Bump github.com/distribution/distribution/v3 from 3.0.0 to 3.1.0 by dependabot[bot] · Pull Request #7078 · operator-framework/operator-sdk

dependabot · 2026-04-06T17:54:04Z

Bumps github.com/distribution/distribution/v3 from 3.0.0 to 3.1.0.

Release notes

Sourced from github.com/distribution/distribution/v3's releases.

v3.1.0

Welcome to the v3.1.0 release of registry!

This is a stable release

Please try out the release binaries and report any issues at https://github.com/distribution/distribution/issues.

Notable Changes

Fixes CVE-2026-35172

Fixes CVE-2026-33540

Adds support for tag pagination (#4360, #4353)

Fixes default credentials in Azure storage provider (#4619)

Drops support for go1.23 and go1.24 and updates to go1.25

See the full changelog below for the full list of changes.

What's Changed

docs: Update to refer to new image tag v3 by @schanzel in distribution/distribution#4373

Fix default_credentials in azure storage provider by @switchboardOp in distribution/distribution#4619

chore: make function comment match function name by @closeobserve in distribution/distribution#4622

build(deps): bump golang.org/x/net from 0.37.0 to 0.38.0 in the go_modules group across 1 directory by @dependabot[bot] in distribution/distribution#4625

fix: implement JWK thumbprint for Ed25519 public keys by @zhangyoufu in distribution/distribution#4626

fix: Annotate code block from validation.indexes configuration docs by @anzoman in distribution/distribution#4629

feat: extract redis config to separate struct by @shanduur in distribution/distribution#4620

Fix: resolve issue #4478 by using a temporary file for non-append writes by @onporat in distribution/distribution#4624

build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by @dependabot[bot] in distribution/distribution#4645

docs: Add note about OTEL_TRACES_EXPORTER by @jcpunk in distribution/distribution#4669

fix: set OTEL traces to disabled by default by @jcpunk in distribution/distribution#4671

Fix markdown syntax for OTEL traces link in docs by @shantanoo-desai in distribution/distribution#4676

Switch UUIDs to UUIDv7 by @binaryfire in distribution/distribution#4666

refactor: replace map iteration with maps.Copy/Clone by @whosehang in distribution/distribution#4632

s3-aws: fix build for 386 by @ChenQi1989 in distribution/distribution#4642

docs: Add OpenTelemetry links to quickstart docs (#4270) by @dpw13 in distribution/distribution#4640

Fix S3 driver loglevel param by @milosgajdos in distribution/distribution#4617

Fixed data race in TestSchedule test by @horoshev in distribution/distribution#4647

Fixes #4683 - uses X/Y instead of Gx/Gy for thumbprint of ecdsa keys by @gpgenaiz in distribution/distribution#4684

build(deps): bump actions/checkout from 4 to 5 by @dependabot[bot] in distribution/distribution#4687

Fix broken link to Docker Hub fair use policy by @Klikini in distribution/distribution#4688

fix(registry/handlers/app): redis CAs by @ChandonPierre in distribution/distribution#4668

build(deps): bump actions/labeler from 5 to 6 by @dependabot[bot] in distribution/distribution#4694

build(deps): bump actions/setup-go from 5 to 6 by @dependabot[bot] in distribution/distribution#4693

build(deps): bump actions/upload-pages-artifact from 3 to 4 by @dependabot[bot] in distribution/distribution#4691

build(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 by @dependabot[bot] in distribution/distribution#4706

build(deps): bump github/codeql-action from 3.26.5 to 4.30.7 by @dependabot[bot] in distribution/distribution#4710

build(deps): bump github/codeql-action from 4.30.7 to 4.30.8 by @dependabot[bot] in distribution/distribution#4714

chore: labeler: add area/client mapping for internal/client/** by @artem-tkachuk in distribution/distribution#4716

client: add Accept headers to Exists() HEAD by @artem-tkachuk in distribution/distribution#4715

feat(registry): Make graceful shutdown test robust by @Sumedhvats in distribution/distribution#4720

... (truncated)

Commits

708f8d6 chore(ci): Prep for v3.1 release (#4841)
b1d5dbc chore(ci): Prep for v3.1 release
078b078 Merge commit from fork
cccd0d4 fix(vendor): fix broke vendor validation (#4839)
49447e8 fix(vendor): fix broke vendpor validation
cc5d5fa Merge commit from fork
4cfa178 build(deps): bump actions/configure-pages from 5.0.0 to 6.0.0 (#4834)
c4bac3b build(deps): bump codecov/codecov-action from 5.5.4 to 6.0.0 (#4836)
2f2ce9f Opt: refactor tag list pagination support (#4353)
6a02a0e Opt: refactor tag list pagination support
Additional commits viewable in compare view

acornett21 · 2026-04-09T16:40:35Z

@dependabot rebase

Bumps [github.com/distribution/distribution/v3](https://github.com/distribution/distribution) from 3.0.0 to 3.1.0. - [Release notes](https://github.com/distribution/distribution/releases) - [Commits](distribution/distribution@v3.0.0...v3.1.0) --- updated-dependencies: - dependency-name: github.com/distribution/distribution/v3 dependency-version: 3.1.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Apr 6, 2026

openshift-ci bot requested review from OchiengEd and acornett21 April 6, 2026 17:54

dependabot bot temporarily deployed to deploy April 6, 2026 17:54 Inactive

dependabot bot force-pushed the dependabot/go_modules/github.com/distribution/distribution/v3-3.1.0 branch from c69d6a6 to e6b5b7f Compare April 8, 2026 22:48

dependabot bot temporarily deployed to deploy April 8, 2026 22:48 Inactive

dependabot bot force-pushed the dependabot/go_modules/github.com/distribution/distribution/v3-3.1.0 branch from e6b5b7f to 6a3e29b Compare April 9, 2026 16:42

dependabot bot temporarily deployed to deploy April 9, 2026 16:43 Inactive

acornett21 merged commit d73f211 into master Apr 9, 2026
22 of 23 checks passed

dependabot bot deleted the dependabot/go_modules/github.com/distribution/distribution/v3-3.1.0 branch April 9, 2026 17:01

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump github.com/distribution/distribution/v3 from 3.0.0 to 3.1.0#7078

Bump github.com/distribution/distribution/v3 from 3.0.0 to 3.1.0#7078
acornett21 merged 1 commit intomasterfrom
dependabot/go_modules/github.com/distribution/distribution/v3-3.1.0

dependabot bot commented on behalf of github Apr 6, 2026 •

edited

Loading

Uh oh!

acornett21 commented Apr 9, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot bot commented on behalf of github Apr 6, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v3.1.0

Notable Changes

What's Changed

Uh oh!

acornett21 commented Apr 9, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

dependabot bot commented on behalf of github Apr 6, 2026 •

edited

Loading