From c9e9183149cd4eb8844c7c697cdad64400379f8a Mon Sep 17 00:00:00 2001 From: Freddy Kristiansen Date: Thu, 18 Dec 2025 09:25:42 +0100 Subject: [PATCH 1/7] add read packages --- Actions/RunPipeline/RunPipeline.ps1 | 8 +++++++- .../.github/workflows/_BuildALGoProject.yaml | 1 + 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/Actions/RunPipeline/RunPipeline.ps1 b/Actions/RunPipeline/RunPipeline.ps1 index 3aee09c6b..9b359bfb9 100644 --- a/Actions/RunPipeline/RunPipeline.ps1 +++ b/Actions/RunPipeline/RunPipeline.ps1 @@ -162,7 +162,13 @@ try { } } else { - $trustedNuGetFeed | Add-Member -MemberType NoteProperty -Name 'Token' -Value '' + $tokenValue = '' + if ($trustedNuGetFeed.url -like 'https://nuget.pkg.github.com/*') { + # GitHub Packages might be public, but they still require a token with read:packages permissions (not necessarily to the specific feed) + # instead of using a blank token, we use the GitHub token (which has read packages permissions) provided to the action + $tokenValue = $token + } + $trustedNuGetFeed | Add-Member -MemberType NoteProperty -Name 'Token' -Value $tokenValue } if ($trustedNuGetFeed.PSObject.Properties.Name -eq 'AuthTokenSecret' -and $trustedNuGetFeed.AuthTokenSecret) { $authTokenSecret = $trustedNuGetFeed.AuthTokenSecret diff --git a/Templates/Per Tenant Extension/.github/workflows/_BuildALGoProject.yaml b/Templates/Per Tenant Extension/.github/workflows/_BuildALGoProject.yaml index 0d22b65ba..14cb2316f 100644 --- a/Templates/Per Tenant Extension/.github/workflows/_BuildALGoProject.yaml +++ b/Templates/Per Tenant Extension/.github/workflows/_BuildALGoProject.yaml @@ -82,6 +82,7 @@ permissions: actions: read contents: read id-token: write + packages: read env: ALGoOrgSettings: ${{ vars.ALGoOrgSettings }} From ffba1f28c11233b428347d6f65d0b281c6deaefe Mon Sep 17 00:00:00 2001 From: Freddy Kristiansen Date: Thu, 18 Dec 2025 09:35:35 +0100 Subject: [PATCH 2/7] add pakcages read to toplevel --- Templates/Per Tenant Extension/.github/workflows/CICD.yaml | 1 + Templates/Per Tenant Extension/.github/workflows/Current.yaml | 1 + Templates/Per Tenant Extension/.github/workflows/NextMajor.yaml | 1 + Templates/Per Tenant Extension/.github/workflows/NextMinor.yaml | 1 + .../.github/workflows/PullRequestHandler.yaml | 1 + 5 files changed, 5 insertions(+) diff --git a/Templates/Per Tenant Extension/.github/workflows/CICD.yaml b/Templates/Per Tenant Extension/.github/workflows/CICD.yaml index e191b1ec2..2b18a4b83 100644 --- a/Templates/Per Tenant Extension/.github/workflows/CICD.yaml +++ b/Templates/Per Tenant Extension/.github/workflows/CICD.yaml @@ -19,6 +19,7 @@ permissions: id-token: write pages: read security-events: write + packages: read env: workflowDepth: 1 diff --git a/Templates/Per Tenant Extension/.github/workflows/Current.yaml b/Templates/Per Tenant Extension/.github/workflows/Current.yaml index e1b50c818..f3f39c1bb 100644 --- a/Templates/Per Tenant Extension/.github/workflows/Current.yaml +++ b/Templates/Per Tenant Extension/.github/workflows/Current.yaml @@ -7,6 +7,7 @@ permissions: actions: read contents: read id-token: write + packages: read defaults: run: diff --git a/Templates/Per Tenant Extension/.github/workflows/NextMajor.yaml b/Templates/Per Tenant Extension/.github/workflows/NextMajor.yaml index 1d92f4169..f56e39da4 100644 --- a/Templates/Per Tenant Extension/.github/workflows/NextMajor.yaml +++ b/Templates/Per Tenant Extension/.github/workflows/NextMajor.yaml @@ -7,6 +7,7 @@ permissions: actions: read contents: read id-token: write + packages: read defaults: run: diff --git a/Templates/Per Tenant Extension/.github/workflows/NextMinor.yaml b/Templates/Per Tenant Extension/.github/workflows/NextMinor.yaml index 6cd9dbcaf..6bbc6261f 100644 --- a/Templates/Per Tenant Extension/.github/workflows/NextMinor.yaml +++ b/Templates/Per Tenant Extension/.github/workflows/NextMinor.yaml @@ -7,6 +7,7 @@ permissions: actions: read contents: read id-token: write + packages: read defaults: run: diff --git a/Templates/Per Tenant Extension/.github/workflows/PullRequestHandler.yaml b/Templates/Per Tenant Extension/.github/workflows/PullRequestHandler.yaml index 4cdaa5c5b..bc33cc421 100644 --- a/Templates/Per Tenant Extension/.github/workflows/PullRequestHandler.yaml +++ b/Templates/Per Tenant Extension/.github/workflows/PullRequestHandler.yaml @@ -18,6 +18,7 @@ permissions: id-token: write pull-requests: read security-events: write + packages: read env: workflowDepth: 1 From 08614b8606e73a8837a6756129e603d568b14d1e Mon Sep 17 00:00:00 2001 From: Freddy Kristiansen Date: Thu, 18 Dec 2025 10:13:29 +0100 Subject: [PATCH 3/7] add packages permission --- Templates/AppSource App/.github/workflows/CICD.yaml | 1 + Templates/AppSource App/.github/workflows/Current.yaml | 1 + Templates/AppSource App/.github/workflows/NextMajor.yaml | 1 + Templates/AppSource App/.github/workflows/NextMinor.yaml | 1 + .../AppSource App/.github/workflows/PullRequestHandler.yaml | 1 + 5 files changed, 5 insertions(+) diff --git a/Templates/AppSource App/.github/workflows/CICD.yaml b/Templates/AppSource App/.github/workflows/CICD.yaml index 2a68f70c7..f0468361d 100644 --- a/Templates/AppSource App/.github/workflows/CICD.yaml +++ b/Templates/AppSource App/.github/workflows/CICD.yaml @@ -19,6 +19,7 @@ permissions: id-token: write pages: read security-events: write + packages: read env: workflowDepth: 1 diff --git a/Templates/AppSource App/.github/workflows/Current.yaml b/Templates/AppSource App/.github/workflows/Current.yaml index e1b50c818..f3f39c1bb 100644 --- a/Templates/AppSource App/.github/workflows/Current.yaml +++ b/Templates/AppSource App/.github/workflows/Current.yaml @@ -7,6 +7,7 @@ permissions: actions: read contents: read id-token: write + packages: read defaults: run: diff --git a/Templates/AppSource App/.github/workflows/NextMajor.yaml b/Templates/AppSource App/.github/workflows/NextMajor.yaml index 1d92f4169..f56e39da4 100644 --- a/Templates/AppSource App/.github/workflows/NextMajor.yaml +++ b/Templates/AppSource App/.github/workflows/NextMajor.yaml @@ -7,6 +7,7 @@ permissions: actions: read contents: read id-token: write + packages: read defaults: run: diff --git a/Templates/AppSource App/.github/workflows/NextMinor.yaml b/Templates/AppSource App/.github/workflows/NextMinor.yaml index 6cd9dbcaf..6bbc6261f 100644 --- a/Templates/AppSource App/.github/workflows/NextMinor.yaml +++ b/Templates/AppSource App/.github/workflows/NextMinor.yaml @@ -7,6 +7,7 @@ permissions: actions: read contents: read id-token: write + packages: read defaults: run: diff --git a/Templates/AppSource App/.github/workflows/PullRequestHandler.yaml b/Templates/AppSource App/.github/workflows/PullRequestHandler.yaml index 4cdaa5c5b..bc33cc421 100644 --- a/Templates/AppSource App/.github/workflows/PullRequestHandler.yaml +++ b/Templates/AppSource App/.github/workflows/PullRequestHandler.yaml @@ -18,6 +18,7 @@ permissions: id-token: write pull-requests: read security-events: write + packages: read env: workflowDepth: 1 From 09f9477d341f2b9f48cd3fe4e23d13e4f30dc00a Mon Sep 17 00:00:00 2001 From: Freddy Kristiansen Date: Thu, 18 Dec 2025 10:26:24 +0100 Subject: [PATCH 4/7] release notes --- RELEASENOTES.md | 1 + 1 file changed, 1 insertion(+) diff --git a/RELEASENOTES.md b/RELEASENOTES.md index b098ce157..447fbb924 100644 --- a/RELEASENOTES.md +++ b/RELEASENOTES.md @@ -1,5 +1,6 @@ ### Issues +- Issue 2070 Support public GitHub Packages feeds without a PAT - Issue 2045 DateTime parsing fails on non-US locale runners in WorkflowPostProcess.ps1 - Issue 2055 When using versioningStrategy 3+16, you get an error when building - AL-Go repositories with large amounts of projects may run into issues with too large environment variables From 7e8b3d4ba1323387e3c2328f8e2f7e28af648ac4 Mon Sep 17 00:00:00 2001 From: Freddy Kristiansen Date: Thu, 18 Dec 2025 10:37:43 +0100 Subject: [PATCH 5/7] Update RELEASENOTES.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- RELEASENOTES.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/RELEASENOTES.md b/RELEASENOTES.md index 655fcf4b2..348bb45e1 100644 --- a/RELEASENOTES.md +++ b/RELEASENOTES.md @@ -1,6 +1,6 @@ ### Issues -- Issue 2070 Support public GitHub Packages feeds without a PAT +- Issue 2070 Support public GitHub Packages feeds without requiring a Personal Access Token (PAT): public GitHub Packages feeds can now be read using the GITHUB_TOKEN (with read:packages permissions). A PAT is still required for publishing packages or accessing private GitHub Packages feeds. - Issue 2004 PublishToAppSource workflow publishes multi-app repos in alphabetical order instead of dependency order - Issue 2045 DateTime parsing fails on non-US locale runners in WorkflowPostProcess.ps1 - Issue 2055 When using versioningStrategy 3+16, you get an error when building From 9a7b396155cc81affc1e6d0d691ef397cfc8f4f1 Mon Sep 17 00:00:00 2001 From: Freddy Kristiansen Date: Thu, 18 Dec 2025 10:38:15 +0100 Subject: [PATCH 6/7] update --- RELEASENOTES.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/RELEASENOTES.md b/RELEASENOTES.md index 348bb45e1..bce59dd7b 100644 --- a/RELEASENOTES.md +++ b/RELEASENOTES.md @@ -1,6 +1,6 @@ ### Issues -- Issue 2070 Support public GitHub Packages feeds without requiring a Personal Access Token (PAT): public GitHub Packages feeds can now be read using the GITHUB_TOKEN (with read:packages permissions). A PAT is still required for publishing packages or accessing private GitHub Packages feeds. +- Issue 2070 Support public GitHub Packages feeds without requiring a Personal Access Token (PAT) - Issue 2004 PublishToAppSource workflow publishes multi-app repos in alphabetical order instead of dependency order - Issue 2045 DateTime parsing fails on non-US locale runners in WorkflowPostProcess.ps1 - Issue 2055 When using versioningStrategy 3+16, you get an error when building From f77c5cf10c65d1d4c378f2167b8e4dad082992b5 Mon Sep 17 00:00:00 2001 From: Freddy Kristiansen Date: Thu, 18 Dec 2025 13:46:40 +0100 Subject: [PATCH 7/7] packages read --- Templates/AppSource App/.github/workflows/_BuildALGoProject.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/Templates/AppSource App/.github/workflows/_BuildALGoProject.yaml b/Templates/AppSource App/.github/workflows/_BuildALGoProject.yaml index 0d22b65ba..14cb2316f 100644 --- a/Templates/AppSource App/.github/workflows/_BuildALGoProject.yaml +++ b/Templates/AppSource App/.github/workflows/_BuildALGoProject.yaml @@ -82,6 +82,7 @@ permissions: actions: read contents: read id-token: write + packages: read env: ALGoOrgSettings: ${{ vars.ALGoOrgSettings }}