github/zot

Fork 0

mirror of https://github.com/project-zot/zot.git synced 2026-06-18 05:28:07 +08:00

Commit Graph

Author	SHA1	Message	Date
Luca Muscariello	2402296e9a	fix: migrate to Go module v2 for proper semantic versioning (#3462 ) * fix: migrate to Go module v2 for proper semantic versioning This change updates the module path from 'zotregistry.dev/zot' to 'zotregistry.dev/zot/v2' to comply with Go's semantic versioning rules. According to Go's module versioning requirements, major version v2+ must include the major version in the module path. The current module path 'zotregistry.dev/zot' only supports v0.x.x and v1.x.x versions, making existing v2.x.x tags (like v2.1.8) unusable. Changes: - Updated go.mod module path to zotregistry.dev/zot/v2 - Updated all internal import paths across 280+ Go source files - Updated configuration files (golangcilint.yaml, gqlgen.yml) - Updated README.md Go reference badge This fix enables proper use of existing v2.x.x Git tags and allows external packages to import zot v2+ versions without compatibility errors. Resolves: Go module import compatibility for v2+ versions Fixes: #3071 Signed-off-by: Luca Muscariello <muscariello@ieee.org> * fix: regenerate GraphQL files with updated v2 import paths The gqlgen tool needs to regenerate the GraphQL schema files after the module path change to use the new v2 imports. Signed-off-by: Luca Muscariello <muscariello@ieee.org> --------- Signed-off-by: Luca Muscariello <muscariello@ieee.org>	2025-10-16 22:43:47 -07:00
Evan	d465690630	[feat]: add support for EC/ED25519 public keys for token authentication (#2998 ) * feat: rework token auth to allow ED25519/EC public keys Signed-off-by: evanebb <git@evanus.nl> * fix: shadow err variable to hopefully avoid data race Signed-off-by: evanebb <git@evanus.nl> * fix: apply golangci-lint feedback Signed-off-by: evanebb <git@evanus.nl> * fix: simplify public key loading by only supporting certificates, fixes ED25519 certificate handling Signed-off-by: evanebb <git@evanus.nl> * test: add golang-jwt based test auth server and test RSA/EC/ED25519 keys Signed-off-by: evanebb <git@evanus.nl> * fix: restrict allowed signing algorithms as recommended by library Signed-off-by: evanebb <git@evanus.nl> * test: add more bearer authorizer tests Signed-off-by: evanebb <git@evanus.nl> * fix: apply more golangci-lint feedback Signed-off-by: evanebb <git@evanus.nl> * test: ensure chmod calls run on test failure for authn errors test Signed-off-by: evanebb <git@evanus.nl> * fix: verify issued-at in given token if present Pulls the validation in-line with the old library Signed-off-by: evanebb <git@evanus.nl> --------- Signed-off-by: evanebb <git@evanus.nl>	2025-03-06 14:32:13 -08:00

Author

SHA1

Message

Date

Luca Muscariello

2402296e9a

fix: migrate to Go module v2 for proper semantic versioning (#3462 )

* fix: migrate to Go module v2 for proper semantic versioning

This change updates the module path from 'zotregistry.dev/zot' to
'zotregistry.dev/zot/v2' to comply with Go's semantic versioning rules.

According to Go's module versioning requirements, major version v2+
must include the major version in the module path. The current
module path 'zotregistry.dev/zot' only supports v0.x.x and v1.x.x
versions, making existing v2.x.x tags (like v2.1.8) unusable.

Changes:
- Updated go.mod module path to zotregistry.dev/zot/v2
- Updated all internal import paths across 280+ Go source files
- Updated configuration files (golangcilint.yaml, gqlgen.yml)
- Updated README.md Go reference badge

This fix enables proper use of existing v2.x.x Git tags and allows
external packages to import zot v2+ versions without compatibility
errors.

Resolves: Go module import compatibility for v2+ versions
Fixes: #3071
Signed-off-by: Luca Muscariello <muscariello@ieee.org>

* fix: regenerate GraphQL files with updated v2 import paths

The gqlgen tool needs to regenerate the GraphQL schema files after
the module path change to use the new v2 imports.

Signed-off-by: Luca Muscariello <muscariello@ieee.org>

---------

Signed-off-by: Luca Muscariello <muscariello@ieee.org>

2025-10-16 22:43:47 -07:00

Evan

d465690630

[feat]: add support for EC/ED25519 public keys for token authentication (#2998 )

* feat: rework token auth to allow ED25519/EC public keys

Signed-off-by: evanebb <git@evanus.nl>

* fix: shadow err variable to hopefully avoid data race

Signed-off-by: evanebb <git@evanus.nl>

* fix: apply golangci-lint feedback

Signed-off-by: evanebb <git@evanus.nl>

* fix: simplify public key loading by only supporting certificates, fixes ED25519 certificate handling

Signed-off-by: evanebb <git@evanus.nl>

* test: add golang-jwt based test auth server and test RSA/EC/ED25519 keys

Signed-off-by: evanebb <git@evanus.nl>

* fix: restrict allowed signing algorithms as recommended by library

Signed-off-by: evanebb <git@evanus.nl>

* test: add more bearer authorizer tests

Signed-off-by: evanebb <git@evanus.nl>

* fix: apply more golangci-lint feedback

Signed-off-by: evanebb <git@evanus.nl>

* test: ensure chmod calls run on test failure for authn errors test

Signed-off-by: evanebb <git@evanus.nl>

* fix: verify issued-at in given token if present
Pulls the validation in-line with the old library

Signed-off-by: evanebb <git@evanus.nl>

---------

Signed-off-by: evanebb <git@evanus.nl>

2025-03-06 14:32:13 -08:00

2 Commits