github/zot

mirror of https://github.com/project-zot/zot.git synced 2026-06-15 11:37:56 +08:00

T

Ramkumar Chinchani eadc9b65ed fix(security): limit API key creation body to 4 KiB (INPUT-2) (#3978 )

Wrap req.Body with http.MaxBytesReader before io.ReadAll in
CreateAPIKey. Requests with bodies larger than MaxAPIKeyBodySize
(4 KiB) now return HTTP 413 instead of buffering arbitrary data.

Add the MaxAPIKeyBodySize constant, update the Swagger @Failure
annotation to document 413, and add a unit test.

Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com>

2026-04-18 20:39:08 +03:00

fix(ci): pass GITHUB_TOKEN explicitly to oras login in sync-trivy step (#3961 )

2026-04-12 11:17:41 +03:00

feat(ui): update zui version (#2162 )

2024-01-17 17:22:33 +02:00

fix(build): upgrade zot runtime base image to distroless debian13 (#3791 )

2026-02-12 13:22:55 +02:00

feat(zb): list tests, test regex filter, docs update (#3884 )

2026-03-21 11:43:17 +02:00

feat(sync): use regclient for sync extension (#2903 )

2025-04-15 16:58:15 -07:00

swagger: rename 'docs/' to 'swagger/'

2021-10-21 13:46:14 -07:00

feat: support pushing multiple tags for a single manifest (#3885 )

2026-03-29 21:13:24 +03:00

feat(api): add repository quota enforcement middleware (#3923 )

2026-04-13 23:18:34 +03:00

fix(security): limit API key creation body to 4 KiB (INPUT-2) (#3978 )

2026-04-18 20:39:08 +03:00

feat(events): add events extension (#3045 )

2025-05-02 12:30:06 -07:00

fix(security): limit API key creation body to 4 KiB (INPUT-2) (#3978 )

2026-04-18 20:39:08 +03:00

feat(api): add repository quota enforcement middleware (#3923 )

2026-04-13 23:18:34 +03:00

.gitattributes

build(deps): bump all dependencies (#2532 )

2024-08-02 14:23:53 -07:00

.gitignore

fix: migrate from github.com/rs/zerolog to golang-native log/slog (#3405 )

2025-10-03 12:34:03 -07:00

.golangci.yaml

feat: support pushing multiple tags for a single manifest (#3885 )

2026-03-29 21:13:24 +03:00

CODE_OF_CONDUCT.md

doc: add a CODE_OF_CONDUCT.md

2020-12-15 11:20:45 -08:00

codecov.yml

refactor(metadb): improve UX by speeding up metadb serialize/deserialize (#1842 )

2023-10-30 13:06:04 -07:00

CODEOWNERS

docs: update maintainers and codeowners info (#3502 )

2025-10-31 12:47:10 -07:00

COMPARISON.md

move references to zotregistry.io and project-zot

2021-12-05 10:52:27 -08:00

CONTRIBUTING.md

build: fix container image targets (#1856 )

2023-10-04 09:12:56 -07:00

go.mod

chore: fix dependabot alerts (#3971 )

2026-04-17 09:11:32 +03:00

go.sum

chore: fix dependabot alerts (#3971 )

2026-04-17 09:11:32 +03:00

LICENSE

fix: license copyright update (#3167 )

2025-05-25 11:57:49 +03:00

MAINTAINERS.md

docs: update maintainers and codeowners info (#3502 )

2025-10-31 12:47:10 -07:00

Makefile

chore: fix dependabot alerts (#3971 )

2026-04-17 09:11:32 +03:00

NOTICE

docs: fix copyright related info for cncf onboarding (#1117 )

2023-01-17 15:43:45 -08:00

README_fuzz.md

Add fuzz tests for storage_fs (#601 )

2022-07-27 20:37:55 +03:00

README.md

fix: migrate to Go module v2 for proper semantic versioning (#3462 )

2025-10-16 22:43:47 -07:00

SECURITY.md

chore: update support matrix

2024-03-14 09:43:42 -07:00

THIRD-PARTY-LICENSES.md

chore: fix dependabot alerts (#2645 )

2024-09-09 18:32:57 -07:00

tools.go

chore: update golangci-lint and fix all issues (#3575 )

2025-11-22 23:36:48 +02:00

zot.go

zot: initial commit

2019-06-21 15:29:19 -07:00

README.md

zot

zot: a production-ready vendor-neutral OCI image registry - images stored in OCI image format, distribution specification on-the-wire, that's it!

Documentation for zot is located at: https://zotregistry.dev

Code of conduct details are here.

License