microsoft · bwateratmsft · Apr 16, 2026 · Apr 15, 2026 · Apr 15, 2026 · Apr 15, 2026
@@ -1,3 +1,8 @@
+## 0.4.2 - 16 April 2026
+### Fixed
+* Fixed an issue where some requests would fail. [#354](https://github.com/microsoft/vscode-docker-extensibility/issues/354)
+* Fixed incorrect handling of basic auth `WWW-Authenticate` headers. [#355](https://github.com/microsoft/vscode-docker-extensibility/issues/355)
+
 ## 0.4.1 - 14 October 2025
 ### Fixed
 * Better error messages in the tree when errors occur. [#310](https://github.com/microsoft/vscode-docker-extensibility/pull/310)

@@ -1,7 +1,7 @@
 {
     "name": "@microsoft/vscode-docker-registries",
     "author": "Microsoft Corporation",
-    "version": "0.4.1",
+    "version": "0.4.2",
     "description": "Extensibility model for contributing registry providers to the Container Tools extension for Visual Studio Code",
     "license": "See LICENSE in the project root for license information.",
     "repository": {

@@ -74,13 +74,16 @@ export class BasicOAuthProvider extends BasicAuthProvider implements Authenticat
 
         const match = wwwAuthenticateHeaderRegex.exec(wwwAuthenticateHeader);
 
-        if (!match?.groups?.realm || !match?.groups?.service || !match?.groups?.scope) {
+        if (match?.groups?.realm && match?.groups?.service && match?.groups?.scope) {
+            this.oAuthEndpoint = match.groups.realm;
+            this.oAuthService = match.groups.service;
+            this.defaultScopes = match.groups.scope.split(' ');
+        } else if (!/Basic\s+/i.test(wwwAuthenticateHeader)) {
             throw new Error(vscode.l10n.t('Unable to parse WWW-Authenticate header: "{0}"', wwwAuthenticateHeader));
         }
+        // For Basic challenges, oAuthEndpoint/oAuthService remain undefined,
+        // so getSession will use Basic auth directly.
 
-        this.oAuthEndpoint = match.groups.realm;
-        this.oAuthService = match.groups.service;
-        this.defaultScopes = match.groups.scope.split(' ');
         this._didFallback = true;
     }
 

@@ -5,6 +5,7 @@
 
 import * as chai from 'chai';
 import chaiAsPromised from 'chai-as-promised';
+import { before } from 'mocha';
 
 before('Global setup', function () {
     console.log('Global setup');

@@ -38,8 +38,12 @@ export interface ResponseLike<T> extends Response {
 }
 
 export async function httpRequest<T>(url: string, request: RequestLike, throwOnFailure: boolean = true): Promise<ResponseLike<T>> {
-    const fetchRequest = new Request(url, request);
-    const response: Response = await fetch(fetchRequest);
+    const requestInit: RequestLike = !!request.body && request.duplex === undefined
+        // node-fetch requires the "duplex" option to be set to "half" in order to send a body
+        ? { ...request, duplex: 'half' }
+        : request;
+
+    const response: Response = await fetch(url, requestInit);
 
     if (throwOnFailure && response.status === 401) {
         throw new UnauthorizedError(vscode.l10n.t('Request to \'{0}\' failed with response 401: Unauthorized', url));