containers
diff --git a/‎docs/skopeo-copy.1.md‎
Lines changed: 67 additions & 67 deletions b/‎docs/skopeo-copy.1.md‎
Lines changed: 67 additions & 67 deletions
diff --git a/‎docs/skopeo-delete.1.md‎
Lines changed: 17 additions & 17 deletions b/‎docs/skopeo-delete.1.md‎
Lines changed: 17 additions & 17 deletions
diff --git a/‎docs/skopeo-generate-sigstore-key.1.md‎
Lines changed: 7 additions & 7 deletions b/‎docs/skopeo-generate-sigstore-key.1.md‎
Lines changed: 7 additions & 7 deletions
@@ -24,221 +24,221 @@ See also [skopeo(1)](skopeo.1.md) for options placed before the subcommand name.
 
 **--additional-tag**=_strings_
 
-Additional tags (supports docker-archive).
+:   Additional tags (supports docker-archive).
 
 **--all**, **-a**
 
-If _source-image_ refers to a list of images, instead of copying just the image which matches the current OS and
-architecture (subject to the use of the global --override-os, --override-arch and --override-variant options), attempt to copy all of
-the images in the list, and the list itself.
+:   If _source-image_ refers to a list of images, instead of copying just the image which matches the current OS and
+    architecture (subject to the use of the global --override-os, --override-arch and --override-variant options), attempt to copy all of
+    the images in the list, and the list itself.
 
 **--authfile** _path_
 
-Path of the primary registry credentials file. On Linux, the default is ${XDG\_RUNTIME\_DIR}/containers/auth.json.
-See **containers-auth.json**(5) for more details about the credential search mechanism and defaults on other platforms.
-
-Use `skopeo login` to manage the credentials.
-
-The default value of this option is read from the `REGISTRY\_AUTH\_FILE` environment variable.
+:   Path of the primary registry credentials file. On Linux, the default is ${XDG\_RUNTIME\_DIR}/containers/auth.json.
+    See **containers-auth.json**(5) for more details about the credential search mechanism and defaults on other platforms.
+    
+    Use `skopeo login` to manage the credentials.
+    
+    The default value of this option is read from the `REGISTRY\_AUTH\_FILE` environment variable.
 
 **--src-authfile** _path_
 
-Path of the primary registry credentials file for the source registry. Uses path given by `--authfile`, if not provided.
+:   Path of the primary registry credentials file for the source registry. Uses path given by `--authfile`, if not provided.
 
 **--dest-authfile** _path_
 
-Path of the primary registry credentials file for the destination registry. Uses path given by `--authfile`, if not provided.
+:   Path of the primary registry credentials file for the destination registry. Uses path given by `--authfile`, if not provided.
 
 **--dest-shared-blob-dir** _directory_
 
-Directory to use to share blobs across OCI repositories.
+:   Directory to use to share blobs across OCI repositories.
 
 **--digestfile** _path_
 
-After copying the image, write the digest of the resulting image to the file.
+:   After copying the image, write the digest of the resulting image to the file.
 
 **--preserve-digests**
 
-Preserve the digests during copying. Fail if the digest cannot be preserved.
+:   Preserve the digests during copying. Fail if the digest cannot be preserved.
 
-This option does not change what will be copied; consider using `--all` at the same time.
+    This option does not change what will be copied; consider using `--all` at the same time.
 
 **--encrypt-layer** _ints_
 
-*Experimental* the 0-indexed layer indices, with support for negative indexing (e.g. 0 is the first layer, -1 is the last layer)
+:   *Experimental* the 0-indexed layer indices, with support for negative indexing (e.g. 0 is the first layer, -1 is the last layer)
 
 **--format**, **-f** _manifest-type_
 
-MANIFEST TYPE (oci, v2s1, or v2s2) to use in the destination (default is manifest type of source, with fallbacks)
+:   MANIFEST TYPE (oci, v2s1, or v2s2) to use in the destination (default is manifest type of source, with fallbacks)
 
 **--help**, **-h**
 
-Print usage statement
+:   Print usage statement
 
 **--multi-arch** _option_
 
-Control what is copied if _source-image_ refers to a multi-architecture image. Default is system.
+:   Control what is copied if _source-image_ refers to a multi-architecture image. Default is system.
 
-Options:
-- system: Copy only the image that matches the system architecture
-- all: Copy the full multi-architecture image
-- index-only: Copy only the index
+:   Options:
+    - system: Copy only the image that matches the system architecture
+    - all: Copy the full multi-architecture image
+    - index-only: Copy only the index
 
-The index-only option usually fails unless the referenced per-architecture images are already present in the destination, or the target registry supports sparse indexes.
+   The index-only option usually fails unless the referenced per-architecture images are already present in the destination, or the target registry supports sparse indexes.
 
 **--quiet**, **-q**
 
-Suppress output information when copying images.
+:   Suppress output information when copying images.
 
 **--remove-signatures**
 
-Do not copy signatures, if any, from _source-image_. Necessary when copying a signed image to a destination which does not support signatures.
+:   Do not copy signatures, if any, from _source-image_. Necessary when copying a signed image to a destination which does not support signatures.
 
 **--sign-by** _key-id_
 
-Add a “simple signing” signature using that key ID for an image name corresponding to _destination-image_
+:   Add a “simple signing” signature using that key ID for an image name corresponding to _destination-image_
 
 **--sign-by-sigstore** _param-file_
 
-Add a sigstore signature based on the options in the specified containers sigstore signing parameter file, _param-file_.
-See containers-sigstore-signing-params.yaml(5) for details about the file format.
+:   Add a sigstore signature based on the options in the specified containers sigstore signing parameter file, _param-file_.
+    See containers-sigstore-signing-params.yaml(5) for details about the file format.
 
 **--sign-by-sigstore-private-key** _path_
 
-Add a sigstore signature using a private key at _path_ for an image name corresponding to _destination-image_
+:   Add a sigstore signature using a private key at _path_ for an image name corresponding to _destination-image_
 
 **--sign-by-sq-fingerprint** _fingerprint_
 
-Add a “simple signing” signature using a Sequoia-PGP key with the specified _fingerprint_.
+:   Add a “simple signing” signature using a Sequoia-PGP key with the specified _fingerprint_.
 
 **--sign-passphrase-file** _path_
 
-The passphrase to use when signing with `--sign-by`, `--sign-by-sigstore-private-key` or `--sign-by-sq-fingerprint`.
-Only the first line will be read. A passphrase stored in a file is of questionable security if other users can read this file. Do not use this option if at all avoidable.
+:   The passphrase to use when signing with `--sign-by`, `--sign-by-sigstore-private-key` or `--sign-by-sq-fingerprint`.
+    Only the first line will be read. A passphrase stored in a file is of questionable security if other users can read this file. Do not use this option if at all avoidable.
 
 **--sign-identity** _reference_
 
-The identity to use when signing the image. The identity must be a fully specified docker reference. If the identity is not specified, the target docker reference will be used.
+:   The identity to use when signing the image. The identity must be a fully specified docker reference. If the identity is not specified, the target docker reference will be used.
 
 **--src-shared-blob-dir** _directory_
 
-Directory to use to share blobs across OCI repositories.
+:   Directory to use to share blobs across OCI repositories.
 
 **--encryption-key** _protocol:keyfile_
 
-Specifies the encryption protocol, which can be JWE (RFC7516), PGP (RFC4880), and PKCS7 (RFC2315) and the key material required for image encryption. For instance, jwe:/path/to/key.pem or pgp:admin@example.com or pkcs7:/path/to/x509-file.
+:   Specifies the encryption protocol, which can be JWE (RFC7516), PGP (RFC4880), and PKCS7 (RFC2315) and the key material required for image encryption. For instance, jwe:/path/to/key.pem or pgp:admin@example.com or pkcs7:/path/to/x509-file.
 
 **--decryption-key** _key[:passphrase]_
 
-Key to be used for decryption of images. Key can point to keys and/or certificates. Decryption will be tried with all keys. If the key is protected by a passphrase, it is required to be passed in the argument and omitted otherwise.
+:   Key to be used for decryption of images. Key can point to keys and/or certificates. Decryption will be tried with all keys. If the key is protected by a passphrase, it is required to be passed in the argument and omitted otherwise.
 
 **--src-creds** _username[:password]_
 
-Credentials for accessing the source registry.
+:   Credentials for accessing the source registry.
 
 **--dest-compress**
 
-Compress tarball image layers when saving to directory using the 'dir' transport. (default is same compression type as source).
+:   Compress tarball image layers when saving to directory using the 'dir' transport. (default is same compression type as source).
 
 **--dest-decompress**
 
-Decompress tarball image layers when saving to directory using the 'dir' transport. (default is same compression type as source).
+:   Decompress tarball image layers when saving to directory using the 'dir' transport. (default is same compression type as source).
 
 **--dest-oci-accept-uncompressed-layers**
 
-Allow uncompressed image layers when saving to an OCI image using the 'oci' transport. (default is to compress things that aren't compressed).
+:   Allow uncompressed image layers when saving to an OCI image using the 'oci' transport. (default is to compress things that aren't compressed).
 
 **--dest-creds** _username[:password]_
 
-Credentials for accessing the destination registry.
+:   Credentials for accessing the destination registry.
 
 **--src-cert-dir** _path_
 
-Use certificates at _path_ (*.crt, *.cert, *.key) to connect to the source registry or daemon.
+:   Use certificates at _path_ (*.crt, *.cert, *.key) to connect to the source registry or daemon.
 
 **--src-no-creds**
 
-Access the registry anonymously.
+:   Access the registry anonymously.
 
 **--src-tls-verify**=_bool_
 
-Require HTTPS and verify certificates when talking to container source registry or daemon. Default to source registry setting.
+:   Require HTTPS and verify certificates when talking to container source registry or daemon. Default to source registry setting.
 
 **--dest-cert-dir** _path_
 
-Use certificates at _path_ (*.crt, *.cert, *.key) to connect to the destination registry or daemon.
+:   Use certificates at _path_ (*.crt, *.cert, *.key) to connect to the destination registry or daemon.
 
 **--dest-no-creds**
 
-Access the registry anonymously.
+:   Access the registry anonymously.
 
 **--dest-tls-verify**=_bool_
 
-Require HTTPS and verify certificates when talking to container destination registry or daemon. Default to destination registry setting.
+:   Require HTTPS and verify certificates when talking to container destination registry or daemon. Default to destination registry setting.
 
 **--src-daemon-host** _host_
 
-Copy from docker daemon at _host_. If _host_ starts with `tcp://`, HTTPS is enabled by default. To use plain HTTP, use the form `http://` (default is `unix:///var/run/docker.sock`).
+:   Copy from docker daemon at _host_. If _host_ starts with `tcp://`, HTTPS is enabled by default. To use plain HTTP, use the form `http://` (default is `unix:///var/run/docker.sock`).
 
 **--dest-daemon-host** _host_
 
-Copy to docker daemon at _host_. If _host_ starts with `tcp://`, HTTPS is enabled by default. To use plain HTTP, use the form `http://` (default is `unix:///var/run/docker.sock`).
+:   Copy to docker daemon at _host_. If _host_ starts with `tcp://`, HTTPS is enabled by default. To use plain HTTP, use the form `http://` (default is `unix:///var/run/docker.sock`).
 
-Existing signatures, if any, are preserved as well.
+    Existing signatures, if any, are preserved as well.
 
 **--dest-compress-format** _format_
 
-Specifies the compression format to use.  Supported values are: `gzip`, `zstd` and `zstd:chunked`.
-`zstd:chunked` is incompatible with encrypting images,
-and will be treated as `zstd` with a warning in that case.
+:   Specifies the compression format to use.  Supported values are: `gzip`, `zstd` and `zstd:chunked`.
+    `zstd:chunked` is incompatible with encrypting images,
+    and will be treated as `zstd` with a warning in that case.
 
 **--dest-compress-level** _format_
 
-Specifies the compression level to use.  The value is specific to the compression algorithm used, e.g. for zstd the accepted values are in the range 1-20 (inclusive), while for gzip it is 1-9 (inclusive).
+:   Specifies the compression level to use.  The value is specific to the compression algorithm used, e.g. for zstd the accepted values are in the range 1-20 (inclusive), while for gzip it is 1-9 (inclusive).
 
 **--dest-force-compress-format**
 
-Ensures that the compression algorithm set in --dest-compress-format is used exclusively.
+:   Ensures that the compression algorithm set in --dest-compress-format is used exclusively.
 
 **--src-registry-token** _token_
 
-Bearer token for accessing the source registry.
+:   Bearer token for accessing the source registry.
 
 **--dest-registry-token** _token_
 
-Bearer token for accessing the destination registry.
+:   Bearer token for accessing the destination registry.
 
 **--dest-precompute-digests**
 
-Precompute digests to ensure layers are not uploaded that already exist on the destination registry. Layers with initially unknown digests (ex. compressing "on the fly") will be temporarily streamed to disk.
+:   Precompute digests to ensure layers are not uploaded that already exist on the destination registry. Layers with initially unknown digests (ex. compressing "on the fly") will be temporarily streamed to disk.
 
 **--retry-times**
 
-The number of times to retry.
+:   The number of times to retry.
 
 **--retry-delay**
 
-Fixed delay between retries. If not set (or set to 0s), retry wait time will be exponentially increased based on the number of failed attempts.
+:   Fixed delay between retries. If not set (or set to 0s), retry wait time will be exponentially increased based on the number of failed attempts.
 
 **--src-username**
 
-The username to access the source registry.
+:   The username to access the source registry.
 
 **--src-password**
 
-The password to access the source registry.
+:   The password to access the source registry.
 
 **--dest-username**
 
-The username to access the destination registry.
+:   The username to access the destination registry.
 
 **--dest-password**
 
-The password to access the destination registry.
+:   The password to access the destination registry.
 
 **--image-parallel-copies** _n_
 
-Maximum number of image layers to be copied (pulled/pushed) simultaneously. Not setting this field will fall back to containers/image defaults.
+:   Maximum number of image layers to be copied (pulled/pushed) simultaneously. Not setting this field will fall back to containers/image defaults.
 
 ## EXAMPLES
 
 
@@ -35,62 +35,62 @@ See also [skopeo(1)](skopeo.1.md) for options placed before the subcommand name.
 
 **--authfile** _path_
 
-Path of the primary registry credentials file. On Linux, the default is ${XDG\_RUNTIME\_DIR}/containers/auth.json.
-See **containers-auth.json**(5) for more details about the credential search mechanism and defaults on other platforms.
+:   Path of the primary registry credentials file. On Linux, the default is ${XDG\_RUNTIME\_DIR}/containers/auth.json.
+    See **containers-auth.json**(5) for more details about the credential search mechanism and defaults on other platforms.
 
-Use `skopeo login` to manage the credentials.
+    Use `skopeo login` to manage the credentials.
 
-The default value of this option is read from the `REGISTRY\_AUTH\_FILE` environment variable.
+    The default value of this option is read from the `REGISTRY\_AUTH\_FILE` environment variable.
 
 **--creds** _username[:password]_
 
-Credentials for accessing the registry.
+:   Credentials for accessing the registry.
 
 **--cert-dir** _path_
 
-Use certificates at _path_ (*.crt, *.cert, *.key) to connect to the registry.
+:   Use certificates at _path_ (*.crt, *.cert, *.key) to connect to the registry.
 
 **--daemon-host** _host_
 
-Use docker daemon host at _host_ (`docker-daemon:` transport only)
+:   Use docker daemon host at _host_ (`docker-daemon:` transport only)
 
 **--help**, **-h**
 
-Print usage statement
+:   Print usage statement
 
 **--no-creds**
 
-Access the registry anonymously.
+:   Access the registry anonymously.
 
-Additionally, the registry must allow deletions by setting `REGISTRY_STORAGE_DELETE_ENABLED=true` for the registry daemon.
+    Additionally, the registry must allow deletions by setting `REGISTRY_STORAGE_DELETE_ENABLED=true` for the registry daemon.
 
 **--registry-token** _token_
 
-Bearer token for accessing the registry.
+:   Bearer token for accessing the registry.
 
 **--retry-times**
 
-The number of times to retry.
+:   The number of times to retry.
 
 **--retry-delay**
 
-Fixed delay between retries. If not set (or set to 0s), retry wait time will be exponentially increased based on the number of failed attempts.
+:   Fixed delay between retries. If not set (or set to 0s), retry wait time will be exponentially increased based on the number of failed attempts.
 
 **--shared-blob-dir** _directory_
 
-Directory to use to share blobs across OCI repositories.
+:   Directory to use to share blobs across OCI repositories.
 
 **--tls-verify**=_bool_
 
-Require HTTPS and verify certificates when talking to the container registry or daemon. Default to registry.conf setting.
+:   Require HTTPS and verify certificates when talking to the container registry or daemon. Default to registry.conf setting.
 
 **--username**
 
-The username to access the registry.
+:   The username to access the registry.
 
 **--password**
 
-The password to access the registry.
+:   The password to access the registry.
 
 ## EXAMPLES
 
 
@@ -21,19 +21,19 @@ See also [skopeo(1)](skopeo.1.md) for options placed before the subcommand name.
 
 **--help**, **-h**
 
-Print usage statement
+:   Print usage statement
 
 **--output-prefix** _prefix_
 
-Mandatory.
-Path prefix for the output keys (_prefix_**.private** and _prefix_**.pub**).
+:   Mandatory.
+    Path prefix for the output keys (_prefix_**.private** and _prefix_**.pub**).
 
 **--passphrase-file** _path_
 
-The passphare to use to encrypt the private key.
-Only the first line will be read.
-A passphrase stored in a file is of questionable security if other users can read this file.
-Do not use this option if at all avoidable.
+:   The passphare to use to encrypt the private key.
+    Only the first line will be read.
+    A passphrase stored in a file is of questionable security if other users can read this file.
+    Do not use this option if at all avoidable.
 
 ## EXAMPLES