Support

• S

  Support for gpg in rpm feed
  • Sigve.opedal_6476  

  9
  0
  Votes
  9
  Posts
  17
  Views

  

  @Sigve-opedal_6476 Sorry for the intrusion in this thread. Could you probably share more info (ideally: write a little HOWTO)? I have exactly the same issue and wondered how to solve that. Thanks in Advance -Fritz
• N

  User can't view [Usage & Statistics] for packages when 'Manage Feed' is scoped to Feed Group
  • Nils Nilsson  

  2
  0
  Votes
  2
  Posts
  5
  Views

  

  Hi @Nils-Nilsson, Thanks for the report; this was a trivial fix and I just committed the change to PG-3138 , which will be in the next maintenance release (Oct 24). As an FYI, if you uncheck "Restrict viewing download statistics to Feed Administrators" on the Feed Permissions page, then error shouldn't occur. -- Dean
• W

  HTTP 500 When pushing docker image
  • wechselberg.nisboerge_3629  

  1
  0
  Votes
  1
  Posts
  4
  Views

  No one has replied

• P

  Violation of UNIQUE KEY constraint 'UQ__PackageNameIds'.
  • parthu.reddy  

  7
  0
  Votes
  7
  Posts
  14
  Views

  

  Hi @pawel-ostrowski_5669, Actually the version you're using (2025.8) has a known regression relating these PackageIds that we already fixed via PG-3097. I didn't realize it until you told me the version and I found that issue. Anyway please try latest version of ProGet 2025, it should work. Thanks, Alana
• J

  Apply license key inside container
  • jlarionov_2030  

  7
  0
  Votes
  7
  Posts
  22
  Views

  J

  @atripp That did the trick. I'm able to use pgutil now to set an API key and fully automate ProGet setup. Thank you!
• D

  ProGet 2025.12 Published date is default value on packages from connector feed
  • d.mischke_3966  

  5
  0
  Votes
  5
  Posts
  16
  Views

  D

  ok thanks for looking in to this. fyi: I think I found out what kind of feed ist used. It seemed to be a Chocolatey Simple Server https://github.com/chocolatey-community/simple-server/tree/master So it is V2 API based, but with some chocolatey customizations. This project seems to be deprecated by the chocolatey team.
• M

  Bug: duplicate docker manifests on connected feed when upstream tag updated
  • mayorovp_3701  

  3
  0
  Votes
  3
  Posts
  13
  Views

  M

  Yes, we use inner PostgreSQL.
• J

  ProGet 2025.10: License Update API Issues
  • jw  

  9
  0
  Votes
  9
  Posts
  43
  Views

  

  Hi @jw , Whoops sorry I keep forgetting - it shows up different on our end. Let me know if you'd like me to update your email on the forums, so you can login with your company account. It's fine either way, but we might forget again -- it shows up as free/community user on our dashboard Anyway in that case, sure we can prioritize this for you! I guess in the end you guys need to sort out the question if you want to support partial updates. Since you're the first user whose requested this... we'll go with what you suggested. That makes sense to me. I just made this (PG-3137) since it was trivial: curl -X POST -H "Content-Type: application/json" -d "{\"id\": 1, \"code\": \"0BSD\", \"title\": \"Zero BSD\"}" http://localhost:8624/api/licenses/update curl -X POST -H "Content-Type: application/json" -d "{\"id\": 1, \"code\": \"0BSD-X\", \"title\": \"XXXZero BSD\"}" http://localhost:8624/api/licenses/update curl -X POST -H "Content-Type: application/json" -d "{\"id\": 1, \"code\": \"0BSD\", \"title\": \"Zero BSD\", \"spdx\": [\"0BSD\", \"0BSD1\"]}" http://localhost:8624/api/licenses/update curl -X POST -H "Content-Type: application/json" -d "{\"id\": 1, \"code\": \"0BSD\", \"title\": \"Zero BSD\", \"spdx\": []}" http://localhost:8624/api/licenses/update Hardest part, by far, was getting the curl commands figured out Thanks, Alana
• F

  Signature Packet v3 is not considered secure
  • frei_zs  

  2
  0
  Votes
  2
  Posts
  5
  Views

  

  Hi @frei_zs , We are currently working on PG-3110 to add support for "v4 signatures" and intend to release that soon (along with better support for public repositories) in an upcoming maintenance release. Unfortunately it's not trivial, as the underlying cryptography library (Bouncy Casstle) does not support it, so we have to reimplement signing -- and the good news is that it seems to work so far, and is much faster. Thanks, Alana
• F

  Need help to request all package vulnerabilities in ProGet 2024 version
  • fabrice.mejean  

  2
  0
  Votes
  2
  Posts
  9
  Views

  

  Hi @fabrice-mejean , It's no longer possible to query this information from the database. As you've noticed, ProGet now uses a version range (i.e. AffectedVersions_Text ) to determine whether a package is vulnerable or not. So instead of 4.2.3 it's now 4.2.3-4.2.8 or [4.2.*) or something like that. Unfortunately it's not practical/feasible to parse this information unless you were to rewrite a substantial amount of ecosystem-specific parsing logic - this would be basically impossible to do in a SQL query. Instead, you'll need to use the upcoming pgutil packages meatdata command to see what vulnerabilities a particular packages has. You can also use Notifiers to address newly-discovered vulnerabilities. Thanks, Alana
• K

  [ProGet] Connector Ordering / Precedence in ProGet
  proget • • koksime.yap_5909  

  4
  0
  Votes
  4
  Posts
  11
  Views

  

  Hi @koksime-yap_5909 , Not necessarily - it really depends on the API query. If the query is like "give me a list of all versions of MyPackage", then ProGet will need to aggregate local packages and connector packages to produce that list. If the query is "give me the metadata for MyPackage-1.3.1", then the first source that returns a result is used. In practice, NuGet asks for "all versions" a lot. So you'll get a lot of queries. Thanks, Alana
• J

  ProGet - Unsupported Header when Uploading to Pure Storage S3
  • james.woods_8996  

  7
  0
  Votes
  7
  Posts
  19
  Views

  

  @james-woods_8996 we haven't released the extension yet, so it won't be in any builds of the product. We are waiting on someone to test/verify that it works
• 

  proget 500 Internal server error when pushing to a proget docker feed
  • felfert  

  55
  0
  Votes
  55
  Posts
  122
  Views

  

  Hi @thomas_3037 , The specific issue was already fixed; I'm going to close it because whatever your experiencing is different and the "history" in this long winding thread will only make it harder to understand , Please "start from the scratch" as if you never read this. Thanks, Alana
• S

  Add support for Terraform Public Registry in ProGet (offline/air-gapped)
  • Stholm  

  2
  0
  Votes
  2
  Posts
  8
  Views

  

  Hi @Stholm , I assume you saw the Terraform Modules documentation in ProGet? While updating the Support for Terraform Backends to link to this discussion, I noticed we had some internal notes. So I'll transfer them here: This would require implementing both the Provider Registry Protocol (for first-party plugins) and the Provider Network Mirror Protocol (for connectors). Both seem relatively simple, though there appear to be some complexities involving signature files. In either case, we ought to not package these because they are quite large. For example, the hashcorp\aws provider for Windows is just a zip file with a single, 628mb .exe. They also have no metadata whatsoever that's returned from the API. One option is just to store these as manifest-less packages. For example, hashicorp/aws packages could be pkg:tfprovider/hashicorp@5.75.0?os=windows&arch=amd64. This would be two purls in one feed, which might not work, so it might require a new feed. Don't ask me what that all means, I'm just the copy/paster But based on my read of that, it sounds like a big effort (i.e. a new feed type) to try to fit a round peg in a square hole. And honestly your homebuilt solution might work better. I think we'd need to see how much of a demand there is in the offline/air-gapped Terraform userbase for this. But feel free to add more thoughts as you have them. Thanks, Alana
• P

  Deploy inedo agent with gMSA
  • philippe.camelio_3885  

  2
  0
  Votes
  2
  Posts
  4
  Views

  

  Hi @philippe-camelio_3885, Can you clarify what you've tried to date, and the issues you've faced? You can silently install the Inedo Agent, or even use a Manual Installation process if you'd prefer. Ultimately it's a standard Windows service, and you can change the account from LOCAL SYSTEM (which we recommend, by the way) to another account using sc.exe or other tools. Thanks, Alana
• K

  [ProGet] Migration Support for Container Images and Assets in ProGet
  proget • • koksime.yap_5909  

  2
  0
  Votes
  2
  Posts
  8
  Views

  

  Hi @koksime-yap_5909 , Docker registry import from Sona, JFrog, and other ProGEt instances is coming soon via PG-3128 - we anticipate that in the next maintenance release. As for Assets, I'm afraid we don't have any support for that planned in the near future - it's relatively easy to write a script that "extracts" them - if you could extract it to a ProGet drop path, then they'll be imported that way. https://docs.inedo.com/docs/proget/feeds/feed-overview/proget-bulk-import-with-droppath -- Dean
• E

  Alpine noarch as x86_64 packages
  • eric.van.orsouw_4486  

  2
  0
  Votes
  2
  Posts
  4
  Views

  

  Thanks for pointing this out! We missed this detail of the APKINDEX specification and will get this fixed as PG-3132, likely in this week's release of v2025.12 on Friday, but potentially in a later maintenance release if it is more complex than expected.
• T

  Deletion of C:\Program Files\ProGet\Service\postgres\bin directory
  • tobe.burce_3659  

  2
  2
  Votes
  2
  Posts
  11
  Views

  

  Hi @tobe-burce_3659 , We do not support deleting or modifying any of the contents under the program directory; they will simply return when you upgrade and it may cause other problems. Instead, please create an exception; we are aware of the vulnerabilities in libraries that Postgresql uses and can assure you that they are false positives and will have no impact on ProGet... even if you were to be using PostgreSQL. Using virus/malware tools to scan/monitor ProGet's operation causes lots of problems, as these tools interfere with file operations and cause big headaches. Thanks, Alana
• L

  ProGet 2025.10: Database Schema not updated automatically
  • lukas.herzog_4227  

  4
  0
  Votes
  4
  Posts
  17
  Views

  Y

  I had the same issue but it didn't update on startup so I ran this: cd /usr/local/proget/service/ ./proget upgradedb
• F

  Request to support MCP registry
  • fhusson_1634  

  3
  0
  Votes
  3
  Posts
  11
  Views

  F

  Hi, Yes from my understanding you got it right. It's still very young. It's about storing a json "package" or text. In the json you can have a config for an url for a remote MCP server or a package that you can run on your computer to be a local MCP server (only from official repo for now). Maybe in the futur if this kind of registry can validate private package it could be nice to flag a package already in inedo to make it available in the MCP registry. Exemple : An internal team create an npm package for a MCP server or a docker package In proget I can have a MCP Registry with all kind of MCP server and for our own package we can just check an option on the package in proget to have it in the registry. Regards, Frédéric