-
Notifications
You must be signed in to change notification settings - Fork 789
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
We need a mechanism to support authenticated feeds with package management. #10609
Comments
Just link to an old issue I raised. #7834 |
#i format does not use the authority component of a URI correctly. Example: Results in:
The base 64 in the authorisation header decodes to ":" |
@catfly1 --- I am afraid authenticated feeds are not supported at this time. We know we have to support them, but right now we don't. Sorry for the bad news Kevin |
It is not just notebook users. Any company with a private feed for their own packages (which I assume is quite a few) suffers from this problem. A big problem is currently that, once you've configured an authenticated feed in Maybe there's a workaround. The above-mentioned "adding to local feed" is not very feasible in large organisations, I'm afraid. My workaround is to just don't use FSI with packages, unfortunately. Not sure what's needed to get this working. If the
An example of a config that currently prevents any package from being loaded in FSI:
|
nuget has an authenticated feeds mechanism where credentials are required to access a feed.
We need a mechanism to allow notebook users access to these types of feeds, however ... putting plaintext credentials in script files, or indeed any other type is not really very secure, so we should come up with something a little more secure than that. Ideally without us doing any credential management or storage in our code, because the security is so hard to get right.
The text was updated successfully, but these errors were encountered: