Skip to content

[automated] Merge branch 'release/8.0' => 'release/8.0-staging' #124246

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
rbhanda merged 32 commits into from
Feb 12, 2026
Merged

[automated] Merge branch 'release/8.0' => 'release/8.0-staging' #124246

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
32 commits
Select commit Hold shift + click to select a range
9a09d7b
Merge commit '9cccd83f8b7026dc0b5becb1714bac1499397665'
Nov 5, 2025
2f6e04b
Merge commit '283dede38f06421d05f205680629201b8f57acc4'
Nov 5, 2025
35123be
Merge commit '8dbea2724dde020db38d9137e70b7776f4386551'
Nov 11, 2025
3423649
Merge commit '0729d333794d0cf547fc4cd0ecd22d842d515eef'
Nov 26, 2025
06f15fd
Merge commit '891f8976f28fd6a55d2568bce0b8c2a583bd190f'
Nov 26, 2025
1c1ec94
Merge commit '34de5e17eb94e643aa3cc3af48cb77dc5ec7ac9a'
Dec 4, 2025
439bc75
Merge commit '103b56efcfd272e1e8e78edc6787c282848dfb05'
Dec 5, 2025
82336dd
Merge commit '56acca83b9d21995f9796254256e33c0f145aff2'
Dec 5, 2025
c96cd11
Merge commit 'ac345324f04146714172ea78c5496bd979fc3dcf'
Dec 6, 2025
42f3d19
Merge commit 'c9190610b22c83b8d56868bf01001601895a54e7'
Dec 22, 2025
d97033d
Merge commit 'b18624c4de9bde1f2ea6e23e38c68a271ed9966f'
Dec 25, 2025
c102bea
Update branding to 8.0.24 (#122887)
vseanreesermsft Jan 6, 2026
aaef8bb
Merge commit 'c102bea96ed4e07bb138c7815c7607ab56facdff'
Jan 6, 2026
2042eb2
Revert "[release/8.0] Update dependencies from dotnet/arcade" (#122943)
jozkee Jan 7, 2026
69107ea
Merge commit '2042eb2a56112539bf9e0b9538972fdd84e381a0'
Jan 7, 2026
9e1f70e
Fix the type of exception thrown when decoding bad headers
bartonjs Jan 8, 2026
cb6dd00
[release/8.0] Update dependencies from dotnet/emsdk (#122746)
dotnet-maestro[bot] Jan 13, 2026
39736b8
Merge commit 'cb6dd00c21d6d8a373efbc7f5b5088caab5d8e22'
Jan 13, 2026
be63b29
Merge commit 'c96cd11cb2f0c204f272b2280082a329aee24cf7' into internal…
vseanreesermsft Jan 13, 2026
a22f890
Merging internal commits for release/8.0 (#123150)
jeffhandley Jan 13, 2026
7e46fb9
Merge commit 'a22f8900be30f9d81cf1bee76a885e45c811c857'
Jan 13, 2026
fb7ac0f
[manual] Merge release/8.0-staging into release/8.0 (#123114)
jeffhandley Jan 13, 2026
da103bc
Merge commit 'fb7ac0ff0437c5405458a2a953d29a6aeb5e76f0'
Jan 13, 2026
b43df22
[release/8.0] Update dependencies from dotnet/emsdk (#123185)
dotnet-maestro[bot] Jan 20, 2026
b3b35ce
Merge commit 'b43df221a7854ae9b3c831a436c333ec9549bc5d'
Jan 20, 2026
38eebd9
[release/8.0] Change pool for evaluate-paths (#123462)
github-actions[bot] Jan 26, 2026
9345ccc
Update branding to 8.0.25 (#123896)
vseanreesermsft Feb 5, 2026
7a6845d
[release/8.0] Update dependencies from dotnet/emsdk (#123408)
dotnet-maestro[bot] Feb 5, 2026
7e53964
[release/8.0] Use correct name for AZL3 build image (#124179)
akoeplinger Feb 9, 2026
c7aa2e8
Merge commit 'b3b35ce80e9eb94f72c4aa36a171a5e1cde72ace' into internal…
vseanreesermsft Feb 10, 2026
e1139d2
Merging internal commits for release/8.0 (#124237)
wfurt Feb 10, 2026
079088e
Merge branch 'release/8.0-staging' into merge/release/8.0-to-release/…
jozkee Feb 12, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion NuGet.config
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
<clear />
<!--Begin: Package sources managed by Dependency Flow automation. Do not edit the sources below.-->
<!-- Begin: Package sources from dotnet-emsdk -->
<add key="darc-pub-dotnet-emsdk-3cbd998" value="https://pkgs.dev.azure.com/dnceng/public/_packaging/darc-pub-dotnet-emsdk-3cbd998b/nuget/v3/index.json" />
<add key="darc-pub-dotnet-emsdk-badf9f9" value="https://pkgs.dev.azure.com/dnceng/public/_packaging/darc-pub-dotnet-emsdk-badf9f97/nuget/v3/index.json" />
<!-- End: Package sources from dotnet-emsdk -->
<!-- Begin: Package sources from dotnet-sdk -->
<!-- End: Package sources from dotnet-sdk -->
Expand Down
8 changes: 4 additions & 4 deletions eng/Version.Details.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -90,13 +90,13 @@
<Sha>8bb0f2d5f3b6b9dff32e2643642bea09bf6ae38d</Sha>
<SourceBuild RepoName="cecil" ManagedOnly="true" />
</Dependency>
<Dependency Name="Microsoft.NET.Workload.Emscripten.Current.Manifest-8.0.100" Version="8.0.23">
<Dependency Name="Microsoft.NET.Workload.Emscripten.Current.Manifest-8.0.100" Version="8.0.25">
<Uri>https://github.com/dotnet/emsdk</Uri>
<Sha>3cbd998b237cdde910fd4c4964207a87dd04c837</Sha>
<Sha>badf9f97aaf4c2166b17bd6475ca73958c11e309</Sha>
</Dependency>
<Dependency Name="Microsoft.SourceBuild.Intermediate.emsdk" Version="8.0.23-servicing.25612.6">
<Dependency Name="Microsoft.SourceBuild.Intermediate.emsdk" Version="8.0.25-servicing.26102.2">
<Uri>https://github.com/dotnet/emsdk</Uri>
<Sha>3cbd998b237cdde910fd4c4964207a87dd04c837</Sha>
<Sha>badf9f97aaf4c2166b17bd6475ca73958c11e309</Sha>
<SourceBuild RepoName="emsdk" ManagedOnly="true" />
</Dependency>
<Dependency Name="Microsoft.SourceBuild.Intermediate.source-build-reference-packages" Version="8.0.0-alpha.1.25615.3">
Expand Down
6 changes: 3 additions & 3 deletions eng/Versions.props
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
<Project>
<PropertyGroup>
<!-- The .NET product branding version -->
<ProductVersion>8.0.23</ProductVersion>
<ProductVersion>8.0.25</ProductVersion>
<!-- File version numbers -->
<MajorVersion>8</MajorVersion>
<MinorVersion>0</MinorVersion>
<PatchVersion>23</PatchVersion>
<PatchVersion>25</PatchVersion>
<SdkBandVersion>8.0.100</SdkBandVersion>
<PackageVersionNet7>7.0.20</PackageVersionNet7>
<PackageVersionNet6>6.0.36</PackageVersionNet6>
Expand Down Expand Up @@ -254,7 +254,7 @@
Note: when the name is updated, make sure to update dependency name in eng/pipelines/common/xplat-setup.yml
like - DarcDependenciesChanged.Microsoft_NET_Workload_Emscripten_Current_Manifest-8_0_100_Transport
-->
<MicrosoftNETWorkloadEmscriptenCurrentManifest80100Version>8.0.23</MicrosoftNETWorkloadEmscriptenCurrentManifest80100Version>
<MicrosoftNETWorkloadEmscriptenCurrentManifest80100Version>8.0.25</MicrosoftNETWorkloadEmscriptenCurrentManifest80100Version>
<MicrosoftNETRuntimeEmscriptenVersion>$(MicrosoftNETWorkloadEmscriptenCurrentManifest80100Version)</MicrosoftNETRuntimeEmscriptenVersion>
<!-- workloads -->
<SwixPackageVersion>1.1.87-gba258badda</SwixPackageVersion>
Expand Down
8 changes: 7 additions & 1 deletion eng/pipelines/common/evaluate-paths-job.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,13 @@ jobs:
- job: evaluate_paths
displayName: Evaluate Paths
pool:
vmImage: 'ubuntu-latest'
${{ if eq(variables['System.TeamProject'], 'public') }}:
name: $(DncEngPublicBuildPool)
demands: ImageOverride -equals build.azurelinux.3.amd64.open
${{ else }}:
name: $(DncEngInternalBuildPool)
demands: ImageOverride -equals build.azurelinux.3.amd64
os: linux

steps:
- checkout: self
Expand Down
4 changes: 2 additions & 2 deletions src/libraries/System.Security.Cryptography.Cose/src/System.Security.Cryptography.Cose.csproj
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,8 @@
<TargetFrameworks>$(NetCoreAppCurrent);$(NetCoreAppPrevious);$(NetCoreAppMinimum);netstandard2.0;$(NetFrameworkMinimum)</TargetFrameworks>
<AllowUnsafeBlocks>true</AllowUnsafeBlocks>
<IsPackable>true</IsPackable>
<ServicingVersion>1</ServicingVersion>
<GeneratePackageOnBuild>false</GeneratePackageOnBuild>
<ServicingVersion>2</ServicingVersion>
<GeneratePackageOnBuild>true</GeneratePackageOnBuild>
<PackageDescription>Provides support for CBOR Object Signing and Encryption (COSE).</PackageDescription>
</PropertyGroup>

Expand Down
56 changes: 47 additions & 9 deletions ...es/System.Security.Cryptography.Cose/src/System/Security/Cryptography/Cose/CoseMessage.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -295,20 +295,43 @@ private static void DecodeUnprotectedBucket(CborReader reader, CoseHeaderMap hea

private static void DecodeBucket(CborReader reader, CoseHeaderMap headerParameters)
{
int? length = reader.ReadStartMap();
for (int i = 0; i < length; i++)
reader.ReadStartMap();

while (true)
{
CoseHeaderLabel label = reader.PeekState() switch
CborReaderState state = reader.PeekState();

if (state == CborReaderState.EndMap)
{
reader.ReadEndMap();
break;
}

CoseHeaderLabel label = state switch
{
CborReaderState.UnsignedInteger or CborReaderState.NegativeInteger => new CoseHeaderLabel(reader.ReadInt32()),
CborReaderState.TextString => new CoseHeaderLabel(reader.ReadTextString()),
_ => throw new CryptographicException(SR.Format(SR.DecodeErrorWhileDecoding, SR.DecodeSign1MapLabelWasIncorrect))
};

CoseHeaderValue value = CoseHeaderValue.FromEncodedValue(reader.ReadEncodedValue().Span);
headerParameters.Add(label, value);

try
{
headerParameters.Add(label, value);
}
catch (ArgumentException e)
{
// Lift the well-known header value validation into a CryptographicException.
if (e.ParamName == "value")
{
throw new CryptographicException(e.Message);
}

Debug.Fail("Unexpected ArgumentException from CoseHeaderMap.Add");
throw new CryptographicException(SR.DecodeErrorWhileDecodingSeeInnerEx, e);
}
}
reader.ReadEndMap();
}

private static byte[]? DecodePayload(CborReader reader)
Expand Down Expand Up @@ -563,13 +586,23 @@ internal static bool MissingCriticalHeaders(CoseHeaderMap? protectedHeders, out
return false;
}

bool empty = true;

var reader = new CborReader(critHeaderValue.EncodedValue);
int length = reader.ReadStartArray().GetValueOrDefault();
Debug.Assert(length > 0);
reader.ReadStartArray();

for (int i = 0; i < length; i++)
while (true)
{
CoseHeaderLabel label = reader.PeekState() switch
CborReaderState state = reader.PeekState();

if (state == CborReaderState.EndArray)
{
reader.ReadEndArray();
break;
}

empty = false;
CoseHeaderLabel label = state switch
{
CborReaderState.UnsignedInteger or CborReaderState.NegativeInteger => new CoseHeaderLabel(reader.ReadInt32()),
CborReaderState.TextString => new CoseHeaderLabel(reader.ReadTextString()),
Expand All @@ -583,6 +616,11 @@ internal static bool MissingCriticalHeaders(CoseHeaderMap? protectedHeders, out
}
}

if (empty)
{
throw new CryptographicException(SR.CriticalHeadersMustBeArrayOfAtLeastOne);
}

labelName = null;
return false;
}
Expand Down
126 changes: 126 additions & 0 deletions src/libraries/System.Security.Cryptography.Cose/tests/CoseMessageTests.DecodeMultiSign.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -144,5 +144,131 @@ public void DecodeMultiSign_IndefiniteLengthArray_ShorterByOne(string hexCborPay
CryptographicException ex = Assert.Throws<CryptographicException>(() => CoseMessage.DecodeMultiSign(cborPayload));
Assert.Null(ex.InnerException);
}

[Theory]
[InlineData(true, true)]
[InlineData(true, false)]
[InlineData(false, false)]
[InlineData(false, true)]
public void DecodeMultiSignThrowsIfCriticalHeaderIsMissing(bool detached, bool useIndefiniteLength)
{
const string AttachedDefiniteHex =
"D8628440A054546869732069732074686520636F6E74656E742E818347A20126" +
"0281182AA05840ECB8C39BE15156FB6567C33634C75396D7FE1042C84FE54B9C" +
"EFA51E674C0CB227A8C08E558B6047668BBE3311749776670D1583A14B3A2DD8" +
"7F63F0FA298452";

const string AttachedIndefiniteHex =
"D8628440A054546869732069732074686520636F6E74656E742E818348A20126" +
"029F182AFFA05840F62CB760AC27D393D88ED392D5D4D55A02B0BB75261E75FE" +
"9B346C280DA6B93BE7F5B1B66B74561513EA52CAA2C66FE7474010035C678DA6" +
"B3549D3E671166EB";

const string DetachedDefiniteHex =
"D8628440A0F6818347A201260281182AA05840F96CE3D0999F34BE0E3FC62AE2" +
"AB25DD8D88F7154E6FADD5FFFEAF78F89DB97AC3E599ADB555C8442BD520F3F4" +
"8CB6A320B864677E26D1FA79FEDD79C3BCA927";

const string DetachedIndefiniteHex =
"D8628440A0F6818348A20126029F182AFFA0584028E95F7F9267CED0061339A7" +
"6602D823774EDA3E8D53B0A4FA436B71B0DBCA6F03F561A67355374AF494648C" +
"941558146F9C22B17542EBAF23497D27635A1829";

string inputHex = (detached, useIndefiniteLength) switch
{
(false, false) => AttachedDefiniteHex,
(false, true) => AttachedIndefiniteHex,
(true, false) => DetachedDefiniteHex,
(true, true) => DetachedIndefiniteHex,
};

AssertExtensions.ThrowsContains<CryptographicException>(
() => CoseMessage.DecodeMultiSign(ByteUtils.HexToByteArray(inputHex)),
"Critical Header '42' missing from protected map.");
}

[Theory]
[InlineData(true, true)]
[InlineData(true, false)]
[InlineData(false, false)]
[InlineData(false, true)]
public void DecodeMultiSignThrowsIfCriticalHeadersIsEmpty(bool detached, bool useIndefiniteLength)
{
const string AttachedDefiniteHex =
"D8628440A054546869732069732074686520636F6E74656E742E818345A20126" +
"0280A05840B5F9E21078643A74B181ED294AC72C71F20AC5CA7AD037F559C68E" +
"06148429396A4194133763AB6918D747ACEE820CC430C2E891E3E2D5EECF6126" +
"1CEA33C6D4";

const string AttachedIndefiniteHex =
"D8628440A054546869732069732074686520636F6E74656E742E818346A20126" +
"029FFFA05840DDF3C0B85415AD1628C0B50C0F3FEDE675C1003484687CDFA3FA" +
"09285D5A31D48ADF11744BE0AE87F0189408A9CF38F0572537E8A786D505B6A6" +
"EE2008B91C74";

const string DetachedDefiniteHex =
"D8628440A0F6818345A201260280A05840EB66EE9E064CAB2E2F50244661734D" +
"9AEBD959BD21278E8D4827870DFE10C27B52E3E21D29185FC64526DC3B80C108" +
"548E956E9DBDDC7B23D100C17715AEE163";

const string DetachedIndefiniteHex =
"D8628440A0F6818346A20126029FFFA05840FC954ABD1611F7C6EEDD7FE71C3F" +
"62821AD46ED1988500F3309D0C607F0F151A69D0FC7BC968B2C36AEE68AC2B9A" +
"9580DFE1244F6E5F834183497F21EA5900C1";

string inputHex = (detached, useIndefiniteLength) switch
{
(false, false) => AttachedDefiniteHex,
(false, true) => AttachedIndefiniteHex,
(true, false) => DetachedDefiniteHex,
(true, true) => DetachedIndefiniteHex,
};

AssertExtensions.ThrowsContains<CryptographicException>(
() => CoseMessage.DecodeMultiSign(ByteUtils.HexToByteArray(inputHex)),
"Critical Headers must be a CBOR array of at least one element.");
}

[Theory]
[InlineData(true, true)]
[InlineData(true, false)]
[InlineData(false, false)]
[InlineData(false, true)]
public void DecodeMultiSignThrowsIfCriticalHeaderIsOfUnknownType(bool detached, bool useIndefiniteLength)
{
const string AttachedDefiniteHex =
"D8628440A054546869732069732074686520636F6E74656E742E818347A20126" +
"0281412AA05840FCAFEDBE41693C7BA43FB58E2CF06182BE1BF340122CC5AFD4" +
"F59172C7E95166FF8E98FE9A0C2BEFEA135FD800DE6CA9A281D49B141CB93B17" +
"D992E693540F8A";

const string AttachedIndefiniteHex =
"D8628440A054546869732069732074686520636F6E74656E742E818348A20126" +
"029F412AFFA058400D3F4426B26007D731677D99B542E524847FF3927BCA74E4" +
"1823B09D6CA57A0E107F93DFE5DB851F4CEE8C0E4AF83E3540848F026FCD761F" +
"91CA2ED8D5F98134";

const string DetachedDefiniteHex =
"D8628440A0F6818347A201260281412AA0584008E0EEF66622FEC926CB651E90" +
"13D8628AB72581533761EDE52972FE6DFBF2C4BADB6C218E8AD1E28F8192DFB2" +
"8A82A4444A74C370AEA6C63AC982EABCD52874";

const string DetachedIndefiniteHex =
"D8628440A0F6818348A20126029F412AFFA05840C6DDCA2F35B7B285AB594963" +
"E9DB43CBDC77842256A7D1D31704749C7446AD5A67BBC02F9DBAF8F394ECCCA7" +
"8E8B63E5BB746F0205EE5732DFB2E00EBA3D5F48";

string inputHex = (detached, useIndefiniteLength) switch
{
(false, false) => AttachedDefiniteHex,
(false, true) => AttachedIndefiniteHex,
(true, false) => DetachedDefiniteHex,
(true, true) => DetachedIndefiniteHex,
};

AssertExtensions.ThrowsContains<CryptographicException>(
() => CoseMessage.DecodeMultiSign(ByteUtils.HexToByteArray(inputHex)),
"Header '2' does not accept the specified value.");
}
}
}
Loading
Loading