diff --git a/NuGet.config b/NuGet.config
index 06c093eb27f8..b11f12cf40a0 100644
--- a/NuGet.config
+++ b/NuGet.config
@@ -4,7 +4,6 @@
-
@@ -14,7 +13,6 @@
-
@@ -22,19 +20,11 @@
-
-
-
-
-
-
-
-
@@ -61,17 +51,14 @@
-
-
-
diff --git a/eng/Version.Details.xml b/eng/Version.Details.xml
index a67a46182aea..9a9a3ff390ba 100644
--- a/eng/Version.Details.xml
+++ b/eng/Version.Details.xml
@@ -491,22 +491,22 @@
-
+
https://github.com/dotnet/arcade
- 2f70e458e03e348a3a1f3fd6b9b70b4fcd5ba596
+ 3edea53c9b10e4bc63de863d71a05d47d9bb5b69
-
+
https://github.com/dotnet/arcade
- 2f70e458e03e348a3a1f3fd6b9b70b4fcd5ba596
+ 3edea53c9b10e4bc63de863d71a05d47d9bb5b69
-
+
https://github.com/dotnet/arcade
- 2f70e458e03e348a3a1f3fd6b9b70b4fcd5ba596
+ 3edea53c9b10e4bc63de863d71a05d47d9bb5b69
-
+
https://github.com/dotnet/arcade
- 2f70e458e03e348a3a1f3fd6b9b70b4fcd5ba596
+ 3edea53c9b10e4bc63de863d71a05d47d9bb5b69
https://dev.azure.com/dnceng/internal/_git/dotnet-runtime
diff --git a/eng/Versions.props b/eng/Versions.props
index 92f0fd0e886b..37dc2716a135 100644
--- a/eng/Versions.props
+++ b/eng/Versions.props
@@ -36,7 +36,7 @@
8.0.0
4.0.0
8.0.0
- 8.0.0-beta.25415.2
+ 8.0.0-beta.25504.1
7.0.0-preview.22423.2
8.0.0
4.3.0
@@ -215,7 +215,7 @@
6.12.0
6.1.0
- 8.0.0-beta.25415.2
+ 8.0.0-beta.25504.1
4.18.4
1.3.2
8.0.0-beta.23607.1
diff --git a/eng/common/post-build/nuget-validation.ps1 b/eng/common/post-build/nuget-validation.ps1
index dab3534ab538..22b1c4dfe4a7 100644
--- a/eng/common/post-build/nuget-validation.ps1
+++ b/eng/common/post-build/nuget-validation.ps1
@@ -2,20 +2,13 @@
# tool: https://github.com/NuGet/NuGetGallery/tree/jver-verify/src/VerifyMicrosoftPackage
param(
- [Parameter(Mandatory=$true)][string] $PackagesPath, # Path to where the packages to be validated are
- [Parameter(Mandatory=$true)][string] $ToolDestinationPath # Where the validation tool should be downloaded to
+ [Parameter(Mandatory=$true)][string] $PackagesPath # Path to where the packages to be validated are
)
try {
. $PSScriptRoot\post-build-utils.ps1
- $url = 'https://raw.githubusercontent.com/NuGet/NuGetGallery/3e25ad135146676bcab0050a516939d9958bfa5d/src/VerifyMicrosoftPackage/verify.ps1'
-
- New-Item -ItemType 'directory' -Path ${ToolDestinationPath} -Force
-
- Invoke-WebRequest $url -OutFile ${ToolDestinationPath}\verify.ps1
-
- & ${ToolDestinationPath}\verify.ps1 ${PackagesPath}\*.nupkg
+ & $PSScriptRoot\nuget-verification.ps1 ${PackagesPath}\*.nupkg
}
catch {
Write-Host $_.ScriptStackTrace
diff --git a/eng/common/post-build/nuget-verification.ps1 b/eng/common/post-build/nuget-verification.ps1
new file mode 100644
index 000000000000..8467dbf8e7c2
--- /dev/null
+++ b/eng/common/post-build/nuget-verification.ps1
@@ -0,0 +1,121 @@
+<#
+.SYNOPSIS
+ Verifies that Microsoft NuGet packages have proper metadata.
+.DESCRIPTION
+ Downloads a verification tool and runs metadata validation on the provided NuGet packages. This script writes an
+ error if any of the provided packages fail validation. All arguments provided to this PowerShell script that do not
+ match PowerShell parameters are passed on to the verification tool downloaded during the execution of this script.
+.PARAMETER NuGetExePath
+ The path to the nuget.exe binary to use. If not provided, nuget.exe will be downloaded into the -DownloadPath
+ directory.
+.PARAMETER PackageSource
+ The package source to use to download the verification tool. If not provided, nuget.org will be used.
+.PARAMETER DownloadPath
+ The directory path to download the verification tool and nuget.exe to. If not provided,
+ %TEMP%\NuGet.VerifyNuGetPackage will be used.
+.PARAMETER args
+ Arguments that will be passed to the verification tool.
+.EXAMPLE
+ PS> .\verify.ps1 *.nupkg
+ Verifies the metadata of all .nupkg files in the currect working directory.
+.EXAMPLE
+ PS> .\verify.ps1 --help
+ Displays the help text of the downloaded verifiction tool.
+.LINK
+ https://github.com/NuGet/NuGetGallery/blob/master/src/VerifyMicrosoftPackage/README.md
+#>
+
+# This script was copied from https://github.com/NuGet/NuGetGallery/blob/3e25ad135146676bcab0050a516939d9958bfa5d/src/VerifyMicrosoftPackage/verify.ps1
+
+[CmdletBinding(PositionalBinding = $false)]
+param(
+ [string]$NuGetExePath,
+ [string]$PackageSource = "https://pkgs.dev.azure.com/dnceng/public/_packaging/dotnet-public/nuget/v3/index.json",
+ [string]$DownloadPath,
+ [Parameter(ValueFromRemainingArguments = $true)]
+ [string[]]$args
+)
+
+# The URL to download nuget.exe.
+$nugetExeUrl = "https://dist.nuget.org/win-x86-commandline/v4.9.4/nuget.exe"
+
+# The package ID of the verification tool.
+$packageId = "NuGet.VerifyMicrosoftPackage"
+
+# The location that nuget.exe and the verification tool will be downloaded to.
+if (!$DownloadPath) {
+ $DownloadPath = (Join-Path $env:TEMP "NuGet.VerifyMicrosoftPackage")
+}
+
+$fence = New-Object -TypeName string -ArgumentList '=', 80
+
+# Create the download directory, if it doesn't already exist.
+if (!(Test-Path $DownloadPath)) {
+ New-Item -ItemType Directory $DownloadPath | Out-Null
+}
+Write-Host "Using download path: $DownloadPath"
+
+if ($NuGetExePath) {
+ $nuget = $NuGetExePath
+} else {
+ $downloadedNuGetExe = Join-Path $DownloadPath "nuget.exe"
+
+ # Download nuget.exe, if it doesn't already exist.
+ if (!(Test-Path $downloadedNuGetExe)) {
+ Write-Host "Downloading nuget.exe from $nugetExeUrl..."
+ $ProgressPreference = 'SilentlyContinue'
+ try {
+ Invoke-WebRequest $nugetExeUrl -OutFile $downloadedNuGetExe
+ $ProgressPreference = 'Continue'
+ } catch {
+ $ProgressPreference = 'Continue'
+ Write-Error $_
+ Write-Error "nuget.exe failed to download."
+ exit
+ }
+ }
+
+ $nuget = $downloadedNuGetExe
+}
+
+Write-Host "Using nuget.exe path: $nuget"
+Write-Host " "
+
+# Download the latest version of the verification tool.
+Write-Host "Downloading the latest version of $packageId from $packageSource..."
+Write-Host $fence
+& $nuget install $packageId `
+ -Prerelease `
+ -OutputDirectory $DownloadPath `
+ -Source $PackageSource
+Write-Host $fence
+Write-Host " "
+
+if ($LASTEXITCODE -ne 0) {
+ Write-Error "nuget.exe failed to fetch the verify tool."
+ exit
+}
+
+# Find the most recently downloaded tool
+Write-Host "Finding the most recently downloaded verification tool."
+$verifyProbePath = Join-Path $DownloadPath "$packageId.*"
+$verifyPath = Get-ChildItem -Path $verifyProbePath -Directory `
+ | Sort-Object -Property LastWriteTime -Descending `
+ | Select-Object -First 1
+$verify = Join-Path $verifyPath "tools\NuGet.VerifyMicrosoftPackage.exe"
+Write-Host "Using verification tool: $verify"
+Write-Host " "
+
+# Execute the verification tool.
+Write-Host "Executing the verify tool..."
+Write-Host $fence
+& $verify $args
+Write-Host $fence
+Write-Host " "
+
+# Respond to the exit code.
+if ($LASTEXITCODE -ne 0) {
+ Write-Error "The verify tool found some problems."
+} else {
+ Write-Output "The verify tool succeeded."
+}
\ No newline at end of file
diff --git a/eng/common/templates-official/job/publish-build-assets.yml b/eng/common/templates-official/job/publish-build-assets.yml
index 7a320e9bab20..a99d79df863c 100644
--- a/eng/common/templates-official/job/publish-build-assets.yml
+++ b/eng/common/templates-official/job/publish-build-assets.yml
@@ -32,6 +32,8 @@ parameters:
repositoryAlias: self
+ officialBuildId: ''
+
jobs:
- job: Asset_Registry_Publish
@@ -52,6 +54,11 @@ jobs:
value: false
- ${{ if eq(parameters.publishAssetsImmediately, 'true') }}:
- template: /eng/common/templates-official/post-build/common-variables.yml
+ - name: OfficialBuildId
+ ${{ if ne(parameters.officialBuildId, '') }}:
+ value: ${{ parameters.officialBuildId }}
+ ${{ else }}:
+ value: $(Build.BuildNumber)
pool:
# We don't use the collection uri here because it might vary (.visualstudio.com vs. dev.azure.com)
@@ -93,7 +100,7 @@ jobs:
/p:ManifestsPath='$(Build.StagingDirectory)/Download/AssetManifests'
/p:MaestroApiEndpoint=https://maestro.dot.net
/p:PublishUsingPipelines=${{ parameters.publishUsingPipelines }}
- /p:OfficialBuildId=$(Build.BuildNumber)
+ /p:OfficialBuildId=$(OfficialBuildId)
condition: ${{ parameters.condition }}
continueOnError: ${{ parameters.continueOnError }}
diff --git a/eng/common/templates-official/job/source-build.yml b/eng/common/templates-official/job/source-build.yml
index 4217d6d8b148..7b9c58a90c5e 100644
--- a/eng/common/templates-official/job/source-build.yml
+++ b/eng/common/templates-official/job/source-build.yml
@@ -31,6 +31,9 @@ parameters:
# container and pool.
platform: {}
+ # Optional list of directories to ignore for component governance scans.
+ cgIgnoreDirectories: []
+
# If set to true and running on a non-public project,
# Internal blob storage locations will be enabled.
# This is not enabled by default because many repositories do not need internal sources
@@ -73,3 +76,4 @@ jobs:
- template: /eng/common/templates-official/steps/source-build.yml
parameters:
platform: ${{ parameters.platform }}
+ cgIgnoreDirectories: ${{ parameters.cgIgnoreDirectories }}
diff --git a/eng/common/templates-official/jobs/jobs.yml b/eng/common/templates-official/jobs/jobs.yml
index 803a95aacf4e..03aa64e1741f 100644
--- a/eng/common/templates-official/jobs/jobs.yml
+++ b/eng/common/templates-official/jobs/jobs.yml
@@ -41,6 +41,7 @@ parameters:
enableSourceIndex: false
sourceIndexParams: {}
repositoryAlias: self
+ officialBuildId: ''
# Internal resources (telemetry, microbuild) can only be accessed from non-public projects,
# and some (Microbuild) should only be applied to non-PR cases for internal builds.
@@ -97,3 +98,4 @@ jobs:
artifactsPublishingAdditionalParameters: ${{ parameters.artifactsPublishingAdditionalParameters }}
signingValidationAdditionalParameters: ${{ parameters.signingValidationAdditionalParameters }}
repositoryAlias: ${{ parameters.repositoryAlias }}
+ officialBuildId: ${{ parameters.officialBuildId }}
diff --git a/eng/common/templates-official/jobs/source-build.yml b/eng/common/templates-official/jobs/source-build.yml
index b9247be1547b..21a346fbd6c7 100644
--- a/eng/common/templates-official/jobs/source-build.yml
+++ b/eng/common/templates-official/jobs/source-build.yml
@@ -21,6 +21,9 @@ parameters:
# one job runs on 'defaultManagedPlatform'.
platforms: []
+ # Optional list of directories to ignore for component governance scans.
+ cgIgnoreDirectories: []
+
# If set to true and running on a non-public project,
# Internal nuget and blob storage locations will be enabled.
# This is not enabled by default because many repositories do not need internal sources
@@ -44,6 +47,7 @@ jobs:
parameters:
jobNamePrefix: ${{ parameters.jobNamePrefix }}
platform: ${{ platform }}
+ cgIgnoreDirectories: ${{ parameters.cgIgnoreDirectories }}
enableInternalSources: ${{ parameters.enableInternalSources }}
- ${{ if eq(length(parameters.platforms), 0) }}:
@@ -51,4 +55,5 @@ jobs:
parameters:
jobNamePrefix: ${{ parameters.jobNamePrefix }}
platform: ${{ parameters.defaultManagedPlatform }}
+ cgIgnoreDirectories: ${{ parameters.cgIgnoreDirectories }}
enableInternalSources: ${{ parameters.enableInternalSources }}
diff --git a/eng/common/templates-official/post-build/post-build.yml b/eng/common/templates-official/post-build/post-build.yml
index 9fef8103991c..817e2d80dea1 100644
--- a/eng/common/templates-official/post-build/post-build.yml
+++ b/eng/common/templates-official/post-build/post-build.yml
@@ -134,8 +134,7 @@ stages:
displayName: Validate
inputs:
filePath: $(System.DefaultWorkingDirectory)/eng/common/post-build/nuget-validation.ps1
- arguments: -PackagesPath $(Build.ArtifactStagingDirectory)/PackageArtifacts/
- -ToolDestinationPath $(Agent.BuildDirectory)/Extract/
+ arguments: -PackagesPath $(Build.ArtifactStagingDirectory)/PackageArtifacts/
- job:
displayName: Signing Validation
diff --git a/eng/common/templates-official/steps/source-build.yml b/eng/common/templates-official/steps/source-build.yml
index a69631446da2..b63043da4b9f 100644
--- a/eng/common/templates-official/steps/source-build.yml
+++ b/eng/common/templates-official/steps/source-build.yml
@@ -12,6 +12,9 @@ parameters:
# the usage of the properties on this object is split between the 'job' and 'steps' templates.
platform: {}
+ # Optional list of directories to ignore for component governance scans.
+ cgIgnoreDirectories: []
+
steps:
# Build. Keep it self-contained for simple reusability. (No source-build-specific job variables.)
- script: |
@@ -126,4 +129,7 @@ steps:
- task: ComponentGovernanceComponentDetection@0
displayName: Component Detection (Exclude upstream cache)
inputs:
- ignoreDirectories: '$(System.DefaultWorkingDirectory)/artifacts/source-build/self/src/artifacts/obj/source-built-upstream-cache'
+ ${{ if eq(length(parameters.cgIgnoreDirectories), 0) }}:
+ ignoreDirectories: '$(System.DefaultWorkingDirectory)/artifacts/source-build/self/src/artifacts/obj/source-built-upstream-cache'
+ ${{ else }}:
+ ignoreDirectories: ${{ join(',', parameters.cgIgnoreDirectories) }}
diff --git a/eng/common/templates/job/publish-build-assets.yml b/eng/common/templates/job/publish-build-assets.yml
index 2956d8117f73..1fcdcc9adc34 100644
--- a/eng/common/templates/job/publish-build-assets.yml
+++ b/eng/common/templates/job/publish-build-assets.yml
@@ -32,6 +32,8 @@ parameters:
repositoryAlias: self
+ officialBuildId: ''
+
jobs:
- job: Asset_Registry_Publish
@@ -52,6 +54,11 @@ jobs:
value: false
- ${{ if eq(parameters.publishAssetsImmediately, 'true') }}:
- template: /eng/common/templates/post-build/common-variables.yml
+ - name: OfficialBuildId
+ ${{ if ne(parameters.officialBuildId, '') }}:
+ value: ${{ parameters.officialBuildId }}
+ ${{ else }}:
+ value: $(Build.BuildNumber)
pool:
# We don't use the collection uri here because it might vary (.visualstudio.com vs. dev.azure.com)
@@ -91,7 +98,7 @@ jobs:
/p:ManifestsPath='$(Build.StagingDirectory)/Download/AssetManifests'
/p:MaestroApiEndpoint=https://maestro.dot.net
/p:PublishUsingPipelines=${{ parameters.publishUsingPipelines }}
- /p:OfficialBuildId=$(Build.BuildNumber)
+ /p:OfficialBuildId=$(OfficialBuildId)
condition: ${{ parameters.condition }}
continueOnError: ${{ parameters.continueOnError }}
diff --git a/eng/common/templates/job/source-build.yml b/eng/common/templates/job/source-build.yml
index c48f95d93d91..97021335cfc4 100644
--- a/eng/common/templates/job/source-build.yml
+++ b/eng/common/templates/job/source-build.yml
@@ -31,6 +31,9 @@ parameters:
# container and pool.
platform: {}
+ # Optional list of directories to ignore for component governance scans.
+ cgIgnoreDirectories: []
+
# If set to true and running on a non-public project,
# Internal blob storage locations will be enabled.
# This is not enabled by default because many repositories do not need internal sources
@@ -72,3 +75,4 @@ jobs:
- template: /eng/common/templates/steps/source-build.yml
parameters:
platform: ${{ parameters.platform }}
+ cgIgnoreDirectories: ${{ parameters.cgIgnoreDirectories }}
diff --git a/eng/common/templates/jobs/jobs.yml b/eng/common/templates/jobs/jobs.yml
index 34387a8c7acd..7eafc256758f 100644
--- a/eng/common/templates/jobs/jobs.yml
+++ b/eng/common/templates/jobs/jobs.yml
@@ -41,6 +41,7 @@ parameters:
enableSourceIndex: false
sourceIndexParams: {}
repositoryAlias: self
+ officialBuildId: ''
# Internal resources (telemetry, microbuild) can only be accessed from non-public projects,
# and some (Microbuild) should only be applied to non-PR cases for internal builds.
@@ -97,3 +98,4 @@ jobs:
artifactsPublishingAdditionalParameters: ${{ parameters.artifactsPublishingAdditionalParameters }}
signingValidationAdditionalParameters: ${{ parameters.signingValidationAdditionalParameters }}
repositoryAlias: ${{ parameters.repositoryAlias }}
+ officialBuildId: ${{ parameters.officialBuildId }}
diff --git a/eng/common/templates/jobs/source-build.yml b/eng/common/templates/jobs/source-build.yml
index 3ec997108107..4dde599add97 100644
--- a/eng/common/templates/jobs/source-build.yml
+++ b/eng/common/templates/jobs/source-build.yml
@@ -21,6 +21,9 @@ parameters:
# one job runs on 'defaultManagedPlatform'.
platforms: []
+ # Optional list of directories to ignore for component governance scans.
+ cgIgnoreDirectories: []
+
# If set to true and running on a non-public project,
# Internal nuget and blob storage locations will be enabled.
# This is not enabled by default because many repositories do not need internal sources
@@ -44,6 +47,7 @@ jobs:
parameters:
jobNamePrefix: ${{ parameters.jobNamePrefix }}
platform: ${{ platform }}
+ cgIgnoreDirectories: ${{ parameters.cgIgnoreDirectories }}
enableInternalSources: ${{ parameters.enableInternalSources }}
- ${{ if eq(length(parameters.platforms), 0) }}:
@@ -51,4 +55,5 @@ jobs:
parameters:
jobNamePrefix: ${{ parameters.jobNamePrefix }}
platform: ${{ parameters.defaultManagedPlatform }}
+ cgIgnoreDirectories: ${{ parameters.cgIgnoreDirectories }}
enableInternalSources: ${{ parameters.enableInternalSources }}
diff --git a/eng/common/templates/post-build/post-build.yml b/eng/common/templates/post-build/post-build.yml
index 6e5722dc2e17..ea1785a8aa26 100644
--- a/eng/common/templates/post-build/post-build.yml
+++ b/eng/common/templates/post-build/post-build.yml
@@ -132,7 +132,6 @@ stages:
inputs:
filePath: $(System.DefaultWorkingDirectory)/eng/common/post-build/nuget-validation.ps1
arguments: -PackagesPath $(Build.ArtifactStagingDirectory)/PackageArtifacts/
- -ToolDestinationPath $(Agent.BuildDirectory)/Extract/
- job:
displayName: Signing Validation
diff --git a/eng/common/templates/steps/source-build.yml b/eng/common/templates/steps/source-build.yml
index 4fb5643e5ded..ae06b26ea373 100644
--- a/eng/common/templates/steps/source-build.yml
+++ b/eng/common/templates/steps/source-build.yml
@@ -12,6 +12,9 @@ parameters:
# the usage of the properties on this object is split between the 'job' and 'steps' templates.
platform: {}
+ # Optional list of directories to ignore for component governance scans.
+ cgIgnoreDirectories: []
+
steps:
# Build. Keep it self-contained for simple reusability. (No source-build-specific job variables.)
- script: |
@@ -126,4 +129,7 @@ steps:
- task: ComponentGovernanceComponentDetection@0
displayName: Component Detection (Exclude upstream cache)
inputs:
- ignoreDirectories: '$(System.DefaultWorkingDirectory)/artifacts/source-build/self/src/artifacts/obj/source-built-upstream-cache'
+ ${{ if eq(length(parameters.cgIgnoreDirectories), 0) }}:
+ ignoreDirectories: '$(System.DefaultWorkingDirectory)/artifacts/source-build/self/src/artifacts/obj/source-built-upstream-cache'
+ ${{ else }}:
+ ignoreDirectories: ${{ join(',', parameters.cgIgnoreDirectories) }}
diff --git a/global.json b/global.json
index 35c55ef5902d..0b7ae0dd1ace 100644
--- a/global.json
+++ b/global.json
@@ -1,6 +1,6 @@
{
"tools": {
- "dotnet": "8.0.119",
+ "dotnet": "8.0.120",
"runtimes": {
"dotnet": [
"$(VSRedistCommonNetCoreSharedFrameworkx6480PackageVersion)"
@@ -14,7 +14,7 @@
}
},
"msbuild-sdks": {
- "Microsoft.DotNet.Arcade.Sdk": "8.0.0-beta.25415.2",
- "Microsoft.DotNet.Helix.Sdk": "8.0.0-beta.25415.2"
+ "Microsoft.DotNet.Arcade.Sdk": "8.0.0-beta.25504.1",
+ "Microsoft.DotNet.Helix.Sdk": "8.0.0-beta.25504.1"
}
}
diff --git a/src/ApiCompat/Microsoft.DotNet.ApiCompat.Tool/Microsoft.DotNet.ApiCompat.Tool.csproj b/src/ApiCompat/Microsoft.DotNet.ApiCompat.Tool/Microsoft.DotNet.ApiCompat.Tool.csproj
index a8775a32bd72..4b3195a0ac2d 100644
--- a/src/ApiCompat/Microsoft.DotNet.ApiCompat.Tool/Microsoft.DotNet.ApiCompat.Tool.csproj
+++ b/src/ApiCompat/Microsoft.DotNet.ApiCompat.Tool/Microsoft.DotNet.ApiCompat.Tool.csproj
@@ -7,6 +7,8 @@
enable
Open
true
+
+ $(NoWarn);NETSDK1138
true
true
diff --git a/src/GenAPI/Microsoft.DotNet.GenAPI.Tool/Microsoft.DotNet.GenAPI.Tool.csproj b/src/GenAPI/Microsoft.DotNet.GenAPI.Tool/Microsoft.DotNet.GenAPI.Tool.csproj
index abc87d57ecc5..809f9d6bc423 100644
--- a/src/GenAPI/Microsoft.DotNet.GenAPI.Tool/Microsoft.DotNet.GenAPI.Tool.csproj
+++ b/src/GenAPI/Microsoft.DotNet.GenAPI.Tool/Microsoft.DotNet.GenAPI.Tool.csproj
@@ -7,6 +7,8 @@
enable
Open
true
+
+ $(NoWarn);NETSDK1138
true
true