diff --git a/Directory.Build.props b/Directory.Build.props
index 8f7d704bb..8197ed724 100644
--- a/Directory.Build.props
+++ b/Directory.Build.props
@@ -41,6 +41,10 @@
+
+
+
+
diff --git a/azure-pipelines/Get-SymbolFiles.ps1 b/azure-pipelines/Get-SymbolFiles.ps1
index 45afe7c2a..8793e19c6 100644
--- a/azure-pipelines/Get-SymbolFiles.ps1
+++ b/azure-pipelines/Get-SymbolFiles.ps1
@@ -5,12 +5,16 @@
The root path to recursively search for PDBs.
.PARAMETER Tests
A switch indicating to find test-related PDBs instead of product-only PDBs.
+.PARAMETER ConvertToWindowsPDBs
+ A switch to convert and return paths to Windows PDBs instead of portable PDBs.
+ Ignored on non-Windows agents.
#>
[CmdletBinding()]
param (
[parameter(Mandatory=$true)]
[string]$Path,
- [switch]$Tests
+ [switch]$Tests,
+ [switch]$ConvertToWindowsPDBs=$true
)
$WindowsPdbSubDirName = "symstore"
@@ -54,7 +58,7 @@ $PDBs |% {
Write-Output $BinaryImagePath
- if (-not ($IsMacOS -or $IsLinux)) {
+ if ($ConvertToWindowsPDBs -and -not ($IsMacOS -or $IsLinux)) {
# Convert the PDB to legacy Windows PDBs
Write-Host "Converting PDB for $_" -ForegroundColor DarkGray
$WindowsPdbDir = "$($_.Directory.FullName)\$WindowsPdbSubDirName"
@@ -65,5 +69,7 @@ $PDBs |% {
}
Write-Output "$WindowsPdbDir\$($_.BaseName).pdb"
+ } else {
+ Write-Output $_.FullName
}
}
diff --git a/azure-pipelines/PoliCheckExclusions.xml b/azure-pipelines/PoliCheckExclusions.xml
new file mode 100644
index 000000000..5ae167100
--- /dev/null
+++ b/azure-pipelines/PoliCheckExclusions.xml
@@ -0,0 +1,10 @@
+
+
+ NODE_MODULES|.STORE
+
+
+
+
+
+
+
diff --git a/azure-pipelines/artifacts/testResults.ps1 b/azure-pipelines/artifacts/testResults.ps1
index 7895ddcaa..862155da7 100644
--- a/azure-pipelines/artifacts/testResults.ps1
+++ b/azure-pipelines/artifacts/testResults.ps1
@@ -1,12 +1,18 @@
+$result = @{}
+
if ($env:AGENT_TEMPDIRECTORY) {
# The DotNetCoreCLI uses an alternate location to publish these files
$guidRegex = '^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$'
- @{
- $env:AGENT_TEMPDIRECTORY = (Get-ChildItem $env:AGENT_TEMPDIRECTORY -Directory |? { $_.Name -match $guidRegex } |% { Get-ChildItem "$($_.FullName)\dotnet*.dmp","$($_.FullName)\testhost*.dmp","$($_.FullName)\Sequence_*.xml" -Recurse });
- }
-} else {
+ $result[$env:AGENT_TEMPDIRECTORY] = (Get-ChildItem $env:AGENT_TEMPDIRECTORY -Directory |? { $_.Name -match $guidRegex } |% { Get-ChildItem "$($_.FullName)\dotnet*.dmp","$($_.FullName)\testhost*.dmp","$($_.FullName)\Sequence_*.xml" -Recurse });
+}
+else {
$testRoot = Resolve-Path "$PSScriptRoot\..\..\test"
- @{
- $testRoot = (Get-ChildItem "$testRoot\TestResults" -Recurse -Directory | Get-ChildItem -Recurse -File);
- }
+ $result[$testRoot] = (Get-ChildItem "$testRoot\TestResults" -Recurse -Directory | Get-ChildItem -Recurse -File)
+}
+
+$testlogsPath = "$env:BUILD_ARTIFACTSTAGINGDIRECTORY\test_logs"
+if (Test-Path $testlogsPath) {
+ $result[$testlogsPath] = Get-ChildItem "$testlogsPath\*";
}
+
+$result
diff --git a/azure-pipelines/build.yml b/azure-pipelines/build.yml
index dda4e35bf..8bba14865 100644
--- a/azure-pipelines/build.yml
+++ b/azure-pipelines/build.yml
@@ -5,10 +5,17 @@ parameters:
vmImage: windows-2022
- name: ShouldSkipOptimize
- name: includeMacOS
+- name: EnableAPIScan
+ type: boolean
+ default: false
jobs:
- job: Windows
pool: ${{ parameters.windowsPool }}
+ variables:
+ - ${{ if eq(variables['system.collectionId'], '011b8bdf-6d56-4f87-be0d-0092136884d9') }}:
+ # https://dev.azure.com/devdiv/DevDiv/_wiki/wikis/DevDiv.wiki/25351/APIScan-step-by-step-guide-to-setting-up-a-Pipeline
+ - group: VSCloudServices-APIScan
steps:
- checkout: self
clean: true
@@ -18,7 +25,7 @@ jobs:
- template: install-dependencies.yml
- - powershell: '& (./azure-pipelines/Get-nbgv.ps1) cloud'
+ - powershell: '& (./azure-pipelines/Get-nbgv.ps1) cloud -ca'
displayName: Set build number
- ${{ if eq(variables['system.collectionId'], '011b8bdf-6d56-4f87-be0d-0092136884d9') }}:
@@ -30,6 +37,8 @@ jobs:
- ${{ if eq(variables['system.collectionId'], '011b8bdf-6d56-4f87-be0d-0092136884d9') }}:
- template: microbuild.after.yml
+ parameters:
+ EnableAPIScan: ${{ parameters.EnableAPIScan }}
- job: Linux
condition: ne(variables['OptProf'], 'true')
diff --git a/azure-pipelines/dotnet.yml b/azure-pipelines/dotnet.yml
index d8c3ae180..527b43b85 100644
--- a/azure-pipelines/dotnet.yml
+++ b/azure-pipelines/dotnet.yml
@@ -1,5 +1,5 @@
steps:
-# We use VSBuild instead of "dotnet build" on Windows where MicroBuild tasks have to run (since they don't support MSBuild Core yet).
+# We use VSBuild instead of "dotnet build" on Windows because dllexport doesn't work on dotnet build.
- task: VSBuild@1
displayName: Build Visual Studio solution
inputs:
@@ -16,7 +16,7 @@ steps:
displayName: dotnet test -f net472
inputs:
command: test
- arguments: --no-build -c $(BuildConfiguration) -f net472 --filter "TestCategory!=FailsInCloudTest" -v n /p:CollectCoverage=true --settings "$(Build.Repository.LocalPath)/azure-pipelines/$(Agent.OS).runsettings" /bl:"$(Build.ArtifactStagingDirectory)/build_logs/test_net472.binlog"
+ arguments: --no-build -c $(BuildConfiguration) -f net472 --filter "TestCategory!=FailsInCloudTest" -v n /p:CollectCoverage=true --settings "$(Build.Repository.LocalPath)/azure-pipelines/$(Agent.OS).runsettings" /bl:"$(Build.ArtifactStagingDirectory)/build_logs/test_net472.binlog" --diag "$(Build.ArtifactStagingDirectory)/test_logs/net472.txt"
testRunTitle: net472-$(Agent.JobName)
condition: and(ne(variables['OptProf'], 'true'), eq(variables['Agent.OS'], 'Windows_NT'))
@@ -24,7 +24,7 @@ steps:
displayName: dotnet test -f netcoreapp3.1
inputs:
command: test
- arguments: --no-build -c $(BuildConfiguration) -f netcoreapp3.1 --filter "TestCategory!=FailsInCloudTest" -v n /p:CollectCoverage=true --settings "$(Build.Repository.LocalPath)/azure-pipelines/$(Agent.OS).runsettings" /bl:"$(Build.ArtifactStagingDirectory)/build_logs/test_netcoreapp3.1.binlog"
+ arguments: --no-build -c $(BuildConfiguration) -f netcoreapp3.1 --filter "TestCategory!=FailsInCloudTest" -v n /p:CollectCoverage=true --settings "$(Build.Repository.LocalPath)/azure-pipelines/$(Agent.OS).runsettings" /bl:"$(Build.ArtifactStagingDirectory)/build_logs/test_netcoreapp3.1.binlog" --diag "$(Build.ArtifactStagingDirectory)/test_logs/netcoreapp3.1.txt"
testRunTitle: netcoreapp3.1-$(Agent.JobName)
workingDirectory: test/Microsoft.VisualStudio.Threading.Tests
condition: ne(variables['OptProf'], 'true')
@@ -33,7 +33,7 @@ steps:
displayName: dotnet test -f net5.0
inputs:
command: test
- arguments: --no-build -c $(BuildConfiguration) -f net5.0 --filter "TestCategory!=FailsInCloudTest" -v n /p:CollectCoverage=true --settings "$(Build.Repository.LocalPath)/azure-pipelines/$(Agent.OS).runsettings" /bl:"$(Build.ArtifactStagingDirectory)/build_logs/test_net5.0.binlog"
+ arguments: --no-build -c $(BuildConfiguration) -f net5.0 --filter "TestCategory!=FailsInCloudTest" -v n /p:CollectCoverage=true --settings "$(Build.Repository.LocalPath)/azure-pipelines/$(Agent.OS).runsettings" /bl:"$(Build.ArtifactStagingDirectory)/build_logs/test_net5.0.binlog" --diag "$(Build.ArtifactStagingDirectory)/test_logs/net5.0.txt"
testRunTitle: net5.0-$(Agent.JobName)
workingDirectory: test/Microsoft.VisualStudio.Threading.Tests
condition: ne(variables['OptProf'], 'true')
diff --git a/azure-pipelines/falsepositives.gdnsuppress b/azure-pipelines/falsepositives.gdnsuppress
new file mode 100644
index 000000000..1d30c76d4
--- /dev/null
+++ b/azure-pipelines/falsepositives.gdnsuppress
@@ -0,0 +1,104 @@
+{
+ "version": "latest",
+ "suppressionSets": {
+ "falsepositives": {
+ "name": "falsepositives",
+ "createdDate": "2022-01-05 22:51:28Z",
+ "lastUpdatedDate": "2022-01-05 22:51:28Z"
+ }
+ },
+ "results": {
+ "f2d4b996c6d7c4016ec4fcd8ffee323140ad820bf3e162080d3def56e8341e91": {
+ "signature": "f2d4b996c6d7c4016ec4fcd8ffee323140ad820bf3e162080d3def56e8341e91",
+ "alternativeSignatures": [],
+ "target": "src/Microsoft.VisualStudio.Threading.Analyzers.CSharp/VSTHRD003UseJtfRunAsyncAnalyzer.cs",
+ "memberOf": [
+ "falsepositives"
+ ],
+ "tool": "policheck",
+ "ruleId": "80411",
+ "justification": null,
+ "createdDate": "2022-01-05 21:55:03Z",
+ "expirationDate": null,
+ "type": null
+ },
+ "5bd7dbbf8a0e638bc4ee65d7db6dc4ab9054ddd64f8ec5cf4031380b01100b63": {
+ "signature": "5bd7dbbf8a0e638bc4ee65d7db6dc4ab9054ddd64f8ec5cf4031380b01100b63",
+ "alternativeSignatures": [],
+ "target": "src/Microsoft.VisualStudio.Threading.Analyzers.CSharp/VSTHRD003UseJtfRunAsyncAnalyzer.cs",
+ "memberOf": [
+ "falsepositives"
+ ],
+ "tool": "policheck",
+ "ruleId": "80411",
+ "justification": null,
+ "createdDate": "2022-01-05 21:55:03Z",
+ "expirationDate": null,
+ "type": null
+ },
+ "ed020ef10e60a1a49245aad9cd8922514ac643fe6f2f689cabdfc2205d725de5": {
+ "signature": "ed020ef10e60a1a49245aad9cd8922514ac643fe6f2f689cabdfc2205d725de5",
+ "alternativeSignatures": [
+ "2b12d128e16023e34f3070e5d1c3014207692966829acbf838fe1ec92ddf6798"
+ ],
+ "target": "microsoft.visualstudio.threading/release/net472/microsoft.visualstudio.threading.dll",
+ "memberOf": [
+ "falsepositives"
+ ],
+ "tool": "apiscan",
+ "ruleId": "documentationnotfound",
+ "justification": null,
+ "createdDate": "2022-01-05 21:55:03Z",
+ "expirationDate": null,
+ "type": null
+ },
+ "72600e5e09c73929820080a3d7fbbd591c4aac41a606251af6755e2ea3e96286": {
+ "signature": "72600e5e09c73929820080a3d7fbbd591c4aac41a606251af6755e2ea3e96286",
+ "alternativeSignatures": [
+ "e0697b669d792491bda5ab3c49a1c1bc71adc6c2a4cd903163c8d956aec5d16f"
+ ],
+ "target": "microsoft.visualstudio.threading/release/netstandard2.0/microsoft.visualstudio.threading.dll",
+ "memberOf": [
+ "falsepositives"
+ ],
+ "tool": "apiscan",
+ "ruleId": "documentationnotfound",
+ "justification": null,
+ "createdDate": "2022-01-05 21:55:03Z",
+ "expirationDate": null,
+ "type": null
+ },
+ "020f08af56f0cc9f5fe08f1a8b1fd0c1e4eae1c279dd347be77f1a7fabcff8f6": {
+ "signature": "020f08af56f0cc9f5fe08f1a8b1fd0c1e4eae1c279dd347be77f1a7fabcff8f6",
+ "alternativeSignatures": [
+ "a558e750375b35019cd9a75dbad28be2d3ca71e5fe00a69e275f097b7fd94483"
+ ],
+ "target": "bin/SosThreadingTools/Release/net472/win-x64/SosThreadingTools.dll",
+ "memberOf": [
+ "falsepositives"
+ ],
+ "tool": "binskim",
+ "ruleId": "BA2010",
+ "justification": null,
+ "createdDate": "2022-01-05 22:51:28Z",
+ "expirationDate": null,
+ "type": null
+ },
+ "c26038cded62714187b699785c344c1732b33f73f98e738270603dc5c03a8be8": {
+ "signature": "c26038cded62714187b699785c344c1732b33f73f98e738270603dc5c03a8be8",
+ "alternativeSignatures": [
+ "7964039bd373d0bc2e2f97d0b4a4f8d7b8b94c226fedb17c5bc9a012866ce46a"
+ ],
+ "target": "bin/SosThreadingTools/Release/net472/win-x86/SosThreadingTools.dll",
+ "memberOf": [
+ "falsepositives"
+ ],
+ "tool": "binskim",
+ "ruleId": "BA2010",
+ "justification": null,
+ "createdDate": "2022-01-05 22:51:28Z",
+ "expirationDate": null,
+ "type": null
+ }
+ }
+}
diff --git a/azure-pipelines/microbuild.after.yml b/azure-pipelines/microbuild.after.yml
index 8bb4dec56..d3c8a1cba 100644
--- a/azure-pipelines/microbuild.after.yml
+++ b/azure-pipelines/microbuild.after.yml
@@ -1,3 +1,7 @@
+parameters:
+- name: EnableAPIScan
+ type: boolean
+
steps:
- task: MicroBuildCodesignVerify@3
displayName: Verify Signed Files
@@ -9,9 +13,6 @@ steps:
condition: succeededOrFailed()
displayName: MicroBuild Cleanup
-- task: ComponentGovernanceComponentDetection@0
- displayName: Component Detection
-
- task: ms-vscs-artifact.build-tasks.artifactDropTask-1.artifactDropTask@0
inputs:
dropServiceURI: https://devdiv.artifacts.visualstudio.com
@@ -45,3 +46,5 @@ steps:
continueOnError: true
- template: secure-development-tools.yml
+ parameters:
+ EnableAPIScan: ${{ parameters.EnableAPIScan }}
diff --git a/azure-pipelines/microbuild.before.yml b/azure-pipelines/microbuild.before.yml
index b55533cf0..900f9d71c 100644
--- a/azure-pipelines/microbuild.before.yml
+++ b/azure-pipelines/microbuild.before.yml
@@ -2,6 +2,15 @@ parameters:
- name: ShouldSkipOptimize
steps:
+- task: ComponentGovernanceComponentDetection@0
+ displayName: Component Detection
+
+- task: notice@0
+ displayName: Generate NOTICE file
+ inputs:
+ outputfile: $(System.DefaultWorkingDirectory)/obj/NOTICE
+ outputformat: text
+
- task: MicroBuildOptProfPlugin@6
inputs:
ProfilingInputsDropName: ProfilingInputs/$(System.TeamProject)/$(Build.Repository.Name)/$(Build.SourceBranchName)/$(Build.BuildNumber)
diff --git a/azure-pipelines/official.yml b/azure-pipelines/official.yml
index 9b071b1af..605e62afa 100644
--- a/azure-pipelines/official.yml
+++ b/azure-pipelines/official.yml
@@ -35,6 +35,10 @@ parameters:
displayName: Build on macOS
type: boolean
default: false # macOS is often bogged down in Azure Pipelines
+- name: EnableAPIScan
+ displayName: Run APIScan
+ type: boolean
+ default: false # enable when we get it passing
variables:
NugetSecurityAnalysisWarningLevel: none # nuget.config requires signed packages by trusted owners
@@ -53,6 +57,7 @@ stages:
jobs:
- template: build.yml
parameters:
+ EnableAPIScan: ${{ parameters.EnableAPIScan }}
windowsPool: VSEngSS-MicroBuild2022-1ES
ShouldSkipOptimize: ${{ parameters.ShouldSkipOptimize }}
includeMacOS: ${{ parameters.includeMacOS }}
diff --git a/azure-pipelines/publish-codecoverage.yml b/azure-pipelines/publish-codecoverage.yml
index 3667b976c..a0862be3f 100644
--- a/azure-pipelines/publish-codecoverage.yml
+++ b/azure-pipelines/publish-codecoverage.yml
@@ -18,10 +18,10 @@ steps:
- powershell: |
dotnet tool install --tool-path obj dotnet-reportgenerator-globaltool --version 4.8.5 --configfile azure-pipelines/justnugetorg.nuget.config
Copy-Item -Recurse $(Pipeline.Workspace)/coverageResults-Windows/obj/* $(System.DefaultWorkingDirectory)/obj
- Write-Host "Substituting {reporoot} with $(System.DefaultWorkingDirectory)"
- $reports = Get-ChildItem -Recurse "$(Pipeline.Workspace)/coverage.*cobertura.xml"
+ Write-Host 'Substituting {reporoot} with $(System.DefaultWorkingDirectory)'
+ $reports = Get-ChildItem -Recurse '$(Pipeline.Workspace)/coverage.*cobertura.xml'
$reports |% {
- $content = Get-Content -Path $_ |% { $_.Replace("{reporoot}", "$(System.DefaultWorkingDirectory)") }
+ $content = Get-Content -Path $_ |% { $_.Replace('{reporoot}', '$(System.DefaultWorkingDirectory)') }
Set-Content -Path $_ -Value $content -Encoding UTF8
}
$Inputs = [string]::join(';', ($reports |% { Resolve-Path -relative $_ }))
diff --git a/azure-pipelines/release.yml b/azure-pipelines/release.yml
index 487fa8c09..46fb6c0e0 100644
--- a/azure-pipelines/release.yml
+++ b/azure-pipelines/release.yml
@@ -47,8 +47,8 @@ stages:
{ "label" : "enhancement", "displayName": "Enhancements", "state" : "closed" }
]
-- stage: push_packages
- displayName: Push packages
+- stage: nuget_org
+ displayName: nuget.org
dependsOn: GitHubRelease
jobs:
- deployment: push
@@ -67,7 +67,7 @@ stages:
inputs:
versionSpec: 5.x
- task: NuGetCommand@2
- displayName: nuget.org
+ displayName: NuGet push
inputs:
command: push
packagesToPush: $(Pipeline.Workspace)/CI/deployables-Windows/NuGet/*.nupkg
diff --git a/azure-pipelines/secure-development-tools.yml b/azure-pipelines/secure-development-tools.yml
index 941d5b0c8..99925c13d 100644
--- a/azure-pipelines/secure-development-tools.yml
+++ b/azure-pipelines/secure-development-tools.yml
@@ -1,11 +1,74 @@
+parameters:
+- name: EnableAPIScan
+ type: boolean
+
steps:
- ### Check for checked in credentials.
- task: CredScan@3
- displayName: 'Run CredScan'
+ displayName: Run CredScan
- ### Run PoliCheck to check for disallowed terms. targetType: F indicates we're searching files and folders.
-- task: PoliCheck@1
- displayName: 'Run PoliCheck'
+- task: PoliCheck@2
+ displayName: Run PoliCheck
inputs:
targetType: F
+ targetArgument: $(System.DefaultWorkingDirectory)
+ optionsUEPATH: $(System.DefaultWorkingDirectory)\azure-pipelines\PoliCheckExclusions.xml
+
+- task: BinSkim@3
+ displayName: Run BinSkim
+ inputs:
+ InputType: Basic
+ Function: analyze
+ AnalyzeTarget: $(BinSkimTargets)
+
+- task: CopyFiles@2
+ displayName: Collect APIScan inputs
+ inputs:
+ SourceFolder: $(Build.ArtifactStagingDirectory)/Symbols-$(Agent.JobName)
+ # Exclude any patterns from the Contents (e.g. `!**/git2*`) that we have symbols for but do not need to run APIScan on.
+ Contents: |
+ **
+ TargetFolder: $(Build.ArtifactStagingDirectory)/APIScanInputs
+ condition: and(succeeded(), ${{ parameters.EnableAPIScan }}, ne(variables.ApiScanClientId, ''))
+
+- task: APIScan@2
+ displayName: Run APIScan
+ inputs:
+ softwareFolder: $(Build.ArtifactStagingDirectory)/APIScanInputs
+ softwareName: $(SymbolsFeatureName)
+ softwareVersionNum: $(NBGV_MajorMinorVersion)
+ isLargeApp: false
+ toolVersion: Latest
+ condition: and(succeeded(), ${{ parameters.EnableAPIScan }}, ne(variables.ApiScanClientId, ''))
+ env:
+ AzureServicesAuthConnectionString: runAs=App;AppId=$(ApiScanClientId);TenantId=$(ApiScanTenant);AppKey=$(ApiScanSecret)
+
+- task: SdtReport@2
+ displayName: Create Security Analysis Report
+ inputs:
+ GdnExportAllTools: true
+
+- task: PublishSecurityAnalysisLogs@3
+ displayName: Publish Code Analysis Logs
+ inputs:
+ ArtifactName: CodeAnalysisLogs
+ ArtifactType: Container
+ PublishProcessedResults: true
+ AllTools: true
+ ToolLogsNotFoundAction: Standard
+
+- task: PostAnalysis@2
+ displayName: Break on compliance issues
+ inputs:
+ GdnBreakAllTools: true
+ GdnBreakGdnToolBinSkimSeverity: Warning
+ GdnBreakSuppressionFiles: $(System.DefaultWorkingDirectory)/azure-pipelines/falsepositives.gdnsuppress
+ GdnBreakSuppressionSets: falsepositives
+ GdnBreakOutputSuppressionFile: $(Build.ArtifactStagingDirectory)/guardian_failures_as_suppressions/
+ GdnBreakOutputSuppressionSet: falsepositives
+
+# This is useful when false positives appear so we can copy some of the output into the suppressions file.
+- publish: $(Build.ArtifactStagingDirectory)/guardian_failures_as_suppressions
+ artifact: guardian_failures_as_suppressions
+ displayName: Publish Guardian failures
+ condition: failed()
diff --git a/azure-pipelines/variables/BinSkimTargets.ps1 b/azure-pipelines/variables/BinSkimTargets.ps1
new file mode 100644
index 000000000..99db4c731
--- /dev/null
+++ b/azure-pipelines/variables/BinSkimTargets.ps1
@@ -0,0 +1,8 @@
+$Path = "$PSScriptRoot\..\..\bin"
+if (Test-Path $Path) {
+ $binskimlist = & "$PSScriptRoot\..\Get-SymbolFiles.ps1" -ConvertToWindowsPDBs:$false -Path $Path
+ $binskimlist = $binskimlist |? { $_ -notlike '*git2-*' }
+ if ($binskimlist) {
+ [string]::join(';', $binskimlist)
+ }
+}
diff --git a/init.ps1 b/init.ps1
index a70d81f65..8374dd565 100644
--- a/init.ps1
+++ b/init.ps1
@@ -40,10 +40,10 @@
.PARAMETER AccessToken
An optional access token for authenticating to Azure Artifacts authenticated feeds.
#>
-[CmdletBinding(SupportsShouldProcess=$true)]
+[CmdletBinding(SupportsShouldProcess = $true)]
Param (
- [ValidateSet('repo','user','machine')]
- [string]$InstallLocality='user',
+ [ValidateSet('repo', 'user', 'machine')]
+ [string]$InstallLocality = 'user',
[Parameter()]
[switch]$NoPrerequisites,
[Parameter()]
@@ -83,8 +83,8 @@ if (!$NoPrerequisites) {
}
# Workaround nuget credential provider bug that causes very unreliable package restores on Azure Pipelines
-$env:NUGET_PLUGIN_HANDSHAKE_TIMEOUT_IN_SECONDS=20
-$env:NUGET_PLUGIN_REQUEST_TIMEOUT_IN_SECONDS=20
+$env:NUGET_PLUGIN_HANDSHAKE_TIMEOUT_IN_SECONDS = 20
+$env:NUGET_PLUGIN_REQUEST_TIMEOUT_IN_SECONDS = 20
Push-Location $PSScriptRoot
try {
diff --git a/src/AssemblyInfo.cs b/src/AssemblyInfo.cs
new file mode 100644
index 000000000..dcdd281db
--- /dev/null
+++ b/src/AssemblyInfo.cs
@@ -0,0 +1,6 @@
+// Copyright (c) Microsoft. All rights reserved.
+// Licensed under the MIT license. See LICENSE file in the project root for full license information.
+
+using System.Runtime.InteropServices;
+
+[assembly: DefaultDllImportSearchPaths(DllImportSearchPath.SafeDirectories)]
diff --git a/src/Directory.Build.targets b/src/Directory.Build.targets
index e7edee55a..566ab4fcf 100644
--- a/src/Directory.Build.targets
+++ b/src/Directory.Build.targets
@@ -1,3 +1,7 @@
+
+
+
+
diff --git a/test/.editorconfig b/test/.editorconfig
index f9828ec4a..cb548f89c 100644
--- a/test/.editorconfig
+++ b/test/.editorconfig
@@ -21,6 +21,12 @@ dotnet_diagnostic.VSTHRD111.severity = none
# VSTHRD200: Use Async suffix for async methods
dotnet_diagnostic.VSTHRD200.severity = silent
+# CA1014: Mark assemblies with CLSCompliant
+dotnet_diagnostic.CA1014.severity = none
+
+# CA1050: Declare types in namespaces
+dotnet_diagnostic.CA1050.severity = none
+
# CA1303: Do not pass literals as localized parameters
dotnet_diagnostic.CA1303.severity = none
@@ -70,4 +76,4 @@ dotnet_diagnostic.CA1307.severity = suggestion
dotnet_diagnostic.SA1604.severity = suggestion
# SA1401: Fields should be private
-dotnet_diagnostic.SA1401.severity = none
+dotnet_diagnostic.SA1401.severity = silent
diff --git a/tools/Install-DotNetSdk.ps1 b/tools/Install-DotNetSdk.ps1
index 427899307..3c82ee2b2 100644
--- a/tools/Install-DotNetSdk.ps1
+++ b/tools/Install-DotNetSdk.ps1
@@ -29,8 +29,11 @@ $DotNetInstallScriptRoot = Resolve-Path $DotNetInstallScriptRoot
# Look up actual required .NET Core SDK version from global.json
$sdkVersion = & "$PSScriptRoot/../azure-pipelines/variables/DotNetSdkVersion.ps1"
-$arch = 'x64'
-if ($env:PROCESSOR_ARCHITECTURE -eq 'ARM64') { $arch = 'ARM64' }
+$arch = [System.Runtime.InteropServices.RuntimeInformation]::ProcessArchitecture
+if (!$arch) { # Windows Powershell leaves this blank
+ $arch = 'x64'
+ if ($env:PROCESSOR_ARCHITECTURE -eq 'ARM64') { $arch = 'ARM64' }
+}
# Search for all .NET Core runtime versions referenced from MSBuild projects and arrange to install them.
$runtimeVersions = @()
diff --git a/version.json b/version.json
index 9814b273b..aa54c04da 100644
--- a/version.json
+++ b/version.json
@@ -4,5 +4,8 @@
"publicReleaseRefSpec": [
"^refs/heads/main$",
"^refs/heads/v\\d+(?:\\.\\d+)?$"
- ]
-}
\ No newline at end of file
+ ],
+ "cloudBuild": {
+ "setVersionVariables": false
+ }
+}