5.1 | APIScan | MSAL WithClientName
#3366
Closed
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…hen symmetric key decryption fails using Always Encrypted. (#1968)
…, Pooling is disabled and network connection type is Redirect (#1967)
Update dependency versions for Azure Identity, Azure Core, MSAL, and DiagnosticSource. Addresses Azure Identity vulnerability.
…aged identity (#2360) (#2473) (#2478) * Remove test reference to deprecated ADAL library (#2360) * Test | Updating tests to acquire token from user-assigned managed identity (#2473) Co-authored-by: David Engel <dengel1012@gmail.com> --------- Co-authored-by: David Engel <v-davidengel@microsoft.com> Co-authored-by: Javad Rahnama <v-jarahn@microsoft.com> Co-authored-by: David Engel <dengel1012@gmail.com>
Successful run: https://sqlclientdrivers.visualstudio.com/ADO.Net/_build/results?buildId=87027&view=results Related work items: #28132
Co-authored-by: Aris Rellegue <134557572+arellegue@users.noreply.github.com>
Co-authored-by: Edward Neal <55035479+edwardneal@users.noreply.github.com>
* Test genapi csproj * remove quote
* Update MS Extensions Hosting package * Update Microsoft.Extensions.Caching.Memory to 6.0.3
* Replace password with **** * Replace password with **** * Replace password with **** * Replace password with **** * Replace password with ****
- Brought over all relevant 5.1 release notes from main to release/5.1.
(second attempt with less mistakes)
|
CLOSING OH MY GOSH IM AN IDIOT. |
There was a problem hiding this comment.
Pull Request Overview
This pull request backports changes to the MSAL application building code to use CreateWithApplicationOptions, while introducing new pipeline templates and updating documentation to mask sensitive information.
- Introduces multiple new YAML pipeline templates for building, testing, and validating signed packages.
- Updates build.proj to remove an extraneous quote and adjusts NuGet.config to include auditSources.
- Revises documentation samples to hide sensitive passwords and modifies changelog entries.
Reviewed Changes
Copilot reviewed 156 out of 156 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| eng/pipelines/common/templates/steps/build-and-run-tests-netfx-step.yml | New step template for running .NET Framework tests. |
| eng/pipelines/common/templates/steps/build-and-run-tests-netcore-step.yml | New step template for running .NET Core tests. |
| eng/pipelines/common/templates/steps/build-all-configurations-signed-dlls-step.yml | Template for building signed DLLs under various configurations. |
| eng/pipelines/common/templates/jobs/validate-signed-package-job.yml | Job for validating signed packages with several PowerShell tasks. |
| eng/pipelines/common/templates/jobs/run-tests-package-reference-job.yml | Job for running tests via package reference. |
| eng/pipelines/common/templates/jobs/build-signed-package-job.yml | Job to build and sign the MDS package. |
| eng/pipelines/common/templates/jobs/build-signed-akv-package-job.yml | Job to build and sign the AKV package. |
| Various doc/snippets and sample files | Documentation updates to obscure sensitive data in connection strings. |
| build.proj | Fixes a stray quote from MSBuild command. |
| NuGet.config | Adds auditSources to the configuration. |
| CHANGELOG.md | Updates release notes with new version details and dependency changes. |
| BUILDGUIDE.md | Removes obsolete Azure Key Vault connection parameters. |
| Additional config files | New TSA options, policy check exclusion, and credential scan suppression configurations. |
| { | ||
| # Run sn.k to verify the strong name on each dll | ||
| $result = & "C:\Program Files (x86)\Microsoft SDKs\Windows\*\bin\NETFX 4.8.1 Tools\sn.exe" -vf $file.FullName | ||
| Write-OutPut $result |
There was a problem hiding this comment.
The term 'Write-OutPut' appears to be a misspelling; consider changing it to 'Write-Output'.
Suggested change
| Write-OutPut $result | |
| Write-Output $result |
Copilot uses AI. Check for mistakes.
| } | ||
| if($badDlls.Count -gt 0) | ||
| { | ||
| Write-OutPut "Error: Invalid dlls are detected. Chek below list:" |
There was a problem hiding this comment.
There's a spelling error in the error message; 'Chek' should be 'Check' and 'Write-OutPut' should be 'Write-Output'.
Suggested change
| Write-OutPut "Error: Invalid dlls are detected. Chek below list:" | |
| Write-Output "Error: Invalid dlls are detected. Check below list:" |
Copilot uses AI. Check for mistakes.
| $result = & "C:\Program Files (x86)\Microsoft SDKs\Windows\*\bin\NETFX 4.8.1 Tools\sn.exe" -vf $file.FullName | ||
| Write-OutPut $result | ||
|
|
||
| # if thhe dll is not valid, it would be delay signed or test-signed which is not meant for production |
There was a problem hiding this comment.
The comment contains 'thhe' which should be corrected to 'the'.
Suggested change
| # if thhe dll is not valid, it would be delay signed or test-signed which is not meant for production | |
| # if the dll is not valid, it would be delay signed or test-signed which is not meant for production |
Copilot uses AI. Check for mistakes.
| # Checks the expected folder names such as lib, ref, runtimes | ||
| Get-ChildItem -Path $(extractedNugetPath) -Directory | select Name | foreach { | ||
| if('$(expectedFolderNames)'.contains($_.Name)){ | ||
| Write-Host expected folder name verfied: $_.Name |
There was a problem hiding this comment.
There is a misspelling in the output; 'verfied' should be corrected to 'verified'.
Suggested change
| Write-Host expected folder name verfied: $_.Name | |
| Write-Host expected folder name verified: $_.Name |
Copilot uses AI. Check for mistakes.
|
|
||
| foreach( $folderName in (Get-ChildItem -Path $(extractedNugetPath) -Directory).Name) | ||
| { | ||
| # List all Childerns of the Path |
There was a problem hiding this comment.
The comment contains the misspelling 'Childerns'; it should be 'children'.
Suggested change
| # List all Childerns of the Path | |
| # List all children of the Path |
Copilot uses AI. Check for mistakes.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Backporting rewriting MSAL application building code to use CreateWithApplicationOptions and avoid (formerly) undocumented APIs. See #3354 for full details of change.
Issues
An attempt to resolve ADO APIScan issue, but technically no longer necessary.
Testing
Local build succeeds, far too much work to setup to validate locally.