Add refreshed Store source certs #3149
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
JohnMcPMS
approved these changes
Apr 13, 2023
yao-msft
added a commit
that referenced
this pull request
Apr 14, 2023
ryfu-msft
pushed a commit
that referenced
this pull request
May 31, 2023
skanda890
pushed a commit
to skanda890/winget-cli
that referenced
this pull request
Jul 16, 2024
skanda890
pushed a commit
to skanda890/winget-cli
that referenced
this pull request
Jul 16, 2024
skanda890
pushed a commit
to skanda890/winget-cli
that referenced
this pull request
Jul 17, 2024
skanda890
pushed a commit
to skanda890/winget-cli
that referenced
this pull request
Jul 17, 2024
skanda890
pushed a commit
to skanda890/winget-cli
that referenced
this pull request
Jul 17, 2024
skanda890
pushed a commit
to skanda890/winget-cli
that referenced
this pull request
Jul 17, 2024
skanda890
pushed a commit
to skanda890/winget-cli
that referenced
this pull request
Jul 17, 2024
skanda890
pushed a commit
to skanda890/winget-cli
that referenced
this pull request
Jul 17, 2024
skanda890
pushed a commit
to skanda890/winget-cli
that referenced
this pull request
Jul 17, 2024
skanda890
pushed a commit
to skanda890/winget-cli
that referenced
this pull request
Jul 17, 2024
skanda890
pushed a commit
to skanda890/winget-cli
that referenced
this pull request
Jul 17, 2024
skanda890
pushed a commit
to skanda890/winget-cli
that referenced
this pull request
Jul 17, 2024
skanda890
added a commit
to skanda890/winget-cli
that referenced
this pull request
Jul 17, 2024
* Add sbomBuildDropPath to correct sbom manifest generation problem * Enable nuget publish outputs to pipeline for final PR review * Set sbomBuildDropPath to parent drop directory to check sbom manifest issue resolution. * [user/masudars/Azure_Pipelines_Nuget_To_1ES_Migration bf669bb] Merge branch 'user/masudars/Azure_Pipelines_Nuget_To_1ES_Migration' of https://github.com/microsoft/winget-cli into user/masudars/Azure_Pipelines_Nuget_To_1ES_Migration * Resolve spellcheck error by adding �sbom� to expect.txt * Disable warnings in external projects * Update azure-pipelines.yml for Azure Pipelines * update binskim glob pattern * Simplify vcxprojs with Directory.Build.props * Fix build errors * Fix build errors * Always publish analysis logs * Enable codeql * standardize pragma warnings * Restore external project changes * test * spelling * Revert "test" This reverts commit 5444473. * Some more errors from static analysis * Fix warnings in test project * run codql manually * Fix more warnings * always run static analysis for testing * More warnings * Disable tests for quicker testing * Supress warning in test project * Fix test * Show available space * Fix codeql call * Try disabling binskim required flags * Reeenable conformance mode * Continue on error * Only PREFast * Only SDL check * Only CETCompat * Only ControlFlow guard * CodeQL * only ControlFlowGuard * only CETCompat * Only SDLCheck * Only spectre * Enable all binskim configs * Disable binskim config * Clean up pipeline * Clean up directory.build.props * Remove unneeded condition * Log space used by pipeline * Delete IntDir * Suppress warnings in external projects * Disable deletion * Update version to 1.1 * Disable test hooks fixes * Rearrange choices for ARP changes (microsoft#1630) * Add rest interface 1.4 to supported list (microsoft#2853) * Add refreshed Store source certs (microsoft#3149) * Revert "Use check-spelling/check-spelling@v0.0.20 (microsoft#2467)" This reverts commit ba0b9fc. * Update localization strings (microsoft#1845) * cherry-pick commit 2491b6b * Add refreshed Store source certs (microsoft#3149) * Don't read past the end of the HTTP stream (microsoft#3300) * Do not attempt post install ARP correlation if PackageFamilyName is provided and present for the user (microsoft#3391) The simple change is to not attempt the confidence interval-based correlation after installing an installer that has a `PackageFamilyName` value present, when that family name is found to be registered for the user. * Populate missing ManifestVersion for manifest from rest source and make PackageFamilyName and installer type manifest validation warning (microsoft#3460) (microsoft#3474) * Revert "Remove debug flags to unblock utils nuget release (microsoft#4030) (microsoft#4127)" This reverts commit 177aec7. * No CodeQL * Add missing manifest fields * Added all missing fields * Added more test asserts * Add all properties to tests * Update README.md * Update PRIVACY.md * Update CODE_OF_CONDUCT.md * Update SECURITY.md * Update CONTRIBUTING.md * remove x86 for fuzzing * Update README.md Mistakes * Update README.md * Update README.md * Update README.md * Update README.md * Update Microsoft.Management.Configuration.UnitTests.csproj * fix: src/Microsoft.Management.Configuration.UnitTests/Microsoft.Management.Configuration.UnitTests.csproj to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-DOTNET-MICROSOFTWINDOWSCOMPATIBILITY-5708425 - https://snyk.io/vuln/SNYK-DOTNET-SYSTEMDATASQLCLIENT-6149433 - https://snyk.io/vuln/SNYK-DOTNET-SYSTEMSECURITYCRYPTOGRAPHYPKCS-5708426 * Update README.md * Update PULL_REQUEST_TEMPLATE.md * Update Feature_Request.yml * Update README.md Co-authored-by: Kaleb Luedtke <trenlymc@gmail.com> * Update PULL_REQUEST_TEMPLATE.md * Update Feature_Request.yml * Revert "[Snyk] Security upgrade Microsoft.PowerShell.SDK from 7.2.8 to 7.2.18" * fix: src/AppInstallerCLIE2ETests/AppInstallerCLIE2ETests.csproj to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-DOTNET-SYSTEMDATASQLCLIENT-6149433 * Revert "[Snyk] Security upgrade Microsoft.PowerShell.SDK from 7.2.8 to 7.2.18" * Revert "Update AppInstallerCLIE2ETests.csproj" * Revert "Revert "Update AppInstallerCLIE2ETests.csproj"" * fix: src/AppInstallerCLIE2ETests/AppInstallerCLIE2ETests.csproj to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-DOTNET-SYSTEMDATASQLCLIENT-6149433 * Update Microsoft.Management.Configuration.UnitTests.csproj * Update README.md * Update README.md * Update README.md * fix: src/Microsoft.Management.Configuration.UnitTests/Microsoft.Management.Configuration.UnitTests.csproj to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-DOTNET-MICROSOFTWINDOWSCOMPATIBILITY-5708425 - https://snyk.io/vuln/SNYK-DOTNET-SYSTEMDATASQLCLIENT-6149433 - https://snyk.io/vuln/SNYK-DOTNET-SYSTEMSECURITYCRYPTOGRAPHYPKCS-5708426 * Update README.md * Update README.md * Add refreshed Store source certs (microsoft#3149) * Base copy v1.7.0 on yaml manifest schema files from v1.6.0 * Renamed schema files copied from v1.6.0 to match v1.7.0 * Updated version from 1.6.0 to 1.7.0 within the content of renamed schema files * Reverted to json draft-07 for manifest schemas based on pull request microsoft#3875 * Correct typo in draft-07 schema URL. * Resolve spell check bot report issue by adding �Azure-Pipelines-1ESPT-ExDShared� to expected.txt * Resolve downstream spelling check errors by adding �1ESPT� and �ExDShared� to expect.txt * Add �gdnsuppress� and �cloudai� to expect.txt to correct spellcheck errors * Set sbomBuildDropPath to parent drop directory to check sbom manifest issue resolution. * [user/masudars/Azure_Pipelines_Nuget_To_1ES_Migration bf669bb] Merge branch 'user/masudars/Azure_Pipelines_Nuget_To_1ES_Migration' of https://github.com/microsoft/winget-cli into user/masudars/Azure_Pipelines_Nuget_To_1ES_Migration * Disable warnings in external projects * Simplify vcxprojs with Directory.Build.props * Fix build errors * Fix build errors * Always publish analysis logs * Enable codeql * standardize pragma warnings * Fix build errors * Restore external project changes * test * spelling * Revert "test" This reverts commit 5444473. * fix * Some more errors from static analysis * run codql manually * Fix more warnings * always run static analysis for testing * More warnings * Disable tests for quicker testing * Supress warning in test project * Fix test * Show available space * Fix codeql call * Try disabling binskim required flags * Reeenable conformance mode * Continue on error * Only PREFast * Only SDL check * Only CETCompat * Only ControlFlow guard * CodeQL * only ControlFlowGuard * only CETCompat * Only SDLCheck * Only spectre * Enable all binskim configs * Disable binskim config * Clean up pipeline * Clean up directory.build.props * No CodeQL * No CodeQL; all binSkim * Update PULL_REQUEST_TEMPLATE.md * Update Feature_Request.yml * Update Feature_Request.yml * Update PULL_REQUEST_TEMPLATE.md * Delete .github/fabricbot.json * Update azure-pipelines.nuget.yml * remove x86 for fuzzing * Add `.github/fabricbot.json` * Update README.md Mistakes * Update README.md * Update README.md * Update README.md * Update README.md * Update Microsoft.Management.Configuration.UnitTests.csproj * fix: src/Microsoft.Management.Configuration.UnitTests/Microsoft.Management.Configuration.UnitTests.csproj to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-DOTNET-MICROSOFTWINDOWSCOMPATIBILITY-5708425 - https://snyk.io/vuln/SNYK-DOTNET-SYSTEMDATASQLCLIENT-6149433 - https://snyk.io/vuln/SNYK-DOTNET-SYSTEMSECURITYCRYPTOGRAPHYPKCS-5708426 * Update README.md * Update PULL_REQUEST_TEMPLATE.md * Update Feature_Request.yml * Update README.md Co-authored-by: Kaleb Luedtke <trenlymc@gmail.com> * Update PULL_REQUEST_TEMPLATE.md * Update Feature_Request.yml * Revert "[Snyk] Security upgrade Microsoft.PowerShell.SDK from 7.2.8 to 7.2.18" * fix: src/AppInstallerCLIE2ETests/AppInstallerCLIE2ETests.csproj to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-DOTNET-SYSTEMDATASQLCLIENT-6149433 * Revert "[Snyk] Security upgrade Microsoft.PowerShell.SDK from 7.2.8 to 7.2.18" * Update AppInstallerCLIE2ETests.csproj * Revert "Update AppInstallerCLIE2ETests.csproj" * Revert "Revert "Update AppInstallerCLIE2ETests.csproj"" * fix: src/AppInstallerCLIE2ETests/AppInstallerCLIE2ETests.csproj to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-DOTNET-SYSTEMDATASQLCLIENT-6149433 * Update Microsoft.Management.Configuration.UnitTests.csproj * Update README.md * Update README.md * Update src/AppInstallerCLIE2ETests/AppInstallerCLIE2ETests.csproj Co-authored-by: Flor Chacón <14323496+florelis@users.noreply.github.com> * Update README.md * fix: src/Microsoft.Management.Configuration.UnitTests/Microsoft.Management.Configuration.UnitTests.csproj to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-DOTNET-MICROSOFTWINDOWSCOMPATIBILITY-5708425 - https://snyk.io/vuln/SNYK-DOTNET-SYSTEMDATASQLCLIENT-6149433 - https://snyk.io/vuln/SNYK-DOTNET-SYSTEMSECURITYCRYPTOGRAPHYPKCS-5708426 * Update README.md * Update README.md * fix: src/AppInstallerCLIE2ETests/AppInstallerCLIE2ETests.csproj to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-DOTNET-SYSTEMFORMATSASN1-7443633 * fix: src/AppInstallerCLIE2ETests/AppInstallerCLIE2ETests.csproj to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-DOTNET-SYSTEMSECURITYCRYPTOGRAPHYPKCS-5708426 * Base copy v1.7.0 on yaml manifest schema files from v1.6.0 * Renamed schema files copied from v1.6.0 to match v1.7.0 * Updated version from 1.6.0 to 1.7.0 within the content of renamed schema files * Reverted to json draft-07 for manifest schemas based on pull request microsoft#3875 * Correct typo in draft-07 schema URL. * Enable ControlFlowGuard for release configurations in AppInstallerTestExeInstaller.vcxproj This fix will address binskim error in build pipeline * Switch from pipelineArtifact to buildArtifact to fix root level directory write issue * Change to pipelineArtifact with an artifactName from for distinct artifact names in architecture builds * Add sbomBuildDropPath to correct sbom manifest generation problem * Enable nuget publish outputs to pipeline for final PR review * Set sbomBuildDropPath to parent drop directory to check sbom manifest issue resolution. * [user/masudars/Azure_Pipelines_Nuget_To_1ES_Migration bf669bb] Merge branch 'user/masudars/Azure_Pipelines_Nuget_To_1ES_Migration' of https://github.com/microsoft/winget-cli into user/masudars/Azure_Pipelines_Nuget_To_1ES_Migration * Added more test asserts * Add all properties to tests * Disable warnings in external projects * Simplify vcxprojs with Directory.Build.props * Fix build errors * Fix build errors * Enable codeql * standardize pragma warnings * Fix build errors * Restore external project changes * test * spelling * Revert "test" This reverts commit 5444473. * fix * Some more errors from static analysis * More warnings * Supress warning in test project * Try disabling binskim required flags * Reeenable conformance mode * Only PREFast * Only SDL check * Only CETCompat * Only ControlFlow guard * CodeQL * only ControlFlowGuard * only CETCompat * Only SDLCheck * Only spectre * Enable all binskim configs * Disable binskim config * Clean up pipeline * Clean up directory.build.props * No CodeQL; all binSkim * Update PULL_REQUEST_TEMPLATE.md * Update Feature_Request.yml * Update Feature_Request.yml * Update PULL_REQUEST_TEMPLATE.md * Delete .github/fabricbot.json * Update azure-pipelines.nuget.yml * Update README.md Mistakes * Update CODE_OF_CONDUCT.md * Update SECURITY.md * Update CONTRIBUTING.md * Pull in changes to specs that were accidentally removed --------- Co-authored-by: Madhusudhan Gumbalapura Sudarshan <masudars@microsoft.com> Co-authored-by: Madhusudhan Gumbalapura Sudarshan <Madhusudhan.Sudarshan@microsoft.com> Co-authored-by: Flor Elisa Chacon Ochoa <florch@microsoft.com> Co-authored-by: Flor Chacón <14323496+florelis@users.noreply.github.com> Co-authored-by: JohnMcPMS <johnmcp@microsoft.com> Co-authored-by: yao-msft <50888816+yao-msft@users.noreply.github.com> Co-authored-by: Ryan Fu <69221034+ryfu-msft@users.noreply.github.com> Co-authored-by: Ruben Guerrero <rubengu@microsoft.com> Co-authored-by: Akinwale Alagbe <akalagbe@microsoft.com> Co-authored-by: ryfu-msft <ryfu@microsoft.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Kaleb Luedtke <trenlymc@gmail.com> Co-authored-by: msftbot[bot] <48340428+msftbot[bot]@users.noreply.github.com> Co-authored-by: Kaleb Luedtke <jluedtk@jci.com>
2 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Verified manually that chain verification works as expected by reversing the orders of chain 1 and chain2, with only chain 1 and with only chain 2.
Microsoft Reviewers: Open in CodeFlow