Description
We had support for the UpToDateCheck in Visual Studio with CSS isolation but the target was not being run at design time. This change introduces a new target that runs at design time and makes sure the UpToDateCheckInput and UpToDateCheckBuilt ItemGroups are populated.
Customer Impact
When using CSS isolation from within Visual Studio, a change in a scoped CSS file is not picked up and the project is not rebuilt as a result.
Regression?
No. This feature was introduced in 5.0.
Risk
Low. The new target we added only runs as part of Visual Studio builds.
Fixes
#26843
* Add docs for remaining security items
* Google / Facebook / Microsoft Account auth
* Authorization, Authorization.Policy
Contributes to https://github.com/dotnet/aspnetcore/issues/26397
* Apply suggestions from code review
Co-authored-by: Chris Ross <Tratcher@Outlook.com>
* Update src/Security/Authorization/Policy/src/AuthorizationMiddleware.cs
Co-authored-by: Chris Ross <Tratcher@Outlook.com>
* Fix some post-build signing issues
This fixes some post-build signing issues that are present in the aspnetcore repo
1. Add the .msi extension to be signed by Microsoft400 - Msis must be signed. With in-build signing these get handled explicitly by the wixproj infrastructure. When we do post build signing, we must sign these files.
2. Remove the strong name exclusions. These exclusions are incorrect when applied in post-build and unnecessary for in-build signing. Most importantly, the aspnetcore PKT would not end up re-strong named (it doesn't need to be strong name signed by ESRP since it's strong named in-build) because the PKT doesn't match any of the StrongNameSignInfo specified in arcade. The rest of the entries seem to be mostly about optimization. I could not find any performance difference between these entries being present and not. I am not sure whether they actually even apply to any assets. Moreover, when doing post-build signing, they would conflict with the entries in runtime and other places.
Verification - I have a tool that I wrote which unpacks every file between two directories and compares the strong name, nuget, and authenticode certs between equivalent files. This is the same tool being used to verify post-build signing. This tool shows no difference in any aspnetcore produced asset.
Baseline: https://dev.azure.com/dnceng/internal/_build/results?buildId=836183&view=results
Diff: https://dev.azure.com/dnceng/internal/_build/results?buildId=837176&view=results
* Do not push VS packages for installers when PostBuildSign == true
* Output wix command packages to the installers output path
* Don't import microbuild signing targets from wix when PostBuildSign=true
* Tweaks:
- Don't sign wixpacks when not in post-build signing
- Generate a wixpack for both the original msi name (which the wixproj generates) AND the name we use in the final outputs. This is because while these files are the same, signing differentiates the certificate based on the file name, and wixpack lookup is also based on the file names. Aspnetcore and other repos have uses the final outputs (e.g. dotnet-aspnetcore-runtime-123.5..) as well as the internal names (e.g. AspNetCoreSharedFramework_x64.msi).
- Don't sign msi's when not post-build signing.
* Avoid generating sha512 files for wixpack zips
* Don't run xplat code sign jobs if PostBuildSign == true
* Change original target names
* Conditionalize codesign operations
* Add publishing flag for linux x64 and add deb sha512 generation
* Do not push the x64 linux runtime archive more than once
* !!! Correct condition controlling `public` API analysis !!!
- #26785 demonstrated analyzers were inoperable
* Remove unused `public` API files
* Update `public` API files
- three Components files were missing `#nullable enable`
- `nullable` annotations missing or out-of-date elsewhere
* Ignore `public` API files completely during source build
- do not warn about unused files
* Update more `public` API files
* Fix path data in FrameworkList.xml
* Move FrameworkList.xml to SharedFxRoot
* Fix targeting pack xml test
* Add test
* Add another test
* Extract .xml files to Helix as well
* Add another test
* Update TestRunner.cs
* Remove slash
* Add docs for Auth, Auth.Cookies, Auth.Certificate
Contributes to https://github.com/dotnet/aspnetcore/issues/26397
* Also add JWT
* Apply suggestions from code review
Co-authored-by: Hao Kung <HaoK@users.noreply.github.com>
Co-authored-by: Chris Ross <Tratcher@Outlook.com>
* Update src/Security/Authentication/Core/src/TicketSerializer.cs
* Update src/Security/Authentication/Core/src/TicketSerializer.cs
* Update src/Security/Authentication/Core/src/TicketSerializer.cs
* Apply suggestions from code review
Co-authored-by: Hao Kung <HaoK@users.noreply.github.com>
Co-authored-by: Chris Ross <Tratcher@Outlook.com>
* Api docs for ResponseCaching
* Enable warnings for HostFiltering, HttpsPolicy and StaticFiles
* Update src/Middleware/ResponseCaching/src/ResponseCachingFeature.cs
Co-authored-by: Pranav K <prkrishn@hotmail.com>
* Add more details
Co-authored-by: Pranav K <prkrishn@hotmail.com>
* API docs for SignalR
* Apply suggestions from code review
Co-authored-by: Stephen Halter <halter73@gmail.com>
Co-authored-by: Pranav K <prkrishn@hotmail.com>
Co-authored-by: Stephen Halter <halter73@gmail.com>
Co-authored-by: Pranav K <prkrishn@hotmail.com>
dotnet-maestro[bot]
Javier Calvarro Nelson
Pranav K
Steve Sanderson
Matt Mitchell
Phil Henning
Doug Bunting
Stephen Halter
William Godbe
Safia Abdalla
Brennan
James Newton-King
John Luo
Sourabh Shirhatti
Hao Kung