lifecycle
lifecycle copied to clipboard
buildpacks
Reference implementation of the Cloud Native Buildpacks lifecycle
### Description There are a number of (mostly) small refactors denoted with `FIXME` in the lifecycle code. It would be awesome if we could go through and either tackle them...
Signed-off-by: Sambhav Kothari
### Summary When running lifecycle/creator inside the builder image container, if I create and configure authentication information inside the config.json file and use it as an authentication token, I will...
The lifecycle Buildpack API support matrix here says that lifecycle 0.19.0 supports Buildpack API 0.11: https://github.com/buildpacks/lifecycle/blob/435d226f1ed54b0bec806716ba79e14a2a093736/README.md#supported-apis ...however, lifecycle 0.19.0 does not support it, since `0.11` is not present in the...
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 25.0.3+incompatible to 25.0.5+incompatible. Release notes Sourced from github.com/docker/docker's releases. 25.0.5 For a full list of pull requests and changes in this release, refer to the relevant GitHub...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps the go-dependencies group with 5 updates: | Package | From | To | | --- | --- | --- | | [github.com/GoogleContainerTools/kaniko](https://github.com/GoogleContainerTools/kaniko) | `1.21.0` | `1.21.1` | | [github.com/containerd/containerd](https://github.com/containerd/containerd)...
Latest lifecycle release v0.19.0 triggered CVE(s) from Grype. For further details, see: https://github.com/buildpacks/lifecycle/actions/runs/8320238462 json: { "id": "GHSA-8r3f-844c-mc37", "severity": "Medium", "description": "Golang protojson.Unmarshal function infinite loop when unmarshaling certain forms of...
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "github-actions[bot] avatar"){kind=avatar}
Bumps google.golang.org/protobuf from 1.32.0 to 1.33.0. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a...
### Summary Vendor keychains can be slow or fail. This allows platform operators to skip them entirely. #### Release notes Allow platform operators the ability to skip vendor specific keychain...
### Summary Hey there, I've been following the `DEVELOPMENT.md` file to generate some lifecycle binaries locally but am running into some issues on my Windows machine when running the set...
Metadata
Owner
Metadata
Reference implementation of the Cloud Native Buildpacks lifecycle