[vs17.10] Merge v17.10.46 into vs17.10 #12647
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…bdirectory on every build Recreate temp on linux using CreateTempSubdirectory on every build ---- #### AI description (iteration 1) #### PR Classification Bug fix addressing a Linux-specific temporary folder security vulnerability. #### PR Summary This pull request enhances security in MSBuild on Linux by replacing the manual temporary folder creation logic with a reliable call to CreateTempSubdirectory, ensuring a unique and correctly set up temp folder on every build. - `src/Shared/TempFileUtilities.cs`: On Linux, the temp folder is now recreated via Directory.CreateTempSubdirectory instead of custom mkdir/chmod logic. - `src/Shared/TempFileUtilities.cs`: Removed the unused `userRWX` constant, cleaning up the code. <!-- GitOpsUserAgent=GitOps.Apps.Server.pullrequestcopilot --> ---- #### AI description (iteration 2) #### PR Classification This pull request is a security fix that updates the temporary folder creation mechanism on Linux. #### PR Summary The PR replaces the insecure native mkdir/chmod approach with a safer Directory.CreateTempSubdirectory method for Linux, ensuring that the temporary folder is freshly created on every build and addressing the risk of malicious folder creation. - **`src/Shared/TempFileUtilities.cs`**: Replaces the complex mkdir/chmod logic with a call to Directory.CreateTempSubdirectory for Linux and removes the obsolete userRWX constant. - **`eng/Versions.props`**: Increments the version prefix to reflect the update. Related work items: #2541147
Contributor
There was a problem hiding this comment.
Pull Request Overview
This PR merges version tag v17.10.46 into the vs17.10 branch, updating the version number and simplifying temporary file directory creation logic on Linux by replacing custom security-focused code with .NET's built-in Directory.CreateTempSubdirectory method.
Key Changes
- Updated version from 17.10.45 to 17.10.46 in Versions.props
- Replaced complex Linux temp folder creation logic with
Directory.CreateTempSubdirectoryAPI - Removed custom user permission handling and security checks previously required for Linux environments
Reviewed Changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
| eng/Versions.props | Version bump from 17.10.45 to 17.10.46 |
| src/Shared/TempFileUtilities.cs | Simplified temp folder creation on Linux using .NET built-in API, removing manual permission management |
Contributor
|
Hello! I noticed that you're targeting one of our servicing branches. Please consider updating the version. |
YuliiaKovalova
approved these changes
Oct 16, 2025
rainersigwald
approved these changes
Oct 17, 2025
This was referenced Oct 21, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Merging tag v17.10.46 into vs17.10 branch