v0.5: NativeAOT, threat model, release workflow#17
Merged
Conversation
PublishAot, InvariantGlobalization, StackTraceSupport, DebuggerSupport, EventSourceSupport, UseSystemResourceKeys per spec §4.9. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Expands the Appendix A sketch into a full threat model covering trust boundaries, untrusted inputs, terminal escape sanitization, --title handling, Markdown link policy, file access scope, plugin exclusion, DoS, and JSON output integrity. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
release-on-tg-release.yml: triggered by repository_dispatch from TG or manual workflow_dispatch for rollback patches. Builds AOT binaries for 6 RIDs (osx-arm64/x64, linux-x64/arm64, win-x64/arm64), runs all test suites, publishes to NuGet. Homebrew formula generation is a placeholder (build-from-source per D-012). Creates a failure issue on error. Decisions made: - linux-arm64 and win-arm64 use same-arch runners (ubuntu-22.04 and windows-2022) since GitHub doesn't yet offer dedicated ARM runners for all plans; cross-compile or upgrade when available. - WinGet publish deferred to a separate workflow since wingetcreate requires Windows-specific tooling and the manifest PR process is async (2-24h SLA). - Homebrew formula is a placeholder; actual bottle generation lands when gui-cs/homebrew-tap is created. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Clet.csprojper spec §4.9 (PublishAot,InvariantGlobalization,StackTraceSupport, etc.)docs/threat-model.md— expands the Appendix A sketch into a full document covering trust boundaries, untrusted inputs, terminal escape sanitization,--titlehandling, Markdown link policy, file access scope, plugin exclusion, DoS, and JSON output integrity.github/workflows/release-on-tg-release.ymlper spec §5.2-§5.5 — triggered byrepository_dispatchfrom TG or manualworkflow_dispatch; builds AOT binaries for 6 RIDs, runs all test suites, publishes to NuGet, creates failure issues on errorDecisions made
ubuntu-22.04andwindows-2022respectively. GitHub doesn't offer dedicated ARM runners for all plans; these will cross-compile or be upgraded when ARM runners are available.wingetcreaterequires Windows tooling and the manifest PR process is async (2-24h SLA from Microsoft's bot).gui-cs/homebrew-tapis created. Build-from-source per D-012.Issue #4 checkboxes ticked
Updated issue #4 to reflect completed items: all lock criteria, md viewer, link safety, Markdown help, open question #4, TG dependencies #5156/#5157/#5158.
No spec/decisions/runbook impact
The threat model is a new document (not a spec change). The release workflow implements spec §5.2-§5.5 as-designed. NativeAOT settings implement spec §4.9 as-designed.
Test plan
dotnet build --no-restore— 0 errors, 0 warnings🤖 Generated with Claude Code