2.8.0¶
(2020-05-28)
New features¶
Support for CVSS Version 3 scanning.
Enhancements¶
Users can now filter through repository tags with a type of either app, image, or plugin.
All cron jobs are now included in backups.
An alert now displays in the bottom right side of the MSR web interface when a user scans a tag.
Improvement to performance on Scan Summary API (POST api/v0/imagescan/ scansummary/ tags)
Addition of pagination for promotion policies in the MSR web interface.
An option is now availalbe for reducing backup size by not backing up the events table for online backups (offline backups do not have this option). This adds a new flag to MSR CLI for the backup command that is --ignore-events-table.
Addition of an Event parameter validation to include parameters for event or object type.
Create events for repository permission changes.
Addition of a check prior to running MSR remove that determine whether a replica id exists in the cluster. Can be overridden with –force.
Improvement to the error messaging for default crons when there is no advance license.
Bug fixes¶
Pull mirroring policies now do a full pull mirror for a repository when the tag limit is increased, a pruning policy is deleted, or when a policy pulls a tag that has just been deleted.
Addition of a repository event that will distinguish policy promotions from manual promotions that are done on a single image using the Promote button in the MSR web interface.
Fix of an issue that prevented license information from updating after the license is changed in the MSR web interface.
Improvements to the MSR web interface for organizations, including the organization list, the organization viewer, the organization repo, and the new organization screen.
Fixed an issue where the constituent image platforms was not populated for the
/api/v1/repositories/{namespace}/{reponame}/tags
and/api/v1/repositories/{namespace}/{reponame}/tags/{reference}
API endpointsFxed an issue with invoking
/api/v0/workers/{id}/capacity
API with an invalid{id}
, which should cause a 404 error but instead returns200 (OK)
.Fixed misleading error messaging on immutable repos.
Fixed issue where scan summaries were not exporting correctly.
Fixed an issue where the repository readme wouldn’t update.
Fixed an issue where the repository readme submission wouldn’t show.
Fixed pull / push mirroring validation logic.
Fixed broken webhook
skipTLS
button.Fixed issue where scanning information wasn’t being copied over with promotion policies.
Fixed issue where notification banners were making part of the UI inaccessible.
Fixed a bug where webhook events weren’t being tracked correctly.
Fixed a bug where pagination for namespace repositories for a non admin user was not working.
Scanning data that corresponds to images and layers marked for deletion is deleted during garbage collection.
Security¶
Fixed problem where storage backend credentials were being returned in API calls to admin/settings.
Known issues¶
MSR does not yet offer a method for deleting scanned data that has been orphaned following the garbage collection of associated metadata.