Skip to content

Backport 5.2 | Nuget Audit Sources #3320

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 2, 2025
Merged

Backport 5.2 | Nuget Audit Sources #3320

merged 1 commit into from
May 2, 2025

Conversation

@benrr101
Copy link
Contributor

@benrr101 benrr101 commented May 1, 2025
edited
Loading

Description: This is a simple backport of the Nuget Audit settings from the main branch to the 5.2 branch. There is a slight change from the implementation in main, since technically the <nugetaudit> tag does not support the condition attribute. The solution is to move it to its own property group. This eliminates an IDE warning when editing the file in an IDE.

Reminder that the reason for disabling auditing on official builds is that the official builds are only allowed to access central feed services (ie, ADO artifacts). The nuget audit by default uses nuget.org. Accessing nuget.org from an official build causes the S360 errors.

Testing: Everything still builds locally as expected. I will kick off an official build against this branch to ensure it does not raise a S360 error.
https://sqlclientdrivers.visualstudio.com/ADO.Net/_build/results?buildId=114569

@benrr101 benrr101 added the Area\Engineering Use this for issues that are targeted for changes in the 'eng' folder or build systems. label May 1, 2025
@benrr101 benrr101 requested a review from a team May 1, 2025 20:57
@cheenamalhotra cheenamalhotra merged commit 96b33b6 into release/5.2 May 2, 2025
140 of 142 checks passed
@cheenamalhotra cheenamalhotra deleted the dev/russellben/5.2-audit-flag branch May 2, 2025 22:23
@codecov
Copy link

codecov bot commented May 2, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 72.55%. Comparing base (1c0b2f6) to head (9b50894).
Report is 1 commits behind head on release/5.2.

Additional details and impacted files 
@@               Coverage Diff               @@
##           release/5.2    #3320      +/-   ##
===============================================
- Coverage        72.62%   72.55%   -0.07%     
===============================================
  Files              310      310              
  Lines            61933    61933              
===============================================
- Hits             44976    44938      -38     
- Misses           16957    16995      +38
Flag Coverage Δ
addons 92.88% <ø> (ø)
netcore 76.79% <ø> (-0.19%) ⬇️
netfx 70.27% <ø> (+0.07%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cheenamalhotra cheenamalhotra cheenamalhotra approved these changes

Assignees

No one assigned

Labels

Area\Engineering Use this for issues that are targeted for changes in the 'eng' folder or build systems.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@benrr101 @cheenamalhotra