Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
build(deps): Bump oras.land/oras-go/v2 from 2.0.0-rc.6 to 2.0.0 (nota…
…ryproject#512) Bumps [oras.land/oras-go/v2](https://github.com/oras-project/oras-go) from 2.0.0-rc.6 to 2.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/oras-project/oras-go/releases">oras.land/oras-go/v2's releases</a>.</em></p> <blockquote> <h2>v2.0.0</h2> <h1>Brand New V2 Library</h1> <h2>What's New</h2> <p>In version <code>v2</code>, ORAS Go library has been completely refreshed with:</p> <ul> <li>More unified interfaces</li> <li>Notably fewer dependencies</li> <li>Higher test coverage</li> <li>Better documentation</li> <li>Balanced security and performance</li> </ul> <p>Besides, ORAS Go <code>v2</code> is now a registry client conforming <a href="https://github.com/opencontainers/image-spec/releases/tag/v1.1.0-rc2">image-spec v1.1.0-rc.2</a> and <a href="https://github.com/opencontainers/distribution-spec/blob/v1.1.0-rc1/spec.md">distribution-spec v1.1.0-rc1</a>.</p> <p>In ORAS Go <code>v2</code>, artifacts are modeled as Directed Acyclic Graphs (DAGs) stored in Content-Addressable Storages (CASs). Copying artifacts across repositories or generic <a href="https://oras.land/client_libraries/#targets">targets</a> is implemented as copying single-rooted DAGs across CASs. By <a href="https://oras.land/client_libraries/#extended-copy">extending the copy operation</a>, ORAS Go <code>v2</code> further supports copying underlying DAGs identified by a specific node. For instance, copying a signed artifact with its signatures across repositories.</p> <p>Documentation and examples are available at <a href="https://pkg.go.dev/oras.land/oras-go/v2">pkg.go.dev</a>.</p> <h2>Deprecation</h2> <p>Docker based key management is no longer supported. Credentials are required to be supplied to <a href="https://pkg.go.dev/oras.land/oras-go/[email protected]/registry/remote/auth#Client"><code>auth.Client</code></a> for authentication. Related discussion can be found at <a href="https://github-redirect.dependabot.com/oras-project/oras-go/issues/413">#413</a>.</p> <h2>Migration From <code>v1</code></h2> <p>See <a href="https://github.com/oras-project/oras-go/blob/main/MIGRATION_GUIDE.md">MIGRATION_GUIDE.md</a>.</p> <h1>What's Changed Since RC.6</h1> <h2>New Features</h2> <ul> <li>Implement <a href="https://pkg.go.dev/oras.land/oras-go/[email protected]/registry#TagLister"><code>registry.TagLister</code></a> for package <a href="https://pkg.go.dev/oras.land/oras-go/[email protected]/content/oci"><code>content/oci</code></a></li> <li>Add package <a href="https://pkg.go.dev/oras.land/oras-go/[email protected]/registry/remote/retry"><code>registry/remote/retry</code></a> which provides a default http client with automatic retries</li> </ul> <h2>Bug Fixes</h2> <ul> <li>fix <a href="https://github-redirect.dependabot.com/oras-project/oras-go/issues/395">#395</a>: <code>oras.Tag()</code> and <code>oras.TagN()</code> should return a descriptor</li> <li>fix <a href="https://github-redirect.dependabot.com/oras-project/oras-go/issues/402">#402</a>: <code>file.Store</code> fails to extract folder containing symbolic links</li> <li>fix <a href="https://github-redirect.dependabot.com/oras-project/oras-go/issues/404">#404</a>: <code>oci.Store</code> and <code>file.Store</code> should record an absolute path instead of a relative path for root</li> </ul> <h2>Deprecation</h2> <ul> <li><strong>BREAKING CHANGE</strong>: Interface <code>registry.ReferrerFinder</code> is renamed to <a href="https://pkg.go.dev/oras.land/oras-go/[email protected]/registry#ReferrerLister"><code>registry.ReferrerLister</code></a></li> <li><strong>BREAKING CHANGE</strong>: Remove <code>file.PackFiles()</code></li> </ul> <h2>Other Changes</h2> <ul> <li><strong>BREAKING CHANGE</strong>: <a href="https://pkg.go.dev/oras.land/oras-go/[email protected]#Tag"><code>oras.Tag()</code></a> and <a href="https://pkg.go.dev/oras.land/oras-go/[email protected]#TagN"><code>oras.TagsN()</code></a> return a descriptor</li> <li><strong>BREAKING CHANGE</strong>: <a href="https://pkg.go.dev/oras.land/oras-go/[email protected]/content/file#New"><code>file.New()</code></a>, <a href="https://pkg.go.dev/oras.land/oras-go/[email protected]/content/file#NewWithFallbackLimit"><code>file.NewWithFallbackLimit()</code></a> and <a href="https://pkg.go.dev/oras.land/oras-go/[email protected]/content/file#NewWithFallbackStorage"><code>file.NewWithFallbackStorage()</code></a> return an error</li> <li><strong>BREAKING CHANGE</strong>: <a href="https://pkg.go.dev/oras.land/oras-go/[email protected]/content/oci#NewStorage"><code>oci.NewStorage()</code></a> returns an error</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/oras-project/oras-go/commit/96a37c2b359ac1305f70dc31b28c789688d77d0f"><code>96a37c2</code></a> doc: Update README and clean up godoc comments (<a href="https://github-redirect.dependabot.com/oras-project/oras-go/issues/418">#418</a>)</li> <li><a href="https://github.com/oras-project/oras-go/commit/5a2e692d45aeb3856583003924cf73e32b62aaf6"><code>5a2e692</code></a> feat!: retryable http client (<a href="https://github-redirect.dependabot.com/oras-project/oras-go/issues/398">#398</a>)</li> <li><a href="https://github.com/oras-project/oras-go/commit/39ce054f8c3f1c36064beff059ea54490d5431f0"><code>39ce054</code></a> test: improve the symlink unit tests for file store (<a href="https://github-redirect.dependabot.com/oras-project/oras-go/issues/414">#414</a>)</li> <li><a href="https://github.com/oras-project/oras-go/commit/05595ebecd17dc826ceaf661a9e636f1d1020aec"><code>05595eb</code></a> fix!: use absolute path for OCI root (<a href="https://github-redirect.dependabot.com/oras-project/oras-go/issues/412">#412</a>)</li> <li><a href="https://github.com/oras-project/oras-go/commit/9867c6a091e2f948abfab8fed33003d21e8bad1a"><code>9867c6a</code></a> fix!: fix error when extracting folder containing symbolic links (<a href="https://github-redirect.dependabot.com/oras-project/oras-go/issues/411">#411</a>)</li> <li><a href="https://github.com/oras-project/oras-go/commit/1484139e64f7a1f5f32185432d72d67511414644"><code>1484139</code></a> build: add dependabot for <code>v1</code> branch, add GitHub Actions (<a href="https://github-redirect.dependabot.com/oras-project/oras-go/issues/399">#399</a>)</li> <li><a href="https://github.com/oras-project/oras-go/commit/76382aaa94873ad14fddacdbff0f5ed32f43c3aa"><code>76382aa</code></a> doc: Remove <a href="https://github.com/main"><code>@main</code></a> from the godoc URLs in README (<a href="https://github-redirect.dependabot.com/oras-project/oras-go/issues/403">#403</a>)</li> <li><a href="https://github.com/oras-project/oras-go/commit/29509026fb7f4f5e3fb95d2a2537d28db3e43f66"><code>2950902</code></a> remove!: Remove <code>file.PackFiles()</code> and add an example instead (<a href="https://github-redirect.dependabot.com/oras-project/oras-go/issues/400">#400</a>)</li> <li><a href="https://github.com/oras-project/oras-go/commit/aa4bd09faaf937860e9400c9d39a1dca031a2274"><code>aa4bd09</code></a> refactor: optimize performance for Extended Copy (<a href="https://github-redirect.dependabot.com/oras-project/oras-go/issues/397">#397</a>)</li> <li><a href="https://github.com/oras-project/oras-go/commit/7ec22cb11bec16c8f2b53a29023bdffc5e9ac020"><code>7ec22cb</code></a> feat!: implement <code>Tags</code> for package <code>content/oci</code> (<a href="https://github-redirect.dependabot.com/oras-project/oras-go/issues/394">#394</a>)</li> <li>Additional commits viewable in <a href="https://github.com/oras-project/oras-go/compare/v2.0.0-rc.6...v2.0.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
- Loading branch information
1 parent
0e5f137
commit 136ed18