{"id":13400559,"url":"https://github.com/distribution/distribution","last_synced_at":"2026-01-15T22:19:54.061Z","repository":{"id":24948386,"uuid":"28366058","full_name":"distribution/distribution","owner":"distribution","description":"The toolkit to pack, ship, store, and deliver container content","archived":false,"fork":false,"pushed_at":"2026-01-09T17:08:19.000Z","size":44167,"stargazers_count":10186,"open_issues_count":494,"forks_count":2699,"subscribers_count":244,"default_branch":"main","last_synced_at":"2026-01-13T04:06:28.385Z","etag":null,"topics":["cncf","containers","distribution","oci","oci-specification","registry"],"latest_commit_sha":null,"homepage":"https://distribution.github.io/distribution","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/distribution.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE-OF-CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":"GOVERNANCE.md","roadmap":"ROADMAP.md","authors":"AUTHORS","dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":"MAINTAINERS","copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2014-12-22T23:49:26.000Z","updated_at":"2026-01-12T18:57:02.000Z","dependencies_parsed_at":"2023-10-20T19:21:57.378Z","dependency_job_id":"4b5cb321-ca3a-40e3-96c1-1dcdffe0f632","html_url":"https://github.com/distribution/distribution","commit_stats":{"total_commits":3465,"total_committers":538,"mean_commits":6.440520446096654,"dds":0.868109668109668,"last_synced_commit":"85e99bce34aa0b4d5a95c2e60e128e68995fcbef"},"previous_names":["docker/distribution"],"tags_count":63,"template":false,"template_full_name":null,"purl":"pkg:github/distribution/distribution","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/distribution%2Fdistribution","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/distribution%2Fdistribution/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/distribution%2Fdistribution/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/distribution%2Fdistribution/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/distribution","download_url":"https://codeload.github.com/distribution/distribution/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/distribution%2Fdistribution/sbom","scorecard":{"id":344973,"data":{"date":"2025-08-17T00:44:41Z","repo":{"name":"github.com/distribution/distribution","commit":"412a8ae033e4ca14193c7d613f6886fb054db500"},"scorecard":{"version":"v5.2.1","commit":"ab2f6e92482462fe66246d9e32f642855a691dc1"},"score":8.1,"checks":[{"name":"Maintained","score":10,"reason":"25 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#maintained"}},{"name":"Dependency-Update-Tool","score":10,"reason":"update tool detected","details":["Info: detected update tool: Dependabot: .github/dependabot.yml:1"],"documentation":{"short":"Determines if the project uses a dependency update tool.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#dependency-update-tool"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#packaging"}},{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#code-review"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#security-policy"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":9,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: jobLevel 'contents' permission set to 'write': .github/workflows/build.yml:63","Warn: jobLevel 'packages' permission set to 'write': .github/workflows/build.yml:64","Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql-analysis.yml:24","Info: jobLevel 'contents' permission set to 'read': .github/workflows/docs.yml:23","Info: jobLevel 'contents' permission set to 'read': .github/workflows/label.yaml:13","Info: topLevel 'contents' permission set to 'read': .github/workflows/build.yml:21","Info: topLevel 'contents' permission set to 'read': .github/workflows/codeql-analysis.yml:19","Info: topLevel 'contents' permission set to 'read': .github/workflows/conformance.yml:12","Info: topLevel 'contents' permission set to 'read': .github/workflows/dockerhub-readme.yml:19","Warn: no topLevel permission defined: .github/workflows/docs.yml:1","Info: topLevel 'contents' permission set to 'read': .github/workflows/e2e.yml:15","Info: topLevel 'contents' permission set to 'read': .github/workflows/fossa.yml:12","Warn: no topLevel permission defined: .github/workflows/label.yaml:1","Info: topLevel permissions set to 'read-all': .github/workflows/scorecards.yml:11","Info: topLevel 'contents' permission set to 'read': .github/workflows/validate.yml:17"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#cii-best-practices"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#binary-artifacts"}},{"name":"Fuzzing","score":10,"reason":"project is fuzzed","details":["Info: OSSFuzz integration found","Info: GoBuiltInFuzzer integration found: configuration/fuzz_test.go:10","Info: GoBuiltInFuzzer integration found: registry/api/v2/fuzz_test.go:9","Info: GoBuiltInFuzzer integration found: registry/auth/token/fuzz_test.go:10","Info: GoBuiltInFuzzer integration found: registry/auth/token/fuzz_test.go:34"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#fuzzing"}},{"name":"SAST","score":10,"reason":"SAST tool is run on all commits","details":["Info: SAST configuration detected: CodeQL","Info: all commits (30) are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#sast"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#branch-protection"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact v3.0.0 not signed: https://api.github.com/repos/distribution/distribution/releases/209764150","Warn: release artifact v3.0.0-rc.4 not signed: https://api.github.com/repos/distribution/distribution/releases/207616382","Warn: release artifact v3.0.0-rc.3 not signed: https://api.github.com/repos/distribution/distribution/releases/199651898","Warn: release artifact v3.0.0-rc.2 not signed: https://api.github.com/repos/distribution/distribution/releases/191466268","Warn: release artifact v3.0.0-rc.1 not signed: https://api.github.com/repos/distribution/distribution/releases/184239725","Warn: release artifact v3.0.0 does not have provenance: https://api.github.com/repos/distribution/distribution/releases/209764150","Warn: release artifact v3.0.0-rc.4 does not have provenance: https://api.github.com/repos/distribution/distribution/releases/207616382","Warn: release artifact v3.0.0-rc.3 does not have provenance: https://api.github.com/repos/distribution/distribution/releases/199651898","Warn: release artifact v3.0.0-rc.2 does not have provenance: https://api.github.com/repos/distribution/distribution/releases/191466268","Warn: release artifact v3.0.0-rc.1 does not have provenance: https://api.github.com/repos/distribution/distribution/releases/184239725"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#signed-releases"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/distribution/distribution/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/distribution/distribution/build.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/distribution/distribution/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/distribution/distribution/build.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/distribution/distribution/build.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:104: update your workflow using https://app.stepsecurity.io/secureworkflow/distribution/distribution/build.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:108: update your workflow using https://app.stepsecurity.io/secureworkflow/distribution/distribution/build.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:115: update your workflow using https://app.stepsecurity.io/secureworkflow/distribution/distribution/build.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:122: update your workflow using https://app.stepsecurity.io/secureworkflow/distribution/distribution/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:144: update your workflow using https://app.stepsecurity.io/secureworkflow/distribution/distribution/build.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:151: update your workflow using https://app.stepsecurity.io/secureworkflow/distribution/distribution/build.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:161: update your workflow using https://app.stepsecurity.io/secureworkflow/distribution/distribution/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/distribution/distribution/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/distribution/distribution/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/distribution/distribution/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/distribution/distribution/codeql-analysis.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/conformance.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/distribution/distribution/conformance.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/conformance.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/distribution/distribution/conformance.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/conformance.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/distribution/distribution/conformance.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dockerhub-readme.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/distribution/distribution/dockerhub-readme.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/dockerhub-readme.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/distribution/distribution/dockerhub-readme.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/distribution/distribution/docs.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/docs.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/distribution/distribution/docs.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/docs.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/distribution/distribution/docs.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/distribution/distribution/docs.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/distribution/distribution/docs.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/distribution/distribution/e2e.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/distribution/distribution/e2e.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/distribution/distribution/e2e.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/fossa.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/distribution/distribution/fossa.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/fossa.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/distribution/distribution/fossa.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/label.yaml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/distribution/distribution/label.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/validate.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/distribution/distribution/validate.yml/main?enable=pin","Warn: containerImage not pinned by hash: Dockerfile:7","Warn: containerImage not pinned by hash: Dockerfile:8","Warn: containerImage not pinned by hash: Dockerfile:15","Warn: containerImage not pinned by hash: Dockerfile:22","Warn: containerImage not pinned by hash: Dockerfile:36","Warn: containerImage not pinned by hash: Dockerfile:53","Warn: containerImage not pinned by hash: dockerfiles/authors.Dockerfile:5","Warn: containerImage not pinned by hash: dockerfiles/authors.Dockerfile:24","Warn: containerImage not pinned by hash: dockerfiles/docs.Dockerfile:6","Warn: containerImage not pinned by hash: dockerfiles/docs.Dockerfile:9","Warn: containerImage not pinned by hash: dockerfiles/docs.Dockerfile:14","Warn: containerImage not pinned by hash: dockerfiles/docs.Dockerfile:18","Warn: containerImage not pinned by hash: dockerfiles/docs.Dockerfile:22","Warn: containerImage not pinned by hash: dockerfiles/docs.Dockerfile:30","Warn: containerImage not pinned by hash: dockerfiles/git.Dockerfile:6","Warn: containerImage not pinned by hash: dockerfiles/git.Dockerfile:9","Warn: containerImage not pinned by hash: dockerfiles/git.Dockerfile:15","Warn: containerImage not pinned by hash: dockerfiles/lint.Dockerfile:8","Warn: containerImage not pinned by hash: dockerfiles/lint.Dockerfile:10","Warn: containerImage not pinned by hash: dockerfiles/lint.Dockerfile:14","Warn: containerImage not pinned by hash: dockerfiles/vendor.Dockerfile:7","Warn: containerImage not pinned by hash: dockerfiles/vendor.Dockerfile:11","Warn: containerImage not pinned by hash: dockerfiles/vendor.Dockerfile:26","Warn: containerImage not pinned by hash: dockerfiles/vendor.Dockerfile:41","Warn: containerImage not pinned by hash: dockerfiles/vendor.Dockerfile:42","Warn: containerImage not pinned by hash: project/dev-image/Dockerfile:1: pin your Docker image by updating ubuntu:14.04 to ubuntu:14.04@sha256:64483f3496c1373bfd55348e88694d1c4d0c9b660dee6bfef5e12f43b9933b30","Warn: goCommand not pinned by hash: project/dev-image/Dockerfile:20","Info:   3 out of  21 GitHub-owned GitHubAction dependencies pinned","Info:   1 out of  16 third-party GitHubAction dependencies pinned","Info:   0 out of  26 containerImage dependencies pinned","Info:   0 out of   1 goCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#pinned-dependencies"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#license"}},{"name":"Vulnerabilities","score":8,"reason":"2 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GO-2022-0635","Warn: Project is vulnerable to: GO-2022-0646"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#vulnerabilities"}},{"name":"CI-Tests","score":10,"reason":"16 out of 16 merged PRs checked by a CI test -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project runs tests before pull requests are merged.","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#ci-tests"}},{"name":"Contributors","score":10,"reason":"project has 57 contributing companies or organizations","details":["Info: found contributions from: IBM, Semmle, VoltFramework, airstack, alibaba cloud, anonaddy, apple, cfibmers, codesensus, compose-spec, containerd, containers, coreos, cri-o, datadog, dept. of the environment tourism science and innovation queensland, distribution, docker, docker-archive, dockersamples, docsorg, erofs, fedora-cloud, fedora-iot, foswiki, github-beta, gitlab, go-docker, go-fork-yourself, goreleaser, heroku, htcat, ibm, kubernetes, kubernetes-sigs, lgtmhq, librenms, linkedin, machine-drivers, magefile, meta, moby, neard, netflix, opencontainers, openshift, osbuild, portapps, red hat, redhat-cip, redhat-openstack, replit, skydive-project, stripe, thajeztah, vrgl117-games, workbenchapp"],"documentation":{"short":"Determines if the project has a set of contributors from multiple organizations (e.g., companies).","url":"https://github.com/ossf/scorecard/blob/ab2f6e92482462fe66246d9e32f642855a691dc1/docs/checks.md#contributors"}}]},"last_synced_at":"2025-08-18T06:50:19.251Z","repository_id":24948386,"created_at":"2025-08-18T06:50:19.251Z","updated_at":"2025-08-18T06:50:19.251Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28472626,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-15T22:13:38.078Z","status":"ssl_error","status_checked_at":"2026-01-15T22:12:11.737Z","response_time":62,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cncf","containers","distribution","oci","oci-specification","registry"],"created_at":"2024-07-30T19:00:53.306Z","updated_at":"2026-01-15T22:19:54.043Z","avatar_url":"https://github.com/distribution.png","language":"Go","readme":"\u003cp align=\"center\"\u003e\n\u003cimg style=\"align: center; padding-left: 10px; padding-right: 10px; padding-bottom: 10px;\" width=\"238px\" height=\"238px\" src=\"./distribution-logo.svg\" /\u003e\n\u003c/p\u003e\n\n[![Build Status](https://github.com/distribution/distribution/workflows/build/badge.svg?branch=main\u0026event=push)](https://github.com/distribution/distribution/actions/workflows/build.yml?query=workflow%3Abuild)\n[![GoDoc](https://img.shields.io/badge/go.dev-reference-007d9c?logo=go\u0026logoColor=white\u0026style=flat-square)](https://pkg.go.dev/github.com/distribution/distribution)\n[![License: Apache-2.0](https://img.shields.io/badge/License-Apache--2.0-blue.svg)](LICENSE)\n[![codecov](https://codecov.io/gh/distribution/distribution/branch/main/graph/badge.svg)](https://codecov.io/gh/distribution/distribution)\n[![FOSSA Status](https://app.fossa.com/api/projects/custom%2B162%2Fgithub.com%2Fdistribution%2Fdistribution.svg?type=shield)](https://app.fossa.com/projects/custom%2B162%2Fgithub.com%2Fdistribution%2Fdistribution?ref=badge_shield)\n[![OCI Conformance](https://github.com/distribution/distribution/workflows/conformance/badge.svg)](https://github.com/distribution/distribution/actions?query=workflow%3Aconformance)\n[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/distribution/distribution/badge)](https://securityscorecards.dev/viewer/?uri=github.com/distribution/distribution)\n\nThe toolset to pack, ship, store, and deliver content.\n\nThis repository's main product is the Open Source Registry implementation\nfor storing and distributing container images and other content using the\n[OCI Distribution Specification](https://github.com/opencontainers/distribution-spec).\nThe goal of this project is to provide a simple, secure, and scalable base\nfor building a large scale registry solution or running a simple private registry.\nIt is a core library for many registry operators including Docker Hub, GitHub Container Registry,\nGitLab Container Registry and DigitalOcean Container Registry, as well as the CNCF Harbor\nProject, and VMware Harbor Registry.\n\nThis repository contains the following components:\n\n|**Component**       |Description                                                                                                                                                                                         |\n|--------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| **registry**       | An implementation of the [OCI Distribution Specification](https://github.com/opencontainers/distribution-spec).                                                                                                 |\n| **libraries**      | A rich set of libraries for interacting with distribution components. Please see [godoc](https://pkg.go.dev/github.com/distribution/distribution) for details. **Note**: The interfaces for these libraries are **unstable**. |\n| **documentation**  | Full documentation is available at [https://distribution.github.io/distribution](https://distribution.github.io/distribution/).\n\n### How does this integrate with Docker, containerd, and other OCI client?\n\nClients implement against the OCI specification and communicate with the\nregistry using HTTP. This project contains a client implementation which\nis currently in use by Docker, however, it is deprecated for the\n[implementation in containerd](https://github.com/containerd/containerd/tree/master/remotes/docker)\nand will not support new features.\n\n### What are the long term goals of the Distribution project?\n\nThe _Distribution_ project has the further long term goal of providing a\nsecure tool chain for distributing content. The specifications, APIs and tools\nshould be as useful with Docker as they are without.\n\nOur goal is to design a professional grade and extensible content distribution\nsystem that allow users to:\n\n* Enjoy an efficient, secured and reliable way to store, manage, package and\n  exchange content\n* Hack/roll their own on top of healthy open-source components\n* Implement their own home made solution through good specs, and solid\n  extensions mechanism.\n\n## Contribution\n\nPlease see [CONTRIBUTING.md](CONTRIBUTING.md) for details on how to contribute\nissues, fixes, and patches to this project. If you are contributing code, see\nthe instructions for [building a development environment](BUILDING.md).\n\n## Communication\n\nFor async communication and long running discussions please use issues and pull requests on the github repo.\nThis will be the best place to discuss design and implementation.\n\nFor sync communication we have a #distribution channel in the [CNCF Slack](https://slack.cncf.io/)\nthat everyone is welcome to join and chat about development.\n\n## Licenses\n\nThe distribution codebase is released under the [Apache 2.0 license](LICENSE).\nThe README.md file, and files in the \"docs\" folder are licensed under the\nCreative Commons Attribution 4.0 International License. You may obtain a\ncopy of the license, titled CC-BY-4.0, at http://creativecommons.org/licenses/by/4.0/.\n","funding_links":[],"categories":["Go","HarmonyOS","others","其他__大数据","containers","Image"],"sub_categories":["Windows Manager","网络服务_其他"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdistribution%2Fdistribution","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdistribution%2Fdistribution","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdistribution%2Fdistribution/lists"}