1. Home
  2. Categories
  3. Support
  4. Limit Packages to Local Repo or Feed

Welcome to the Inedo Forums! Check out the Forums Guide for help getting started.

If you are experiencing any issues with the forum software, please visit the Contact Form on our website and let us know!

Limit Packages to Local Repo or Feed

  • ?

    I setup a connector for a feed I created to Chocolatey.org so I could pull packages from the public repo at Chocolatey.org into my local feed, but when I do "choco list" I see EVERY package from Chocolatey.org vs. just the two I pulled in. Ideally, I just want to see what's in our local repo, as we'd disable the internet repos and only use what we have in our local repo. Is there a way to set this up?

    Disclosure: I am very new to ProGet and Chocolatey, so I may have something setup incorrectly.

    Product: ProGet
    Version: 4.1.3

    0
  • ?

    You can just delete the connector to chocolately.org then, and then those packages won't show up in the feed.

    0
  • ?

    Before I go that route, where I delete the connector, I tried disabling the feeds in ProGet to both the default (to Nuget.org) and the feed I created, which had just two package in there.

    From the client side, if I do "choco source list" I see that chocolatey.org is disabled and only my feed is enabled. Next I do a search for a package, "choco search notepadplusplus" and it returns 5 packages.

    choco search notepadplusplus
    notepadplusplus 6.9.2
    jivkok.dev1 1.1.0.8 - Possibly broken
    notepadplusplus.commandline 6.9.2 [Approved] Downloads cached for licensed users

    notepadplusplus.install 6.9.2
    Notepadplusplus.Settings 1.0.0.20141029 [Approved] - Possibly broken
    5 packages found.

    ...can anyone tell me what I'm doing wrong? I expected no results.

    Thanks in advance!
    Kevin

    0
  • ?

    Update: I went ahead and updated the feed to remove the connector as suggested. Problem solved, but it was odd behavior I didn't expect and I don't like that.

    Moving on though. Another thing that has me perplexed, is seeing an external URL in the console for installing a package. I have only my ProGet feed setup as a source in the Chocolatey client on a particular host but looking through the NuGet package it looks like "notepadplusplus" has a dependency on "notepadplusplus.install.6.9.2" --- I guess my question is, how do you maintain proper source control? If a package can download dependencies on packages which I don't have, but exist on the internet, then there seems to not be any real control over the source of packages.

    Someone please correct me if I am wrong?

    Thanks in advance,
    Kevin Beattie

    0
  • ?

    Chocolately packages are, essentially, nothing more than a powershell script that downloads and runs an installer from some url on the internet. It would be virtually impossible to inspect arbitrary powershell scripts and determine what they would download when run, and then download/proxy those installers.

    So, if you want full control over all aspects of the chocolatey packages (including the installers that are downloaded), you will just have to create your own based on the contents of the open-source packages.

    0
proget 1568 packages 82 feeds 77 source 20
Log in to reply
 
Inedo Website HomeSupport HomeCode of ConductForums GuideDocumentation