You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
fix(plugin): enforce the catalog allow-list continuously and scope GitHub by owner
An organization's plugin catalog allow-list was only checked when a catalog
was first added, so a catalog added before a policy was published kept
working forever. The allow-list is now applied every time the catalog
registry loads: a catalog whose source is no longer permitted is disabled
and excluded from search, browse, install, and resolution, with a clear
warning explaining why. Disabled catalogs are still listed (marked
disabled) and can still be removed, and the official and organization-
managed catalogs are never disabled. With no allow-list configured nothing
changes.
Allow-list entries can now scope GitHub sources by owner or repository
(github.com/<owner>/*, github.com/<owner>, or github.com/<owner>/<repo>)
instead of authorizing every GitHub repository at once. A plain
raw.githubusercontent.com host entry no longer blanket-authorizes GitHub,
so the scoping is meaningful; local-only and non-GitHub host rules are
unchanged.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
returncustomerrors.NewUserError(fmt.Sprintf("catalog %q is not registered; run 'datumctl plugin index add %s <source>' first", catalogName, catalogName))
184
185
}
186
+
ifcat.Disabled {
187
+
returncustomerrors.NewUserError(fmt.Sprintf("catalog %q is disabled: %s", catalogName, cat.DisabledReason))
0 commit comments