Hello,
I recently started seeing dependabot failing to pull from ghcr.io for a public image. This used to work but seems to have stopped working recently. Package it’s trying to check https://github.com/users/devpow112/packages/container/package/base-ubuntu. The repository trying to run dependabot is private but it should be able to check if it needs updates for a public image. See below log snippet from dependabot logs.
proxy | 2020/10/05 03:19:40 [017] GET https://ghcr.io:443/v2/devpow112/base-ubuntu/tags/list
proxy | 2020/10/05 03:19:40 [017] 401 https://ghcr.io:443/v2/devpow112/base-ubuntu/tags/list
proxy | 2020/10/05 03:19:40 [019] GET https://ghcr.io:443/token?scope=repository%3Auser%2Fimage%3Apull
proxy | 2020/10/05 03:19:40 [019] 403 https://ghcr.io:443/token?scope=repository%3Auser%2Fimage%3Apull
updater | INFO <job_64590950> Handled error whilst updating devpow112/base-ubuntu: private_source_authentication_failure {:source=>"ghcr.io"}
updater | INFO <job_64590950> Finished job processing
updater | time="2020-10-05T03:19:41Z" level=info msg="task complete" container_id=job-64590950-updater exit_code=0 job_id=64590950 step=updater
Any help would be appreciated