Releases: oras-project/oras-java
Releases Β· oras-project/oras-java
0.6.3
π New features and improvements
- Add YAML utils (#709) @jonesbusy
π» Maintenance
- Add some constants for other CNCF projects (#710) @jonesbusy
- Do not include null on serialized model (#705) @jonesbusy
π¦ Dependency updates
- Bump github/codeql-action from 4.35.4 to 4.35.5 (#707) @dependabot[bot]
- Bump com.diffplug.spotless:spotless-maven-plugin from 3.4.0 to 3.5.1 (#708) @dependabot[bot]
- Bump updatecli/updatecli-action from 3.1.3 to 3.2.0 (#706) @dependabot[bot]
- Bump org.slf4j:slf4j-api from 2.0.17 to 2.0.18 (#704) @dependabot[bot]
Contributors
jonesbusy
Assets 5
0.6.2
β Security
- [GHSA-xm96-gfjx-jcrc] Normalize and validate path from org.opencontainers.image.title (#703) @jonesbusy
Contributors
jonesbusy
Assets 5
0.6.1
π Bug fixes
- Use unique metric name for HTTP requests (#702) @jonesbusy
- Make ArchiveUtils work on Windows (#683) @ThomasVitale
π» Maintenance
- Run workflows on Windows to discover to support more platform (#690) @jonesbusy
π¦ Dependency updates
- Bump release-drafter/release-drafter from 7.2.1 to 7.3.0 (#700) @dependabot[bot]
- Bump github/codeql-action from 4.35.3 to 4.35.4 (#701) @dependabot[bot]
- Bump com.github.luben:zstd-jni from 1.5.7-7 to 1.5.7-8 (#695) @dependabot[bot]
- Bump release-drafter/release-drafter from 7.2.0 to 7.2.1 (#697) @dependabot[bot]
- Bump tools.jackson:jackson-bom from 3.1.2 to 3.1.3 (#696) @dependabot[bot]
- Bump github/codeql-action from 4.35.2 to 4.35.3 (#698) @dependabot[bot]
- Bump com.github.ben-manes.caffeine:caffeine from 3.2.3 to 3.2.4 (#699) @dependabot[bot]
Contributors
jonesbusy and ThomasVitale
Assets 5
0.6.0
π New features and improvements
- Support configuring custom CA certificates (#687) @ThomasVitale
π Bug fixes
- Fix rewrite of unqualified reference (#692) @jonesbusy
π» Maintenance
- Bump version to 0.6.0-SNAPSHOT (#688) @jonesbusy
- Add missing @OrasModel annotation on CredentialHelperResponse (#685) @ThomasVitale
π¦ Tests
- Bump zot v2.1.16 (#689) @github-actions[bot]
π¦ Dependency updates
- Bump Maven 3.9.15 (#686) @github-actions[bot]
- Bump updatecli/updatecli-action from 3.1.2 to 3.1.3 (#693) @dependabot[bot]
- Bump testcontainer.version from 2.0.4 to 2.0.5 (#694) @dependabot[bot]
- Bump updatecli/updatecli-action from 3.1.1 to 3.1.2 (#691) @dependabot[bot]
- Bump zot v2.1.16 (#689) @github-actions[bot]
Contributors
jonesbusy and ThomasVitale
Assets 5
0.5.2
π New features and improvements
- Allow to pass auth token to build registry (#677) @jonesbusy
π Bug fixes
- Change JUnit dependency scope from compile to scope (#666) @ThomasVitale
π¦ Tests
- Fix flaky tests (#667) @jonesbusy
π¦ Dependency updates
20 changes
- Bump github/codeql-action from 4.35.1 to 4.35.2 (#680) @dependabot[bot]
- Bump org.bouncycastle:bcprov-jdk18on from 1.83 to 1.84 (#682) @dependabot[bot]
- Bump io.micrometer:micrometer-bom from 1.16.4 to 1.16.5 (#681) @dependabot[bot]
- Bump updatecli/updatecli-action from 3.1.0 to 3.1.1 (#679) @dependabot[bot]
- Bump tools.jackson:jackson-bom from 3.1.1 to 3.1.2 (#678) @dependabot[bot]
- Bump actions/upload-pages-artifact from 4.0.0 to 5.0.0 (#676) @dependabot[bot]
- Bump actions/upload-artifact from 7.0.0 to 7.0.1 (#675) @dependabot[bot]
- Bump release-drafter/release-drafter from 7.1.1 to 7.2.0 (#674) @dependabot[bot]
- Bump updatecli/updatecli-action from 3.0.0 to 3.1.0 (#673) @dependabot[bot]
- Bump s4u/setup-maven-action from 1.19.0 to 1.20.0 (#669) @dependabot[bot]
- Bump tools.jackson:jackson-bom from 3.1.0 to 3.1.1 (#661) @dependabot[bot]
- Bump actions/deploy-pages from 4.0.5 to 5.0.0 (#660) @dependabot[bot]
- Bump codecov/codecov-action from 5.5.3 to 6.0.0 (#662) @dependabot[bot]
- Bump github/codeql-action from 4.33.0 to 4.35.1 (#664) @dependabot[bot]
- Bump updatecli/updatecli-action from 2.100.0 to 3.0.0 (#663) @dependabot[bot]
- Bump release-drafter/release-drafter from 7.0.0 to 7.1.1 (#658) @dependabot[bot]
- Bump codecov/codecov-action from 5.5.2 to 5.5.3 (#657) @dependabot[bot]
- Bump com.diffplug.spotless:spotless-maven-plugin from 3.3.0 to 3.4.0 (#655) @dependabot[bot]
- Bump testcontainer.version from 2.0.3 to 2.0.4 (#656) @dependabot[bot]
- Bump github/codeql-action from 4.32.6 to 4.33.0 (#654) @dependabot[bot]
Contributors
jonesbusy and ThomasVitale
Assets 5
0.5.1
π New features and improvements
- Implement blobs mount (#651) @jonesbusy
π Bug fixes
- Fix copy using target tag (#653) @jonesbusy
π» Maintenance
- Fix mount for insecure registry (parameter order) (#652) @jonesbusy
- Implement
canMount(#650) @jonesbusy
π¦ Dependency updates
- Bump release-drafter/release-drafter from 6.4.0 to 7.0.0 (#645) @dependabot[bot]
- Bump Maven 3.9.14 (#649) @github-actions[bot]
- Bump webfactory/ssh-agent from 0.9.1 to 0.10.0 (#646) @dependabot[bot]
- Bump mockito.version from 5.22.0 to 5.23.0 (#647) @dependabot[bot]
- Bump io.micrometer:micrometer-bom from 1.16.3 to 1.16.4 (#644) @dependabot[bot]
Contributors
jonesbusy
Assets 5
0.5.0
π New features and improvements
- Enable micrometer metrics and add one for token refresh (#639) @copilot-swe-agent[bot]
- Allow consumers to provide their executor service (#637) @jonesbusy
- Concurrency for layer pull and push (#629) @jonesbusy
- Global scopes and look for token with broader scope in the cache (#633) @jonesbusy
- Cache hit with service (#632) @jonesbusy
- Store token into caffeine cache (#631) @jonesbusy
- Tags pagination (#628) @jonesbusy
π Bug fixes
- Ensure to URI escape service name (#623) @jonesbusy
π» Maintenance
- Increase Maven central publication waitMaxTime to 2h (30mn fail too often) (#621) @jonesbusy
π¦ Tests
- Build docker-credential-fake with Go 1.26.1 (#642) @jonesbusy
- Bump zot v2.1.15 (#636) @github-actions[bot]
β Other changes
- Use bom and pass service and realm to token refresh (#641) @jonesbusy
π¦ Dependency updates
- Build docker-credential-fake with Go 1.26.1 (#642) @jonesbusy
- Bump io.micrometer:micrometer-core from 1.15.0 to 1.16.3 (#640) @dependabot[bot]
- Bump zot v2.1.15 (#636) @github-actions[bot]
- Bump release-drafter/release-drafter from 6.3.0 to 6.4.0 (#634) @dependabot[bot]
- Bump Maven 3.9.13 (#625) @github-actions[bot]
- Bump release-drafter/release-drafter from 6.2.0 to 6.3.0 (#627) @dependabot[bot]
- Bump github/codeql-action from 4.32.5 to 4.32.6 (#626) @dependabot[bot]
- Bump org.apache.maven.plugins:maven-resources-plugin from 3.4.0 to 3.5.0 (#624) @dependabot[bot]
Contributors
jonesbusy
Assets 5
0.4.2
π New features and improvements
- Add CopyOption with
includeReferrersoption and ensure to copy index on index (#610) @jonesbusy - Add optional OS version and feature (#608) @jonesbusy
- Add zip compression for artifact but never unpack it (Not a standard OCI layer mediatype) (#606) @jonesbusy
π Bug fixes
- Fix index serialization when adding manifests (#615) @jonesbusy
π Documentation updates
- Fix javadoc warnings (#620) @jonesbusy
π» Maintenance
- Change order of ensureSafeEntry to satisfy CodeQL (#618) @jonesbusy
- Add utils to remove one descriptor from Index (#614) @jonesbusy
- Better error message when getting legacy manifests (#600) @jonesbusy
π¦ Tests
- Missing OrasModel and ensure we scan all for the tests (#599) @jonesbusy
β Other changes
- [StepSecurity] ci: Harden GitHub Actions (#619) @step-security-bot
π¦ Dependency updates
- Bump crazy-max/ghaction-import-gpg from 6.3.0 to 7.0.0 (#613) @dependabot[bot]
- Bump github/codeql-action from 4.32.4 to 4.32.5 (#611) @dependabot[bot]
- Bump com.diffplug.spotless:spotless-maven-plugin from 3.2.1 to 3.3.0 (#612) @dependabot[bot]
- Bump mockito.version from 5.21.0 to 5.22.0 (#605) @dependabot[bot]
- Bump actions/upload-artifact from 6.0.0 to 7.0.0 (#601) @dependabot[bot]
- Bump updatecli/updatecli-action from 2.99.0 to 2.100.0 (#602) @dependabot[bot]
Contributors
jonesbusy and step-security-bot
Assets 5
0.4.1
π New features and improvements
- Add utility method on ManifestDescriptor to construct manifest descriptor with Platform and Annotation from Manifest (#591) @jonesbusy
- Better support for Index artifact type (#594) @jonesbusy
- Add
withArtifactTypefor Index (#590) @jonesbusy - Support hierarchical credentials on AuthStore (per namespace, per repository etc) (#588) @copilot-swe-agent[bot]
π Bug fixes
- Fix invalid scope on push blob (#595) @jonesbusy
- Layer annotations where not added on files during pushArtifact (#583) @jonesbusy
- Do not pull layer without title on pull artifact (#582) @jonesbusy
π¦ Tests
- Update ContainerRef.shouldDetermineEffectiveRegistry test to not be machine dependent (#596) @jonesbusy
- Add utility method on ManifestDescriptor to construct manifest descriptor with Platform and Annotation from Manifest (#591) @jonesbusy
- One more demo/test to push Jenkins library (#581) @jonesbusy
- Update demo/tests for Harbor and different Artifacts (#579) @jonesbusy
- Add test for Nexus (#578) @jonesbusy
- Add few more tests (#577) @jonesbusy
- Add test to package a standard Flux Artifact (#576) @jonesbusy
β Other changes
- Missing
@OrasModelfor reflection access (#573) @jonesbusy
π¦ Dependency updates
- Bump org.apache.maven.plugins:maven-surefire-plugin from 3.5.4 to 3.5.5 (#585) @dependabot[bot]
- Bump org.apache.maven.plugins:maven-failsafe-plugin from 3.5.4 to 3.5.5 (#586) @dependabot[bot]
- Bump github/codeql-action from 4.32.3 to 4.32.4 (#584) @dependabot[bot]
Contributors
jonesbusy
Assets 5
0.4.0
π New features and improvements
- Allow setting
short-name-modeand set mode toenforcingby default (like podman / CRI-IO) (#560) @jonesbusy - Store resolve registry when probing descriptor and use it for copy operation (#557) @jonesbusy
- Optimize copy by passing stream with known size and digest (#552) @jonesbusy
- Rewrite any prefix subdomain like
*.example.com(#545) @jonesbusy - Add support for registry table prefix and location rewrite (without *, tag or digest yet) (#542) @jonesbusy
- Support for registry (insecure / blocked) from registries.conf (#541) @jonesbusy
- Support for alias in registries.conf (#540) @jonesbusy
- Support of unqualified-search-registries in registries.conf (#434) @jonesbusy
π Bug fixes
- Ensure to use computed reference on copy (#572) @jonesbusy
- Fix copy with alias (#571) @jonesbusy
- Fix push artifact for alias (#570) @jonesbusy
- Fix
getEffectiveRegistryto return registry only (#569) @jonesbusy - Do not send Authorization header when redirecting after auth (#561) @jonesbusy
- When copy ensure to push all manifests before index (#554) @jonesbusy
π Documentation updates
- Add some documentation about registries.conf (#564) @jonesbusy
π» Maintenance
- Ensure to pass resolved target registries for pushArtifact (#566) @jonesbusy
- Use streaming copy for config during copy and ensure to set target (2) and extract to copy method (#559) @jonesbusy
- Use streaming copy for config during copy and ensure to set target (#558) @jonesbusy
- Only try to parse Error if we get JSON content type (#555) @jonesbusy
- Ensure HTTP status code is not lost when catching exception (#550) @jonesbusy
π¦ Tests
- Ensure HTTP status code is not lost when catching exception (#550) @jonesbusy
- Add test for Helm chart extraction (Issue COMPRESS-705) (#538) @jonesbusy
- Migrate to testcontainers v2 (#536) @jonesbusy
π¦ Dependency updates
- Bump ch.qos.logback:logback-classic from 1.5.31 to 1.5.32 (#553) @dependabot[bot]
- Bump github/codeql-action from 4.32.2 to 4.32.3 (#549) @dependabot[bot]
- Bump ch.qos.logback:logback-classic from 1.5.29 to 1.5.31 (#547) @dependabot[bot]
- Bump junit.version from 6.0.2 to 6.0.3 (#546) @dependabot[bot]
- Migrate to testcontainers v2 (#536) @jonesbusy
- Bump ch.qos.logback:logback-classic from 1.5.28 to 1.5.29 (#530) @dependabot[bot]
Contributors
jonesbusy