Hello; I've updated the documentation to clarify this, but it's available starting in ProGet 5.2.9. So, you'll need to upgrade to enable it :)

atripp
@atripp
C# developer by trade, but writing less and less code and more and more specs.
Best posts made by atripp
-
RE: Service Health API call returning 404
-
RE: NPM Connector returns plus "+" in versions
Thanks for the update! I've noted this in the docs, and linked to this discussion :)
https://github.com/Inedo/inedo-docs/commit/d24087911584bbda833314084a58c2ae1ff41c39
-
RE: [ProGet] [NativeApi] NpmPackages_DeletePackage not working.
Hello,
That API will only delete package metadata from the database, not from disk. It's mostly intended for internal use only, and probably shouldn't be exposed to the API. In any case, we don't store the
@
with internally, so if you change@myscope
tomyscope
it should work.Note that the NPM doesn't provide a way to delete packages, and we never implemented it. There hasn't been any demand for it to date, as people don't really delete packages programmatically - but you're definitely welcome to submit a feature request and help us understand why it'd be a value (like, the workflow you use that requires deleting packages, etc).
Alana
-
RE: Creating PowerShell repository, protecting pull/download by API key
Hello, for sure!
It's pretty easy; just don't give the
Anonymous
user any access to your feeds, and then authentication will always be required, either when browsing the ProGet application or using the API (such asInstall-Module
).When you use the Register-PSRepository command, you can the
Credential
option to specify a credential.This credential can be the name/password of a user inside of ProGet (let's say,
Admin:Admin
), or it can be username ofapi
with a password of an api key you've configured (so,api:my-secret-key
). -
RE: Restricting API access to View/Download
Hello;
The Native API is for low, system-level functions, and it's "all or nothing". If you give someone access to Native API, you are effectively making them an administrator, as they can also change permissions and grant admin privileges. So, I don't think you want this. Instead, you'll want to use the Debian API endpoint that we implement.
It's a third-party API format
In order to support third-party package formats types like NuGet, npm, etc., ProGet implements a variety of third-party APIs. We only provide minimal documentation for these APIs, as they are generally either already documented elsewhere. However, you can generally find the basics by searching for specific things you'd like to do with the API, such as "how to search for packages using the NuGet API" or "how to publish an npm package using the API".
So in this case, I recommend to search "how to view and download apt packages".
-
RE: PyPI package not shown in search results accessible via url
I'm not very familiar with PyPi packages, but I know there are some oddities with
-
and_
, and that they are sometimes supposed to be treated the same, and sometimes not. We don't totally understand all the rules, to be honest (even after reading PEP503 specifications).In this case, the package is actually
websocket_client
, notwebsocket-client
.See: https://pypi.org/project/websocket_client/
When you search for
websocket_client
in ProGet, it shows up, as expected. -
RE: How to find out package disk space?
In ProGet 5.3, we plan to have a couple tabs on each
Tag
(i.e. container image) that would provide this info: Metadata (will be a key/value pair of a bunch of stuff), andLayers
will show details about each of these layers.That might help, but otherwise, we have retention policies which are designed to clean up old and unused images.We'll also have a way to detect which images are actually being used :)
-
RE: [BUG - ProGet] Not able to remove container description
As @apxltd mentioned, we've got a whole bunch planned for ProGet 5.3.
I've logged this to our internal project document, and if it's easy to implement in ProGet 5.2 (I can't imagine it wouldn't be), we'll log it as a bug and ship in a maintence release.
Do note, this is not an IMAGE description, it's a REPOSITORY (i.e. a collection of images with the same name, like
MyCoolContainerApp
) description; so this means the description will be there on all images/tags in the repository. -
RE: [Question - ProGet] Are versions amount wrong ?
You're right, I guess that's showing the "layers" instead of the "tags"; I think it should be showing container registries separately (they're not really feeds), but that's how it's represented behind the scenes now.
Anyways we are working on ProGet 5.3 now; there's a whole bunch of container improvements coming, so I've noted this on our internal project document, to make sure we get a better display for container registries.
-
RE: Anonymous user can see list of packages and containers
@Stephen-Schaff thanks for the bug report, I verified that this may happen depending on permission of user, and which feeds they can/can't use --- but it seems an easy enough fix that we can do via PG-1894 (targeted to next release) - the packages can't be viewed upon clicking, but it's a sub-optimal experience for showing packages they can't see
Latest posts made by atripp
-
RE: Unable to download io.r2dbc:r2dbc-bom:pom:Borca-SR2 from ProGet feed.
ProGet can handle most invalid Maven version numbers, but
Borca-SR2
is really invalid and isn't currently supported. Our "name vs version" parsing requires that versions start with numbers, artifacts start with letters. This has been a Maven rule for 20+ years now.It's non trivial and quite risky to change our parsing logic so it's not something we're keen on doing in a maintenance release. This scenario seems to be very rare and impact ancient artifacts and a few cases where authors didn't use Maven to deploy the artifacts.
Thanks,
Alana -
RE: maven Checksum validation failed, no checksums available
@uli_2533 thanks for the additional info, great find in the source code too!!
On our end, I was looking at the
PUT
code, where a301
kind of made sense. I think it must have been some kind of regression on theGET
request? Not sure why it didn't get noticed before, but it's a trivial fix.PG-3108 will be in the next maintenance release (Sep 19)... or if you want to try it now, it's in
inedo/proget:25.0.10-ci.9
Docker image.Thanks,
Alana -
RE: maven Checksum validation failed, no checksums available
Hi @bohdan-cech_2403 ,
I'm not sure if that's the issue...
Returning a
201
has been the behavior for as long as we've had the feed (even the old version of the feed). The official Maven client does not seem to complain or cause any error in our testing, and no other user reported it as a problem.Any idea why it's happening "all of a sudden" for you? Is there a new version of Maven or something?
FYI the
PUT
uploads for hash files are ignored and a201
is always returned.Thanks,
Alana -
RE: Machine ID changes after restart
@jorgen-nilsson_1299 said in Machine ID changes after restart:
What is the Machine ID based on and how can I trouble shoot this? Any way to set a static Machine ID?
The Machine ID is based on the CPU Vendor ID, Machine Name (host name on Docker), and OS Version.
Hopefully @felfert gave some advice on how to make sure those don't change,
-
RE: proget 500 Internal server error when pushing to a proget docker feed
@pariv_0352 the code is not fixed in 25.0.9
However,
inedo/proget:25.0.10-ci.5
will have the new code that should prevent this error -
RE: Packages with Noncanonical Names errors on internalized packages
@jfullmer_7346 thanks! As an FYI...
- Names and Versions are centrally indexed, and were intended to be "write-only" by design
- NuGet does not have case-sensitive names, but some earlier bugs allowed duplicate names to be created
- we are adding Duplicate Names (e.g.
winscp
andWinSCP
) and Duplicate Versions (e.g.winscp-4.0.0
andWinSCP-4.0.0
checking to feed integrity - When re-indexing a feed, you'll get an option to de-duplicate names/versions, which will fix it across all feeds
- Pulling or Publishing a package will update the casing of a centrally-indexed name
- Also we're getting rid of the concept of "Noncannonical Names" altogether, since we've discovered many NuGet packages "change casing" at some version
-
RE: Proget 25.0.9
Hi @pmsensi ,
Thanks for the heads-up; looks like there was a replication issue with one of our edge nodes. It should be there now
Thanks,
Alana -
RE: `pgutil assets metadata get` fails when filename contain spaces
The "unexpected argument" running without quotes is expected, but it works fine when I run with quotes. I'm afraid I can't reproduce this.
I would check under Admin > Diagnostic Center to see if anythings logged. Alternatively, you may need to query the API by doing something like this:
curl http://server:8624/endpoints/Test/metadata/metadata-test/v1/1%20-%20Normal.txt
Thanks,
Alana -
RE: ERROR while migrating maven repository from Jfrog Artifactory.
Hi @bohdan-cech_2403 ,
Thanks for sharing that; I can confirm receipt, reproduction, and fixing (PG-3105). If you'd like to try it, you can get the fix in
25.0.10-ci.2
- otherwise it'll be in the next maintenance release (next Friday).@wechselberg-nisboerge_3629 FYI I entered the url/username/password into ProGet, but I got the message "Failed to find any registries." So, I tried with curl and I got this:
$> curl "https://artifactory.REDACTED.com/artifactory/api/repositories?type=local" --user support Enter host password for user 'support': { "errors" : [ { "status" : 401, "message" : "Artifactory configured to accept only encrypted passwords but received a clear text password, getting the encrypted password can be done via the WebUI." } ] }
I have no idea what explains the different behavior. Anyway, I logged into the portal on that URL and generated some kind of key, and it let me connect.
Thanks,
Alana