v0.19.1

What's Changed

• Bump golang.org/x/net from 0.10.0 to 0.17.0 in /pkg/authn/k8schain by @dependabot in #1815
• Bump golang.org/x/ packages by @jonjohnsonjr in #1892

Full Changelog: v0.19.0...v0.19.1

v0.19.0

What's Changed

• Work around docker v25 tarballs by @jonjohnsonjr in #1872

Full Changelog: v0.18.0...v0.19.0

v0.18.0

What's Changed

• fix: goreleaser config by @caarlos0 in #1764
• Always print pushed digest in crane push by @aw185176 in #1860

New Contributors

• @caarlos0 made their first contribution in #1764

Full Changelog: v0.17.0...v0.18.0

v0.17.0

What's Changed

• 🦅 Validate index architectures match children 🦅 by @jonjohnsonjr in #1776
• Set Content-Length for blob uploads by @jonjohnsonjr in #1781
• Don't wrap DefaultKeychain with refreshes by @jonjohnsonjr in #1791
• Build releases with Go 1.21 by @imjasonh in #1840
• fix: mimic oci-layout in diskblobhandler by @thesayyn in #1810
• tag: add command explanation to the long help by @abitrolly in #1843
• feat: implement gc command by @thesayyn in #1811
• feat: allow port and disk path to be overriden by @thesayyn in #1848

Full Changelog: v0.16.1...v0.17.0

v0.16.1

Release is broken due to goreleaser error, 0.16.1 has the fix

What's Changed

• bump deps using ./hack/bump-deps.sh by @imjasonh in #1702
• Allow crane to export schema 1 images by @jonjohnsonjr in #1704
• fixed a goroutine leak by @ktarplee in #1705
• retry HTTP 522 errors by default by @imjasonh in #1707
• Limit size of manifest by @AdamKorcz in #1711
• Add crane auth token by @jonjohnsonjr in #1709
• Bump codecov/codecov-action from 3.1.3 to 3.1.4 by @dependabot in #1710
• Pass scopes through crane auth token by @jonjohnsonjr in #1713
• fix: add bounds checking to addendum layer mutations to prevent panic by @aaron-prindle in #1715
• Surface better error messages in crane index by @jonjohnsonjr in #1722
• crane: add missing name option in crane index commands by @HubertZhang in #1723
• crane: Respect cmd.OutOrStdout by @kyleconroy in #1728
• Make ErrSchema1 checkable via errors.Is() by @Laitr0n in #1721
• Don't load into daemon if the image already exists by @jonjohnsonjr in #1724
• add --blobs-to-disk to 'crane registry serve' by @imjasonh in #1731
• Correct crane registry help text by @jonjohnsonjr in #1732
• Allow concurrent blob Sets, use RWMutex by @mattmoor in #1733
• Use RWLock, limit scope of locking, write digest first by @mattmoor in #1734
• Let the filesystem handle atomicity by @mattmoor in #1735
• Don't try cross-origin mounting against dockerhub by @jonjohnsonjr in #1743
• Drop localhost to support crane registry serve in a container by @mattmoor in #1746
• Return OCI Index content-type for referrers response by @jdolitsky in #1762

New Contributors

• @AdamKorcz made their first contribution in #1711
• @HubertZhang made their first contribution in #1723
• @kyleconroy made their first contribution in #1728
• @Laitr0n made their first contribution in #1721

Full Changelog: v0.15.2...v0.16.1

Container Images

https://gcr.io/go-containerregistry/crane:v0.16.1
https://gcr.io/go-containerregistry/gcrane:v0.16.1

For example:

docker pull gcr.io/go-containerregistry/crane:v0.16.1
docker pull gcr.io/go-containerregistry/gcrane:v0.16.1

v0.16.0

Release is broken due to goreleaser error, 0.16.1 has the fix

v0.15.2

What's Changed

• Make 403 non-fatal for manifest existence checks by @jonjohnsonjr in #1691
• Do not reuse pushers for pullers by @jonjohnsonjr in #1701

Full Changelog: v0.15.1...v0.15.2

v0.15.1

Changelog

• e2620e5 Actually retry retryable status codes (#1618)
• afd15f1 Add --all-tags flag to crane cp (#1682)
• 69d1a19 Add mutate --ports option to set the exposed ports (#1677)
• 65e78dc Add partial.Manifests for lazy index access (#1631)
• 3228a60 Add ppc64le to .goreleaser.yml (#1680)
• 0b12f56 Add ppc64le to all binaries (#1688)
• d958444 Add remote.Descriptor.Schema1() (#1626)
• 07c767c Add remote.Puller (#1644)
• 005bb71 Add remote.Reuse for Pusher/Puller (#1672)
• 21ac1b2 Adding mutate --workdir option to set the working directory (#1615)
• 0962e29 Allow remote config layers to be lazy fetched (#1634)
• 53189d3 Bump actions/setup-go from 3 to 4 (#1602)
• 54e3f49 Bump actions/stale from 7 to 8 (#1616)
• 07eb440 Bump codecov/codecov-action from 3.1.1 to 3.1.2 (#1650)
• 58bd35b Bump codecov/codecov-action from 3.1.2 to 3.1.3 (#1668)
• e055961 Bump peter-evans/create-pull-request from 4 to 5 (#1642)
• b8d1c0a Bump slsa-framework/slsa-verifier from 2.0.1 to 2.1.0 (#1621)
• 375fb61 Bump slsa-framework/slsa-verifier from 2.1.0 to 2.2.0 (#1649)
• 9aa45a1 Change return type of remote.Referrers (#1652)
• 2ccd41c Cleanup: Switch the debug image to cgr.dev/chainguard/busybox (#1638)
• 93be9c4 Don't export whiteouts for single layers (#1629)
• b7c6e9d Fall back to puller if reusing pusher fails (#1676)
• 370e8a5 Fix a few lint issues (#1684)
• bc990d6 Fix fetching referrers error handling (#1648)
• aee00b1 Fix race in mutate (#1627)
• 4a79e94 Fix race in stream (#1632)
• 6743ec9 Implement remote.Pusher (#1633)
• 3120ba5 Keep order of env in crane mutate (#1683)
• 6ac92e8 Refactor fetcher, writer, and progress (#1625)
• 249d7e1 Refresh authn.DefaultKeychain creds every 5 min (#1624)
• ad695c0 Replace deprecated command with environment file (#1667)
• ed5c185 Retry net.ErrClosed (#1637)
• 43710a9 Retry without mount if auth fails (#1681)
• 2435320 Revert "Cleanup: Switch the debug image to cgr.dev/chainguard/busybox (#1638)" (#1641)
• 27a6ad6 Revert "authn: Add NewConfigKeychain to load a config from explicit path (#1603)" (#1664)
• a34235c Support Warning header aggregation and reporting in crane (#1604)
• 01bbd53 Update release.yml (#1601)
• df518f9 add crane auth logout (#1589)
• 5438948 add registry.Repo("foo") (#1671)
• 3706061 allow pkg/v1/random to accept a RNG source (#1675)
• 1cb7e13 authn: Add NewConfigKeychain to load a config from explicit path (#1603)
• 348cd86 bump deps using ./hack/bump-deps.sh (#1659)
• 691004b bump deps using ./hack/bump-deps.sh (#1685)
• df72a9a crane push: print pushed ref@digest to stdout (#1663)
• 0577676 crane: ignore buildx attestations in flatten (#1630)
• 217318c deprecate estargz (#1660)
• 9f68710 feat(daemon): generate config file from Docker Engine API (#1130)
• 52d59d1 feat(remote): make retryStatusCodes configurable (#1635)
• 6f96bba gcrane: Use page size of 10,000 for googley things (#1645)
• 0f2db49 release: use ko 0.13.0 to build images (#1607)
• d64f9e0 remove time from random.Image history (#1678)
• 46488f7 retry HTTP 499 errors by default (#1612)
• ace7be7 update GCR quotas (#1619)
• d1c4e9f verify provenance (#1611)

Container Images

https://gcr.io/go-containerregistry/crane:v0.15.1
https://gcr.io/go-containerregistry/gcrane:v0.15.1

For example:

docker pull gcr.io/go-containerregistry/crane:v0.15.1
docker pull gcr.io/go-containerregistry/gcrane:v0.15.1

v0.15.0

Add `mutate` `--ports` option to set the exposed ports (#1677)

v0.14.0

Changelog

• 9306eba Allow crane edit to generate non-image artifacts (#1545)
• de35f0f Allow setting Content-Type in crane edit manifest (#1551)
• 4b081f8 Avoid v1.Manifest in crane edit config (#1583)
• 1cfe1fc Bump aws-actions/configure-aws-credentials from 1.7.0 to 2.0.0 (#1593)
• da1008f Bump golangci/golangci-lint-action from 3.3.1 to 3.4.0 (#1548)
• 86be45f Bump goreleaser/goreleaser-action from 4.1.0 to 4.1.1 (#1547)
• 62f183e Bump goreleaser/goreleaser-action from 4.1.1 to 4.2.0 (#1556)
• 1b8dc2b Bump slsa-framework/slsa-github-generator from 1.2.2 to 1.5.0 (#1580)
• 11843ba Enforce proper sha256 usage (#1544)
• 2ceebaa Implement crane index subcommand (#1561)
• 9f42e02 Set mediaType for empty.ImageIndex in RawManifest (#1562)
• 759b19f Support artifactType, for images whose config.mediaType is not a config (#1541)
• b3c23b4 Support for OCI 1.1+ referrers via API (#1546)
• 061ee6b Support for OCI 1.1+ referrers via fallback tag (#1543)
• 6770304 Update descriptor "data" field (when valid) during "crane edit config" (#1584)
• 76bac93 Update release.yml (#1540)
• eb7d746 authn: also read mount secrets (#1560)
• e94d408 bump deps using ./hack/bump-deps.sh (#1592)
• 4e95ae2 crane: add --flatten for index append (#1566)
• ff810c1 crane: add serve subcommand (#1586)
• 8ea5e0e crane: support --omit-digest-tags in crane ls (#1528)
• 824efc7 fix(mutate): also set timestamps only present in some formats (#1550)
• e04520b fix: Fix the crane release url and add more steps (#1532)
• d872232 hash: use generic instantiation (#1538)
• 57f010d replace manual slsa-verifier installation with action (#1585)
• 9cd098e skip tls verification if default transport is used with insecure option (#1559)
• 3624968 tarball: pass imageToTags (#1563)

Container Images

https://gcr.io/go-containerregistry/crane:v0.14.0
https://gcr.io/go-containerregistry/gcrane:v0.14.0

For example:

docker pull gcr.io/go-containerregistry/crane:v0.14.0
docker pull gcr.io/go-containerregistry/gcrane:v0.14.0