v2.6.1

This is a security patch release addressing five advisories in the authentication, remote, and content layers, plus accumulated bug fixes and maintenance since v2.6.0.

Security Fixes

• Drop the Authorization header on cross-origin redirects to prevent origin credentials leaking to a redirect target on a different scheme/port of the same host (GHSA-vh4v-2xq2-g5cg)
• Validate the bearer realm host before sending credentials to prevent credential exfiltration to an attacker-controlled token service, including TLS downgrades and IP-literal metadata endpoints; adds TrustedRealmHosts (GHSA-28r5-37g7-p6mp, GHSA-xf85-363p-868w)
• Validate the Location host before blob upload to prevent credentials being forwarded to a cross-host upload endpoint (SSRF / CWE-918) (#1152, GHSA-jxpm-75mh-9fp7)
• Reject descriptor sizes exceeding 32 MiB in content.ReadAll to prevent a crafted OCI layout from triggering a makeslice panic and crashing the process (#1153, GHSA-f36w-mj3v-6jqv)
• Resolve symlinks when enforcing the workingDir write boundary in content/file, blocking writes that escape the boundary via a symlinked path component when AllowPathTraversalOnWrite=false

Bug Fixes

• graph.Memory should use digest as map key (#1095)
• Fix credentials key for the Docker registry-1 host (#966)
• Support an empty credentials file (#959)

Other Changes

• Add GitOps release workflow with goreleaser (#1161)
• Shift the Go support window to [1.24, 1.25] (#991)
• Run go modernize (#1005)
• Sync CODEOWNERS and OWNERS.md from main to v2 (#1122)
• Remove scripts reference from the Makefile (#960)
• Bump golang.org/x/sync 0.14.0 → 0.20.0 (#971, #978, #1001, #1037, #1078, #1121)
• Bump GitHub Actions: actions/checkout 4→5 (#989), actions/setup-go 5→6 (#998), actions/stale 9→10 (#997), github/codeql-action 3→4 (#1016)