RE: ProGet: Editing Feed(s) field in a project changes the field for all projects

@dean-houston

Hello!

In the "fixed" version, it no longer sets the same feed to all other projects, which is good.

Less good is that it now instead empties the Feed(s) field for all except the most recently changed Project.

Best regards
Nils Nilsson

Hi!

I have a breaking issue in ProGet 2026, upgraded from 2025.27
The issue is that when I try to add a new permission/restriction for ["Specific User...", "Specific Groups..."] it no longer manages to search for those defined in my Active Directory and synced through LDAP.

Attempting to Test Privileges of a group that is assigned(and still seems to be in effect as I'm able to log in and administer using my domain account) it is also unable to search for users/groups.

I've verified that the LDAP connection is still healthy through the 'Test User Directories' dialog

This issue was found because after upgrading all my existing permissions that were scoped to a feed group no longer had an association to the migrated "Feed & Project Groups" that replaced them, thus leading to having to reconfigure all permissions.

Regards
Nils Nilsson

Hello!

When I'm adding new notifiers I'd like to be able to send a test message to check that it works as expected.

Best regards
Nils Nilsson

Hi @dean-houston

That doesn't solve what I want to test.
My scenario is more about testing a webhook to make sure that ProGet can reach the host and that the destination receive a well formatted message.

I don't completely buy that it's impossible to send a notification without real data, as it should be trivial to send some dummy data when using a "Try-out" button.
But I understand that if I'm the only one who has ever wanted this feature it wouldn't make sense to implement it.

Best regards
Nils Nilsson

Hello!

When I'm adding new notifiers I'd like to be able to send a test message to check that it works as expected.

Best regards
Nils Nilsson

Hi @apxltd

I think this looks like a good solution, as it would simultaneously allow us to disregard noise as the new risk profiles for feeds/projects allow us to do, and introduces more control mechanisms so that I can differentiate our various departments/deliverables.

pgutil containers audit would solve most instances were we want to prohibit image download. And should easily fit into CD processes to prevent running vulnerable containers in production, which is the most important part.

I don't have any additional opinions at this time, instead I will eagerly await more news/time estimate for when this feature will start rolling out :)

Best regards
Nils Nilsson

Hello again,

Assigning tasks with Projects scoped permissions do not seem to be functioning as expected.

I can not assign a group my "Manage" task for a feed/project group, The task includes only privileges marked as scopable

Creating a new task with only Projects privileges experiences the same issue

If I restrict a task to only privileges that were scopable in 2025 it again allows me to assign scoped permissions

I've also tested individually the 4 privileges under the Projects category [Manage, Resolve Issue, Upload Sbom, View] and the issue is the same for all/any combination.

This is running 2026.1 (Build 14) from the Prerelease Feed, although the issue seemed consistent in earlier Release Candidate 12, as well as 2026.1 in the Production Feed

Best Regards
Nils Nilsson

Post moved to Project-scoped permissions not working as expected

@atripp

Thanks,

I deployed 2026.1-rc.12 in my lower environment and it seems to resolve the issues I was facing.

best regards
Nils Nilsson

Hi,

Thanks for investigating.

You're right that UserNotFoundException turned out to be a cache issue.

Eagerly awaiting the fix.

Regards
Nils Nilsson

Service came online a few hours after the rollback, the error above persists though and LDAP integration for Task/Permissions still isn't working.
Rollback also didn't restore my scoped permissions, all of those groups used to have different scopes.

Additionally after doing a rollback to 2025.27 ProGet can not start the web service, with this error in event viewer

Exception:
Inedo.ProGet.Web.Security.UserNotFoundException: Exception of type 'Inedo.ProGet.Web.Security.UserNotFoundException' was thrown.
  at Inedo.ProGet.WebApplication.ProGetHttpModule.AuthorizeRequestAsync(AhHttpApplication app)
  at Inedo.Web.InedoHttpModule.Inedo.Web.IAhWebModule.AuthorizeRequestAsync(AhHttpApplication app)
  at Inedo.Web.AhWebMiddleware.InvokeAsync(HttpContext context)
  at Inedo.Web.AhWebMiddleware.InvokeAsync(HttpContext context)
  at Inedo.Web.AhWebMiddleware.InvokeAsync(HttpContext context)
  at Inedo.Web.AhWebHost.<>c.<<Configure>b__22_0>d.MoveNext()
--- End of stack trace from previous location ---
  at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.HttpProtocol.ProcessRequest[TContext](IHttpApplication`1 application)

Hi!

I have a breaking issue in ProGet 2026, upgraded from 2025.27
The issue is that when I try to add a new permission/restriction for ["Specific User...", "Specific Groups..."] it no longer manages to search for those defined in my Active Directory and synced through LDAP.

Attempting to Test Privileges of a group that is assigned(and still seems to be in effect as I'm able to log in and administer using my domain account) it is also unable to search for users/groups.

I've verified that the LDAP connection is still healthy through the 'Test User Directories' dialog

This issue was found because after upgrading all my existing permissions that were scoped to a feed group no longer had an association to the migrated "Feed & Project Groups" that replaced them, thus leading to having to reconfigure all permissions.

Regards
Nils Nilsson