Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Allow requiring authentication for all operations #7091
Describe the problem you are trying to solve
Describe the solution you'd like
This may need an RFC process to move forward, since authentication can be a tricky thing, and different people may have different requirements.
I think ideally the authentication requirements for a registry would be defined in config.json. Just including the token in more requests would be trivial. But there may be more to do, and it would be good if was easy to extend in the future.
Currently, all methods but
Sure, token based authentication won't fulfill all users need, but when another authentication method will be implemented, the other API methods has to be changed as well and the tokens may be used as default.