apunkt/imageproxy
1
0
Fork 0
mirror of https://github.com/willnorris/imageproxy.git synced 2026-05-24 19:35:13 +02:00
Code Issues Projects Releases Packages Wiki Activity
474 commits 11 branches 19 tags 43 MiB
Commit graph

474 commits

This branch
This branch
All branches
Author SHA1 Message Date
Will Norris
08e34b68bd go.mod: bump golang.org/x/net 2026-05-21 22:33:56 -07:00
Will Norris
efd0b2698c caddy/go.mod: go mod tidy to pickup module updates 2026-05-21 15:40:52 -07:00
Will Norris
b218d95c64 go.mod: bump golang.org/x/* packages 
This addresses the two specific vulnerabilities that were disclosed for
/x/image and /x/sys, but also updates the rest for good measure.
 2026-05-21 15:37:17 -07:00
Will Norris
5b6d07d0c3 go.mod: update golang.org/x/net
Some checks failed
CodeQL / Analyze (push) Has been cancelled
Docker / build-and-push-image (push) Has been cancelled
linter / lint (push) Has been cancelled
tests / test (map[go-version-file:go.mod], ubuntu-latest) (push) Has been cancelled
tests / test (map[go-version:oldstable], ubuntu-latest) (push) Has been cancelled
tests / test (map[go-version:stable], ubuntu-latest, true) (push) Has been cancelled
tests / test (map[go-version:stable], windows-latest) (push) Has been cancelled
tests / test-latest (map[go-version-file:go.mod]) (push) Has been cancelled
tests / test-latest (map[go-version:stable]) (push) Has been cancelled
tests / staticcheck (push) Has been cancelled
tests / govulncheck (push) Has been cancelled
 2026-05-10 20:44:14 -07:00
Will Norris
644fb31cec caddy: go.mod update
Some checks failed
CodeQL / Analyze (push) Has been cancelled
Docker / build-and-push-image (push) Has been cancelled
linter / lint (push) Has been cancelled
tests / test (map[go-version-file:go.mod], ubuntu-latest) (push) Has been cancelled
tests / test (map[go-version:oldstable], ubuntu-latest) (push) Has been cancelled
tests / test (map[go-version:stable], ubuntu-latest, true) (push) Has been cancelled
tests / test (map[go-version:stable], windows-latest) (push) Has been cancelled
tests / test-latest (map[go-version-file:go.mod]) (push) Has been cancelled
tests / test-latest (map[go-version:stable]) (push) Has been cancelled
tests / staticcheck (push) Has been cancelled
tests / govulncheck (push) Has been cancelled
 2026-04-24 13:04:46 -07:00
Will Norris
b0890598d0 go.sum: run missing go mod tidy 2026-04-24 12:10:06 -07:00
Will Norris
cf5d6b1d97 go.mod: bump golang.org/x/image
Some checks are pending
CodeQL / Analyze (push) Waiting to run
Docker / build-and-push-image (push) Waiting to run
linter / lint (push) Waiting to run
tests / test (map[go-version-file:go.mod], ubuntu-latest) (push) Waiting to run
tests / test (map[go-version:oldstable], ubuntu-latest) (push) Waiting to run
tests / test (map[go-version:stable], ubuntu-latest, true) (push) Waiting to run
tests / test (map[go-version:stable], windows-latest) (push) Waiting to run
tests / test-latest (map[go-version-file:go.mod]) (push) Waiting to run
tests / test-latest (map[go-version:stable]) (push) Waiting to run
tests / staticcheck (push) Waiting to run
tests / govulncheck (push) Waiting to run
This fixes a vulnerability reported by govulncheck (GO-2026-4961)
 2026-04-24 11:13:19 -07:00
Will Norris
f9f9a49f8e .github: update codeql and linter workflows 2026-03-31 09:07:40 -07:00
Will Norris
41ff00382c caddy: go mod tidy 
not sure why this wasn't tidied before?  But seems to be cause
govulncheck to fail.
 2026-03-31 09:04:35 -07:00
Will Norris
64a04fceb8 go.mod: update grpc library and deps 2026-03-30 11:38:56 -07:00
Will Norris
ed6ac75068 .github: run govulncheck over caddy module 
Update caddy and smallstep/certificates to address vulnerabilities.
 2026-03-30 11:25:53 -07:00
Will Norris
080f5d05f1 .github: replace dependabot with daily test and govulncheck 
Trying out Filippo's recommendation from
https://words.filippo.io/dependabot/
 2026-03-30 10:39:07 -07:00
Will Norris
69ec880864 go.mod: update deps with vulnerabilities 
The versions of golang.org/x/image and opentelementry had known
vulnerabilities.  Update those.
 2026-03-30 09:57:22 -07:00
Will Norris
db2244a25c .github: add workflow_dispatch trigger for tests 2026-03-30 09:18:20 -07:00
Will Norris
e4f7eada71 docs: reformat plugin-design.md for semantic line breaks 
I'm hoping to pick this idea back up soon.
 2026-01-07 09:44:59 -08:00
Will Norris
7f3639886b allow customizing response headers passed to client 
A nil slice of headers will use the previous set of default response
headers to maintain existing behavior. The same list of headers is
repeated as the default flag value in `cmd/imageproxy` as documentation
for users to know what values they are overriding (and might want to
still include).

Fixes #387
 2025-07-01 12:14:21 -07:00
Will Norris
554bfc5d8e .gitignore: only ignore top-level imageproxy file 
This prevents tools from ignoring ./cmd/imageproxy.
 2025-06-30 17:26:26 -04:00
Ivan Ivanov
61346b9f4a Add a metric "http_requests_in_flight" 2025-06-30 07:38:58 -07:00
Ivan Ivanov
ba76dfa3b2 Limit number of running transformation threads 2025-06-30 07:38:58 -07:00
Albert Song
731fa16921 cmd/imageproxy: add support for listening on Unix socket 
Allows listening to Unix domain socket with the `-addr` option.
The syntax is `unix:path`. (same as nginx `listen` directive)
 2025-06-30 06:57:52 -07:00
Will Norris
816f1a6855 dependabot: security updates only, grouped in a single PR 2025-06-30 08:36:25 -04:00
Will Norris
9a1158a703 go.mod: target package version bumps 
addresses specific issues raised by dependabot
 2025-06-29 23:29:34 -04:00
sl
fe35d19c3e add "valid until" option to limit lifetime of signed requests 
Closes #222

Co-authored-by: Will Norris <will@willnorris.com>
 2025-06-29 15:09:08 -07:00
Will Norris
b98b3455a1 tests: use named fields in TestAllowed 
This will make it easier to add new fields to the test cases struct.
 2025-06-29 16:11:36 -04:00
Mike Dalessio
df0b6d337a fix: return a more-complete 304 from TransformingTransport.RoundTrip 
to address the segfault we're seeing in production. The necessary
conditions for the issue are:

1. The 303 must return a location URI that changes every time, so that
   the real location of the image is never cached. As an example, if the
   remove service redirects to S3, the presence of the
   `X-Amz-Security-Token` accomplishes this.

2. The image responses must match by Etag, so that
   imageProxy.should304() returns true causing
   TranformingTransport.RoundTrip() to return a bare 304 response.

If those conditions are met, then the bare 304 Response returned will
be used and read by one of the callers. Specifically, the lack of a
Body causes a segfault.

So let's make it more like a real Response and use http.NoBody so when
it's used it doesn't cause things to explode.
 2025-06-06 09:16:09 -07:00
Matthew Beatty
2254a1f2ff add support for URL encoding remote URL 
Updates #250
Updates #290
Fixes #447

Co-authored-by: Will Norris <will@willnorris.com>
 2025-06-05 20:02:53 -07:00
Will Norris
d04e37fc14 README: add basic docs for using imageproxy with Caddy 2025-06-04 21:53:22 -07:00
Will Norris
80bc48388b README: standardize code block style 2025-06-04 21:39:46 -07:00
Will Norris
ddf11c9817 README: add hugo partial under clients 2025-06-04 21:34:32 -07:00
Will Norris
1ceba2538c add -forceCache flag to override no-store and private directives 
The httpcache package is intended only to be used in private caches, so
it will cache responses marked `private` like normal.  However,
imageproxy is a shared cache, so these response should not be cached
under normal circumstances.  This change introduces a potentially
breaking change to start respecting the `private` cache directive in
responses.

This also adds a new `-forceCache` flag to ignore the `private` and
`no-store` directives, and cache all responses regardless.
 2025-05-01 02:54:36 -07:00
Will Norris
8170536e41 README,docs: format and update URLs 
Format docs with prettier. Update godoc.org URLs to pkg.go.dev.
 2025-04-30 23:32:32 -07:00
Will Norris
7502adde1c allow overriding cache directives in responses 
Add a new `-minCacheDuration` flag to specify a minimum duration to
cache images for.

Updates #28
Updates #144
Fixes #207
Fixes #208
 2025-04-30 01:33:37 -07:00
Will Norris
82ce506905 third_party/httpcache: add copy of parts of httpcache 2025-04-30 01:33:37 -07:00
Will Norris
0da52d1e25 allow base64 encoding the remote URL 
Updates #431
Updates #447
 2025-04-30 01:22:35 -07:00
Will Norris
f2bc67185d use any and min builtins 2025-04-28 18:11:56 -07:00
Blake Stoddard
07c1c27092 prevent pixel flooding attack 
Refuse to transform images larger than 100 megapixels.

Fixes #254
 2025-04-28 17:26:05 -07:00
Will Norris
707b5ac551 caddy/go.mod: update dependencies 2025-04-28 16:06:51 -07:00
Will Norris
73ff297c47 go.mod: update dependencies 
bump minimum go version to 1.23
use go 1.24 in docker image
 2025-04-28 16:02:08 -07:00
dependabot[bot]
5a27a2ec45 .github: update workflow actions 
- bump docker/login-action from 3.1.0 to 3.4.0
- bump docker/metadata-action from 5.5.1 to 5.7.0
- bump docker/setup-buildx-action from 3.3.0 to 3.10.0
- bump docker/build-push-action from 5.3.0 to 6.16.0
- bump sigstore/cosign-installer from 3.5.0 to 3.8.2
 2025-04-28 15:11:14 -07:00
Will Norris
5b619de74f .github/workflows: drop linux/arm/v7 from docker 
I believe chainguard no longer supports arm/v7.  This was added at a
user's request I think that was running imageproxy on a raspberry pi or
something.  I might switch to a different base image that does have
support, though it's annoying to have to do so.  In the meantime, users
can always built the image themselves for other platforms.
 2025-04-17 21:44:20 -07:00
Will Norris
b4c03c294c .github/workflows: upgrade actions 
This requires updating to a more recent version of golangci-lint, which
has some new failures.  This removes those failing linters, and I'll
need to come back and look at those problems in a followup change.
 2025-04-17 21:22:18 -07:00
Vetle Leinonen-Roeim
c361000ff4 add trim option to remove solid color borders 
Fixes #441
 2025-04-17 18:01:09 -07:00
Will Norris
572ad2db78 caddy: bump to caddy 2.8.1 and set directive order 2024-06-01 16:45:20 -07:00
Will Norris
9a0fc21f0c caddy/go.mod: bump dependencies 2024-05-08 22:19:34 -07:00
Will Norris
46539483be go.mod: update modules 2024-05-08 21:34:45 -07:00
Will Norris
3aec0fce3a .github: update action versions 2024-05-08 21:08:41 -07:00
Will Norris
2451f30f07 .github: run prettier over all yml files 2024-05-08 21:08:41 -07:00
Will Norris
ef50c1f9a6 cmd/imageproxy: remove gorilla mux router 
I'm not entirely sure why I had this in the first place... probably just
a misunderstanding at the time of what a mux did and when it is helpful.
In this case, it serves no purpose.
 2023-11-13 15:15:55 -08:00
Will Norris
da55ecefd3 Dockerfile: use wolfi-base as build image 
This allows a little more control over which version of go we're using.
 2023-08-02 08:44:32 -07:00
Will Norris
9708b430f5 README.md: format file 
I'm honestly not sure which formatter this is using. Probably something
from the markdown LSP server I'm using. Maybe something built in to
neovim or that ships with LazyVim?
 2023-08-02 08:44:32 -07:00