a0ab0964d4
* Fix some post-build signing issues This fixes some post-build signing issues that are present in the aspnetcore repo 1. Add the .msi extension to be signed by Microsoft400 - Msis must be signed. With in-build signing these get handled explicitly by the wixproj infrastructure. When we do post build signing, we must sign these files. 2. Remove the strong name exclusions. These exclusions are incorrect when applied in post-build and unnecessary for in-build signing. Most importantly, the aspnetcore PKT would not end up re-strong named (it doesn't need to be strong name signed by ESRP since it's strong named in-build) because the PKT doesn't match any of the StrongNameSignInfo specified in arcade. The rest of the entries seem to be mostly about optimization. I could not find any performance difference between these entries being present and not. I am not sure whether they actually even apply to any assets. Moreover, when doing post-build signing, they would conflict with the entries in runtime and other places. Verification - I have a tool that I wrote which unpacks every file between two directories and compares the strong name, nuget, and authenticode certs between equivalent files. This is the same tool being used to verify post-build signing. This tool shows no difference in any aspnetcore produced asset. Baseline: https://dev.azure.com/dnceng/internal/_build/results?buildId=836183&view=results Diff: https://dev.azure.com/dnceng/internal/_build/results?buildId=837176&view=results * Do not push VS packages for installers when PostBuildSign == true * Output wix command packages to the installers output path * Don't import microbuild signing targets from wix when PostBuildSign=true * Tweaks: - Don't sign wixpacks when not in post-build signing - Generate a wixpack for both the original msi name (which the wixproj generates) AND the name we use in the final outputs. This is because while these files are the same, signing differentiates the certificate based on the file name, and wixpack lookup is also based on the file names. Aspnetcore and other repos have uses the final outputs (e.g. dotnet-aspnetcore-runtime-123.5..) as well as the internal names (e.g. AspNetCoreSharedFramework_x64.msi). - Don't sign msi's when not post-build signing. * Avoid generating sha512 files for wixpack zips * Don't run xplat code sign jobs if PostBuildSign == true * Change original target names * Conditionalize codesign operations * Add publishing flag for linux x64 and add deb sha512 generation * Do not push the x64 linux runtime archive more than once |
||
|---|---|---|
| .azure/pipelines | ||
| .config | ||
| .github | ||
| .vscode | ||
| docs | ||
| eng | ||
| src | ||
| .editorconfig | ||
| .gitattributes | ||
| .gitignore | ||
| .gitmodules | ||
| .vsconfig | ||
| AspNetCore.sln | ||
| CODE-OF-CONDUCT.md | ||
| CONTRIBUTING.md | ||
| Directory.Build.props | ||
| Directory.Build.targets | ||
| LICENSE.txt | ||
| NuGet.config | ||
| README.md | ||
| SECURITY.md | ||
| THIRD-PARTY-NOTICES.txt | ||
| activate.ps1 | ||
| activate.sh | ||
| build.cmd | ||
| build.ps1 | ||
| build.sh | ||
| clean.cmd | ||
| clean.ps1 | ||
| clean.sh | ||
| dockerbuild.sh | ||
| global.json | ||
| restore.cmd | ||
| restore.sh | ||
| startvs.cmd | ||
README.md
ASP.NET Core
ASP.NET Core is an open-source and cross-platform framework for building modern cloud based internet connected applications, such as web apps, IoT apps and mobile backends. ASP.NET Core apps run on .NET Core, a free, cross-platform and open-source application runtime. It was architected to provide an optimized development framework for apps that are deployed to the cloud or run on-premises. It consists of modular components with minimal overhead, so you retain flexibility while constructing your solutions. You can develop and run your ASP.NET Core apps cross-platform on Windows, Mac and Linux. Learn more about ASP.NET Core.
Get Started
Follow the Getting Started instructions in the ASP.NET Core docs.
Also check out the .NET Homepage for released versions of .NET, getting started guides, and learning resources.
See the Triage Process document for more information on how we handle incoming issues.
How to Engage, Contribute, and Give Feedback
Some of the best ways to contribute are to try things out, file issues, join in design conversations, and make pull-requests.
- Download our latest daily builds
- Follow along with the development of ASP.NET Core:
- Community Standup: The community standup is held every week and streamed live to YouTube. You can view past standups in the linked playlist.
- Roadmap: The schedule and milestone themes for ASP.NET Core.
- Build ASP.NET Core source code
- Check out the contributing page to see the best places to log issues and start discussions.
Reporting security issues and bugs
Security issues and bugs should be reported privately, via email, to the Microsoft Security Response Center (MSRC) secure@microsoft.com. You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Further information, including the MSRC PGP key, can be found in the Security TechCenter.
Related projects
These are some other repos for related projects:
- Documentation - documentation sources for https://docs.microsoft.com/aspnet/core/
- Entity Framework Core - data access technology
- Extensions - Logging, configuration, dependency injection, and more.
Code of conduct
See CODE-OF-CONDUCT