PackageSigning - "nuget.exe sign" - Allow package authors to sign packages #5904
Assignees
Labels
Milestone
Comments
mishra14
pushed a commit
to NuGet/NuGet.Client
that referenced
this issue
Oct 20, 2017
## Bug Link: Contributes to NuGet/Home#5904 Regression: No ## Fix Details: Adds a top level command to NuGet.exe to allow authors to sign packages with fake signing. The behavior is documented in the [spec](https://github.com/NuGet/Home/wiki/NuGet-Sign-Command). ## Testing/Validation Tests Added: Yes Validation done: Manually tested NuGet.exe
|
Current implementation for fake/mock signing is into the feature branch. Will get back to this after the signing APIs are ready. Updating estimate to reflect the new milestone. |
rrelyea
changed the title
This was referenced Nov 13, 2017
mishra14
pushed a commit
to NuGet/NuGet.Client
that referenced
this issue
Nov 29, 2017
…ign command (#1824) ## Bug Fixes: NuGet/Home#5904 Regression: No ## Fix Details: This PR adds support in sign command to allow users to interactively type pfx file password securely. To allow this I have added `IPasswordProvider.cs` and its implementation `ConsolePasswordProvider.cs` that allows `SignCommandRunner` to read password from console in `-NonInteractive` mode. The underlying implementation comes from `IConsole.ReadSecureString`. I have also added some tests using pfx files and done some cleanup in the test code. ## Testing/Validation Tests Added: Yes Validation done: manual testing with pfx files.
|
Last piece checked in with NuGet/NuGet.Client@065262c |
rrelyea
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Goal: As part of the larger package signing task, we need to add support to allow package authors to sign their packages before publishing.
Spec: In review - #5907
The text was updated successfully, but these errors were encountered: