No description, website, or topics provided.
Clone or download
dsplaisted Merge pull request #2 from AArnott/patch-2
Clarify which CLRs require this in README
Latest commit d93ba65 Oct 29, 2018
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
build Update package version to 0.0.8 Sep 7, 2018
common Update package version to 0.0.8 Sep 7, 2018
images Add demo to README.md Oct 27, 2015
src Better exception logging Sep 7, 2018
.gitattributes Add .gitattributes Oct 25, 2015
.gitignore Add .nuspec and build infrastructure Oct 27, 2015
LICENSE Initial commit Oct 25, 2015
README.md Merge pull request #2 from AArnott/patch-2 Oct 29, 2018
StrongNamer.sln Add build projects to Solution May 28, 2017

README.md

Strong Namer

Most applications in .NET do not need to be strong named. Strong names can also introduce pain because they end up requiring binding redirects. Because of this, many OSS libraries do not strong name their assemblies.

Strong named assemblies that reference assemblies that aren't strong named are rejected by the .NET Framework (desktop app only restriction). So if for whatever reason you actually do need to strong name your project, you couldn't easily consume open source packages.

Strong Namer is a NuGet package which aims to change this. Simply install the StrongNamer NuGet package, and it will transparently and automatically sign the assemblies you reference as part of the build process.

Demo

Here's how to try Strong Namer out for yourself:

  • Create a new Console application
  • Add a strong name to the application
    • Go to the Signing tab of the project properties
    • Check "Sign the assembly"
    • In the key file dropdown, choose <New...>
    • Choose a key file name (ie "key.snk"), uncheck the password option, and click OK
  • Add a reference to the Octokit NuGet package
  • Replace Program class with the following code:
using Octokit;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;

class Program
{
    static void Main(string[] args)
    {
        MainAsyncWithErrorHandling().Wait();
    }

    static async Task MainAsyncWithErrorHandling()
    {
        try
        {
            await MainAsync();
        }
        catch (Exception ex)
        {
            Console.WriteLine(ex.ToString());
        }
    }

    static async Task MainAsync()
    {
        var github = new GitHubClient(new ProductHeaderValue("MyAmazingApp"));
        var user = await github.User.Get("half-ogre");
        Console.WriteLine(user.Followers + " folks love the half ogre!");
    }
}
  • Start without debugging (CTRL+F5)

System.IO.FileLoadException: Could not load file or assembly 'Octokit, Version=0.16.0.0, Culture=neutral, PublicKeyToken=null' or one of its dependencies. A strongly-named assembly is required. (Exception from HRESULT: 0x80131044) File name: 'Octokit, Version=0.16.0.0, Culture=neutral, PublicKeyToken=null' at Program.MainAsync() at Program.<MainAsyncWithErrorHandling>d__1.MoveNext() in C:\Users\daplaist\Documents\Visual Studio 2015\Projects\ConsoleApplication13\ConsoleApplication13\Program.cs:line 19

  • 😞
  • Add a reference to the StrongNamer NuGet package
  • Start without debugging (CTRL+F5)

75 folks love the half ogre!

  • 🎆 😄 🎆

How does it work?

The NuGet package includes an MSBuild targets file and task which hook into the build process and add a strong name to any references which aren't strong named just before they are passed to the compiler.

The task uses Mono.Cecil to do this. Credit goes to Nivot.StrongNaming for showing me how to do this.

Options

You can conditionally disable automated signing of unsigned packages by setting the "DisableStrongNamer" property to "true". This is particularly useful if you have a custom build configuration for your application (e.g., you only wish for unsigned packages to be autosigned in specific environments).