github/zot
1
0
Fork 0
mirror of https://github.com/project-zot/zot.git synced 2026-06-15 11:37:56 +08:00
Code Issues Packages Projects Releases Wiki Activity
1,514 Commits 37 Branches 132 Tags
8282aef12bfa56cb6dd45959fb6907527f9d4b15
T
Clone
Open with VS Code Open with VSCodium
Download ZIP Download TAR.GZ Download BUNDLE
Nikita Vakula 8282aef12b feat(auth): support OIDC RP-Initiated Logout (#3975) 
POST /zot/auth/logout now returns an endSessionUrl in the JSON
response body when the session was established via an OIDC provider
whose discovery document advertises an endSessionEndpoint, so the
UI can navigate the browser to it and terminate the session at the
IdP in addition to clearing the local cookie.

- The OIDC callback records the provider name in the session after
  login; the github OAuth2 path is untouched.
- end_session_endpoint is read from the zitadel/oidc RelyingParty
  and validated as an absolute http(s) URL.
- post_logout_redirect_uri prefers http.externalUrl when set and
  falls back to deriving the origin from the incoming request.
- No id_token_hint is sent; client_id identifies the RP, so the
  ID token does not need to be persisted.
- Non-OIDC sessions (local/basic/LDAP/GitHub) retain the existing
  200 OK, no body behavior.

Operators must register the URI zot sends as a valid post-logout
redirect URI on the IdP client.

Ref: https://openid.net/specs/openid-connect-rpinitiated-1_0.html

Signed-off-by: Nikita Vakula <programmistov.programmist@gmail.com>
2026-04-25 23:19:29 +03:00
.github
fix(ci): pass GITHUB_TOKEN explicitly to oras login in sync-trivy step (#3961)
2026-04-12 11:17:41 +03:00
.zap
feat(ui): update zui version (#2162)
2024-01-17 17:22:33 +02:00
build
fix(build): upgrade zot runtime base image to distroless debian13 (#3791)
2026-02-12 13:22:55 +02:00
cmd
feat(zb): Support for TTFB measurement + on-demand sync tests (#3929)
2026-04-24 09:03:11 -07:00
demos
feat(sync): use regclient for sync extension (#2903)
2025-04-15 16:58:15 -07:00
docs
swagger: rename 'docs/' to 'swagger/'
2021-10-21 13:46:14 -07:00
errors
feat(auth): support OIDC RP-Initiated Logout (#3975)
2026-04-25 23:19:29 +03:00
examples
fix(security): remove InsecureSkipVerify from metrics client (TLS-1) (#3982)
2026-04-19 08:57:24 +03:00
pkg
feat(auth): support OIDC RP-Initiated Logout (#3975)
2026-04-25 23:19:29 +03:00
scripts
feat(events): add events extension (#3045)
2025-05-02 12:30:06 -07:00
swagger
feat(auth): support OIDC RP-Initiated Logout (#3975)
2026-04-25 23:19:29 +03:00
test
feat(api): add repository quota enforcement middleware (#3923)
2026-04-13 23:18:34 +03:00
.gitattributes
build(deps): bump all dependencies (#2532)
2024-08-02 14:23:53 -07:00
.gitignore
fix: migrate from github.com/rs/zerolog to golang-native log/slog (#3405)
2025-10-03 12:34:03 -07:00
.golangci.yaml
feat: support pushing multiple tags for a single manifest (#3885)
2026-03-29 21:13:24 +03:00
CODE_OF_CONDUCT.md
doc: add a CODE_OF_CONDUCT.md
2020-12-15 11:20:45 -08:00
codecov.yml
refactor(metadb): improve UX by speeding up metadb serialize/deserialize (#1842)
2023-10-30 13:06:04 -07:00
CODEOWNERS
docs: update maintainers and codeowners info (#3502)
2025-10-31 12:47:10 -07:00
COMPARISON.md
move references to zotregistry.io and project-zot
2021-12-05 10:52:27 -08:00
CONTRIBUTING.md
build: fix container image targets (#1856)
2023-10-04 09:12:56 -07:00
go.mod
chore: fix dependabot alerts (#3990)
2026-04-25 09:09:59 +03:00
go.sum
chore: fix dependabot alerts (#3990)
2026-04-25 09:09:59 +03:00
LICENSE
fix: license copyright update (#3167)
2025-05-25 11:57:49 +03:00
MAINTAINERS.md
docs: update maintainers and codeowners info (#3502)
2025-10-31 12:47:10 -07:00
Makefile
chore: fix dependabot alerts (#3971)
2026-04-17 09:11:32 +03:00
NOTICE
docs: fix copyright related info for cncf onboarding (#1117)
2023-01-17 15:43:45 -08:00
README_fuzz.md
Add fuzz tests for storage_fs (#601)
2022-07-27 20:37:55 +03:00
README.md
fix: migrate to Go module v2 for proper semantic versioning (#3462)
2025-10-16 22:43:47 -07:00
SECURITY.md
chore: update support matrix
2024-03-14 09:43:42 -07:00
THIRD-PARTY-LICENSES.md
chore: fix dependabot alerts (#2645)
2024-09-09 18:32:57 -07:00
tools.go
chore: update golangci-lint and fix all issues (#3575)
2025-11-22 23:36:48 +02:00
zot.go
zot: initial commit
2019-06-21 15:29:19 -07:00

README.md

zot

build test nightly jobs codecov conformance CodeQL CII Best Practices OpenSSF Scorecard Go Reference FOSSA Status

zot: a production-ready vendor-neutral OCI image registry - images stored in OCI image format, distribution specification on-the-wire, that's it!

Documentation for zot is located at: https://zotregistry.dev

Code of conduct details are here.

License

FOSSA Status

Reference in New Issue View Git Blame Copy Permalink
S
Description
No description provided
distribution-spechelmkubernetesocioci-distributionopencontainerszot
Readme Apache-2.0 803 MiB
Languages
Go 93%
Shell 6.4%
Makefile 0.4%