-
-
Notifications
You must be signed in to change notification settings - Fork 355
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
dlls are not signed within NuGet packages #228
Comments
Short answer: this is a known issue. I have no plans to add strong-naming to AsyncEx now, for reasons described here. See also #2. If Microsoft would provide better tooling and guidance for strong naming libraries without causing massive maintenance headaches, then I would be willing to reconsider. A Short History of Strong Naming in AsyncEx:
I still think the .NET ecosystem would be better served by a service that auto-signs packages following a semantic versioning approach. So far, I have not had time to write this service. |
Wow, thanks for the detailed reply, Stephen, and I didn't realize this underwent so much ups and downs related to strong name signing. For your final point - public signing - what was the reason for you to abandon it eventually, if you don't mind elaborating it a little bit more? Because tbh, at least for our team, we don't care about strong name signing, but only public signing. Our pipeline just does regular public signing of our project DLLs with some Azure internal certs, and checks if all the 3rd party dlls were signed beforehand (not checking strong name signing though). This step threw due to Nito dlls not signed. Thanks! |
Interesting that it's checking assemblies are signed, but not checking the signatures. It's been a while since I've worked with the public signing, but IIRC the problems were:
I still think a service that autosigns packages on demand is a good idea. And I still don't have time to write it. In the meantime, the Strong Naming Toolkit and StrongNameSigner are still available. |
Hi Stephen,
This is Frank from Microsoft Azure. Our pipeline says that all the Nito dlls are not signed, and I went ahead and checked them - they are indeed not signed. There's no Signature tab under the dll properties. Normally if a DLL is signed, a valid signature tab should appear there. Please refer to the below images.
FYI - I'm using version 5.1.0
I wonder if this is a known problem?
Thanks!
Frank
The text was updated successfully, but these errors were encountered: