Navigation Menu

Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Deprecate Code Access Security (CAS) #502

Merged
merged 10 commits into from May 19, 2020
Merged

Deprecate Code Access Security (CAS) #502

merged 10 commits into from May 19, 2020

Conversation

stakx
Copy link
Member

@stakx stakx commented May 16, 2020
edited

Closes #477.

This is quite a mixed bag, so as usual lately, I've done this one aspect at a time. (Perhaps we should squash this one when merging?)

We could further simplify this by removing IEmailSender and DefaultSmtpSender altogether (in a separate, preceding PR).

stakx added 10 commits May 16, 2020 11:06
@stakx
Remove redundant security transparency level 2 attrs
259e59e 
Reasons for removal have been stated in the following GitHub issue:

    castleproject#477
@stakx
Initialize logger regardless of security permissions
ff4efb3
@stakx
Remove security permissions in DefaultSmtpSender
fd56e78 
The use of security permissions' and `.IsGranted()` here appears to
have had the purpose of allowing this class to work correctly when no
credentials are set and executing code would have no permission to
read `NetworkCredentials`.

We can get rid of security permissions by refactoring code such that
the `NetworkCredential` gets created only on demand. The only observ-
able difference should be that in the absence of certain granted perm-
issions, querying or setting `UserName`, `Password`, or `Domain` will
no longer throw immediately. Failure is deferred until the moment when
the SMTP client is built.
@stakx
Remove PermissionUtil.IsGranted
d6196de
@stakx
.NET Standard defines [Security], no need to guard it
bf2ebd3
@stakx
FEATURE_SECURITY_PERMISSIONS unrelated to Winforms
9e11388
@stakx
Stop checking ASP.NET trust level
cb88f50
@stakx
Remove FEATURE_SECURITY_PERMISSIONS
7b09f80
@stakx
Update the changelog
d499f17
@stakx
Update ref/ contracts
ff4b103
stakx
stakx commented May 16, 2020
View reviewed changes
CHANGELOG.md
@@ -7,6 +7,10 @@ Enhancements:

Deprecations:
- Removed support for the .NET Framework < 4.5 and .NET Standard 1.x. (@stakx, #495, #496)
- Removed support for Code Access Security (CAS). (@stakx, #502)
- The following public members have been removed:
- `Castle.Core.Internal.PermissionUtil.IsGranted` (method)
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note that Windsor is currently using this method, so we will have some work to do when upgrading it to Castle.Core v5.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm hitting this now - not sure of the best way forward. Could bring the method into Windsor instead, or remove CAS from Windsor too, although I've not used it enough to be entirely sure of some of the consequences.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Jevonius, I would suggest that you open an issue over at the Windsor repo (if you haven't already) so there is a dedicated place to discuss removal of CAS support. Until a final decision has been reached there, you could perhaps start by trying to keep the code changes minimal, i.e. simply reintroduce the required method over in Windsor (but keep it private / internal so it doesn't end up as an additional public API).

Copy link
Contributor

@Jevonius Jevonius May 13, 2022
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good suggestion, thanks. There's various other CAS-related attributes dotted around, so warrants a wider discussion. Will replicate these classes for now, but internal/private as suggested.
[edit]"these classes" being the ones related to IsGranted extension method[/edit]

@stakx stakx merged commit fae755c into castleproject:master May 19, 2020
@stakx stakx deleted the deprecate-cas branch May 19, 2020 13:18
@stakx stakx added this to the v5.0.0 milestone Jun 15, 2020
@stakx stakx mentioned this pull request Apr 15, 2022
Merged
Jevonius added a commit to Jevonius/Castle.Windsor that referenced this pull request May 14, 2022
@Jevonius
Restore IsGranted extension method deprecated in Castle.Core
c6749e0 
Castler.Core deprecated CAS handling (castleproject/Core#502), this commit restores the relevant method and associated test.

castleproject#612 - Updating Windsor to support Castle.Core@5.0.0 and modern TFMs
Jevonius added a commit to Jevonius/Castle.Windsor that referenced this pull request May 14, 2022
@Jevonius
Restore IsGranted extension method deprecated in Castle.Core
143e0af 
Castler.Core deprecated CAS handling (castleproject/Core#502), this commit restores the relevant method and associated test.

castleproject#612 - Updating Windsor to support Castle.Core@5.0.0 and modern TFMs
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jonorossi jonorossi jonorossi approved these changes

@Jevonius Jevonius Jevonius left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v5.0.0
Development

Successfully merging this pull request may close these issues.

Can we remove all Code Access Security (CAS) transparency attributes from this project?
3 participants
@stakx @jonorossi @Jevonius