardized, we don't need to pass around
an adapter object just for pagination and sorting purposes anymore.
This also improves our testing since we don't mock the sorting functions anymore.

4. Fix a flaky CLI test not waiting for the zot service to start.

5. Add the search build label on search/cve tests which were missing it.

6. The boltdb update method was used in a few places where view was supposed to be called.

7. Add logs for start and finish of parsing MetaDB.

8. Avoid unmarshalling twice to obtain annotations for multiarch images.

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2023-09-17 15:12:20 -07:00
.github refactor: Reduce zli binary size (#1805) 2023-09-15 15:17:01 -07:00
.zap feat(zui): update to zui supporting social login (#1639) 2023-07-21 12:50:41 -07:00
build fix: binary-stacker Makefile target is broken (#1689) 2023-08-10 12:39:56 -07:00
cmd refactor: Reduce zli binary size (#1805) 2023-09-15 15:17:01 -07:00
demos oras fix: 2022-08-30 21:39:16 +03:00
docs swagger: rename 'docs/' to 'swagger/' 2021-10-21 13:46:14 -07:00
errors feat(cli): add sort-by flag to sub commands (#1768) 2023-09-14 10:51:17 -07:00
examples refactor: Review metrics endpoints (#1770) 2023-09-15 14:49:34 +03:00
pkg fix(cve): cummulative fixes and improvements for CVE scanning logic (#1810) 2023-09-17 15:12:20 -07:00
swagger refactor: Reduce zb binary size (#1783) 2023-09-13 10:28:14 +03:00
test fix(sync): ping func should not try to read response body (#1757) 2023-09-13 20:00:51 +03:00
.gitignore refactor(extensions)!: refactor the extensions URLs and errors (#1636) 2023-08-02 21:58:34 +03:00
CODE_OF_CONDUCT.md doc: add a CODE_OF_CONDUCT.md 2020-12-15 11:20:45 -08:00
codecov.yml refactor: Reduce zli binary size (#1805) 2023-09-15 15:17:01 -07:00
CODEOWNERS add a CODEOWNERS file 2022-05-04 11:52:28 -07:00
COMPARISON.md move references to zotregistry.io and project-zot 2021-12-05 10:52:27 -08:00
CONTRIBUTING.md build(tags): remove redundant build tag ui_base (#857) 2022-10-10 15:05:55 +03:00
go.mod chore: fix dependabot alerts (#1797) 2023-09-11 20:21:56 -07:00
go.sum chore: fix dependabot alerts (#1797) 2023-09-11 20:21:56 -07:00
golangcilint.yaml chore(go.mod): upgrade 3rd party packages (#1742) 2023-08-31 20:40:19 +03:00
LICENSE docs: fix copyright related info for cncf onboarding (#1117) 2023-01-17 15:43:45 -08:00
MAINTAINERS.md docs: fix CNCF related documentation (#1099) 2023-01-10 15:52:11 -08:00
Makefile refactor: Reduce zli binary size (#1805) 2023-09-15 15:17:01 -07:00
NOTICE docs: fix copyright related info for cncf onboarding (#1117) 2023-01-17 15:43:45 -08:00
README.md docs: update README.md (#1078) 2022-12-21 10:46:31 +02:00
README_fuzz.md Add fuzz tests for storage_fs (#601) 2022-07-27 20:37:55 +03:00
SECURITY.md chore: fix security alerts (#1493) 2023-06-01 16:53:50 -07:00
THIRD-PARTY-LICENSES.md update 3rd party licenses 2022-04-08 09:48:13 -07:00
tools.go chore(trivy): update trivy version and enforce OCI compliant repo names in local image storage (#1068) 2023-01-18 08:24:44 -08:00
zot.go zot: initial commit 2019-06-21 15:29:19 -07:00

zot build-test codecov.io Conformance Results CodeQL CII Best Practices Go Reference

zot: a production-ready vendor-neutral OCI image registry - images stored in OCI image format, distribution specification on-the-wire, that's it!

Docs

Documentation for zot is located at: https://zotregistry.io

Code of Conduct

Details are in the code of conduct