Skip to content

Fix escaping of XML-like tags in documentation #1118

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
rcastano wants to merge 2 commits into from
Closed

Fix escaping of XML-like tags in documentation #1118

rcastano wants to merge 2 commits into from
+4 −4

Conversation

@rcastano
Copy link

@rcastano rcastano commented Oct 3, 2025
edited
Loading

When looking at the BA2004 documentation (https://github.com/microsoft/binskim/blob/main/docs/BinSkimRules.md#rule-ba2004enablesecuresourcecodehashing) in the preview tab, I noticed what seemed to be an empty property name:

     on the csc.exe command-line or populate the '' project property with 'SHA256'

When I checked the Code tab, the property was mentioned:

    on the csc.exe command-line or populate the '<ChecksumAlgorithm>' project property with 'SHA256'

@rcastano rcastano requested a review from a team as a code owner October 3, 2025 04:06
@mkacmar
Copy link
Member

mkacmar commented Oct 3, 2025

One needs to update these doc comments e.g.

binskim/src/BinSkim.Rules/PERules/BA2004.EnableSecureSourceCodeHashing.cs

Lines 81 to 84 in d5572eb

// '{0}' is a managed binary compiled with an insecure ({1}) source code hashing algorithm.
// {1} is subject to collision attacks and its use can compromise supply chain integrity.
// Pass '-checksumalgorithm:SHA256' on the csc.exe command-line or populate the project
// <ChecksumAlgorithm> property with 'SHA256' to enable secure source code hashing.
in the rule itself for Markdown documentation change to stick. See

binskim/BuildAndTest.cmd

Line 64 in d5572eb

.\bld\bin\BinSkim.Driver\release\BinSkim.exe export-rules .\docs\BinSkimRules.md

otherwise the change would be overwritten with next script run. The same message appears on CLI too so any escaping also appears there.

@rcastano
Copy link
Author

rcastano commented Oct 3, 2025

One needs to update these doc comments e.g.

binskim/src/BinSkim.Rules/PERules/BA2004.EnableSecureSourceCodeHashing.cs

Lines 81 to 84 in d5572eb

// '{0}' is a managed binary compiled with an insecure ({1}) source code hashing algorithm.
// {1} is subject to collision attacks and its use can compromise supply chain integrity.
// Pass '-checksumalgorithm:SHA256' on the csc.exe command-line or populate the project
// <ChecksumAlgorithm> property with 'SHA256' to enable secure source code hashing.

in the rule itself for Markdown documentation change to stick. See

binskim/BuildAndTest.cmd

Line 64 in d5572eb

.\bld\bin\BinSkim.Driver\release\BinSkim.exe export-rules .\docs\BinSkimRules.md

otherwise the change would be overwritten with next script run. The same message appears on CLI too so any escaping also appears there.

For the Description part, do I need to update any other file? I found:
src/BinSkim.Rules/RuleResources.resx
src/BinSkim.Rules/RuleResources.Designer.cs

They don't look like they'd impact the generated file, but not sure.

@martin-reznik
Copy link
Collaborator

martin-reznik commented Dec 11, 2025
edited
Loading

Superseeded by #1133

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@martin-reznik martin-reznik Awaiting requested review from martin-reznik

@Sasinkas Sasinkas Awaiting requested review from Sasinkas

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@rcastano @mkacmar @martin-reznik