Skip to content

image/internal: validate blob against digest#486

Merged
mtrmac merged 1 commit into
podman-container-tools:mainfrom
lsm5:digest-redux-image
Nov 25, 2025
Merged

image/internal: validate blob against digest#486
mtrmac merged 1 commit into
podman-container-tools:mainfrom
lsm5:digest-redux-image

Conversation

@lsm5

@lsm5 lsm5 commented Nov 23, 2025
edited
Loading

Copy link
Copy Markdown
Contributor

validateBlobAgainstDigest verifies that the provided blob matches the exepcted digest. If expected digest itself is invalid or unusable, it rejects the blob. Callers don't need to pre-validate the expected digest.

This enables skopeo copy to work with sha512-digested images.

Creating separate PR per https://github.com/containers/container-libs/pull/475/files#r2551441932

@lsm5 @claude
image/internal: validate blob against digest
a762705 
`validateBlobAgainstDigest` verifies that the provided blob matches
the exepcted digest. If expected digest itself is invalid or unusable,
it rejects the blob. Callers don't need to pre-validate the expected
digest.

This enables `skopeo copy` to work with sha512-digested images.

Co-Authored-By: Claude Code <noreply@anthropic.com>
Signed-off-by: Lokesh Mandvekar <lsm5@redhat.com>
@github-actions github-actions Bot added the image Related to "image" package label Nov 23, 2025
@lsm5 lsm5 mentioned this pull request Nov 23, 2025
Merged
podmanbot pushed a commit to podmanbot/buildah that referenced this pull request Nov 23, 2025
@github-actions
dnm: Vendor changes from podman-container-tools/container-libs#486
b5add0f
@podmanbot

podmanbot commented Nov 23, 2025

Copy link
Copy Markdown

✅ A new PR has been created in buildah to vendor these changes: podman-container-tools/buildah#6531

@podmanbot podmanbot mentioned this pull request Nov 23, 2025
Closed
@lsm5 lsm5 marked this pull request as ready for review November 23, 2025 19:41
@lsm5

lsm5 commented Nov 23, 2025

Copy link
Copy Markdown
Contributor Author

@mtrmac PTAL

mtrmac
mtrmac approved these changes Nov 25, 2025
View reviewed changes

@mtrmac mtrmac left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

@mtrmac mtrmac merged commit 0984e11 into podman-container-tools:main Nov 25, 2025
25 checks passed
@lsm5 lsm5 deleted the digest-redux-image branch November 25, 2025 13:53
@mtrmac mtrmac mentioned this pull request Nov 28, 2025
Open
39 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mtrmac mtrmac mtrmac approved these changes

Assignees

No one assigned

Labels

image Related to "image" package

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@lsm5 @podmanbot @mtrmac