Support for registry (insecure / blocked) from registries.conf

[jonesbusy]

Description

Support for registry (insecure / blocked) from registries.conf#541

Testing done

Automated tests (both unit and integration)

Submitter checklist

• I have read and understood the CONTRIBUTING guide
• I have run mvn license:update-file-header, mvn spotless:apply, pre-commit run -a, mvn clean install before opening the PR

[codecov]

Codecov Report

❌ Patch coverage is 87.23404% with 12 lines in your changes missing coverage. Please review.
✅ Project coverage is 87.76%. Comparing base (5e0eb8a) to head (bcfaf65).
⚠️ Report is 2 commits behind head on main.

Files with missing lines	Patch %	Lines
src/main/java/land/oras/Registry.java	80.32%	2 Missing and 10 partials ⚠️

Additional details and impacted files

@@             Coverage Diff              @@
##               main     #541      +/-   ##
============================================
+ Coverage     87.27%   87.76%   +0.49%     
- Complexity      712      749      +37     
============================================
  Files            42       42              
  Lines          2137     2207      +70     
  Branches        245      266      +21     
============================================
+ Hits           1865     1937      +72     
+ Misses          173      163      -10     
- Partials         99      107       +8     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[Copilot]

Pull request overview

Adds support for honoring [[registry]] entries in registries.conf, enabling registries to be treated as blocked or insecure based on configuration, and expands the test suite to validate the behavior.

Changes:

• Extend RegistriesConf to parse [[registry]] entries and expose isBlocked() / isInsecure() lookups.
• Update Registry / ContainerRef behavior to enforce blocked registries and auto-switch to insecure mode when configured.
• Add/adjust tests to validate blocked/insecure behavior via registries.conf and make several test classes package-private.

Reviewed changes

Copilot reviewed 13 out of 13 changed files in this pull request and generated 5 comments.

Show a summary per file

File	Description
src/main/java/land/oras/auth/RegistriesConf.java	Adds registry config model + parsing and lookup helpers for blocked/insecure.
src/main/java/land/oras/Registry.java	Enforces blocked checks and auto-insecure fallback for several registry operations; introduces asInsecure() and changes copy() signature.
src/main/java/land/oras/ContainerRef.java	Adds isBlocked/isInsecure checks against registries.conf and a checkBlocked guard.
src/test/java/land/oras/auth/RegistryConfTest.java	New unit test covering RegistryConfig blocked/insecure boolean semantics.
src/test/java/land/oras/RegistryWireMockTest.java	Adds tests ensuring insecure=true from registries.conf is honored for tag/repo listing.
src/test/java/land/oras/RegistryTest.java	Adds integration tests validating insecure registry behavior driven by registries.conf.
src/test/java/land/oras/ContainerRefTest.java	Adds tests for blocked/insecure behavior derived from registries.conf.
src/test/java/land/oras/utils/TomlUtilsTest.java	Makes test class package-private.
src/test/java/land/oras/utils/SupportedAlgorithmTest.java	Makes test class package-private.
src/test/java/land/oras/utils/JsonUtilsTest.java	Makes test class package-private.
src/test/java/land/oras/utils/DigestUtilsTest.java	Makes test class package-private.
src/test/java/land/oras/utils/DescriptorTest.java	Makes test class package-private.
src/test/java/land/oras/utils/ConstTest.java	Makes test class package-private.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.