From d72c4965095916ff4e5f8244b5243b8adbd5279d Mon Sep 17 00:00:00 2001 From: Jon Thysell Date: Fri, 17 Nov 2023 10:58:11 -0800 Subject: [PATCH] [0.68] Fix Secure Supply Chain compliance issues (#12386) ## Description This PR backports PRs #9990, #11548 and #11855 to 0.68 to resolve Secure Supply Chain warnings. ### Type of Change - Bug fix (non-breaking change which fixes an issue) ### Why While 0.68-stable has no recent feature work / bug fixes, the CI and publish pipelines still run, but are failing due to these compliance requirements. These failures prevent us from monitoring if there are actual build issues with these versions. ### What Fixed our usage of NuGet and NPM feeds to pass compliance tests. ## Screenshots N/A ## Testing N/A ## Changelog Should this change be included in the release notes: no --- .gitignore | 6 ++++++ GuardianCustomConfiguration.json | 3 +++ NuGet.Config | 6 ++---- ...s-cli-81517eff-3586-4693-8d07-0ff6bd9710b0.json | 7 +++++++ ...ndows-14a87dda-f285-4cd4-8a0f-b5aa9543cb9f.json | 7 +++++++ ...ndows-74880bf0-e7b0-4668-9148-3c7fbf28d4a9.json | 7 +++++++ .../cli/src/generator-windows/index.ts | 2 +- packages/e2e-test-app/.npmrc | 1 - packages/e2e-test-app/windows/NuGet.Config | 14 -------------- packages/integration-test-app/windows/NuGet.Config | 14 -------------- packages/playground/windows/NuGet.Config | 13 ------------- packages/sample-apps/.npmrc | 1 - packages/sample-apps/windows/NuGet.Config | 14 -------------- vnext/.npmrc | 1 - vnext/NuGet.Config | 14 -------------- .../shared-app/proj/{NuGet.Config => NuGet_Config} | 0 .../shared-lib/proj/{NuGet.Config => NuGet_Config} | 0 17 files changed, 33 insertions(+), 77 deletions(-) create mode 100644 GuardianCustomConfiguration.json create mode 100644 change/@react-native-windows-cli-81517eff-3586-4693-8d07-0ff6bd9710b0.json create mode 100644 change/react-native-windows-14a87dda-f285-4cd4-8a0f-b5aa9543cb9f.json create mode 100644 change/react-native-windows-74880bf0-e7b0-4668-9148-3c7fbf28d4a9.json delete mode 100644 packages/e2e-test-app/.npmrc delete mode 100644 packages/e2e-test-app/windows/NuGet.Config delete mode 100644 packages/integration-test-app/windows/NuGet.Config delete mode 100644 packages/playground/windows/NuGet.Config delete mode 100644 packages/sample-apps/.npmrc delete mode 100644 packages/sample-apps/windows/NuGet.Config delete mode 100644 vnext/.npmrc delete mode 100644 vnext/NuGet.Config rename vnext/template/shared-app/proj/{NuGet.Config => NuGet_Config} (100%) rename vnext/template/shared-lib/proj/{NuGet.Config => NuGet_Config} (100%) diff --git a/.gitignore b/.gitignore index dd140cf0549..c8c6bbe4817 100644 --- a/.gitignore +++ b/.gitignore @@ -33,6 +33,12 @@ node_modules # Optional REPL history .node_repl_history +# No NPM config to pass CFS compliance +.npmrc + +# We use yarn, not npm +package-lock.json + #React Native *AppPackages* *BundleArtifacts* diff --git a/GuardianCustomConfiguration.json b/GuardianCustomConfiguration.json new file mode 100644 index 00000000000..a13b148c28d --- /dev/null +++ b/GuardianCustomConfiguration.json @@ -0,0 +1,3 @@ +{ + "Enabled": false, +} diff --git a/NuGet.Config b/NuGet.Config index 37fd926fae7..9bbea8e6786 100644 --- a/NuGet.Config +++ b/NuGet.Config @@ -6,9 +6,7 @@ - + + - - - diff --git a/change/@react-native-windows-cli-81517eff-3586-4693-8d07-0ff6bd9710b0.json b/change/@react-native-windows-cli-81517eff-3586-4693-8d07-0ff6bd9710b0.json new file mode 100644 index 00000000000..a73cc8a3b3b --- /dev/null +++ b/change/@react-native-windows-cli-81517eff-3586-4693-8d07-0ff6bd9710b0.json @@ -0,0 +1,7 @@ +{ + "type": "patch", + "comment": "[0.68] Compliance: Rename template Nuget.config files to stop triggering multi-feed warnings", + "packageName": "@react-native-windows/cli", + "email": "jthysell@microsoft.com", + "dependentChangeType": "patch" +} diff --git a/change/react-native-windows-14a87dda-f285-4cd4-8a0f-b5aa9543cb9f.json b/change/react-native-windows-14a87dda-f285-4cd4-8a0f-b5aa9543cb9f.json new file mode 100644 index 00000000000..01fe610b6b1 --- /dev/null +++ b/change/react-native-windows-14a87dda-f285-4cd4-8a0f-b5aa9543cb9f.json @@ -0,0 +1,7 @@ +{ + "type": "patch", + "comment": "[0.68] Fix Secure Supply Chain compliance issues", + "packageName": "react-native-windows", + "email": "jthysell@microsoft.com", + "dependentChangeType": "patch" +} \ No newline at end of file diff --git a/change/react-native-windows-74880bf0-e7b0-4668-9148-3c7fbf28d4a9.json b/change/react-native-windows-74880bf0-e7b0-4668-9148-3c7fbf28d4a9.json new file mode 100644 index 00000000000..6f6578a53f7 --- /dev/null +++ b/change/react-native-windows-74880bf0-e7b0-4668-9148-3c7fbf28d4a9.json @@ -0,0 +1,7 @@ +{ + "type": "patch", + "comment": "[0.68] Compliance: Rename template Nuget.config files to stop triggering multi-feed warnings", + "packageName": "react-native-windows", + "email": "jthysell@microsoft.com", + "dependentChangeType": "patch" +} diff --git a/packages/@react-native-windows/cli/src/generator-windows/index.ts b/packages/@react-native-windows/cli/src/generator-windows/index.ts index cfd815a1735..a6c1132d304 100644 --- a/packages/@react-native-windows/cli/src/generator-windows/index.ts +++ b/packages/@react-native-windows/cli/src/generator-windows/index.ts @@ -343,7 +343,7 @@ export async function copyProjectTemplateAndReplace( const sharedProjMappings = []; sharedProjMappings.push({ - from: path.join(sharedPath, projDir, 'NuGet.Config'), + from: path.join(sharedPath, projDir, 'NuGet_Config'), to: path.join(windowsDir, 'NuGet.Config'), }); diff --git a/packages/e2e-test-app/.npmrc b/packages/e2e-test-app/.npmrc deleted file mode 100644 index 9cf9495031e..00000000000 --- a/packages/e2e-test-app/.npmrc +++ /dev/null @@ -1 +0,0 @@ -package-lock=false \ No newline at end of file diff --git a/packages/e2e-test-app/windows/NuGet.Config b/packages/e2e-test-app/windows/NuGet.Config deleted file mode 100644 index e5dd43a0afa..00000000000 --- a/packages/e2e-test-app/windows/NuGet.Config +++ /dev/null @@ -1,14 +0,0 @@ - - - - - - - - - - - - - - diff --git a/packages/integration-test-app/windows/NuGet.Config b/packages/integration-test-app/windows/NuGet.Config deleted file mode 100644 index e5dd43a0afa..00000000000 --- a/packages/integration-test-app/windows/NuGet.Config +++ /dev/null @@ -1,14 +0,0 @@ - - - - - - - - - - - - - - diff --git a/packages/playground/windows/NuGet.Config b/packages/playground/windows/NuGet.Config deleted file mode 100644 index b0fe52ba03f..00000000000 --- a/packages/playground/windows/NuGet.Config +++ /dev/null @@ -1,13 +0,0 @@ - - - - - - - - - - - - - diff --git a/packages/sample-apps/.npmrc b/packages/sample-apps/.npmrc deleted file mode 100644 index 9cf9495031e..00000000000 --- a/packages/sample-apps/.npmrc +++ /dev/null @@ -1 +0,0 @@ -package-lock=false \ No newline at end of file diff --git a/packages/sample-apps/windows/NuGet.Config b/packages/sample-apps/windows/NuGet.Config deleted file mode 100644 index e5dd43a0afa..00000000000 --- a/packages/sample-apps/windows/NuGet.Config +++ /dev/null @@ -1,14 +0,0 @@ - - - - - - - - - - - - - - diff --git a/vnext/.npmrc b/vnext/.npmrc deleted file mode 100644 index 9cf9495031e..00000000000 --- a/vnext/.npmrc +++ /dev/null @@ -1 +0,0 @@ -package-lock=false \ No newline at end of file diff --git a/vnext/NuGet.Config b/vnext/NuGet.Config deleted file mode 100644 index e5dd43a0afa..00000000000 --- a/vnext/NuGet.Config +++ /dev/null @@ -1,14 +0,0 @@ - - - - - - - - - - - - - - diff --git a/vnext/template/shared-app/proj/NuGet.Config b/vnext/template/shared-app/proj/NuGet_Config similarity index 100% rename from vnext/template/shared-app/proj/NuGet.Config rename to vnext/template/shared-app/proj/NuGet_Config diff --git a/vnext/template/shared-lib/proj/NuGet.Config b/vnext/template/shared-lib/proj/NuGet_Config similarity index 100% rename from vnext/template/shared-lib/proj/NuGet.Config rename to vnext/template/shared-lib/proj/NuGet_Config