Skip to content

In compareImageDestinationManifestEqual, compare full manifests #510

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

In compareImageDestinationManifestEqual, compare full manifests #510

wants to merge 1 commit into from

Conversation

@mtrmac
Copy link
Contributor

@mtrmac mtrmac commented Nov 29, 2025

... instead of digests, making this comparison completely resistant to cryptographic hash function collisions.

This also means we don't ignore v2s1 signatures in the comparison; that is unlikely to matter (given decreasing support for v2s1), but only skipping the copy if the destination exactly matches the source, including that signature, is more correct.

(Note that we still return copySingleImageResult.manifestDigest; this PR does not change that part.)

Cc: @lsm5

@mtrmac
In compareImageDestinationManifestEqual, compare full manifests
4b31386 
... instead of digests, making this comparison completely
resistant to cryptographic hash function collisions.

This also means we don't ignore v2s1 signatures in the comparison;
that is unlikely to matter (given decreasing support for v2s1),
but only skipping the copy if the destination _exactly_ matches
the source, including that signature, is more correct.

(Note that we still return copySingleImageResult.manifestDigest;
this PR does not change that part.)

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
@github-actions github-actions bot added the image Related to "image" package label Nov 29, 2025
podmanbot pushed a commit to podmanbot/buildah that referenced this pull request Nov 29, 2025
@github-actions
dnm: Vendor changes from containers/container-libs#510
76a9673
@podmanbot
Copy link

podmanbot commented Nov 29, 2025

✅ A new PR has been created in buildah to vendor these changes: containers/buildah#6550

@podmanbot podmanbot mentioned this pull request Nov 29, 2025
Draft
@mtrmac mtrmac mentioned this pull request Nov 29, 2025
Open
39 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

image Related to "image" package

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@mtrmac @podmanbot