Releases: goharbor/harbor
Releases · goharbor/harbor
v2.9.3
Known issue
- Due to this code change, users cannot call Harbor swagger API to add or update a project metadata, but it does not affect project configuration via Harbor portal UI. This issue is tracking this matter.
What's Changed
Component updates ⬆️
- add ip_family config in harbor.yml on release-2.9.0 by @MinerYang in #19940
- Refresh base images on release-2.9.0 by @zyyw in #19941
- reverse ip_family config for release-2.9 by @MinerYang in #19951
- [Cherry-pick] feat: enable configuration of skip_java_db_update by @zyyw in #19997
- [cherry-pick] Limit URL to local site by @stonezdj in #20023
- Move strong_ssl_ciphers to top level in harbor.yml by @stonezdj in #20021
- fix: update go.mod (vendor) & golangci-lint & mocks by @zyyw in #20070
Other Changes
- fix: change filter_label_xpath to vulnerabilities_filter_label_xpath … by @zyyw in #19930
- update retry of get_scan_data_export_execution from 5 to 15 by @zyyw in #19958
- Refresh base images on release-2.9.0 by @zyyw in #20005
Full Changelog: v2.9.2...v2.9.3
Contributors
stonezdj, zyyw, and MinerYang
Assets 7
v2.9.3-rc2
What's Changed
Component updates ⬆️
- add ip_family config in harbor.yml on release-2.9.0 by @MinerYang in #19940
- Refresh base images on release-2.9.0 by @zyyw in #19941
- reverse ip_family config for release-2.9 by @MinerYang in #19951
- [Cherry-pick] feat: enable configuration of skip_java_db_update by @zyyw in #19997
- [cherry-pick] Limit URL to local site by @stonezdj in #20023
- Move strong_ssl_ciphers to top level in harbor.yml by @stonezdj in #20021
- fix: update go.mod (vendor) & golangci-lint & mocks by @zyyw in #20070
Other Changes
- fix: change filter_label_xpath to vulnerabilities_filter_label_xpath … by @zyyw in #19930
- update retry of get_scan_data_export_execution from 5 to 15 by @zyyw in #19958
- Refresh base images on release-2.9.0 by @zyyw in #20005
Full Changelog: v2.9.2...v2.9.3-rc2
Contributors
stonezdj, zyyw, and MinerYang
Assets 5
v2.8.5
Known issue
- Due to this code change, users cannot call Harbor swagger API to add or update a project metadata, but it does not affect project configuration via Harbor portal UI. This issue is tracking this matter.
What's Changed
Component updates ⬆️
- [Cherry-pick]Add new uri path to ShouldNotReuseRoute array by @AllForNothing in #19219
- (cherry-pick) Remove job status track information from redis after stop the job in the queue by @stonezdj in #19305
- (cherry-pick)fix storage.redirect.disable migrate template error release-2.8.0 by @MinerYang in #19337
- [cherry-pick] Allow POST method to request service/token in readonly mode by @stonezdj in #19562
- [cherry-pick] fix: increase beego max memory and upload size (#19578) by @stonezdj in #19670
- [cherry-pick]Limit URL to local site by @stonezdj in #20024
- feat: bump up golang-runtime from 1.20.7 to 1.21.7 by @zyyw in #20046
- fix: update TRIVYVERSION=v0.49.1 && TRIVYADAPTERVERSION=v0.30.22 by @zyyw in #20040
- fix: update go.mod by @zyyw in #20071
Full Changelog: v2.8.4...v2.8.5
Contributors
stonezdj, zyyw, and 2 other contributors
Assets 7
v2.8.5-rc1
What's Changed
Component updates ⬆️
- [Cherry-pick]Add new uri path to ShouldNotReuseRoute array by @AllForNothing in #19219
- (cherry-pick) Remove job status track information from redis after stop the job in the queue by @stonezdj in #19305
- (cherry-pick)fix storage.redirect.disable migrate template error release-2.8.0 by @MinerYang in #19337
- [cherry-pick] Allow POST method to request service/token in readonly mode by @stonezdj in #19562
- [cherry-pick] fix: increase beego max memory and upload size (#19578) by @stonezdj in #19670
- [cherry-pick]Limit URL to local site by @stonezdj in #20024
- feat: bump up golang-runtime from 1.20.7 to 1.21.7 by @zyyw in #20046
- fix: update TRIVYVERSION=v0.49.1 && TRIVYADAPTERVERSION=v0.30.22 by @zyyw in #20040
- fix: update go.mod by @zyyw in #20071
Full Changelog: v2.8.4...v2.8.5-rc1
Contributors
stonezdj, zyyw, and 2 other contributors
Assets 5
v2.9.3-rc1
What's Changed
Component updates ⬆️
- add ip_family config in harbor.yml on release-2.9.0 by @MinerYang in #19940
- Refresh base images on release-2.9.0 by @zyyw in #19941
- reverse ip_family config for release-2.9 by @MinerYang in #19951
- [Cherry-pick] feat: enable configuration of skip_java_db_update by @zyyw in #19997
- [cherry-pick] Limit URL to local site by @stonezdj in #20023
- Move strong_ssl_ciphers to top level in harbor.yml by @stonezdj in #20021
Other Changes
- fix: change filter_label_xpath to vulnerabilities_filter_label_xpath … by @zyyw in #19930
- update retry of get_scan_data_export_execution from 5 to 15 by @zyyw in #19958
- Refresh base images on release-2.9.0 by @zyyw in #20005
Full Changelog: v2.9.2...v2.9.3-rc1
Contributors
stonezdj, zyyw, and MinerYang
Assets 5
v2.9.2
Known issue
- known issue #19932 will affect nginx component of offline-installer where installed the harbor on the machine only supported ipv4. Impact version is v2.9.2, will be fixed version v2.9.3. As a workaround please refer to reconfigure-nginx
- known issue #19912 will affect nginx component of offline-installer when specify
strong_cipher.enabledinharbor.ymlbut not been rendered in config file properly. Impact version are v2.9.0, v2.9.1, v2.9.2, v2.10.0. Will be fixed in v2.10.1. if you do need set strong_cipher, please refer to manually-add-strong-cipher
What's Changed
Enhancement 🚀
- [cherry-pick]remove the log for ScannerSkipUpdatePullTime by @wy65701436 in #19847
Component updates ⬆️
- [cherry-pick] Allow POST method to request service/token in readonly mode by @stonezdj in #19563
- [cherry-pick] Cache image list with digest key by @stonezdj in #19837
- [Cherry pick] add repository read permission to limitedGuest by @tpoxa in #19815
- Refresh base images on release-2.9.0 by @YangJiao0817 in #19851
- fix: update to TRIVYVERSION=v0.48.3 and TRIVYADAPTERVERSION=v0.30.21 by @zyyw in #19857
- [cherry-pick]fix label select bugs (#19850) by @YangJiao0817 in #19861
- Refresh base images on release-2.9.0 by @zyyw in #19891
- [cherry-pick]add v6 port for nginx ad portal config by @MinerYang in #19893
- [cherry-pick] ] support accessory in either order by @wy65701436 in #19906
Other Changes
- [cherry-pick]Add banner message UI test case by @YangJiao0817 in #19530
- [cherry-pick]Add notation sign artifact API test case by @YangJiao0817 in #19550
- [cherry-pick]Add notation accessory copy test case by @YangJiao0817 in #19606
- [cherry-pick]Add notation pull policy test case by @YangJiao0817 in #19626
- [cherry-pick]Add jump to CNAB Bundle index artifact list test case by @YangJiao0817 in #19628
- [cherry-pick]Add user API test case by @YangJiao0817 in #19637
- [cherry-pick]Add notation replication test case by @YangJiao0817 in #19740
- [cherry-pick]Add multi-tier accessory replication test cases by @YangJiao0817 in #19737
- Fix Init Chrome Driver error by @YangJiao0817 in #19900
- [cherry-pick]Update replication rule filter label xpath by @YangJiao0817 in #19901
- fix: cve export label filter xpath by @zyyw in #19913
Full Changelog: v2.9.1...v2.9.2
Contributors
tpoxa, stonezdj, and 4 other contributors
Assets 7
v2.9.2-rc1
What's Changed
Enhancement 🚀
- [cherry-pick]remove the log for ScannerSkipUpdatePullTime by @wy65701436 in #19847
Component updates ⬆️
- [cherry-pick] Allow POST method to request service/token in readonly mode by @stonezdj in #19563
- [cherry-pick] Cache image list with digest key by @stonezdj in #19837
- [Cherry pick] add repository read permission to limitedGuest by @tpoxa in #19815
- Refresh base images on release-2.9.0 by @YangJiao0817 in #19851
- fix: update to TRIVYVERSION=v0.48.3 and TRIVYADAPTERVERSION=v0.30.21 by @zyyw in #19857
- [cherry-pick]fix label select bugs (#19850) by @YangJiao0817 in #19861
- Refresh base images on release-2.9.0 by @zyyw in #19891
- [cherry-pick]add v6 port for nginx ad portal config by @MinerYang in #19893
- [cherry-pick] ] support accessory in either order by @wy65701436 in #19906
Other Changes
- [cherry-pick]Add banner message UI test case by @YangJiao0817 in #19530
- [cherry-pick]Add notation sign artifact API test case by @YangJiao0817 in #19550
- [cherry-pick]Add notation accessory copy test case by @YangJiao0817 in #19606
- [cherry-pick]Add notation pull policy test case by @YangJiao0817 in #19626
- [cherry-pick]Add jump to CNAB Bundle index artifact list test case by @YangJiao0817 in #19628
- [cherry-pick]Add user API test case by @YangJiao0817 in #19637
- [cherry-pick]Add notation replication test case by @YangJiao0817 in #19740
- [cherry-pick]Add multi-tier accessory replication test cases by @YangJiao0817 in #19737
- Fix Init Chrome Driver error by @YangJiao0817 in #19900
- [cherry-pick]Update replication rule filter label xpath by @YangJiao0817 in #19901
Full Changelog: v2.9.1...v2.9.2-rc1
Contributors
tpoxa, stonezdj, and 4 other contributors
Assets 5
v2.10.0
Known issue
- known issue #19912 will affect nginx component of offline-installer when specify
strong_cipher.enabledinharbor.ymlbut not been rendered in config file properly. Impact version are v2.9.0, v2.9.1, v2.9.2, v2.10.0. Will fixed in v2.10.1. if you do need set strong_cipher, please refer to manually-add-strong-cipher
What's Changed
Exciting New Features 🎉
Robot Account Full Access
Delivers a user-friendly tutorial that walks you through the creation of a new robot. With a simple click, you can seamlessly customize permission sets at both system and project levels.
- Add full permissions for the robot account by @AllForNothing in #19507
- subject: fix missing media type recognition for nydus by @imeoer in #19453
Supporting OCI Distribution Spec v1.1.0-rc3
Harbor now supports OCI Distribution Spec v1.1.0-rc3
- change Referrers Content-Type to application/vnd.oci.image.index.v1+json by @MinerYang in #19212
- support accessory in either order by @wy65701436 in #19375
Additional Features
Quota Sorting
Enable storage sorting in the quota management page
- Add quota sorting to the project quotas list by @AllForNothing in #19576
Allow customization of the OIDC provider name
- Add oidc provider name to systeminfo API by @stonezdj in #19575
- Show OIDC provider name on the OIDC login button by @AllForNothing in #19581
Enable support for large-size blobs
Harbor now facilitates uploads of layers up to 128GB by default, with configurable options if required.
Ensure audit logs comply with GDPR regulations for data privacy.
Enhancement 🚀
- feat: enhance the replication webhook payload by @chlins in #19433
- fix: Accessibility - change color for WCAG AA by @SphinxKnight in #19472
- perf: optimize the trigger retention API by @chlins in #19533
- Add a placeholder to the cards for the security-hub by @AllForNothing in #19536
- perf: optimize the performance of accessory query by @chlins in #19557
Component updates ⬆️
- Add label's description as tooltip by @Nhqml in #19421
- fix: privileges member successfully typo by @testwill in #19091
- fix: add storage_limit check by @zyyw in #19095
- fix: cron string validation by @zyyw in #19071
- ignore spaces for vulnerability filters by @AllForNothing in #19180
- Update zh-tw (Traditional Chinese) locale by @PeterDaveHello in #19161
- chore: fix incorrect otel timeout in harbor yaml template by @chlins in #19120
- Update the max length for the filters by @AllForNothing in #19194
- Filter artifact without CVE from top 5 dangerous artifacts by @stonezdj in #19187
- log: change log level to reduce the noise logs by @chlins in #19146
- Wrong artifact scanned count by @stonezdj in #19198
- fix: support customize cache db for business by @chlins in #19182
- fix gc dry run issue by @wy65701436 in #19208
- Add new uri path to ShouldNotReuseRoute array by @AllForNothing in #19217
- Refine total artifact and scanned artifact by @stonezdj in #19228
- i18n: fix typo for CONFIRM_SECRET by @liubin in #19140
- Add a tooltip for the page title of security hub by @AllForNothing in #19231
- change JOB_ID to Task_ID by @lengrongfu in #19127
- fix typo in ROADMAP.md by @liubin in #19247
- Delete unused code by @liubin in #19061
- exporter: add field alias for count(*) func by @liubin in #18840
- Switch to a new chart library by @AllForNothing in #19262
- Remove job status track information from redis after stop by @stonezdj in #19227
- remove chart-museum related to logic by @lengrongfu in #18722
- fix storage.redirect.disable migrate template error by @MinerYang in #19335
- Upgrade UI packages by @AllForNothing in #19330
- Remove duplicated sort fields from order by clause by @liubin in #19347
- fix user resource by @wy65701436 in #19366
- update default processor for unknwon type config by @MinerYang in #19372
- Hide version property if the value is undefined by @AllForNothing in #19395
- feat(i18n): update french translations by @Nhqml in #19418
- bump golang to 1.20.10 by @MinerYang in #19430
- Change fixed_version to package_version in query dangerous CVE sql by @stonezdj in #19397
- fix issue 19392 by @wy65701436 in #19437
- fix: bump up TRIVYVERSION=v0.46.0 && TRIVYADAPTERVERSION=v0.30.17 by @zyyw in #19446
- Update the style for operation-component by @AllForNothing in #19445
- bump golang.org/x/net to v0.17.0 && go.opentelemetry.io/contrib by @MinerYang in #19461
- Use batch to list the job id in the job queue to avoid crash redis by @stonezdj in #19444
- Delete tag retention rule and tag immutable rule when deleting project by @stonezdj in #19390
- bump go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/m… by @MinerYang in #19477
- Not allow comma for the user name by @AllForNothing in #19501
- bump golang to 1.21.3 by @MinerYang in #19504
- Add a tooltip for the replication rule by @AllForNothing in #19509
- Replace comma in username to avoid casbin issue by @stonezdj in #19505
- Update the style for severity by @AllForNothing in #19525
- Remove vendor folder from harbor code base by @reasonerjt in #19508
- fix: bump up TRIVYVERSION=v0.46.1 && TRIVYADAPTERVERSION=v0.30.18 by @zyyw in #19500
- Skip to validate username when update user profile by @stonezdj in #19552
- Update UI package to clear security alerts by @AllForNothing in #19553
- Delete project member when delete project by @stonezdj in #19523
- add permission api by @wy65701436 in #19543
- Allow POST method to request service/token in readonly mode by @stonezdj in #19556
- 19559 cannot see full label easily by @jmichot-exotec in #19564
- fix: sorting quota by @zyyw in #19538
- Avoid menu closure when filtering labels by @AllForNothing in #19561
- Correct loop condition for replication tasks by @AllForNothing in #19570
- Return empty result when no scanner configured by @stonezdj in #19577
- bump golang to 1.21.4 by @MinerYang in #19601
- add permission validation for robot creating and updating. by @wy65701436 in #19598
- add prepare migration script for 2.10 by @MinerYang in #19600
- Update the permission scope by @AllForNothing in #19603
- fix system label resource by @wy65701436 in #19621
- Bump golang.org/x/time from 0.0.0-20220210224613-90d013bbcef8 to 0.4.0 in /src by @dependabot in #19541
- fix robot account access issue by @wy65701436 in #19627
- fix: update TRIVYVERSION=v0.47.0 && TRIVYADAPTERVERSION=v0.30.19 by @zyyw in #19624
- Bump github.com/coreos/go-oidc/v3 from 3.0.0 to 3...
Contributors
tpoxa, liubin, and 21 other contributors
Assets 7
v2.10.0-rc2
What's Changed
Exciting New Features 🎉
Robot Account Full Access
Delivers a user-friendly tutorial that walks you through the creation of a new robot. With a simple click, you can seamlessly customize permission sets at both system and project levels.
- Add full permissions for the robot account by @AllForNothing in #19507
- subject: fix missing media type recognition for nydus by @imeoer in #19453
Supporting OCI Distribution Spec v1.1.0-rc3
Harbor now supports OCI Distribution Spec v1.1.0-rc3
- change Referrers Content-Type to application/vnd.oci.image.index.v1+json by @MinerYang in #19212
- support accessory in either order by @wy65701436 in #19375
Additional Features
Quota Sorting
Enable storage sorting in the quota management page
- Add quota sorting to the project quotas list by @AllForNothing in #19576
Allow customization of the OIDC provider name
- Add oidc provider name to systeminfo API by @stonezdj in #19575
- Show OIDC provider name on the OIDC login button by @AllForNothing in #19581
Enable support for large-size blobs
Harbor now facilitates uploads of layers up to 128GB by default, with configurable options if required.
Ensure audit logs comply with GDPR regulations for data privacy.
Enhancement 🚀
- feat: enhance the replication webhook payload by @chlins in #19433
- fix: Accessibility - change color for WCAG AA by @SphinxKnight in #19472
- perf: optimize the trigger retention API by @chlins in #19533
- Add a placeholder to the cards for the security-hub by @AllForNothing in #19536
- perf: optimize the performance of accessory query by @chlins in #19557
Component updates ⬆️
- Add label's description as tooltip by @Nhqml in #19421
- fix: privileges member successfully typo by @testwill in #19091
- fix: add storage_limit check by @zyyw in #19095
- fix: cron string validation by @zyyw in #19071
- ignore spaces for vulnerability filters by @AllForNothing in #19180
- Update zh-tw (Traditional Chinese) locale by @PeterDaveHello in #19161
- chore: fix incorrect otel timeout in harbor yaml template by @chlins in #19120
- Update the max length for the filters by @AllForNothing in #19194
- Filter artifact without CVE from top 5 dangerous artifacts by @stonezdj in #19187
- log: change log level to reduce the noise logs by @chlins in #19146
- Wrong artifact scanned count by @stonezdj in #19198
- fix: support customize cache db for business by @chlins in #19182
- fix gc dry run issue by @wy65701436 in #19208
- Add new uri path to ShouldNotReuseRoute array by @AllForNothing in #19217
- Refine total artifact and scanned artifact by @stonezdj in #19228
- i18n: fix typo for CONFIRM_SECRET by @liubin in #19140
- Add a tooltip for the page title of security hub by @AllForNothing in #19231
- change JOB_ID to Task_ID by @lengrongfu in #19127
- fix typo in ROADMAP.md by @liubin in #19247
- Delete unused code by @liubin in #19061
- exporter: add field alias for count(*) func by @liubin in #18840
- Switch to a new chart library by @AllForNothing in #19262
- Remove job status track information from redis after stop by @stonezdj in #19227
- remove chart-museum related to logic by @lengrongfu in #18722
- fix storage.redirect.disable migrate template error by @MinerYang in #19335
- Upgrade UI packages by @AllForNothing in #19330
- Remove duplicated sort fields from order by clause by @liubin in #19347
- fix user resource by @wy65701436 in #19366
- update default processor for unknwon type config by @MinerYang in #19372
- Hide version property if the value is undefined by @AllForNothing in #19395
- feat(i18n): update french translations by @Nhqml in #19418
- bump golang to 1.20.10 by @MinerYang in #19430
- Change fixed_version to package_version in query dangerous CVE sql by @stonezdj in #19397
- fix issue 19392 by @wy65701436 in #19437
- fix: bump up TRIVYVERSION=v0.46.0 && TRIVYADAPTERVERSION=v0.30.17 by @zyyw in #19446
- Update the style for operation-component by @AllForNothing in #19445
- bump golang.org/x/net to v0.17.0 && go.opentelemetry.io/contrib by @MinerYang in #19461
- Use batch to list the job id in the job queue to avoid crash redis by @stonezdj in #19444
- Delete tag retention rule and tag immutable rule when deleting project by @stonezdj in #19390
- bump go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/m… by @MinerYang in #19477
- Not allow comma for the user name by @AllForNothing in #19501
- bump golang to 1.21.3 by @MinerYang in #19504
- Add a tooltip for the replication rule by @AllForNothing in #19509
- Replace comma in username to avoid casbin issue by @stonezdj in #19505
- Update the style for severity by @AllForNothing in #19525
- Remove vendor folder from harbor code base by @reasonerjt in #19508
- fix: bump up TRIVYVERSION=v0.46.1 && TRIVYADAPTERVERSION=v0.30.18 by @zyyw in #19500
- Skip to validate username when update user profile by @stonezdj in #19552
- Update UI package to clear security alerts by @AllForNothing in #19553
- Delete project member when delete project by @stonezdj in #19523
- add permission api by @wy65701436 in #19543
- Allow POST method to request service/token in readonly mode by @stonezdj in #19556
- 19559 cannot see full label easily by @jmichot-exotec in #19564
- fix: sorting quota by @zyyw in #19538
- Avoid menu closure when filtering labels by @AllForNothing in #19561
- Correct loop condition for replication tasks by @AllForNothing in #19570
- Return empty result when no scanner configured by @stonezdj in #19577
- bump golang to 1.21.4 by @MinerYang in #19601
- add permission validation for robot creating and updating. by @wy65701436 in #19598
- add prepare migration script for 2.10 by @MinerYang in #19600
- Update the permission scope by @AllForNothing in #19603
- fix system label resource by @wy65701436 in #19621
- Bump golang.org/x/time from 0.0.0-20220210224613-90d013bbcef8 to 0.4.0 in /src by @dependabot in #19541
- fix robot account access issue by @wy65701436 in #19627
- fix: update TRIVYVERSION=v0.47.0 && TRIVYADAPTERVERSION=v0.30.19 by @zyyw in #19624
- Bump github.com/coreos/go-oidc/v3 from 3.0.0 to 3.7.0 in /src by @dependabot in #19542
- Update the name checking for the robot account by @AllForNothing in #19645
- fix 2.10 prepare migration version by @MinerYang in #19665
- fix: upgrade google.golang.org/grpc by @zyyw in #19648
- Update the style for the robot acccount ui by @AllForNothing in https://...
Contributors
tpoxa, liubin, and 21 other contributors
Assets 5
v2.10.0-rc1
What's Changed
Exciting New Features 🎉
Robot Account Full Access
Delivers a user-friendly tutorial that walks you through the creation of a new robot. With a simple click, you can seamlessly customize permission sets at both system and project levels.
- Add full permissions for the robot account by @AllForNothing in #19507
- subject: fix missing media type recognition for nydus by @imeoer in #19453
Supporting OCI Distribution Spec v1.1.0-rc3
Harbor now supports OCI Distribution Spec v1.1.0-rc3
- change Referrers Content-Type to application/vnd.oci.image.index.v1+json by @MinerYang in #19212
- support accessory in either order by @wy65701436 in #19375
Additional Features
Quota Sorting
Enable storage sorting in the quota management page
- Add quota sorting to the project quotas list by @AllForNothing in #19576
Allow customization of the OIDC provider name
Enable support for large-size blobs
Harbor now facilitates uploads of layers up to 128GB by default, with configurable options if required.
- Show OIDC provider name on the OIDC login button by @AllForNothing in #19581
Ensure audit logs comply with GDPR regulations for data privacy.
Enhancement 🚀
- feat: enhance the replication webhook payload by @chlins in #19433
- fix: Accessibility - change color for WCAG AA by @SphinxKnight in #19472
- perf: optimize the trigger retention API by @chlins in #19533
- Add a placeholder to the cards for the security-hub by @AllForNothing in #19536
- perf: optimize the performance of accessory query by @chlins in #19557
Component updates ⬆️
- Add label's description as tooltip by @Nhqml in #19421
- fix: privileges member successfully typo by @testwill in #19091
- fix: add storage_limit check by @zyyw in #19095
- fix: cron string validation by @zyyw in #19071
- ignore spaces for vulnerability filters by @AllForNothing in #19180
- Update zh-tw (Traditional Chinese) locale by @PeterDaveHello in #19161
- chore: fix incorrect otel timeout in harbor yaml template by @chlins in #19120
- Update the max length for the filters by @AllForNothing in #19194
- Filter artifact without CVE from top 5 dangerous artifacts by @stonezdj in #19187
- log: change log level to reduce the noise logs by @chlins in #19146
- Wrong artifact scanned count by @stonezdj in #19198
- fix: support customize cache db for business by @chlins in #19182
- fix gc dry run issue by @wy65701436 in #19208
- Add new uri path to ShouldNotReuseRoute array by @AllForNothing in #19217
- Refine total artifact and scanned artifact by @stonezdj in #19228
- i18n: fix typo for CONFIRM_SECRET by @liubin in #19140
- Add a tooltip for the page title of security hub by @AllForNothing in #19231
- change JOB_ID to Task_ID by @lengrongfu in #19127
- fix typo in ROADMAP.md by @liubin in #19247
- Delete unused code by @liubin in #19061
- exporter: add field alias for count(*) func by @liubin in #18840
- Switch to a new chart library by @AllForNothing in #19262
- Remove job status track information from redis after stop by @stonezdj in #19227
- remove chart-museum related to logic by @lengrongfu in #18722
- fix storage.redirect.disable migrate template error by @MinerYang in #19335
- Upgrade UI packages by @AllForNothing in #19330
- Remove duplicated sort fields from order by clause by @liubin in #19347
- fix user resource by @wy65701436 in #19366
- update default processor for unknwon type config by @MinerYang in #19372
- Hide version property if the value is undefined by @AllForNothing in #19395
- feat(i18n): update french translations by @Nhqml in #19418
- bump golang to 1.20.10 by @MinerYang in #19430
- Change fixed_version to package_version in query dangerous CVE sql by @stonezdj in #19397
- fix issue 19392 by @wy65701436 in #19437
- fix: bump up TRIVYVERSION=v0.46.0 && TRIVYADAPTERVERSION=v0.30.17 by @zyyw in #19446
- Update the style for operation-component by @AllForNothing in #19445
- bump golang.org/x/net to v0.17.0 && go.opentelemetry.io/contrib by @MinerYang in #19461
- Use batch to list the job id in the job queue to avoid crash redis by @stonezdj in #19444
- Delete tag retention rule and tag immutable rule when deleting project by @stonezdj in #19390
- bump go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/m… by @MinerYang in #19477
- Not allow comma for the user name by @AllForNothing in #19501
- bump golang to 1.21.3 by @MinerYang in #19504
- Add a tooltip for the replication rule by @AllForNothing in #19509
- Replace comma in username to avoid casbin issue by @stonezdj in #19505
- Update the style for severity by @AllForNothing in #19525
- Remove vendor folder from harbor code base by @reasonerjt in #19508
- fix: bump up TRIVYVERSION=v0.46.1 && TRIVYADAPTERVERSION=v0.30.18 by @zyyw in #19500
- Skip to validate username when update user profile by @stonezdj in #19552
- Update UI package to clear security alerts by @AllForNothing in #19553
- Delete project member when delete project by @stonezdj in #19523
- add permission api by @wy65701436 in #19543
- Allow POST method to request service/token in readonly mode by @stonezdj in #19556
- 19559 cannot see full label easily by @jmichot-exotec in #19564
- fix: sorting quota by @zyyw in #19538
- Avoid menu closure when filtering labels by @AllForNothing in #19561
- Correct loop condition for replication tasks by @AllForNothing in #19570
- Return empty result when no scanner configured by @stonezdj in #19577
- bump golang to 1.21.4 by @MinerYang in #19601
- add permission validation for robot creating and updating. by @wy65701436 in #19598
- add prepare migration script for 2.10 by @MinerYang in #19600
- Update the permission scope by @AllForNothing in #19603
- fix system label resource by @wy65701436 in #19621
- Bump golang.org/x/time from 0.0.0-20220210224613-90d013bbcef8 to 0.4.0 in /src by @dependabot in #19541
- fix robot account access issue by @wy65701436 in #19627
- fix: update TRIVYVERSION=v0.47.0 && TRIVYADAPTERVERSION=v0.30.19 by @zyyw in #19624
- Bump github.com/coreos/go-oidc/v3 from 3.0.0 to 3.7.0 in /src by @dependabot in #19542
- Update the name checking for the robot account by @AllForNothing in #19645
- fix 2.10 prepare migration version by @MinerYang in #19665
- fix: upgrade google.golang.org/grpc by @zyyw in #19648
- Update the style for the robot acccount ui by @AllForNothing in https:...
Contributors
tpoxa, liubin, and 21 other contributors