janek richter

Any progress here? At least the replication of helm charts stored as oci artifact should be supported, as this is the new default of helm 3.8+ (current).

@daliaezt what kind of vulnerabilities are detected more than on the hub? For example, trivy looks up dynamically on search.maven.org for Java artefacts (EAR/JAR/WAR,...). Does both systems have internet access?

It looks like this behavior was introduced with commit https://github.com/goharbor/harbor/commit/ea35e7b9eccec5d34255edc04c9054d771d4fb90

@bitsf @ywk253100 can you confirm this is a bug?

Could you please investigate? This issue is preventing us from upgrading our 2.2 to 2.3.

Issue exists in v2.3.2 also.

Any updates on this issue?

Is there a workaround we can use in the meanwhile? Otherwise replication with prevent vuln. enabled is broken completely/ not usable.

Issue still exists - do not close.

This issue is still relevant, please do not close.