Miloslav Trmač
Miloslav Trmač
Some data centers are run completely firewalled off (or physically cut off) the public internet, relying on local mirrors of all necessary data. In such setups, the frequently-expiring timestamps (which...
**- What I did** This fixes CVE-2020-8945 by incorporating proglottis/gpgme#23 . Other changes included by the rebase: - Support for gpgme_off_t (~no-op with the RHEL 7 GPGME 1.3.2) - Wrapping...
Store signatures in `c/i/docker/daemon/extra` (https://github.com/containers/image/pull/288). Whether or not we are verifying signatures, download them and store them in `docker/daemon/extra`. Note that this means that `containers/image/docker` is now involved on _every_...
As long as referrers are _fairly_ rarely used, when pulling an image, determining if there are any referrers requires an extra round-trip (if the registry is known to support the...
In various locations, notably user-visible “inspect” operations, we expose a _single_ digest value for an image. That’s fundamentally insufficient because images are deduplicated; hence `libimage.Image.Digest` has a TODO to deprecate,...
This is https://github.com/containers/image/pull/1677 + #921, updated to merge on top of current main, + an attempt to resolve review comments, and a fairly intrusive set of changes to actually implement...
`Runtime.lookupImageInDigestsAndRepoTags` calls, in https://github.com/containers/common/blob/18c4568e8ee051fd8ded1d9d47cfa0453b1d6a0c/libimage/runtime.go#L426, effectively `storage.Store.Images`, getting a copy of all images. On the https://github.com/containers/common/blob/18c4568e8ee051fd8ded1d9d47cfa0453b1d6a0c/libimage/runtime.go#L441 path, `allImages` is manually filtered to only those (the first one) that actually match that...
- [ ] Interactively prompt for known_hosts inclusion before adding an entry - [ ] Either make handling of missing known_hosts and known_hosts that miss an entry _for a specific...
… tangentially related to https://github.com/containers/podman/issues/22575 : - Go is a treacherously innocuous-looking language. Get rid of unnecessary named return values - Fix removal of the layer temporary file.
A single DiffID may map to multiple TOC digest values. Record that in `BlobInfoCache`, and use it for layer reuse. Also prefer reusing even TOC-matched layers by DiffID, when available....