mirror of https://github.com/helm/helm
dependabot/go_modules/dev-v3/k8s-io-b022215331
main
dependabot/go_modules/dev-v3/oras.land/oras-go-1.2.6
dependabot/go_modules/dev-v3/github.com/Masterminds/semver/v3-3.3.1
dependabot/go_modules/main/oras.land/oras-go-1.2.6
dependabot/go_modules/main/k8s-io-b022215331
dev-v3
dependabot/go_modules/dev-v3/github.com/distribution/distribution/v3-3.0.0-rc.2
dependabot/go_modules/main/github.com/Masterminds/semver/v3-3.3.1
dependabot/go_modules/k8s-io-b022215331
release-3.16
refactor_tlsutil
cleanup_repotest_server
test_registry_localhost
rm_deprecated_repo_add_no_update_flag
dependabot/github_actions/actions/upload-artifact-4.4.3
dependabot/go_modules/github.com/Masterminds/semver/v3-3.3.1
dependabot/go_modules/oras.land/oras-go-1.2.6
revert-11726-fixDepUpPerformance
release-3.15
dependabot/go_modules/k8s-io-4a36690ef2
release-3.14
release-3.13
release-3.12
release-3.11
release-3.10
Release
release-3.9
release-3.8
release-3.7
release-3.6
release-3.6.2
release-3.6.1
release-3.5
release-3.4
add-codeql
dev-v2
release-2.17
release-3.3
release-2.16
release-3.2
release-3.1
release-3.0
release-2.15
release-v3.0.0-beta.4
release-2.14
release-2.13
release-2.12
release-2.11
release-2.10
feat-v3/event-emitter-lua
release-2.9
release-2.8
release-2.7
release-2.6
release-2.5
release-2.4
release-2.3
release-2.2
release-2.1
release-2.0
kube-update-test
release-v1.2.1
v3.16.4
v3.16.3
v3.16.2
v3.16.1
v3.16.0
v3.16.0-rc.1
v3.15.4
v3.15.3
v3.15.2
v3.15.1
v3.15.0
v3.15.0-rc.2
v3.15.0-rc.1
v3.14.4
v3.14.3
v3.14.2
v3.14.1
v3.14.0
v3.14.0-rc.1
v3.13.3
v3.13.2
v3.13.1
v3.13.0
v3.13.0-rc.1
v3.12.3
v3.12.2
v3.12.1
v3.12.0
v3.12.0-rc.1
v3.11.3
v3.11.2
v3.12.0-dev.1
v3.11.1
v3.11.0
v3.11.0-rc.2
v3.11.0-rc.1
v3.10.3
v3.10.2
v3.10.1
v3.10.0
v3.10.0-rc.1
v3.9.4
v3.9.3
v3.9.2
v3.9.1
v3.9.0
v3.9.0-rc.1
v3.8.2
v3.8.1
v3.8.0
v3.8.0-rc.2
v3.8.0-rc.1
v3.7.2
v3.7.1
v3.7.0
v3.7.0-rc.3
v3.7.0-rc.2
v3.7.0-rc.1
v3.6.3
v3.6.2
v3.6.1
v3.6.0
v3.6.0-rc.1
v3.5.4
v3.5.3
v3.5.2
v3.5.1
v3.5.0
v3.5.0-rc.2
v3.5.0-rc.1
v3.4.2
v3.4.1
v3.4.0
v2.17.0
v3.4.0-rc.1
v2.17.0-rc.1
v3.3.4
v2.16.12
v3.3.3
v2.16.11
v3.3.2
v3.3.1
v2.16.10
v3.3.0
v3.3.0-rc.2
v3.3.0-rc.1
v2.16.9
v3.2.4
v2.16.8
v3.2.3
v3.2.2
v3.2.1
v2.16.7
v3.1.3
v3.2.0
v3.2.0-rc.1
v2.16.6
v2.16.5
v2.16.4
v3.1.2
v3.1.1
v2.16.3
v2.16.2
v3.1.0
v3.1.0-rc.3
v3.1.0-rc.2
v3.1.0-rc.1
v3.0.3
v3.0.2
v3.0.1
v3.0.0
v2.16.1
v3.0.0-rc.4
v3.0.0-rc.3
v2.16.0
v3.0.0-rc.2
v2.16.0-rc.2
v2.16.0-rc.1
v3.0.0-rc.1
v2.15.2
v2.15.1
v3.0.0-beta.5
v2.15.0
v2.15.0-rc.2
v2.15.0-rc.1
v3.0.0-beta.4
v3.0.0-beta.3
v3.0.0-beta.2
v3.0.0-beta.1
v2.14.3
v3.0.0-alpha.2
v2.14.2
v2.14.1
v3.0.0-alpha.1
v2.14.0
v2.14.0-rc.2
v2.14.0-rc.1
v2.13.1
v2.13.1-rc.1
v2.13.0
v2.13.0-rc.2
v2.13.0-rc.1
v2.12.3
v2.12.2
v2.12.1
v2.12.0
v2.12.0-rc.2
v2.12.0-rc.1
v2.11.0
v2.11.0-rc.4
v2.11.0-rc.3
v2.11.0-rc.2
v2.11.0-rc.1
v2.10.0
v2.10.0-rc.3
v2.10.0-rc.2
v2.10.0-rc.1
v2.9.1
v2.9.0
v2.9.0-rc5
v2.9.0-rc4
v2.9.0-rc3
v2.9.0-rc2
v2.9.0-rc1
v2.8.2
v2.8.2-rc1
v2.8.1
v2.8.0
v2.8.0-rc.1
v2.7.2
v2.7.1
v2.7.0
v2.7.0-rc1
v2.6.2
v2.6.1
v2.6.0
v2.5.1
v2.5.0
v2.4.2
v2.4.1
v2.4.0
v2.3.1
v2.3.0
1.999.0
v1.0
v1.1
v1.2
v1.2.1
v2.0.0
v2.0.0-alpha.1
v2.0.0-alpha.2
v2.0.0-alpha.3
v2.0.0-alpha.4
v2.0.0-alpha.5
v2.0.0-beta.1
v2.0.0-beta.2
v2.0.0-rc.1
v2.0.0-rc.2
v2.0.1
v2.0.2
v2.1.0
v2.1.1
v2.1.2
v2.1.3
v2.2.0
v2.2.1
v2.2.2
v2.2.3
${ noResults }
3 Commits (f235f0f28564b4391ef8b0b5f06b2d754bc13873)
Author | SHA1 | Message | Date |
---|---|---|---|
Adam Reese |
657ce552cb
|
fix(*): Validate metadata semver and printable characters
ref: https://github.com/helm/helm/security/advisories/GHSA-c38g-469g-cmgx * Skip invalid chart versions when reading the repository index file or when programmatically adding a chart version. * Adds semver validation and strips non-printable characters and normalizes spaces for string fields in Metadata.Validate() * Fixes a unit test that was pulling a remote repo. Now uses a local repo. * Fixes ignored error in repo update command Signed-off-by: Adam Reese <adam@reese.io> |
4 years ago |
Matt Butcher |
fe2d7f7792
|
this rewrites a whole bunch of old repo URLs to the new repo URL (#8902)
Signed-off-by: Matt Butcher <matt.butcher@microsoft.com> |
4 years ago |
Matthew Fisher |
f19acbdc94
|
fix: allow serverInfo field on index files
A recent change merged into Helm fixes a number of security issues related to parsing malformed index files. Unfortunately, it also broke the ability for users to load index files from chartmuseum, which adds a "server info" field to add additional metadata. This commit adds that field so that index files from chartmuseum can be validated. Since Helm does not use this field for anything, the information is discarded and unused. Signed-off-by: Matthew Fisher <matt.fisher@microsoft.com> |
4 years ago |