Diego Louzán
Diego Louzán
It's probably not going to be that easy. Relevant tickets in gitlab: - https://gitlab.com/gitlab-org/gitlab-ce/issues/29566 - https://gitlab.com/gitlab-org/gitlab-ce/issues/31591 - https://gitlab.com/gitlab-org/gitlab-ce/issues/45149
Also https://docs.gitlab.com/ee/user/project/new_ci_build_permissions_model.html
@juanpicado I'll be taking a look at that in the next days, thank you
Could you paste some small sample of the duplicate entries in the `real_groups`? You don't need to paste the whole decoded token, but just to get an idea of what...
Also, are you sure it's jwt what we're talking about? I thought that verdaccio 4.x required a new `jwt` config entry in the `verdaccio.yml` file to activate them, otherwise it...
The `groups` duplication looks suspicious and might be a bug, but I'm still puzzled about the jwt token authentication. @juanpicado Does this ring a bell? any idea why we're seeing...
Ok, maybe the documentation is a bit misleading. According to the PR that introduced JWT, it's enabled by default on API calls, but not on web requests:\ https://github.com/verdaccio/verdaccio/pull/896 The following...
@juanpicado I'll try to reserve some time tomorrow to take a detailed look at this, it might well be a bug from our end
@juanpicado Is my assumption above right? > Ok, maybe the documentation is a bit misleading. According to the PR that introduced JWT, it's enabled by default on API calls, but...
This would be awesome, I'm also working in a project for internally reporting the compliance of the specs.