[vs17.8] Merge v17.8.43 into vs17.8 #12646
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…directory on every build Recreate temp on linux using CreateTempSubdirectory on every build ---- #### AI description (iteration 1) #### PR Classification This pull request implements a security bug fix by revising the temporary folder creation mechanism on Linux. #### PR Summary The changes modify the creation of the MSBuild temporary folder to use .NET’s built-in Directory.CreateTempSubdirectory method on Linux, ensuring a new subdirectory is recreated on every build. This approach removes the custom native permission logic and fallback routines, thereby mitigating the risk of malicious folder creation. - `src/Shared/TempFileUtilities.cs`: On Linux, the manual mkdir/chmod logic is replaced with Directory.CreateTempSubdirectory using a fixed prefix. - `src/Shared/TempFileUtilities.cs`: For other platforms, the temporary path is now combined with the new folder prefix with explicit directory creation. - `src/Shared/TempFileUtilities.cs`: The custom permission constant (`userRWX`) is removed in favor of secure, built-in directory handling. <!-- GitOpsUserAgent=GitOps.Apps.Server.pullrequestcopilot --> ---- #### AI description (iteration 2) #### PR Classification This pull request is a security fix addressing a vulnerability in the MSBuild temporary folder creation on Linux. #### PR Summary This pull request mitigates a security issue by revising the Linux temporary folder creation process to use a secure subdirectory creation method. - **`src/Shared/TempFileUtilities.cs`**: Refactored the Linux branch to create a temporary folder with `Directory.CreateTempSubdirectory` using a designated prefix, removing unsafe custom permission checks. - **`eng/Versions.props`**: Updated the version prefix from 17.8.42 to 17.8.43. Related work items: #2541147
Contributor
There was a problem hiding this comment.
Pull Request Overview
Merge of tag v17.8.43 into the vs17.8 branch updating version and adjusting temp directory creation logic.
- Bumps VersionPrefix to 17.8.43.
- Refactors temp folder creation logic on Linux to use Directory.CreateTempSubdirectory with a new constant prefix.
Reviewed Changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 4 comments.
| File | Description |
|---|---|
| src/Shared/TempFileUtilities.cs | Replaces custom Linux temp dir creation logic with Directory.CreateTempSubdirectory and introduces msbuildTempFolderPrefix constant. |
| eng/Versions.props | Updates VersionPrefix from 17.8.42 to 17.8.43. |
Contributor
|
Hello! I noticed that you're targeting one of our servicing branches. Please consider updating the version. |
YuliiaKovalova
approved these changes
Oct 16, 2025
rainersigwald
approved these changes
Oct 17, 2025
This was referenced Oct 21, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Merging tag v17.8.43 into vs17.8 branch