Navigation

    Inedo Community Forums

    Forums
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    1. Home
    2. shihui0304_6759
    S
    • Profile
    • Following
    • Followers
    • Topics
    • Posts
    • Best
    • Groups

    shihui0304_6759

    @shihui0304_6759

    0
    Reputation
    5
    Posts
    6
    Profile views
    0
    Followers
    0
    Following
    Joined Last Online
    shihui0304_6759 Follow

    Best posts made by shihui0304_6759

    This user hasn't posted anything yet.

    Latest posts made by shihui0304_6759

    • RE: Publish npm package to Proget

      hello, any updates?
      I also encounter the same problem. How can I fix it?

      posted in Support
      S
      shihui0304_6759
    • About trigger for assessment of existing vulnerability once current assessment is expired or new vulnerability.

      hi,

      I read the document and get this: "All newly entered or imported vulnerability reports are considered unassessed, which means that packages matching the vulnerability will be blocked until the report is assessed. An assessment involves an authorized user reviewing the report, choosing an assessment type (Ignore, Caution, Block), and leaving an optional comment.

      Depending on the assessment type, the assessment may expire; this means that, unless it's reassessed, the vulnerability report will be considered unassessed after expiry.

      This can be useful to temporarily allow a package, or to review usage of packages after a certain amount of time. "

      But,

      1. It seems that package download could be downloaded if a new vulnerability for that package is discovered and no assessment is done yet.
      2. About trigger for assessment of existing vulnerability once current assessment is expired or new vulnerability. I didn’t see a way to configure any notification here. The report's Assessment was not unassessed after expiry.

      Why is that?

      Product: ProGet
      Version: 5.0.13

      posted in Support
      S
      shihui0304_6759
    • ProGet 5.0.7 can't be uninstalled

      ProGet 5.0.7 can't be uninstalled

      Product: ProGet
      Version: 5.0.7

      posted in Support
      S
      shihui0304_6759
    • About ProGet license filter?

      1. The license filter, Is it available already on NPM feeds?

      2. When I use license filter on NuGet feed, a lot of packages are shown as "unknown". Because I configured: “Unknown Licenses“ -block, I cannot download these packages, This result is what I want. But some of them are what we need and allow to use. So.. What should I do? Is there a configuration similar to whitelist?

      Product: ProGet
      Version: 4.8.7

      posted in Support
      S
      shihui0304_6759
    • License Filter configuration

      We use ProGet,when I configurate License Rule,there is a question.
      The following is my configuration:

      All Settings in ProGet Page

      Feeds.AllowUnknownLicenseDownloads Allow

      Manage Feed Properties Page

      Unknown Licenses block

      According to the Document: "License filtering can be configured on a feed-by-feed basis and at the global level. Feed-level rules override global rules, allowing users to configure rules that fit their specific use. "

      But I can still download the packages under unknown license.

      Why?

      Looking forward to your reply soon!

      Thanks.

      Product: ProGet
      Version: 4.7.5

      posted in Support
      S
      shihui0304_6759