eblume/blumeops
1
1
Fork 0
Code Issues Pull requests Projects Releases 83 Packages Wiki Activity Actions
blumeops/docs/changelog.d
History
Exact
Erich Blume 53d620365a Bump zot registry to v2.1.15 (#293) 
## Summary
- Upgrade zot OCI registry from v2.1.13 to v2.1.15 on indri
- Addresses CVE-2025-30204 (golang-jwt memory) and open redirect via callback_ui
- No config template changes needed (externalUrl is auto-allowlisted)
- Requires Go 1.25.7 (bump from 1.25.6 via mise)

## Data Safety
- Data directory ~/erichblume/zot is NOT touched during build or deploy
- No schema migrations in v2.1.14 or v2.1.15
- Storage format remains OCI spec 1.1.0

## Deployment Steps
- [ ] SSH to indri: bump Go to 1.25.7 via `mise use go@1.25.7`
- [ ] Fetch and checkout v2.1.15 in ~/code/3rd/zot
- [ ] Build: `mise x -- make binary`
- [ ] Restart LaunchAgent
- [ ] Verify: `curl -s http://localhost:5050/v2/` returns 200
- [ ] Verify: `curl -s https://registry.ops.eblu.me/v2/_catalog` lists repos
- [ ] Verify: `mise run services-check`

Reviewed-on: #293
2026-03-14 10:00:40 -07:00
..
+docs-preview.feature.md Add docs-preview task and visual preview step to doc review 2026-03-11 18:04:01 -07:00
+remove-mosquitto.infra.md Remove unused Mosquitto MQTT broker from ringtail 2026-03-11 18:37:31 -07:00
+run-1password-backup-howto.doc.md Add how-to card for running 1Password backup 2026-03-11 18:17:45 -07:00
.gitkeep Add towncrier changelog system (#86) 2026-02-03 11:48:13 -08:00
bump-alloy-v1.14.0.infra.md Bump Grafana Alloy to v1.14.0 (#292) 2026-03-13 16:25:27 -07:00
bump-zot-v2.1.15.infra.md Bump zot registry to v2.1.15 (#293) 2026-03-14 10:00:40 -07:00
review-jobsync.infra.md Review jobsync: add to services-check and homepage (#291) 2026-03-11 17:36:51 -07:00