[automated] Merge branch 'vs17.10' => 'vs17.11'#12665
Merged
JanProvaznik merged 12 commits intovs17.11from Oct 20, 2025
Merged
Conversation
This pull request updates the following dependencies [marker]: <> (Begin:5f9c9524-456b-43ca-a978-063daaf53c38) ## From https://github.com/dotnet/arcade - **Subscription**: [5f9c9524-456b-43ca-a978-063daaf53c38](https://maestro.dot.net/subscriptions?search=5f9c9524-456b-43ca-a978-063daaf53c38) - **Build**: [20250905.3](https://dev.azure.com/dnceng/internal/_build/results?buildId=2787027) ([282118](https://maestro.dot.net/channel/3885/github:dotnet:arcade/build/282118)) - **Date Produced**: September 5, 2025 2:36:46 PM UTC - **Commit**: [09625cb3b98ebe646a63dfea19a0c0127e88459a](dotnet/arcade@09625cb) - **Branch**: [release/8.0](https://github.com/dotnet/arcade/tree/release/8.0) [DependencyUpdate]: <> (Begin) - **Updates**: - From [8.0.0-beta.25427.4 to 8.0.0-beta.25455.3][1] - Microsoft.DotNet.Arcade.Sdk - Microsoft.DotNet.XUnitExtensions [1]: dotnet/arcade@6e78cc9...09625cb [DependencyUpdate]: <> (End) - **Updates to .NET SDKs:** - Updates tools.dotnet to 8.0.119 [marker]: <> (End:5f9c9524-456b-43ca-a978-063daaf53c38) --------- Co-authored-by: dotnet-maestro[bot] <dotnet-maestro[bot]@users.noreply.github.com> Co-authored-by: Gang Wang <v-gaw@microsoft.com>
This pull request updates the following dependencies [marker]: <> (Begin:42961865-e7dd-40be-a923-7af2e4664f80) ## From https://github.com/dotnet/arcade - **Subscription**: [42961865-e7dd-40be-a923-7af2e4664f80](https://maestro.dot.net/subscriptions?search=42961865-e7dd-40be-a923-7af2e4664f80) - **Build**: [20250905.3](https://dev.azure.com/dnceng/internal/_build/results?buildId=2787027) ([282118](https://maestro.dot.net/channel/3885/github:dotnet:arcade/build/282118)) - **Date Produced**: September 5, 2025 2:36:46 PM UTC - **Commit**: [09625cb3b98ebe646a63dfea19a0c0127e88459a](dotnet/arcade@09625cb) - **Branch**: [release/8.0](https://github.com/dotnet/arcade/tree/release/8.0) [DependencyUpdate]: <> (Begin) - **Updates**: - From [8.0.0-beta.25427.4 to 8.0.0-beta.25455.3][1] - Microsoft.SourceBuild.Intermediate.arcade - Microsoft.DotNet.Arcade.Sdk - Microsoft.DotNet.XUnitExtensions [1]: dotnet/arcade@6e78cc9...09625cb [DependencyUpdate]: <> (End) [marker]: <> (End:42961865-e7dd-40be-a923-7af2e4664f80) --------- Co-authored-by: dotnet-maestro[bot] <dotnet-maestro[bot]@users.noreply.github.com> Co-authored-by: Gang Wang <v-gaw@microsoft.com>
…bdirectory on every build Recreate temp on linux using CreateTempSubdirectory on every build ---- #### AI description (iteration 1) #### PR Classification Bug fix addressing a Linux-specific temporary folder security vulnerability. #### PR Summary This pull request enhances security in MSBuild on Linux by replacing the manual temporary folder creation logic with a reliable call to CreateTempSubdirectory, ensuring a unique and correctly set up temp folder on every build. - `src/Shared/TempFileUtilities.cs`: On Linux, the temp folder is now recreated via Directory.CreateTempSubdirectory instead of custom mkdir/chmod logic. - `src/Shared/TempFileUtilities.cs`: Removed the unused `userRWX` constant, cleaning up the code. <!-- GitOpsUserAgent=GitOps.Apps.Server.pullrequestcopilot --> ---- #### AI description (iteration 2) #### PR Classification This pull request is a security fix that updates the temporary folder creation mechanism on Linux. #### PR Summary The PR replaces the insecure native mkdir/chmod approach with a safer Directory.CreateTempSubdirectory method for Linux, ensuring that the temporary folder is freshly created on every build and addressing the risk of malicious folder creation. - **`src/Shared/TempFileUtilities.cs`**: Replaces the complex mkdir/chmod logic with a call to Directory.CreateTempSubdirectory for Linux and removes the obsolete userRWX constant. - **`eng/Versions.props`**: Increments the version prefix to reflect the update. Related work items: #2541147
…directory on every build Recreate temp on linux using CreateTempSubdirectory on every build ---- #### AI description (iteration 1) #### PR Classification This pull request implements a security bug fix by revising the temporary folder creation mechanism on Linux. #### PR Summary The changes modify the creation of the MSBuild temporary folder to use .NET’s built-in Directory.CreateTempSubdirectory method on Linux, ensuring a new subdirectory is recreated on every build. This approach removes the custom native permission logic and fallback routines, thereby mitigating the risk of malicious folder creation. - `src/Shared/TempFileUtilities.cs`: On Linux, the manual mkdir/chmod logic is replaced with Directory.CreateTempSubdirectory using a fixed prefix. - `src/Shared/TempFileUtilities.cs`: For other platforms, the temporary path is now combined with the new folder prefix with explicit directory creation. - `src/Shared/TempFileUtilities.cs`: The custom permission constant (`userRWX`) is removed in favor of secure, built-in directory handling. <!-- GitOpsUserAgent=GitOps.Apps.Server.pullrequestcopilot --> ---- #### AI description (iteration 2) #### PR Classification This pull request is a security fix addressing a vulnerability in the MSBuild temporary folder creation on Linux. #### PR Summary This pull request mitigates a security issue by revising the Linux temporary folder creation process to use a secure subdirectory creation method. - **`src/Shared/TempFileUtilities.cs`**: Refactored the Linux branch to create a temporary folder with `Directory.CreateTempSubdirectory` using a designated prefix, removing unsafe custom permission checks. - **`eng/Versions.props`**: Updated the version prefix from 17.8.42 to 17.8.43. Related work items: #2541147
Merging tag v17.8.43 into vs17.8 branch
Merging tag v17.10.46 into vs17.10 branch
Member
|
This should be blocked by and merged after #12664. |
Co-authored-by: dotnet-maestro[bot] <dotnet-maestro[bot]@users.noreply.github.com> Co-authored-by: Gang Wang <v-gaw@microsoft.com> Co-authored-by: Jan Provazník <janprovaznik@microsoft.com>
Co-authored-by: dotnet-maestro[bot] <dotnet-maestro[bot]@users.noreply.github.com> Co-authored-by: Gang Wang <v-gaw@microsoft.com> Co-authored-by: Jan Provazník <janprovaznik@microsoft.com>
Contributor
Author
|
This pull request has been updated. This PR merges commits made on vs17.10 by the following committers: |
Contributor
Author
|
This pull request has been updated. This PR merges commits made on vs17.10 by the following committers: |
JanProvaznik
approved these changes
Oct 20, 2025
YuliiaKovalova
approved these changes
Oct 20, 2025
This was referenced Oct 21, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
I detected changes in the vs17.10 branch which have not been merged yet to vs17.11. I'm a robot and am configured to help you automatically keep vs17.11 up to date, so I've opened this PR.
This PR merges commits made on vs17.10 by the following committers:
Instructions for merging from UI
This PR will not be auto-merged. When pull request checks pass, complete this PR by creating a merge commit, not a squash or rebase commit.
If this repo does not allow creating merge commits from the GitHub UI, use command line instructions.
Instructions for merging via command line
Run these commands to merge this pull request from the command line.
or if you are using SSH
After PR checks are complete push the branch
Instructions for resolving conflicts
Instructions for updating this pull request
Contributors to this repo have permission update this pull request by pushing to the branch 'merge/vs17.10-to-vs17.11'. This can be done to resolve conflicts or make other changes to this pull request before it is merged.
The provided examples assume that the remote is named 'origin'. If you have a different remote name, please replace 'origin' with the name of your remote.
or if you are using SSH
Contact .NET Core Engineering (dotnet/dnceng) if you have questions or issues.
Also, if this PR was generated incorrectly, help us fix it. See https://github.com/dotnet/arcade/blob/main/.github/workflows/scripts/inter-branch-merge.ps1.