From 81ead403c237896dc1e8238a901eb332fad09e70 Mon Sep 17 00:00:00 2001
From: Xe Iaso <me@xeiaso.net>
Date: Sat, 8 Nov 2025 12:42:03 -0500
Subject: [PATCH] fix(data/docker-client): allow some more OCI clients through

Signed-off-by: Xe Iaso <me@xeiaso.net>
---
 data/clients/docker-client.yaml | 21 +++++++++++++++++++++
 docs/docs/CHANGELOG.md          |  2 ++
 2 files changed, 23 insertions(+)

diff --git a/data/clients/docker-client.yaml b/data/clients/docker-client.yaml
index 4a07df24..48c4e5c4 100644
--- a/data/clients/docker-client.yaml
+++ b/data/clients/docker-client.yaml
@@ -23,3 +23,24 @@
     all:
       - '"Docker-Distribution-Api-Version" in headers'
       - '!(userAgent.contains("Mozilla"))'
+
+- name: allow-go-containerregistry-client
+  action: ALLOW
+  expression:
+    all:
+      - path.startsWith("/v2/")
+      - userAgent.contains("go-containerregistry/")
+
+- name: allow-buildah
+  action: ALLOW
+  expression:
+    all:
+      - path.startsWith("/v2/")
+      - userAgent.contains("Buildah/")
+
+- name: allow-podman
+  action: ALLOW
+  expression:
+    all:
+      - path.startsWith("/v2/")
+      - userAgent.contains("containers/")
diff --git a/docs/docs/CHANGELOG.md b/docs/docs/CHANGELOG.md
index c16c1f12..8188da88 100644
--- a/docs/docs/CHANGELOG.md
+++ b/docs/docs/CHANGELOG.md
@@ -13,6 +13,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 <!-- This changes the project to: -->
 
+- Allow more OCI registry clients [based on feedback](https://github.com/TecharoHQ/anubis/pull/1253#issuecomment-3506744184).
+
 ## v1.23.1: Lyse Hext - Echo 1
 
 - Fix `SERVE_ROBOTS_TXT` setting after the double slash fix broke it.