Fix container auth for public instance#37290
Merged
Merged
Conversation
Contributor
Author
|
The fix is confirmed by #37289 (comment) |
bircni
approved these changes
Apr 19, 2026
TheFox0x7
approved these changes
Apr 19, 2026
GiteaBot
pushed a commit
to GiteaBot/gitea
that referenced
this pull request
Apr 19, 2026
wxiaoguang
added a commit
that referenced
this pull request
Apr 19, 2026
silverwind
added a commit
to silverwind/gitea
that referenced
this pull request
Apr 19, 2026
* 'cast' of github.com:silverwind/gitea: Fix Mermaid diagrams failing when node labels contain line breaks (go-gitea#37296) Add project column picker to issue and pull request sidebar (go-gitea#37037) Fix container auth for public instance (go-gitea#37290) Refactor frontend `tw-justify-between` layouts to `flex-left-right` (go-gitea#37291) Update Nix flake (go-gitea#37284) Workflow Artifact Info Hover (go-gitea#37100)
zjjhot
added a commit
to zjjhot/gitea
that referenced
this pull request
Apr 20, 2026
* main: (25 commits) Add WebKit to e2e test matrix (go-gitea#37298) Don't add useless labels which will bother changelog generation (go-gitea#37267) Fix Repository transferring page (go-gitea#37277) Stabilize issue-project e2e test, increase timeout factor (go-gitea#37297) Fix Mermaid diagrams failing when node labels contain line breaks (go-gitea#37296) Add project column picker to issue and pull request sidebar (go-gitea#37037) Fix container auth for public instance (go-gitea#37290) Refactor frontend `tw-justify-between` layouts to `flex-left-right` (go-gitea#37291) Update Nix flake (go-gitea#37284) Workflow Artifact Info Hover (go-gitea#37100) [skip ci] Updated translations via Crowdin release notes for 1.26.0 (go-gitea#37282) Enhance GetActionWorkflow to support fallback references (go-gitea#37189) Refactor LDAP tests (go-gitea#37274) Remove `SubmitEvent` polyfill (go-gitea#37276) Upgrade go-git to v5.18.0 (go-gitea#37268) Avoid top-level await (go-gitea#37272) Frontend iframe renderer framework: 3D models, OpenAPI (go-gitea#37233) pull: Fix CODEOWNERS absolute path matching. (go-gitea#37244) Swift registry metadata: preserve more JSON fields and accept empty metadata (go-gitea#37254) ...
yamz8
pushed a commit
to kerneliushq/kernelius-forge-cli
that referenced
this pull request
May 11, 2026
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [docker.gitea.com/gitea](https://github.com/go-gitea/gitea) | service | patch | `1.26.0` → `1.26.1` | --- ### Release Notes <details> <summary>go-gitea/gitea (docker.gitea.com/gitea)</summary> ### [`v1.26.1`](https://github.com/go-gitea/gitea/releases/tag/v1.26.1) [Compare Source](go-gitea/gitea@v1.26.0...v1.26.1) - BUGFIXES \* Add event.schedule context for schedule actions task ([#​37320](go-gitea/gitea#37320)) ([#​37348](go-gitea/gitea#37348)) \* Fix an issue where changing an organization's visibility caused problems when users had forked its repositories. ([#​37324](go-gitea/gitea#37324)) ([#​37344](go-gitea/gitea#37344)) \* Use modern "git update-index --cacheinfo" syntax to support more file names ([#​37338](go-gitea/gitea#37338)) ([#​37343](go-gitea/gitea#37343)) \* Fix URL related escaping for oauth2 ([#​37334](go-gitea/gitea#37334)) ([#​37340](go-gitea/gitea#37340)) \* When the requested arch rpm is missing fall back to noarch ([#​37236](go-gitea/gitea#37236)) ([#​37339](go-gitea/gitea#37339)) \* Fix actions concurrency groups cross-branch leak ([#​37311](go-gitea/gitea#37311)) ([#​37331](go-gitea/gitea#37331)) \* Fix bug when accessing user badges ([#​37321](go-gitea/gitea#37321)) ([#​37329](go-gitea/gitea#37329)) \* Fix AppFullLink ([#​37325](go-gitea/gitea#37325)) ([#​37328](go-gitea/gitea#37328)) \* Fix container auth for public instance ([#​37290](go-gitea/gitea#37290)) ([#​37294](go-gitea/gitea#37294)) \* Enhance GetActionWorkflow to support fallback references ([#​37189](go-gitea/gitea#37189)) ([#​37283](go-gitea/gitea#37283)) \* Fix vite manifest update masking build errors ([#​37279](go-gitea/gitea#37279)) ([#​37310](go-gitea/gitea#37310)) \* Fix Mermaid diagrams failing when node labels contain line breaks ([#​37296](go-gitea/gitea#37296)) ([#​37299](go-gitea/gitea#37299)) \* Use TriggerEvent instead of Event in workflow runs API response for scheduled runs ([#​37288](go-gitea/gitea#37288)) [#​37360](go-gitea/gitea#37360) \* Add URL to Learn more about blocking a user. ([#​37355](go-gitea/gitea#37355)) [#​37367](go-gitea/gitea#37367) \* Fix button layout shift when collapsing file tree in editor ([#​37363](go-gitea/gitea#37363)) [#​37375](go-gitea/gitea#37375) \* Fix org team assignee/reviewer lookups for team member permissions ([#​37365](go-gitea/gitea#37365)) [#​37391](go-gitea/gitea#37391) \* Fix repo init README EOL ([#​37388](go-gitea/gitea#37388)) [#​37399](go-gitea/gitea#37399) \* Fix: dump with default zip type produces uncompressed zip ([#​37401](https://github.com/go-gitea/gitea/issues/37401))[#​37402](https://github.com/go-gitea/gitea/issues/37402) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNDAuMCIsInVwZGF0ZWRJblZlciI6IjQzLjE0MC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> Reviewed-on: https://gitea.com/gitea/tea/pulls/968 Co-authored-by: Renovate Bot <renovate-bot@gitea.com> Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
AlexMikhalev
added a commit
to terraphim/gitea
that referenced
this pull request
May 15, 2026
…registry 401 Adapt upstream commit 6ed8615 (go-gitea#37290) for the fork. The upstream commit's surrounding container.go file uses the upstream-only `storage.ServeDirectOptions` struct in unchanged context lines, which is what produced the Phase 3 cherry-pick cascade documented in `.docs/blocker-12-pick6-cascade.md`. The semantic change itself does not need that struct. This is a manual application (not `git cherry-pick`) of the actual ~12 LOC behaviour change: only emit the `Basic realm` challenge header when sign-in is actually required, either because the URL-targeted owner has non-public visibility, or because the global `REQUIRE_SIGNIN_VIEW=true` setting is on. On a public instance with a public owner, the 401 now carries only the Bearer realm challenge -- which is the correct behaviour for OCI clients and avoids spurious Basic-auth prompts in container clients on public registries. Tests: - `tests/integration/api_packages_container_test.go`: - Existing `TestPackageContainer/Authenticate/Anonymous` already asserts via `assert.ElementsMatch` that the public-instance 401 carries only the Bearer realm header; this remains green. - New `TestPackageContainer/RequireSignIn` sub-test mocks `setting.Service.RequireSignInViewStrict = true` and asserts the 401 carries both Bearer and Basic realm headers. Verification: - `go build ./routers/api/packages/container/...` -- green - `go vet ./routers/api/packages/container/...` -- green - `go vet -tags 'integration sqlite sqlite_unlock_notify' ./tests/integration/` -- green - `make lint-go` not run: local toolchain has go1.25.9 but golangci-lint v2.9.0 configuration targets go 1.26; this is an environment mismatch unrelated to this change. CI will run the lint with the correct toolchain. Refs terraphim/gitea#17 Refs terraphim/gitea#12 Adapted-from: 6ed8615 (go-gitea#37290)
AlexMikhalev
pushed a commit
to terraphim/gitea
that referenced
this pull request
May 15, 2026
…ks already on main Phase 1/2/5 docs proving all four upstream commits cited in go-gitea#34 are already present on main: | Upstream | PR | Fork SHA | Status | |-----------|--------|------------|-----------------------------------------| | f3bdcc5 | go-gitea#36797 | 000f3ab | clean cherry-pick | | 6ed8615 | go-gitea#37290 | ab62efe | manual surgical adaptation | | 63db597 | go-gitea#37327 | 206119f | clean cherry-pick | | 6826321 | go-gitea#37354 | df7bb50 | clean cherry-pick (errpage residue) | Direct git show diff comparisons in .docs/validation-34.md confirm semantic equivalence in every case. No new cherry-picks required. Refs terraphim/gitea#34
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fix #37289
Don't tell container client that the instance needs basic auth if the public access is available.