Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Release GCM 2.6 #1712

Merged
merged 32 commits into from
Sep 30, 2024
Merged

Release GCM 2.6 #1712

merged 32 commits into from
Sep 30, 2024

Conversation

mjcheetham
Copy link
Collaborator

Changes:

dependabot bot and others added 30 commits July 9, 2024 20:52
Bumps [actions/setup-dotnet](https://github.com/actions/setup-dotnet) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/actions/setup-dotnet/releases)
- [Commits](actions/setup-dotnet@v4.0.0...v4.0.1)

---
updated-dependencies:
- dependency-name: actions/setup-dotnet
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
The `git-credential-manager` cask is part of the 'autobump' for the
public tap of Homebrew.

We no longer need to maintain our own publishing workflow.

Error message when we try to publish our own package bump:

```log
Error: Whoops, the git-credential-manager cask has its version update
pull requests automatically opened by BrewTestBot every ~3 hours!
We'd still love your contributions, though, so try another one
that's not in the autobump list:
  https://github.com/Homebrew/homebrew-cask/blob/master/.github/autobump.txt
```
The `git-credential-manager` cask is part of the 'autobump' for the
public tap of Homebrew.

We no longer need to maintain our own publishing workflow.

Error message when we try to publish our own package bump:

```log
Error: Whoops, the git-credential-manager cask has its version update
pull requests automatically opened by BrewTestBot every ~3 hours!
We'd still love your contributions, though, so try another one
that's not in the autobump list:
  https://github.com/Homebrew/homebrew-cask/blob/master/.github/autobump.txt
```


https://github.com/git-ecosystem/git-credential-manager/actions/runs/9879897955/job/27287165181
overriden -> overridden
overriden -> overridden
…ficate for authentication (#1666)

When using a service principal with certificate authentication, every
time the certificate is renewed, the new certificate needs to be
uploaded to the service principal's AAD app registration in order for
authentication to continue to work.

However, a technology called "X5C" has made this unnecessary by allowing
_any_ certificate, with a _specific_ subject, issued by a known,
trusted, predetermined CA, to be used.

For this to work, the AAD app registration's manifest needs to be
updated to reflect the subject name, and during authentication, the
request for "X5C" authentication needs to be sent along with the
certificate's signature.

This change enables that to take place.
Bumps [azure/trusted-signing-action](https://github.com/azure/trusted-signing-action) from 0.3.20 to 0.4.0.
- [Release notes](https://github.com/azure/trusted-signing-action/releases)
- [Commits](Azure/trusted-signing-action@v0.3.20...v0.4.0)

---
updated-dependencies:
- dependency-name: azure/trusted-signing-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
…1669)

Bumps
[azure/trusted-signing-action](https://github.com/azure/trusted-signing-action)
from 0.3.20 to 0.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/azure/trusted-signing-action/releases">azure/trusted-signing-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.4.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Add input that enables trace logging by <a
href="https://github.com/japarson"><code>@​japarson</code></a> in <a
href="https://redirect.github.com/Azure/trusted-signing-action/pull/36">Azure/trusted-signing-action#36</a></li>
<li>Updated actions/cache to v4. by <a
href="https://github.com/dlemstra"><code>@​dlemstra</code></a> in <a
href="https://redirect.github.com/Azure/trusted-signing-action/pull/40">Azure/trusted-signing-action#40</a></li>
<li>Add documentation about OIDC and Federated Credentials by <a
href="https://github.com/japarson"><code>@​japarson</code></a> in <a
href="https://redirect.github.com/Azure/trusted-signing-action/pull/37">Azure/trusted-signing-action#37</a></li>
<li>Update to Trusted Signing module 0.4.1 by <a
href="https://github.com/japarson"><code>@​japarson</code></a> in <a
href="https://redirect.github.com/Azure/trusted-signing-action/pull/38">Azure/trusted-signing-action#38</a></li>
<li>Update files input docs to reflect support for newline characters by
<a href="https://github.com/japarson"><code>@​japarson</code></a> in <a
href="https://redirect.github.com/Azure/trusted-signing-action/pull/44">Azure/trusted-signing-action#44</a></li>
<li>Remove docs about WUS server instability by <a
href="https://github.com/japarson"><code>@​japarson</code></a> in <a
href="https://redirect.github.com/Azure/trusted-signing-action/pull/43">Azure/trusted-signing-action#43</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/Azure/trusted-signing-action/compare/v0.3.20...v0.4.0">https://github.com/Azure/trusted-signing-action/compare/v0.3.20...v0.4.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/Azure/trusted-signing-action/commit/acc6d03023f35c22bfc9ac05d2981db9dc008330"><code>acc6d03</code></a>
Remove docs about WUS server instability (<a
href="https://redirect.github.com/azure/trusted-signing-action/issues/43">#43</a>)</li>
<li><a
href="https://github.com/Azure/trusted-signing-action/commit/e300e2150c15d578c2fa664cadaf4fe28ab74b29"><code>e300e21</code></a>
Update files input docs to reflect support for newline characters (<a
href="https://redirect.github.com/azure/trusted-signing-action/issues/44">#44</a>)</li>
<li><a
href="https://github.com/Azure/trusted-signing-action/commit/9b24fb52e0f6eed324d94ce8d76dba3542024b51"><code>9b24fb5</code></a>
Update to Trusted Signing module 0.4.1 (<a
href="https://redirect.github.com/azure/trusted-signing-action/issues/38">#38</a>)</li>
<li><a
href="https://github.com/Azure/trusted-signing-action/commit/38c76215fa78efc78b1992c0feca453550745b63"><code>38c7621</code></a>
Add documentation about OIDC and Federated Credentials (<a
href="https://redirect.github.com/azure/trusted-signing-action/issues/37">#37</a>)</li>
<li><a
href="https://github.com/Azure/trusted-signing-action/commit/920a5e646c9a53610b53aba89bde205645de8f90"><code>920a5e6</code></a>
Updated actions/cache to v4. (<a
href="https://redirect.github.com/azure/trusted-signing-action/issues/40">#40</a>)</li>
<li><a
href="https://github.com/Azure/trusted-signing-action/commit/29ddaa72ddcf260d4c9c0e4fbb8d1ebffd7b721b"><code>29ddaa7</code></a>
Add input that enables trace logging (<a
href="https://redirect.github.com/azure/trusted-signing-action/issues/36">#36</a>)</li>
<li>See full diff in <a
href="https://github.com/azure/trusted-signing-action/compare/v0.3.20...v0.4.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=azure/trusted-signing-action&package-manager=github_actions&previous-version=0.3.20&new-version=0.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>
Bumps [actions/setup-dotnet](https://github.com/actions/setup-dotnet)
from 4.0.0 to 4.0.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-dotnet/releases">actions/setup-dotnet's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.1</h2>
<h2>What's Changed</h2>
<h3>Documentation changes:</h3>
<ul>
<li>Update README.md to use latest action version by <a
href="https://github.com/mikes-gh"><code>@​mikes-gh</code></a> in <a
href="https://redirect.github.com/actions/setup-dotnet/pull/502">actions/setup-dotnet#502</a></li>
<li>Update links to runner software by <a
href="https://github.com/samuel-w"><code>@​samuel-w</code></a> in <a
href="https://redirect.github.com/actions/setup-dotnet/pull/499">actions/setup-dotnet#499</a></li>
</ul>
<h3>Dependency updates:</h3>
<ul>
<li>Bump undici from 5.27.2 to 5.28.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-dotnet/pull/515">actions/setup-dotnet#515</a></li>
<li>Bump braces from 3.0.2 to 3.0.3 and other dependency updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-dotnet/pull/533">actions/setup-dotnet#533</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/mikes-gh"><code>@​mikes-gh</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-dotnet/pull/502">actions/setup-dotnet#502</a></li>
<li><a href="https://github.com/samuel-w"><code>@​samuel-w</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-dotnet/pull/499">actions/setup-dotnet#499</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-dotnet/compare/v4...v4.0.1">https://github.com/actions/setup-dotnet/compare/v4...v4.0.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/setup-dotnet/commit/6bd8b7f7774af54e05809fcc5431931b3eb1ddee"><code>6bd8b7f</code></a>
Bump braces from 3.0.2 to 3.0.3 (<a
href="https://redirect.github.com/actions/setup-dotnet/issues/533">#533</a>)</li>
<li><a
href="https://github.com/actions/setup-dotnet/commit/5d1464d5da459f3d7085106d52e499f4dc5d0f59"><code>5d1464d</code></a>
Bump undici from 5.27.2 to 5.28.3 (<a
href="https://redirect.github.com/actions/setup-dotnet/issues/515">#515</a>)</li>
<li><a
href="https://github.com/actions/setup-dotnet/commit/3e6b9fe3930cac7c59c651af5de1514b47a805b9"><code>3e6b9fe</code></a>
Update links to runner software (<a
href="https://redirect.github.com/actions/setup-dotnet/issues/499">#499</a>)</li>
<li><a
href="https://github.com/actions/setup-dotnet/commit/769316e2e4f02f2c0567d7990a3f6d9f83b2be98"><code>769316e</code></a>
Update README.md to use latest action version (<a
href="https://redirect.github.com/actions/setup-dotnet/issues/502">#502</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/setup-dotnet/compare/v4.0.0...v4.0.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-dotnet&package-manager=github_actions&previous-version=4.0.0&new-version=4.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>
Updating the security policy for this open source project.
Updating the security policy for this open source project. The currently
security policy does not accurately represent its eligibility for
rewards under the GitHub Bug Bounty Program.
I found this change beneficial when using conditional git configuration
includes for multiple git identities and `pass` password stores. It lets
me transparently select appropriate password store without need to set
its path explicitly by environment variable.
For example:

> ~/.config/git/config:
```
[user]
	name = John Doe
	email = jdoe@gmail.com

[credential]
	credentialStore = gpg
	helper = /usr/local/bin/git-credential-manager
	gpgPassStorePath = /home/jdoe/.password-store

[includeIf "gitdir:~/Work/"]
	path = config.work
```

> ~/.config/git/config.work:
```
[user]
	name = John Doe (Umbrella Corp.)
	email = jdoe@umbrella.com

[credential]
	gpgPassStorePath = /home/jdoe/.password-store.umbrella
```
Building in Visual Studio causes some tasks to be run concurrently that
would be run in a specific order in MSBuild instead. The symptom would
look like this:

	MSB4044: The "GenerateWindowsAppManifest" task was not given a
	value for the required parameter "Version".

Let's help Visual Studio realize that there are certain dependencies
between the `GetVersion` and the `GenerateWindowsAppManifest` task.

Reported by Michael J. Lyons.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
There is actually v6.3.3 already, but it does not seem to have
propagated to nuget.org yet.

While at it, use a centrally-defined property instead of repeating the
version number several times.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Previously, we only required Windows 7, but that is not recommended by
InnoSetup. Let's do enforce at least SP1 of that Windows version, which
is past its end-of-life, anyway.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
It has been renamed to `GetVersionComponents()` (leaving a deprecated
shim in place of the original name).

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Under certain circumstances, it is possible for `[UninstallRun]` entries
to be run multiple times. To avoid that, we now use a `RunOnceId`.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Visual Studio pointed out that a couple of dependencies were in need of
being updated.

After already upgrading InnoSetup over the preceding commits, this here
commit does _almost_ what Visual Studio suggested. The only exception is
that we continue to define the `System.Text.Json` version centrally, in
`Directory.Build.props`, which Visual Studio did not know how to update
(and therefore wanted to add the dependency individually to seven
`.csproj` files instead).

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Pointed out by Visual Studio.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Visual Studio pointed out that this coding pattern is preferred to
`Assert.True(false, message)`.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Visual Studio pointed out a couple of instances where `Assert.Equal(0,
X.Count)` was used instead of `Assert.Empty(X)`, and similarly
`Assert.Equal(1, X.Count)` instead of `Assert.Single(X)`.

Let's accept the suggested fixes and thereby address the last remaining
warnings when building in Visual Studio.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
It seems that (probably due to updated dependencies), there is a problem
where the `Trace2Exception` no longer inherits from
`InvalidOperationException`. Let's use the former, then.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
We just upgraded XUnit to a newer version, which unfortunately no longer
works with the `PlatformFact()` constructs of `Xunit.SkippableFact` even
though we updated to the latest version, v1.4.13. It might have
something to do with the fact that that package has not been updated
since July 9th, 2024.

Happily, XUnit has grown equivalent features in the meantime that we can
use instead. So let's use those XUnit-native constructs instead.

Note that we still cannot drop the `SkippableFact` dependency
altogether because we need it in the `MacOSKeychain_ReadWriteDelete`
test case. It is needed to work around a flaky test that is caused by
semi-random broken states of macOS' key-chain, and that can only be
detected while the test case is running (and hence _needs_
`AssertEx.Skip()`, which in turn requires `Xunit.Skip.If()` that is
provided only via the `SkippableFact` package and there is no equivalent
native XUnit functionality).

Helped-by: Matthew Cheetham <mattche@microsoft.com>
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Matthew John Cheetham and others added 2 commits September 30, 2024 12:57
Michael J. Lyons reached out privately and reported a problem with
building inside Visual Studio. The symptom is:

| Error (active) | MSB4044 | The "GenerateWindowsAppManifest" task was
not given a value for the required parameter "Version". |
| - | - | - |

This PR fixes this error, and then also addresses all the warnings
pointed out by Visual Studio.
@mjcheetham mjcheetham requested a review from dscho September 30, 2024 13:14
Copy link
Collaborator

@dscho dscho left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

❤️

@mjcheetham mjcheetham merged commit 3c28096 into release Sep 30, 2024
16 of 17 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

6 participants