Skip to content

Support public GitHub Packages feeds without a PAT #2071

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
aholstrup1 merged 8 commits into from
Dec 19, 2025
Merged

Support public GitHub Packages feeds without a PAT #2071

aholstrup1 merged 8 commits into from
Dec 19, 2025

Conversation

@freddydk
Copy link
Contributor

@freddydk freddydk commented Dec 18, 2025
edited
Loading

❔What, Why & How

Add read:packages permissions to the GITHUB_TOKEN and use that as default token when targetting GitHub Packages NuGet feeds to avoid having to create a PAT for public NuGet feeds.

This run in this repo: https://github.com/freddydk/TestRepo/actions/runs/20332336229 - is in a different organization than the trusted nuget feed and using the new functionality, this can now resolve the packages without a PAT

Related to issue: #2070

✅ Checklist

  • Add tests (E2E, unit tests)
  • Update RELEASENOTES.md
  • Update documentation (e.g. for new settings or scenarios)
  • Add telemetry

@freddydk
Copy link
Contributor Author

freddydk commented Dec 18, 2025

@microsoft-github-policy-service agree

@freddydk freddydk marked this pull request as ready for review December 18, 2025 09:29
@freddydk freddydk requested a review from a team as a code owner December 18, 2025 09:29
Copilot AI review requested due to automatic review settings December 18, 2025 09:29
Copilot AI reviewed Dec 18, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR enables support for reading from public GitHub Packages NuGet feeds without requiring a Personal Access Token (PAT). Instead, it uses the GITHUB_TOKEN (which has read:packages permissions) as the default authentication token when targeting GitHub Packages feeds. This addresses issue #2070.

Key Changes

  • Automatically uses GITHUB_TOKEN for GitHub Packages feeds when no explicit token is configured
  • Maintains backward compatibility with existing token configurations via AuthTokenSecret
  • Updates release notes to document the new capability

Reviewed changes

Copilot reviewed 13 out of 13 changed files in this pull request and generated 2 comments.

File Description
RELEASENOTES.md Documents the new support for public GitHub Packages feeds without PAT requirement
Actions/RunPipeline/RunPipeline.ps1 Adds logic to automatically use GITHUB_TOKEN for GitHub Packages feed URLs when no explicit token is configured

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@freddydk
Copy link
Contributor Author

freddydk commented Dec 18, 2025

@microsoft-github-policy-service agree [company="Freddy.DK ApS"]

freddydk and others added 2 commits December 18, 2025 10:37
@freddydk
Update RELEASENOTES.md
7e8b3d4 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@freddydk
update
9a7b396
@freddydk
Copy link
Contributor Author

freddydk commented Dec 18, 2025

@microsoft-github-policy-service agree company="Freddy.DK ApS"

mazhelez
mazhelez previously approved these changes Dec 18, 2025
View reviewed changes
@aholstrup1 aholstrup1 enabled auto-merge (squash) December 19, 2025 09:36
@aholstrup1
Copy link
Collaborator

aholstrup1 commented Dec 19, 2025

Looks good! Just missing the license check @freddydk
#2071 (comment)

@Freddy-D4P
Copy link
Contributor

Freddy-D4P commented Dec 19, 2025

@microsoft-github-policy-service agree

1 similar comment
@freddydk
Copy link
Contributor Author

freddydk commented Dec 19, 2025

@microsoft-github-policy-service agree

@freddydk
Copy link
Contributor Author

freddydk commented Dec 19, 2025

microsoft-github-policy-service agree

@freddydk
Copy link
Contributor Author

freddydk commented Dec 19, 2025

What more do I need to do, I have accepted license/cla 3 times

@aholstrup1 aholstrup1 merged commit c509436 into microsoft:main Dec 19, 2025
6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@mazhelez mazhelez mazhelez approved these changes

@aholstrup1 aholstrup1 aholstrup1 approved these changes

+1 more reviewer

@Freddy-D4P Freddy-D4P Freddy-D4P left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@freddydk @aholstrup1 @Freddy-D4P @mazhelez