-
Notifications
You must be signed in to change notification settings - Fork 678
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Deprecate http usage: source
commands, promote warning to error for http sources
#5702
Deprecate http usage: source
commands, promote warning to error for http sources
#5702
Conversation
source
commands promote warning to error for http sourcessource
commands, promote warning to error for http sources
18162b4
to
faf0a89
Compare
ef0d0ed
to
9cd70ce
Compare
9cd70ce
to
4272ac3
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Some test feedback.
Rest looks great!
Nicely done.
test/NuGet.Core.FuncTests/Dotnet.Integration.Test/DotnetSourcesTests.cs
Outdated
Show resolved
Hide resolved
07c59fe
to
94fb612
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Once all the PRs related to this effort are merged, I think we should remove NU1803 error code from the product. If we still would like to warn for HTTP sources in the list source
command, then we can keep the error code.
@@ -1107,4 +1107,8 @@ Non-HTTPS access will be removed in a future version. Consider migrating to 'HTT | |||
<value>You are running the '{0}' operation with an 'HTTP' source: {1}. NuGet requires HTTPS sources. To use an HTTP source, you must explicitly set 'allowInsecureConnections' to true in your NuGet.Config file. Please refer to https://aka.ms/nuget-https-everywhere.</value> | |||
<comment>0 - The command name. Ex. Push/Delete. 1 - server URI.</comment> | |||
</data> | |||
<data name="Error_HttpSource_Single_Short" xml:space="preserve"> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we the existing Error_HttpSource_Single
resource instead of adding a new one?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It is because they are a little different. One tells the user to configure allowInsecureConnections
while the other one does not.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There is duplication in the strings for Error_HttpSource_Single
, Error_HttpSources_Multiple
and Error_HttpSource_Single_Short
resources. If we ever have to change the error message, we have to update in all the places. I guess we should be okay good for now.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think it's okay to do this, and the repo has a lot of duplicate strings in resource files. My understanding was that it's not a significant difference for the localization team. Perhaps I'm remembering it's even preferred to just create a duplicate resource?!
test/NuGet.Core.FuncTests/Dotnet.Integration.Test/DotnetSourcesTests.cs
Outdated
Show resolved
Hide resolved
test/NuGet.Core.FuncTests/Dotnet.Integration.Test/DotnetSourcesTests.cs
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks pretty good! I think the test content is well done, just needs a little separation/renaming.
test/NuGet.Core.FuncTests/Dotnet.Integration.Test/DotnetSourcesTests.cs
Outdated
Show resolved
Hide resolved
test/NuGet.Core.FuncTests/Dotnet.Integration.Test/DotnetSourcesTests.cs
Outdated
Show resolved
Hide resolved
@@ -236,40 +259,38 @@ public void Sources_WarnWhenListHttpSource(string initialSource, string secondSo | |||
CommandRunnerResult result = _fixture.RunDotnetExpectSuccess(configFileDirectory, string.Join(" ", args)); | |||
|
|||
// Assert | |||
Assert.Equal(shouldWarn, result.Output.Contains(warningMessage)); | |||
Assert.Contains(initialSource, result.AllOutput); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this scenario supposed to be an Error? If so, this assertion should be like the others and look for the Error output, not All Output.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The nuget list command, allows users to list configured sources. However, just because a user has an http source, we should not be throwing an error for the list command. Instead, we should list all the configured sources and warn them about it. As a result, I have not added an error for the list command.
@@ -1107,4 +1107,8 @@ Non-HTTPS access will be removed in a future version. Consider migrating to 'HTT | |||
<value>You are running the '{0}' operation with an 'HTTP' source: {1}. NuGet requires HTTPS sources. To use an HTTP source, you must explicitly set 'allowInsecureConnections' to true in your NuGet.Config file. Please refer to https://aka.ms/nuget-https-everywhere.</value> | |||
<comment>0 - The command name. Ex. Push/Delete. 1 - server URI.</comment> | |||
</data> | |||
<data name="Error_HttpSource_Single_Short" xml:space="preserve"> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think it's okay to do this, and the repo has a lot of duplicate strings in resource files. My understanding was that it's not a significant difference for the localization team. Perhaps I'm remembering it's even preferred to just create a duplicate resource?!
[InlineData("http://source.test", "http://source.test.2")] | ||
[InlineData("https://source.test", "http://source.test.2")] | ||
[InlineData("https://source.test", "https://source.test.2")] | ||
public void SourcesList_WithDefaultFormat_UsesDetailedFormat(string source, string secondSource) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
When I read this test's assertions, I don't understand where the "Detailed format" comes in.
Also, shouldn't the test assert that no warning exists in the output?
@@ -9,3 +9,4 @@ | |||
[assembly: InternalsVisibleTo("NuGet.SolutionRestoreManager.Test, PublicKey=002400000480000094000000060200000024000052534131000400000100010007d1fa57c4aed9f0a32e84aa0faefd0de9e8fd6aec8f87fb03766c834c99921eb23be79ad9d5dcc1dd9ad236132102900b723cf980957fc4e177108fc607774f29e8320e92ea05ece4e821c0a5efe8f1645c4c0c93c1ab99285d622caa652c1dfad63d745d6f2de5f17e5eaf0fc4963d261c8a12436518206dc093344d5ad293")] | |||
[assembly: InternalsVisibleTo("NuGet.PackageManagement.VisualStudio.Test, PublicKey=002400000480000094000000060200000024000052534131000400000100010007d1fa57c4aed9f0a32e84aa0faefd0de9e8fd6aec8f87fb03766c834c99921eb23be79ad9d5dcc1dd9ad236132102900b723cf980957fc4e177108fc607774f29e8320e92ea05ece4e821c0a5efe8f1645c4c0c93c1ab99285d622caa652c1dfad63d745d6f2de5f17e5eaf0fc4963d261c8a12436518206dc093344d5ad293")] | |||
[assembly: InternalsVisibleTo("DynamicProxyGenAssembly2, PublicKey=0024000004800000940000000602000000240000525341310004000001000100c547cac37abd99c8db225ef2f6c8a3602f3b3606cc9891605d02baa56104f4cfc0734aa39b93bf7852f7d9266654753cc297e7d2edfe0bac1cdcf9f717241550e0a7b191195b7667bb4f64bcb8e2121380fd1d9d46ad2d92d2d15605093924cceaf74c4861eff62abf69b9291ed0a340e113be11e6a7d3113e92484cf7045cc7")] | |||
[assembly: InternalsVisibleTo("Dotnet.Integration.Test, PublicKey=0024000004800000940000000602000000240000525341310004000001000100b5fc90e7027f67871e773a8fde8938c81dd402ba65b9201d60593e96c492651e889cc13f1415ebb53fac1131ae0bd333c5ee6021672d9718ea31a8aebd0da0072f25d87dba6fc90ffd598ed4da35e44c398c454307e8e33b8426143daec9f596836f97c8f74750e5975c64e2189f45def46b2a2b1247adc3652bf5c308055da9")] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Be aware that this will conflict with my recent change: #5744
You'll need to add an <InternalsVisibleTo />
item to the .csproj
instead. I wonder if it would be worth rebasing your feature branch.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks, I will rebase
test/NuGet.Clients.Tests/NuGet.CommandLine.Test/NuGetSourcesCommandTest.cs
Outdated
Show resolved
Hide resolved
@NuGet/nuget-client Any suggestions? |
* Deprecate http usage: `nuget search` promote warning to error for http sources (#5693) * Deprecate http usage: `nuget list` promote warning to error for http sources (#5698) * Deprecate http usage: `nuget push` promote warning to error for http sources (#5705) * Deprecate http usage: `delete` operations, promote warning to error for http sources (#5703) * Add `allowinsecureconnections` option (#5742) * remove integration test for now (#5758) * Deprecate http: Promote from warning to error in VS Options NuGet Package Manager (#5732) * Deprecate http usage: `source` commands, promote warning to error for http sources (#5702) * Deprecate http usage: `restore` scenarios promote warning to error for http sources (#5731) * use `--allow-insecure-connections` for dotnet nuget add command (#5853) * tests * clean up * clean up * white space * tests * comment
Bug
Fixes: NuGet/Home#13333
Regression? Last working version:
Description
PR Checklist
PR has a meaningful title
PR has a linked issue.
Described changes
Tests
Documentation