Quantify Issues

Recent GitHub Issues Activity

_{Like all software activity quantification, these numbers are imperfect but sometimes useful. Comments, Labels, and Milestones refer to those issues opened in the timespan in question.}

Quantify commits

Quantified Commit Activity Over 30 Days

Developer	Avatar	Branches	PRs	Commits	Files	Changes
Wang Yan		2	5/6/0	6	32	1312
dependabot[bot]		2	7/6/6	7	5	921
Daniel Jiang (reasonerjt)		2	2/2/0	2	13	371
Shengwen YU		2	0/0/0	8	34	346
Maksym Trofimenko		1	0/0/0	1	5	282
stonezdj(Daojun Zhang)		3	4/5/0	5	17	220
Mitsuru Kariya		1	0/1/0	1	3	97
Chongzhi Deng		1	1/1/0	1	17	60
Chlins Zhang		1	2/2/0	2	2	55
Ethan Howell		1	0/1/0	1	2	38
kunal Dugar		1	2/1/1	1	3	10
Johan Kok		1	1/1/0	1	1	2
Lichao Xue		2	2/2/0	2	1	2
蝦米		1	0/1/0	1	1	1
Shengwen YU (zyyw)		0	9/8/2	0	0	0
None (thoro)		0	1/0/0	0	0	0
Yann ILAS (yilas)		0	1/0/0	0	0	0
None (LGhoull)		0	1/0/0	0	0	0
baldarn (baldarn)		0	1/0/0	0	0	0
Ian Seyer (ianseyer)		0	1/0/1	0	0	0
None (msc-xdev)		0	1/0/0	0	0	0
miner (MinerYang)		0	0/0/1	0	0	0
Anthony F (antoine29)		0	1/0/0	0	0	0
Nashwan Azhari (aznashwan)		0	0/0/1	0	0	0
Matthieu MOREL (mmorel-35)		0	0/0/1	0	0	0

_{PRs: created by that dev and opened/merged/closed-unmerged during the period}

Report On: Fetch issues

Recent Activity Analysis

The recent activity on the Harbor GitHub repository indicates a high level of engagement, with 587 open issues and a steady stream of new issues being created. Notably, several issues have emerged around the functionality of replication, image management, and integration with external services like LDAP and OIDC. A recurring theme is the complexity and challenges associated with managing images, particularly in relation to security policies and the handling of vulnerabilities.

Several issues highlight significant bugs or limitations in the current version, such as problems with garbage collection, proxy cache behavior, and authentication errors. The presence of multiple issues related to image replication and scanning suggests that users are facing operational hurdles that could impact their workflows.

Issue Details

Here are some of the most recent and relevant issues:

1. Issue #20902: Rule management and hierarchy when multiple rules in place for the same project

   • Priority: High
   • Status: Open
   • Created: 0 days ago
   • Details: Users are struggling with retention rules that do not execute as expected due to a preference for retaining more images when multiple rules apply.

2. Issue #20901: internal network OSS

   • Priority: Medium
   • Status: Open
   • Created: 1 day ago
   • Details: A user is unable to pull images from an external network after configuring Harbor for an internal OSS.

3. Issue #20899: https.certificate/private_key set in harbor.yml, but missing in docker-compose.py

   • Priority: Medium
   • Status: Open
   • Created: 1 day ago
   • Details: Users expect configuration settings in harbor.yml to be reflected in docker-compose.yml, which they are not.

4. Issue #20898: Robot Account and LDAP integration

   • Priority: Medium
   • Status: Open
   • Created: 1 day ago
   • Details: Users want to create robot accounts via LDAP similar to normal users, raising questions about future feature support.

5. Issue #20897: Retagged images no longer replicating after v2.11.1 upgrade

   • Priority: High
   • Status: Open
   • Created: 1 day ago
   • Details: After upgrading to v2.11.1, users report that retagged images do not trigger replication as expected.

6. Issue #20895: https://goharbor.io/docs/2.11.0/install-config/run-installer-script/ not synced with REPO

   • Priority: Low
   • Status: Open
   • Created: 3 days ago
   • Details: Documentation discrepancies between the website and repository instructions have been noted.

7. Issue #20894: Garbage Collection in Harbor Not Freeing Up Expected Storage Space While the UI Shows Space Has Been Freed Up

   • Priority: High
   • Status: Open
   • Created: 3 days ago
   • Details: Users are experiencing issues where garbage collection does not free up expected storage space despite UI indications.

Summary of Themes

• There is a clear focus on improving image management practices, particularly concerning retention policies and how they interact with user expectations.
• Issues related to LDAP and OIDC integrations suggest that users are looking for more robust authentication mechanisms.
• The upgrade process has introduced several bugs that users are keen to resolve, indicating potential instability in recent releases.
• Documentation clarity is a recurring concern, highlighting a need for better synchronization between user guides and actual implementation details.

This analysis reflects a community actively seeking solutions to complex operational challenges while navigating recent changes in Harbor's functionality.

Report On: Fetch pull requests

Report on Pull Requests

Overview

The analysis of the pull requests (PRs) for the goharbor/harbor repository reveals a total of 50 open PRs, showcasing a diverse range of enhancements, bug fixes, and dependency updates. The PRs reflect ongoing efforts to improve functionality, security, and performance within the Harbor project.

Summary of Pull Requests

1. PR #20896: chore(deps-dev) - Bumps axios from 1.5.0 to 1.7.7 in /src/portal. This update addresses several bug fixes and optimizations in the Axios library, which is crucial for handling HTTP requests in the portal.

2. PR #20881: fix - Allows builds on macOS via Docker by adding platform definition options in the Makefile. This PR addresses compatibility issues for developers using macOS M1+ architecture.

3. PR #20880: fix - Conditionally enables IPv6 listen directives in Nginx configs to ensure proper connectivity when IPv6 is configured.

4. PR #20873: fix - Adds labels for multiple selected artifacts, correcting a previous limitation where only the first selected artifact could be labeled.

5. PR #20862: UI Changes - Implements UI changes for configuring proxy-cache speed limits, enhancing user experience and control over bandwidth settings.

6. PR #20848: fix - Introduces customizable look and feel options from harbor.yml, allowing users to tailor their Harbor interface.

7. PR #20754: new feature - Adds an option to enable robot full access, enhancing permissions management for automated processes.

8. PR #19780: enhancement - Makes Swagger download automatically select architecture (amd64 and arm64), improving usability across different systems.

9. PR #19725: new feature - Adds an option to store IP addresses and user-agent details in audit logs, enhancing traceability and compliance capabilities.

10. PR #19692: new feature - Supports Alibaba ACR proxy cache type, expanding Harbor's integration capabilities with various cloud services.

11. PR #17618: enhancement - Fixes 404 errors when artifacts are requested for non-existing repositories, improving error handling and user experience.

12. PR #20867: new feature - Adds support for network configuration in Docker Compose files, enhancing deployment flexibility.

13. PR #20851: refactor - Extends OIDC CLI security context generator to include calls to the v2 API, streamlining authentication processes.

14. PR #20810: fix - Disables the edit default quota button when not editable to prevent user confusion and errors.

15. PR #20791: cleanup - Removes unused files from the project repository, contributing to better maintainability.

16. PR #20731: fix - Updates LDAP configurations to use a more recent version of OpenLDAP, addressing compatibility issues.

17. PR #20640: optimization - Reduces image sizes by optimizing Dockerfile commands, leading to more efficient builds.

18. PR #20637: enhancement - Exposes ssl_protocols from Nginx configuration in harbor.yml, allowing users to customize security settings.

19. PR #20563, PR #20506, PR #20483, PR #20458, PR #20457, PR #20456, PR #20455, PR #20454, PR #20453, PR #20452, PR #20451, PR #20450, PR #20449, PR #20448, PR #20447, PR #20446, PR #20445, PR #20444, PR #20443, PR #20442, PR #20441, PR #20440, PR #20439, PR #20438, PR #20437, PR #20436, PR #20435, PR #20434**

(Additional notable mentions include various dependency updates and minor enhancements.)

Analysis of Pull Requests

The current set of open pull requests reflects a robust development effort within the Harbor project, focusing on both functional enhancements and technical debt reduction:

Themes:

1. Dependency Management: A significant number of pull requests involve updating dependencies such as axios, go-containerregistry, and others. These updates are crucial for maintaining security standards and ensuring compatibility with other libraries or frameworks used within Harbor.

2. Feature Enhancements: Several pull requests introduce new features that enhance user experience or expand functionality—such as customizable UI options, improved artifact management capabilities, and enhanced logging features that provide better insights into operations.

3. Bug Fixes: Many pull requests address specific bugs or usability issues reported by users or identified during testing phases (e.g., fixing 404 errors when fetching artifacts). This shows an active engagement with user feedback and a commitment to improving software quality.

4. Performance Optimization: There are multiple instances where developers have focused on optimizing performance through code refactoring or reducing image sizes in Docker containers (e.g., reducing image sizes through better Dockerfile practices). This is essential for improving deployment times and resource utilization.

5. Security Improvements: The introduction of features like logging IP addresses in audit logs indicates a strong focus on compliance and security—important aspects for any organization using Harbor as part of their container management strategy.

Anomalies:

• There are several older pull requests that remain open without significant activity (e.g., some dating back several months). This could indicate potential bottlenecks in the review process or prioritization issues within the development team.
• Some pull requests have been marked as "stale" due to inactivity but may still hold valuable contributions that could benefit future releases if revisited.

Lack of Recent Merge Activity:

• While there is a healthy number of open pull requests, recent merge activity appears limited compared to the volume of new submissions—suggesting that while contributions are being made, they may not be progressing through the review process as quickly as desired.

Conclusion:

Overall, the current state of pull requests in the goharbor/harbor repository demonstrates an active development environment with a clear focus on enhancing functionality while addressing existing bugs and technical debt. However, attention should be given to older pull requests that may need revisiting or additional resources allocated for timely reviews to maintain momentum within the project’s development cycle.

Report On: Fetch commits

Repo Commits Analysis

Development Team and Recent Activity

Team Members and Recent Activities

1. dependabot[bot]

   • Recent Activity: 7 commits in the last 30 days, focusing on dependency updates across multiple branches.
   • Collaborators: Co-authored with Shengwen YU on several dependency updates.

2. stonezdj (Daojun Zhang)

   • Recent Activity: 5 commits, including fixes for artifact events and UI bugs related to SBOM.
   • Collaborators: Worked with Shengwen YU and Wang Yan on various issues and features.

3. chlins (Chlins Zhang)

   • Recent Activity: 2 commits, primarily focused on refactoring and fixing error checks.
   • Collaborators: Co-authored with MinerYang.

4. BruceAko (Chongzhi Deng)

   • Recent Activity: 1 commit fixing typos across multiple files.

5. kunal-511 (Kunal Dugar)

   • Recent Activity: 1 commit addressing a UI bug in the global search component.

6. tpoxa (Maksym Trofimenko)

   • Recent Activity: 1 commit adding Prometheus metrics for Harbor statistics.

7. Shengwen YU

   • Recent Activity: 8 commits, focusing on dependency updates, bug fixes, and enhancements to CI/CD processes.
   • Collaborators: Frequently collaborated with dependabot[bot], stonezdj, and Wang Yan.

8. wy65701436 (Wang Yan)

   • Recent Activity: 6 commits, including significant features like adding creator for robot accounts and enabling audit logs.
   • Collaborators: Worked closely with stonezdj and Shengwen YU.

9. johankok (Johan Kok)

   • Recent Activity: 1 commit correcting a typo in Swagger API documentation.

10. jhdxr (蝦米)

    • Recent Activity: 1 commit fixing an obsolete warning in docker-compose files.

11. kariya-mitsuru (Mitsuru Kariya)

    • Recent Activity: 1 commit removing unnecessary migration patches.

12. ethanchowell (Ethan Howell)

    • Recent Activity: 1 commit extending AWS ECR regex support.

13. xuelichao (Lichao Xue)

    • Recent Activity: 2 commits addressing various UI bugs and SBOM-related issues.
    • Collaborators: Collaborated with Wang Yan on several tasks.

14. reasonerjt (Daniel Jiang)

    • Recent Activity: 2 commits related to version bumps and base image updates.

Patterns, Themes, and Conclusions

• The recent activity indicates a strong focus on dependency management, with multiple team members contributing to updates facilitated by dependabot[bot].
• Collaboration is evident among team members, particularly between Shengwen YU, stonezdj, and Wang Yan, who frequently co-author significant changes.
• The development team is actively addressing bugs and enhancing features related to security auditing and artifact management.
• The presence of multiple contributors working on UI improvements suggests an ongoing effort to enhance user experience within the Harbor platform.
• Overall, the team's activities reflect a commitment to maintaining code quality through regular updates, collaborative problem-solving, and responsiveness to community feedback.

This analysis highlights the active engagement of the development team in improving the Harbor project while ensuring stability through careful dependency management and collaboration.