v2.0.2-rc3

What's Changed

• fix(sync): sync generator now backs off on errors by @peusebiu in #2272
• chore: fix dependabort alerts by @rchincha in #2295
• feat(cve): cli cve diff by @laurentiuNiculae in #2242
• fix(oras)!: remove ORAS artifact references support by @rchincha in #2294
• chore: fix dependabot alerts by @rchincha in #2302
• test(blackbox): add multi-arch index creation and image attributes modification by @ossfellow in #2306
• chore: fix dependabot alerts by @rchincha in #2317
• feat: add verbose mode for cves for image listing by @vrajashkr in #2308
• fix: ignore metadb errors if tag not found by @rchincha in #2301
• chore: update zui version by @rchincha in #2319

New Contributors

• @ossfellow made their first contribution in #2306

Full Changelog: v2.0.2-rc2...v2.0.2-rc3

v2.0.2-rc2

What's Changed

• build(go): switch to go 1.21 by @andaaron in #2049
• test(blackbox): fix the scrub test sometimes deleting the image manifest from the layout by @andaaron in #2236
• fix(tests): fixed inconsistent sync test by @peusebiu in #2237
• ci(nightly): update go version used for prometheus tests by @andaaron in #2239
• style(metadb): use type aliases for metadb types to be easier to read by @laurentiuNiculae in #2043
• feat(graphql): filter CVEs by severity by @Andreea-Lupu in #2246
• chore(go.mod): fix dependabot alerts by @andaaron in #2247
• feat: Get the image LastUpdated timestamp from annotations by @andaaron in #2240
• fix(sync): added bearer client for sync by @peusebiu in #2222
• feat(ui): update zui version by @Andreea-Lupu in #2248
• test: add test images build instructions and stacker.yamls by @andaaron in #2249
• feat: Include PackagePath information in CVE results for image by @vrajashkr in #2241
• feat(ui): update zui version by @Andreea-Lupu in #2251
• fix(npe): handle case where os.Stat returns different error types in DirExists by @andaaron in #2253
• test: fix flacky coverage in cookiestore cleanup tests by @andaaron in #2257
• feat(ui): introduce API key management in ZUI by @andaaron in #2256
• chore: update image-spec and dist spec to 1.1.0 by @andaaron in #2255
• chore: fix dependabot alerts by @rchincha in #2268
• chore: fix dependabot alerts by @rchincha in #2283
• feat(ui): show CVE package path by @andaaron in #2286
• fix(sync): better blobs cleanup by @peusebiu in #2273

Full Changelog: v2.0.2-rc1...v2.0.2-rc2

v2.0.2-rc1

What's Changed

• chore: fix dependabot alerts by @rchincha in #2208
• feat(search): search for a specific tag cross-repo by @andaaron in #2211
• feat(ui): update zui version by @Andreea-Lupu in #2216
• refactor: rename go module from zotregistry.io/zot to zotregistry.dev/zot by @andaaron in #2187
• fix(scheduler): the session cleanup generator is reset too often by @andaaron in #2220
• ci: stabilize ecosystem client tools workflow by @andaaron in #2224
• ci: add script to build/publish a zot multiarch image by @andaaron in #2214
• chore(deps): fix dependabot alerts by @andaaron in #2232
• ci: release a checksums file with SHA256 hashes for release assets by @vrajashkr in #2227
• feat(ui): show more information about CVEs by @andaaron in #2233

New Contributors

• @vrajashkr made their first contribution in #2227

Full Changelog: v2.0.1...v2.0.2-rc1

v2.0.1

What's Changed

• patch: Add user route to extension_ui.go by @raulkele in #2141
• fix(shutdown): fix crash when shutting down before server and task scheduler have started. by @peusebiu in #2148
• chore: fix dependabot alerts by @rchincha in #2160
• docs: update docs website url by @rchincha in #2159
• fix: high CPU utilization by scheduler while idle by @andaaron in #2156
• fix: enable panic backtraces by @rchincha in #2150
• fix: npe if ldap query doesn't return attributes by @rchincha in #2151
• feat(config): handle config files with no explicit extension by @peusebiu in #2147
• docs: Fix Examples Readme to use proper field repositories instead of repoNames by @ericgraf in #2074
• fix: excessive memory usage by @peusebiu in #2164
• feat(log): print traceback when panics occur by @peusebiu in #2166
• feat(ui): update zui version by @Andreea-Lupu in #2162
• refactor: update tests to use the newer API for creating test images by @andaaron in #2168
• feat(ui): update zui version by @Andreea-Lupu in #2171
• feat(ui): show CVE severity statistics in the UI by @andaaron in #2172
• feat(cve): add option to exclude string from cve search by @laurentiuNiculae in #2163
• fix(nightly): increase wait time for dedupe nightly build by @peusebiu in #2177
• refactor: replace deprecated APIs for creating images in the search tests by @andaaron in #2173
• fix(bearer): fixed /v2/ route not implementing token spec by @peusebiu in #2176
• fix: the scheduler is now fair by @andaaron in #2158
• feat(ldap): hot reloading ldap credentials on change by @laurentiuNiculae in #2167
• fix(scrub): hold locks per image not per repo while executing scrub by @Andreea-Lupu in #2180
• chore: update go.mod to fix dependabot alerts by @rchincha in #2181

New Contributors

• @raulkele made their first contribution in #2141
• @ericgraf made their first contribution in #2074

Full Changelog: v2.0.0...v2.0.1

v2.0.1-rc2

What's Changed

• fix: the scheduler is now fair by @andaaron in #2158
• feat(ldap): hot reloading ldap credentials on change by @laurentiuNiculae in #2167
• fix(scrub): hold locks per image not per repo while executing scrub by @Andreea-Lupu in #2180

Full Changelog: v2.0.1-rc1...v2.0.1-rc2

v2.0.1-rc1

What's Changed

• patch: Add user route to extension_ui.go by @raulkele in #2141
• fix(shutdown): fix crash when shutting down before server and task scheduler have started. by @peusebiu in #2148
• chore: fix dependabot alerts by @rchincha in #2160
• docs: update docs website url by @rchincha in #2159
• fix: high CPU utilization by scheduler while idle by @andaaron in #2156
• fix: enable panic backtraces by @rchincha in #2150
• fix: npe if ldap query doesn't return attributes by @rchincha in #2151
• feat(config): handle config files with no explicit extension by @peusebiu in #2147
• docs: Fix Examples Readme to use proper field repositories instead of repoNames by @ericgraf in #2074
• fix: excessive memory usage by @peusebiu in #2164
• feat(log): print traceback when panics occur by @peusebiu in #2166
• feat(ui): update zui version by @Andreea-Lupu in #2162
• refactor: update tests to use the newer API for creating test images by @andaaron in #2168
• feat(ui): update zui version by @Andreea-Lupu in #2171
• feat(ui): show CVE severity statistics in the UI by @andaaron in #2172
• feat(cve): add option to exclude string from cve search by @laurentiuNiculae in #2163
• fix(nightly): increase wait time for dedupe nightly build by @peusebiu in #2177
• refactor: replace deprecated APIs for creating images in the search tests by @andaaron in #2173
• fix(bearer): fixed /v2/ route not implementing token spec by @peusebiu in #2176

New Contributors

• @raulkele made their first contribution in #2141
• @ericgraf made their first contribution in #2074

Full Changelog: v2.0.0...v2.0.1-rc1

v2.0.0

What's Changed

• chore(deps): fix dependabot alerts by @rchincha in #1048
• fix(test): consolidate flaky scrub test by @peusebiu in #1042
• ci: remove superfluous parts of github workflows by @rchincha in #1050
• fix(sync): syncing OCI artifacts with distribution package fails by @peusebiu in #1013
• fix: queries with images without a reference should return an error by @alexstan12 in #1040
• feat(scrub): add scrub logic for ImageIndex media type by @Andreea-Lupu in #1031
• fix(swagger): update docs.go - fix typo by @arukiidou in #1055
• chore(deps): fix dependabot alerts by @rchincha in #1060
• docs: add pkg.go.dev badge by @rchincha in #1061
• refactor: Cleanup/simplify test cases by @nicoldr in #1041
• fix(sync): fix sync on demand with docker library by @peusebiu in #1065
• chore(deps): fix dependabot alerts by @rchincha in #1074
• chore(deps): fix dependabot alerts by @rchincha in #1077
• chore(deps): fix dependabot alerts by @rchincha in #1080
• docs: update README.md by @rchincha in #1078
• refactor: Cleanup/simplify tests: uploads by @nicoldr in #1082
• fix(sync): also add docker v2 mediatype as supported in sync by @peusebiu in #1084
• cleanup: replaced resty client with http client in sync and moved to … by @aokirisaki in #1016
• ci: start localstack container only if needed by @peusebiu in #1086
• chore(deps): fix dependabot alerts by @rchincha in #1090
• fix(test): use correct aws region for dynamodb by @peusebiu in #1093
• feat(repodb): Implement RepoDB for image specific information using boltdb/dynamodb by @laurentiuNiculae in #979
• fix: error message when CVE search is disabled by @aokirisaki in #1100
• docs: fix CNCF related documentation by @rchincha in #1099
• chore(deps): fix dependabot alerts by @rchincha in #1098
• fix: add stacker to .gitignore by @rchamarthy in #1091
• fix: added error message for missing CVEs by @aokirisaki in #1085
• ci(trivy): copy trivydb oci artefact to project-zot repo by @andaaron in #1106
• fix(ci): fix path to trivy-db copy under project-zot by @andaaron in #1108
• ci: also allow manual workflow triggers by @rchincha in #1109
• fix(ci): do not build zot container image for the annotation tests by @andaaron in #1110
• Fixes for DynamoDB driver tests by @andaaron in #1111
• refactor: Cleanup/simplify testcases in /pkg/cli by @nicoldr in #1103
• chore(deps): fix dependabot alerts by @rchincha in #1115
• feat(cve): cache trivy results for an image:tag by @andaaron in #1101
• feat(repodb): add pagination for ImageListForDigest and implement FilterTags by @andaaron in #1102
• docs: fix copyright related info for cncf onboarding by @rchincha in #1117
• chore(trivy): update trivy version and enforce OCI compliant repo names in local image storage by @andaaron in #1068
• Test downloading trivy-db from alternate location by @andaaron in #1107
• feat(repodb): add PageInfo to GlobalSearch and RepoListWithNewestImage results by @andaaron in #1121
• refactor: Cleanup/simplify testcases in /pkg/extensions by @nicoldr in #1116
• test(refactor): cleanup/simplify testcases by @nicoldr in #1124
• feat(cve): the cve related calls to use repodb and add pagination on image results by @andaaron in #1118
• feat(repodb): implement pagination for ImageList and integrate it with RepoDB by @andaaron in #1129
• feat(cve): graphql: paginate returned CVEs for a given image by @andaaron in #1136
• fix: Sort tags returned by ExpendedRepoInfo in the Images property with the newest first by @andaaron in #1137
• chore(deps): fix dependabot alerts by @rchincha in #1131
• fix(referrers): annotation key is incorrect by @rchincha in #1139
• feat(repodb): DerivedImageList and BaseImageList make use of RepoDB by @andaaron in #1135
• fix(referrers): fix some conformance issues by @rchincha in #1134
• chore: update the version of go-lru we use to the latest available by @andaaron in #1141
• chore(deps): fix dependabot alerts by @rchincha in #1143
• test(exporter): add unit test to cover cli pkg by @rchincha in #1148
• removed references to old dist-spec by @aokirisaki in #1128
• chore(deps): fix dependabot alerts by @rchincha in #1153
• fix(test): update the zot tests not to use test/data as rootDir (use … by @nicoldr in #1162
• docs(graphql): rewrote search.md by @andaaron in #1130
• ci(cache): split go build cache from go modules cache by @andaaron in #1169
• test: avoid running trivy tests if search build label is missing by @andaaron in #1172
• test: refactor CVE tests in CLI package by @andaaron in #1170
• chore(deps): fix dependabot alerts by @rchincha in #1179
• test: show the execution times of the tests by @andaaron in #1163
• ci: Revert "test: show the execution times of the tests (#1163)" by @andaaron in #1186
• refactor(cve): improve CVE test time by mocking trivy by @andaaron in #1184
• feat(ui): package zui within zot binary by @andaaron in #1161
• onDemand check for updated manifest by @marxus in #1190
• fix: call notation-go libs instead of using notation binary by @Andreea-Lupu in #1104
• chore(go.mod): fix dependabot alerts by @rchincha in #1194
• feat(ui): use a Makefile variable to download a pre-existing zui build by @andaaron in #1196
• fix: set GC delay defaults for storage subPaths by @rchincha in #1189
• perf: update the ImageList queries to return PaginatedImagesResult by @nicoldr in #1182
• feat(scheduler): use an worker pool for scheduler by @peusebiu in #1146
• Centralise extensions config entries by @bogdanbiv in #1177
• chore: add/sync golang 1.20.x images by @rchincha in #1200
• ci(golang): fix syncing build image golang 1.20 by @andaaron in #1205
• chore(go.mod): fix dependabot alerts by @rchincha in #1210
• chore(codecov): use a token to authenticate to codecov by @andaaron in #1212
• chore(go.mod): fix dependabot alerts by @rchincha in #1218
• build(ui): the ui is now included in the zot binary by default by @andaaron in #1202
• chore(go.mod): fix dependabot alerts by @rchincha in #1222
• feat(graphql): Image() call now returns a non-nullable ImageSummary by @andaaron in #1216
• refactor(test): remove unnecessary usage of images copied from under … by @nicoldr in #1217
• feat(repodb): Multiarch Image support by @laurentiuNiculae in #1147
• test(ui): add owasp zap scanner in ci/cd by @andaaron in #1224
• chore(go.mod): fix dependabot alerts by @rchincha in #1228
• fix: trivydb update now uses task scheduler by @aokirisaki in #1204
• refactor(test): update cve tests to stop duplicating test/data if not… by @nicoldr in #1232
• fix(go.mod): replace ope...

v2.0.0-rc8

What's Changed

• chore: fix dependabot alerts by @rchincha in #2066
• ci: move distroless to debian12 by @rchincha in #2056
• test(bats): fix CVE bats test failure if zot runs on different port than 8080 by @andaaron in #2072
• Cli server version by @laurentiuNiculae in #1709
• refactor(log): replace panics with log fatal or log panic functions by @laurentiuNiculae in #1723
• Scheduler shutdown gracefully by @peusebiu in #1951
• fix(ci): prevent spaces from being removed when helm chart is updated by @Andreea-Lupu in #2078
• feat(metadb): search images by blob digest by @laurentiuNiculae in #2077
• Sync s3 by @peusebiu in #2073
• fix(metadb): set LastUpdated field also for indexes by @Andreea-Lupu in #2088
• feat(cve): expand search domain to cve description and package info by @laurentiuNiculae in #2086
• chore: fix dependabot alerts by @rchincha in #2097
• chore: fix dependabot alerts by @rchincha in #2113
• feat(metrics): add scheduler related metrics by @adodon2go in #2076
• fix(log): trimmed error level logs by @Andreea-Lupu in #2115
• feat(pagination): make sure the URL to in the link header is inside angle brackets by @andaaron in #2116
• build(zui): add a new env to set the path to a local build of zui by @Andreea-Lupu in #2118
• feat(ui): update zui version by @andaaron in #2119
• test(lint): refactor logs and add linting rules by @laurentiuNiculae in #2045
• fix(proto): the size of the repo should be int64, since that is the same type used for the manifest/config/index/digest sizes it sums up. by @andaaron in #2120
• ci(nightly): fix nightly after log message refactor by @andaaron in #2121
• fix(scheduler): fix data race by @peusebiu in #2085
• chore: fix dependabot alerts by @rchincha in #2133
• feat(ui): show a message while results are loading for dynamic search by @andaaron in #2134
• feat(ui): let UI delete manifests if current user has permissions to … by @peusebiu in #2132
• feat(CVE): add CVE severity counters to returned images by @andaaron in #2131
• fix(apikey): show api key configuration in mgmt API by @andaaron in #2138
• Fix deps by @rchincha in #2139

Full Changelog: v2.0.0-rc7...v2.0.0-rc8

v2.0.0-rc7

What's Changed

• chore: fix dependabot alerts by @rchincha in #1649
• feat: signal handling by @peusebiu in #1651
• feat(test): Simplify tests by @laurentiuNiculae in #1583
• fix(authn): session authn is skipped when anonymous policy is configured by @peusebiu in #1647
• test(upload): update the new signature of the upload image function by @laurentiuNiculae in #1655
• fix(auth): fix anonymous auth for ui by @andaaron in #1662
• feat(ui): update ui to support cve filtering by platform by @andaaron in #1661
• fix: freebsd build support by @dfr in #1659
• Refactor metadb sorting pagination by @laurentiuNiculae in #1637
• ci: add freebsd target for releases by @rchincha in #1660
• refactor(extensions)!: refactor the extensions URLs and errors by @andaaron in #1636
• fix: Build scripts broken on Mac by @adodon2go in #1668
• ci(conformance): revert to upstream OCI checks by @rchincha in #1678
• fix(convert): now returned annotations for an index will fallback to … by @laurentiuNiculae in #1667
• fix: remove inline GC and schedule a background task instead by @Andreea-Lupu in #1610
• test(annotations): print logs for annotations bats tests by @laurentiuNiculae in #1680
• fix(authn): handle the case where zot with openid runs behind a proxy by @peusebiu in #1675
• chore(go.mod): fix dependabot alerts by @rchincha in #1684
• fix: binary-stacker Makefile target is broken by @adodon2go in #1689
• docs: fix apikey case by @babs in #1693
• chore: fix dependabot alerts by @rchincha in #1702
• fix: swagger Makefile target broken on darwin by @adodon2go in #1701
• test(refactor): refactor tests that use zot-test to use smaller images by @laurentiuNiculae in #1690
• feat: automated detection of OS and ARCH if unset by @adodon2go in #1711
• refactor: move /pkg/meta/signatures under /pkg/extensions/imagetrust by @Andreea-Lupu in #1712
• chore: fix dependabot alerts by @rchincha in #1720
• fix(ci/cd): detect uncommited swagger docs by @adodon2go in #1724
• fix(parse): lock storage while reading using image store by @laurentiuNiculae in #1719
• feat: propagate detailed error msgs to client (OCI dist-spec format) by @adodon2go in #1681
• feat(authn): add generic oidc and allow customizable name by @babs in #1691
• feat(mgmt): mgmt extention no longer depends on UI being enabled by @andaaron in #1728
• feat(apikey): added route to list user api keys by @peusebiu in #1708
• refactor(log): replace default logger with config complient log in ro… by @laurentiuNiculae in #1734
• feat(ui): update to latest zui version by @andaaron in #1735
• chore: fix dependabot alerts by @rchincha in #1737
• fix(examples): revert examples/config-minimal.json by @peusebiu in #1740
• refactor(cli): added equivalent subcommands for each flag combination under every command by @laurentiuNiculae in #1674
• fix: bats test refactoring by @adodon2go in #1731
• chore(go.mod): upgrade 3rd party packages by @andaaron in #1742
• fix: nightly build by @adodon2go in #1745
• test(bats): added bats example for deleting an image by @laurentiuNiculae in #1718
• refactor(storage): refactor storage into a single ImageStore by @peusebiu in #1656
• refactor(authz): use a struct for user access control info operations by @peusebiu in #1682
• fix: add manifest validation checks by @rchincha in #1747
• fix(gc): gc removes unknown manifests by @peusebiu in #1762
• feat(scheduler): pass the shutdown/reload context to running tasks by @peusebiu in #1671
• chore: fix dependabot alerts by @rchincha in #1763
• refactor: Reduce binary size of zot-minimal; Added CI check for binar… by @adodon2go in #1758
• refactor(makefile): consolidate the make targets used for bats tests by @andaaron in #1746
• feat: upload cosign public key and notation certificates to cloud by @Andreea-Lupu in #1744
• fix: DATA RACE in TestNewExporter by @adodon2go in #1766
• refactor(cli): remove old cli commands by @laurentiuNiculae in #1756
• fix(api): Fix 'last' query param for /tags/list to work without param 'n' by @andaaron in #1777
• chore: fix dependabot alerts by @rchincha in #1774
• fix: add retry logic to recreate existing trustpolicy secret by @Andreea-Lupu in #1776
• chore(dependabot): increase the limit of dependabot PRs by @andaaron in #1788
• chore: fix dependabot alerts by @rchincha in #1797
• fix: do not recreate trustpolicy secret if the content doesn't change by @Andreea-Lupu in #1800
• bug: can't build zot with empty EXTENSIONS by @adodon2go in #1803
• refactor: Reduce zb binary size by @adodon2go in #1783
• fix: change log msg for updating signatures validity by @Andreea-Lupu in #1804
• fix(sync): ping func should not try to read response body by @peusebiu in #1757
• fix(config): fix config reloader panic by @peusebiu in #1806
• fix(convert): fix the update rule of download count for images by @laurentiuNiculae in #1802
• feat(cli): add cli sort flag to subcommands by @laurentiuNiculae in #1768
• refactor: Review metrics endpoints by @adodon2go in #1770
• refactor(test): move image utils for tests in a separate module by @laurentiuNiculae in #1789
• refactor: Reduce zli binary size by @adodon2go in #1805
• fix(cve): cumulative fixes and improvements for CVE scanning logic by @andaaron in #1810
• chore: fix dependabot alerts by @rchincha in #1827
• feat(pprof): add profiling route handler to debug runtime by @andaaron in #1818
• fix(ci): print zot log on failure by @peusebiu in #1799
• test(cosign): add a oci dist-spec 1.1.0 conformant test case by @rchincha in #1835
• refactor(cli): Move cmdflags package under pkg/cli/client by @adodon2go in #1840
• feat(cve): implement CVE scanning as background tasks by @andaaron in #1833
• fix(gc): update repodb when gc'ing manifests by @peusebiu in #1819
• fix(tests): call ImageStore constructor with correct parameters by @andaaron in #1846
• chore: fix dependabot alerts by @rchincha in #1855
• ci: add a "nightly jobs" badge by @rchincha in #1858
• Add cross-compile to dockerfile by @sagikazarmark in #1816
• refactor(scrub): replace umoci logic in scrub implementation by @Andreea-Lupu in #1845
• fix(dedupe): run dedupe only for repositories found at startup by @peusebiu in #1844
• refactor(pkg/test): split logic in pkg/test/common.go into multiple packages by @andaaron in #1861
• fix: reduce test run time by @adodon2go in #1832
• ci(localstack): pin localstack python package to 2.2.0 and pull container image from ghcr by @andaaron in #1867
• ci: update localstack to 2.3.1 by @rchincha in #1869
• fix: errors returned by zot should match the dist-spec errors by @adodon...

v2.0.0-rc6

What's Changed

• fix(cli): add help message for searching referrers under search command by @laurentiuNiculae in #1551
• fix: update conformance test by @rchincha in #1552
• fix: change commit message for pushing changes to project-zot/helm-ch… by @Andreea-Lupu in #1564
• test: add more registries in sync blackbox tests by @peusebiu in #1568
• documentation: Add example for various popular public registries by @Poulpatine in #1550
• fix(extensions): setup UI extension as last one by @peusebiu in #1572
• fix: changing default numWorkers, making it customizable and refactor… by @aokirisaki in #1563
• chore: fix dependabot alerts by @rchincha in #1576
• chore: fix dependabot alerts by @rchincha in #1581
• fix(CVE): attempt to scan now returns early with an error if trivyDB metadata json is missing by @andaaron in #1548
• refactor: split AuthZ mdw in 2 different parts, each for a specific purpose by @alexstan12 in #1542
• feat(referrers): added index support for referrers queries by @laurentiuNiculae in #1560
• feat(cve): update trivy and add support for scanning image indexes by @laurentiuNiculae in #1510
• fix(test): TestConfigReloader, wait for trivy db download by @peusebiu in #1543
• feat: upload certificates and public keys for verifying signatures by @Andreea-Lupu in #1485
• fix(nightly): fix nightly builds by @peusebiu in #1584
• fix: missing Oci-Subject header pushing index with subject by @jdolitsky in #1589
• fix(storage): do not open/download blobs when validating manifests by @peusebiu in #1566
• feat: integrate openID auth logic and user profile management by @peusebiu in #1381
• fix(ci/cd): stop localstack after ci/cd pipeline by @peusebiu in #1590
• fix: refactor monitoring code outside locks by @rchincha in #1596
• fix: don't allow blobs to be deleted if in use by @peusebiu in #1559
• feat(sync): sync can include self url in registry.URLs by @peusebiu in #1562
• fix: remove config by @peusebiu in #1600
• fix(test): consolidate api tests build tags by @peusebiu in #1602
• build: fix mgmt and userprefs when building them separately by @peusebiu in #1601
• feat(cve): ability to return CVEs per image os and architecture by @andaaron in #1607
• Fix multiple issues with zli output formatting by @andaaron in #1612
• fix(test): sync inconsistent test by @peusebiu in #1611
• chore: fix dependabot alerts by @rchincha in #1613
• feat: add additional manifest validations by @peusebiu in #1609
• feat(zli): add new subcommand to remove a zli config by @andaaron in #1619
• fix(cli): make sure all needed ImageSummary properties are requested from the server by @andaaron in #1618
• chore: fix dependabot alerts by @rchincha in #1621
• fix(ci): trivy test to expect 3 CVEs instead of 2 in the vulnerable test layer by @andaaron in #1623
• chore: fix dependabot alerts by @rchincha in #1631
• feat(refator): refactoring repodb into meta by @laurentiuNiculae in #1626
• chore(go.mod): upgrade trivy, cosign and remove replace directive by @andaaron in #1635
• fix(authn): fix several issues with authn, closes #1632 by @peusebiu in #1633
• feat(zui): update to zui supporting social login by @andaaron in #1639
• fix(conformance): OCI-Filters-Applied should return a literal by @rchincha in #1640

New Contributors

• @Poulpatine made their first contribution in #1550

Full Changelog: v2.0.0-rc5...v2.0.0-rc6