Bump zot registry to v2.1.15 #293

Merged

eblume merged 2 commits from bump/zot-v2.1.15 into main

2026-03-14 10:00:40 -07:00

Author	SHA1	Message	Date
Erich Blume	3725d0873f	Fix trivy CVE DB downloads in zot LaunchAgent The LaunchAgent's default PATH (/usr/bin:/bin:/usr/sbin:/sbin) doesn't include /usr/local/bin where docker-credential-desktop lives. Trivy's OCI client reads ~/.docker/config.json which specifies credsStore:desktop, then fails to find the credential helper. Add /usr/local/bin to PATH. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-14 09:54:10 -07:00
Erich Blume	392aeaf66b	Bump zot registry to v2.1.15 Upgrade from v2.1.13 to v2.1.15 for two security fixes: - CVE-2025-30204 (golang-jwt excessive memory allocation) - Open redirect via callback_ui Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-14 09:21:59 -07:00

Author

SHA1

Message

Date

Erich Blume

3725d0873f

Fix trivy CVE DB downloads in zot LaunchAgent

The LaunchAgent's default PATH (/usr/bin:/bin:/usr/sbin:/sbin) doesn't
include /usr/local/bin where docker-credential-desktop lives. Trivy's
OCI client reads ~/.docker/config.json which specifies credsStore:desktop,
then fails to find the credential helper. Add /usr/local/bin to PATH.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-14 09:54:10 -07:00

Erich Blume

392aeaf66b

Bump zot registry to v2.1.15

Upgrade from v2.1.13 to v2.1.15 for two security fixes:
- CVE-2025-30204 (golang-jwt excessive memory allocation)
- Open redirect via callback_ui

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-14 09:21:59 -07:00