Skip to content

Commit

Permalink
Merge branch 'main' into dependabot/nuget/System.Reactive-6.0.1
Browse files Browse the repository at this point in the history
  • Loading branch information
DaveTryon authored Oct 25, 2024
2 parents 7ebbd71 + eefdd8f commit 4c58393
Show file tree
Hide file tree
Showing 66 changed files with 2,752 additions and 204 deletions.
1 change: 1 addition & 0 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ updates:
directory: "/"
schedule:
interval: "daily"
open-pull-requests-limit: 30 # Default value of 5 is too low as we catch up

- package-ecosystem: "github-actions"
directory: "/"
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -28,12 +28,12 @@ jobs:
MINVERBUILDMETADATA: build.${{github.run_number}}

steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0

- name: Setup .NET
uses: actions/setup-dotnet@4d6c8fcf3c8f7a60068d26b594648e99df24cee3 # v4.0.0
uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0
with:
dotnet-version: |
6.0.x
Expand All @@ -43,6 +43,6 @@ jobs:
run: dotnet test --collect:"XPlat Code Coverage"

- name: Upload code coverage
uses: codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673 # v4.5.0
uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0
with:
token: ${{ secrets.CODECOV_TOKEN }}
24 changes: 13 additions & 11 deletions .github/workflows/codeql-analysis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,27 +11,29 @@ on:
env:
CODEQL_BUILD: True

permissions:
actions: read
contents: read
security-events: write

jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write

strategy:
fail-fast: false
matrix:
language: [ 'csharp' ]

steps:
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

- name: Initialize CodeQL
uses: github/codeql-action/init@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
with:
languages: csharp
uses: github/codeql-action/init@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0

- name: Autobuild
uses: github/codeql-action/autobuild@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
uses: github/codeql-action/autobuild@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
uses: github/codeql-action/analyze@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0
6 changes: 3 additions & 3 deletions .github/workflows/gen-docs.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,10 +16,10 @@ jobs:
gen-docs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

- name: Setup .NET
uses: actions/setup-dotnet@4d6c8fcf3c8f7a60068d26b594648e99df24cee3 # v4.0.0
uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0

- name: Generate docs
run: |
Expand All @@ -38,7 +38,7 @@ jobs:
EOF
- name: Commit
uses: stefanzweifel/git-auto-commit-action@8756aa072ef5b4a080af5dc8fef36c5d586e521d # v5.0.0
uses: stefanzweifel/git-auto-commit-action@8621497c8c39c72f3e2a999a26b4ca1b5058a842 # v5.0.1
with:
commit_message: 'Auto update docs/*.md'
file_pattern: 'docs/*.md'
Expand Down
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -189,6 +189,7 @@ PublishScripts/

# NuGet Packages
*.nupkg
*.nuspec
# NuGet Symbol Packages
*.snupkg
# The packages folder can be ignored because of Package Restore
Expand Down
66 changes: 33 additions & 33 deletions Directory.Build.props
Original file line number Diff line number Diff line change
@@ -1,44 +1,44 @@
<Project>

<PropertyGroup Label="Build">
<TargetFrameworks>net6.0;net8.0</TargetFrameworks>
<LangVersion>latest</LangVersion>
<ManagePackageVersionsCentrally>true</ManagePackageVersionsCentrally>
<RootNamespace>Microsoft.Sbom</RootNamespace>
<GeneratePackageOnBuild>True</GeneratePackageOnBuild>
<EnforceCodeStyleInBuild>true</EnforceCodeStyleInBuild>
<AnalysisLevel>latest</AnalysisLevel>
<AnalysisMode>AllEnabledByDefault</AnalysisMode>
<TreatWarningsAsErrors>true</TreatWarningsAsErrors>
<NoWarn>$(NoWarn);CA1014;CS8002;CA1416</NoWarn>
<SuppressNETCoreSdkPreviewMessage>true</SuppressNETCoreSdkPreviewMessage>
</PropertyGroup>
<PropertyGroup Label="Build">
<TargetFrameworks>net8.0</TargetFrameworks>
<LangVersion>latest</LangVersion>
<ManagePackageVersionsCentrally>true</ManagePackageVersionsCentrally>
<RootNamespace>Microsoft.Sbom</RootNamespace>
<GeneratePackageOnBuild>True</GeneratePackageOnBuild>
<EnforceCodeStyleInBuild>true</EnforceCodeStyleInBuild>
<AnalysisLevel>latest</AnalysisLevel>
<AnalysisMode>AllEnabledByDefault</AnalysisMode>
<TreatWarningsAsErrors>true</TreatWarningsAsErrors>
<NoWarn>$(NoWarn);CA1014;CS8002;CA1416</NoWarn>
<SuppressNETCoreSdkPreviewMessage>true</SuppressNETCoreSdkPreviewMessage>
</PropertyGroup>

<PropertyGroup Label="Package">
<Authors>Microsoft</Authors>
<Company>Microsoft</Company>
<Copyright>© Microsoft Corporation. All rights reserved.</Copyright>
<PackageRequireLicenseAcceptance>true</PackageRequireLicenseAcceptance>
<PackageLicenseExpression>MIT</PackageLicenseExpression>
<PackageProjectUrl>https://github.com/microsoft/sbom-tool</PackageProjectUrl>
<RepositoryUrl>https://github.com/microsoft/sbom-tool.git</RepositoryUrl>
<RepositoryType>git</RepositoryType>
<PackageReleaseNotes>https://github.com/microsoft/sbom-tool/releases</PackageReleaseNotes>
</PropertyGroup>
<PropertyGroup Label="Package">
<Authors>Microsoft</Authors>
<Company>Microsoft</Company>
<Copyright>© Microsoft Corporation. All rights reserved.</Copyright>
<PackageRequireLicenseAcceptance>true</PackageRequireLicenseAcceptance>
<PackageLicenseExpression>MIT</PackageLicenseExpression>
<PackageProjectUrl>https://github.com/microsoft/sbom-tool</PackageProjectUrl>
<RepositoryUrl>https://github.com/microsoft/sbom-tool.git</RepositoryUrl>
<RepositoryType>git</RepositoryType>
<PackageReleaseNotes>https://github.com/microsoft/sbom-tool/releases</PackageReleaseNotes>
</PropertyGroup>

<ItemGroup Label="Package References">
<PackageReference Include="Microsoft.VisualStudio.Threading.Analyzers" PrivateAssets="all"/>
<PackageReference Include="MinVer" PrivateAssets="all"/>
<PackageReference Include="StyleCop.Analyzers" PrivateAssets="all"/>
</ItemGroup>
<ItemGroup Label="Package References">
<PackageReference Include="Microsoft.VisualStudio.Threading.Analyzers" PrivateAssets="all"/>
<PackageReference Include="MinVer" PrivateAssets="all"/>
<PackageReference Include="StyleCop.Analyzers" PrivateAssets="all"/>
</ItemGroup>

<PropertyGroup Label="SourceLink Configuration">
<IncludeSourceRevisionInInformationalVersion>false</IncludeSourceRevisionInInformationalVersion>
</PropertyGroup>

<PropertyGroup Label="Strong Name Signing Variables">
<StrongNameSigningKeyFilePath>$(MSBuildThisFileDirectory)snsKey.snk</StrongNameSigningKeyFilePath>
<StrongNameSigningPublicKey>0024000004800000940000000602000000240000525341310004000001000100c1f8987b4994a7ec30c5ba8253a8a6322b40642ef9d5dbc96828bda61a5a8bf1fa1667ee6fdda72fc29b00686a2e8d37984c37ef90b2d51a5c8767c5e6fb35ff9d4516a77929626db1d06297f90c2950e87e1fcd335bd82d73e1c37d1da42afb1e41397be50aac74895b873a8bad90c2caee9d7c9e34b94ff255cb040630ad94</StrongNameSigningPublicKey>
</PropertyGroup>
<PropertyGroup Label="Strong Name Signing Variables">
<StrongNameSigningKeyFilePath>$(MSBuildThisFileDirectory)snsKey.snk</StrongNameSigningKeyFilePath>
<StrongNameSigningPublicKey>0024000004800000940000000602000000240000525341310004000001000100c1f8987b4994a7ec30c5ba8253a8a6322b40642ef9d5dbc96828bda61a5a8bf1fa1667ee6fdda72fc29b00686a2e8d37984c37ef90b2d51a5c8767c5e6fb35ff9d4516a77929626db1d06297f90c2950e87e1fcd335bd82d73e1c37d1da42afb1e41397be50aac74895b873a8bad90c2caee9d7c9e34b94ff255cb040630ad94</StrongNameSigningPublicKey>
</PropertyGroup>

</Project>
12 changes: 6 additions & 6 deletions Directory.Build.targets
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
<Project>

<Target Name="Versioning" BeforeTargets="MinVer">
<PropertyGroup Label="Build">
<MinVerDefaultPreReleaseIdentifiers>preview.0</MinVerDefaultPreReleaseIdentifiers>
<MinVerTagPrefix>v</MinVerTagPrefix>
</PropertyGroup>
</Target>
<Target Name="Versioning" BeforeTargets="MinVer">
<PropertyGroup Label="Build">
<MinVerDefaultPreReleaseIdentifiers>preview.0</MinVerDefaultPreReleaseIdentifiers>
<MinVerTagPrefix>v</MinVerTagPrefix>
</PropertyGroup>
</Target>

</Project>
119 changes: 64 additions & 55 deletions Directory.Packages.props
Original file line number Diff line number Diff line change
@@ -1,58 +1,67 @@
<!-- All csproj package references should not include version numbers. The version numbers are set using this props file. -->
<Project>
<ItemDefinitionGroup>
<PackageVersion>
<!-- Do not share compile-time dependencies transitively. This requires that all projects reference all packages -->
<PrivateAssets>Compile</PrivateAssets>
</PackageVersion>
</ItemDefinitionGroup>
<PropertyGroup>
<ComponentDetectionPackageVersion>4.2.2</ComponentDetectionPackageVersion>
</PropertyGroup>
<ItemGroup>
<PackageVersion Include="AutoMapper" Version="10.1.1" />
<PackageVersion Include="AutoMapper.Extensions.Microsoft.DependencyInjection" Version="8.1.1" />
<PackageVersion Include="coverlet.collector" Version="6.0.0" />
<PackageVersion Include="FluentAssertions" Version="6.12.0" />
<PackageVersion Include="MSTest.TestAdapter" Version="3.1.1" />
<PackageVersion Include="MSTest.TestFramework" Version="3.1.1" />
<PackageVersion Include="Microsoft.ComponentDetection.Common" Version="$(ComponentDetectionPackageVersion)" />
<PackageVersion Include="Microsoft.ComponentDetection.Contracts" Version="$(ComponentDetectionPackageVersion)" />
<PackageVersion Include="Microsoft.ComponentDetection.Detectors" Version="$(ComponentDetectionPackageVersion)" />
<PackageVersion Include="Microsoft.ComponentDetection.Orchestrator" Version="$(ComponentDetectionPackageVersion)" />
<PackageVersion Include="Microsoft.Extensions.DependencyInjection" Version="7.0.0" />
<PackageVersion Include="Microsoft.Extensions.DependencyInjection.Abstractions" Version="8.0.0" />
<PackageVersion Include="Microsoft.Extensions.Hosting" Version="7.0.1" />
<PackageVersion Include="Microsoft.Extensions.Http" Version="7.0.0" />
<PackageVersion Include="Microsoft.Extensions.Logging.Abstractions" Version="7.0.1" />
<PackageVersion Include="Microsoft.NET.Test.Sdk" Version="17.7.2" />
<PackageVersion Include="Microsoft.SourceLink.GitHub" Version="1.1.1" />
<PackageVersion Include="Microsoft.VisualStudio.Threading.Analyzers" Version="17.7.30" />
<PackageVersion Include="MinVer" Version="4.3.0" />
<PackageVersion Include="Mono.Posix.NETStandard" Version="1.0.0" Condition="'$(TargetFramework)' == 'net6.0'"/>
<PackageVersion Include="Moq" Version="4.17.2" />
<PackageVersion Include="Newtonsoft.Json" Version="13.0.3" />
<PackageVersion Include="NuGet.Configuration" Version="6.9.1" />
<PackageVersion Include="NuGet.Frameworks" Version="6.9.1" />
<PackageVersion Include="packageurl-dotnet" Version="1.1.0" />
<PackageVersion Include="PowerArgs" Version="3.6.0" />
<PackageVersion Include="Scrutor" Version="4.2.0" />
<PackageVersion Include="Serilog.Extensions.Hosting" Version="7.0.0" />
<PackageVersion Include="Serilog.Sinks.Async" Version="1.5.0" />
<PackageVersion Include="Serilog.Sinks.Console" Version="4.1.0" />
<PackageVersion Include="Serilog.Sinks.File" Version="5.0.0" />
<PackageVersion Include="Serilog.Sinks.Map" Version="1.0.2" />
<PackageVersion Include="Spectre.Console.Cli" Version="0.48.0" />
<PackageVersion Include="StyleCop.Analyzers" Version="1.2.0-beta.507" />
<PackageVersion Include="System.IO.FileSystem.AccessControl" Version="5.0.0" />
<PackageVersion Include="System.Linq.Async" Version="6.0.1" />
<PackageVersion Include="System.Memory" Version="4.5.5" />
<PackageVersion Include="System.Private.Uri" Version="4.3.2" />
<PackageVersion Include="System.Reactive" Version="6.0.1" />
<PackageVersion Include="System.Runtime.Loader" Version="4.3.0" />
<PackageVersion Include="System.Text.Json" Version="7.0.3" />
<PackageVersion Include="System.Threading.Channels" Version="6.0.0" />
<PackageVersion Include="System.Threading.Tasks.Dataflow" Version="4.11.1" />
<PackageVersion Include="System.Threading.Tasks.Extensions" Version="4.5.4" />
</ItemGroup>
<ItemDefinitionGroup>
<PackageVersion>
<!-- Do not share compile-time dependencies transitively. This requires that all projects reference all packages -->
<PrivateAssets>Compile</PrivateAssets>
</PackageVersion>
</ItemDefinitionGroup>
<PropertyGroup>
<ComponentDetectionPackageVersion>5.1.5</ComponentDetectionPackageVersion>
</PropertyGroup>
<ItemGroup>
<PackageVersion Include="AutoMapper" Version="10.1.1" />
<PackageVersion Include="AutoMapper.Extensions.Microsoft.DependencyInjection" Version="8.1.1" />
<PackageVersion Include="coverlet.collector" Version="6.0.2" />
<PackageVersion Include="FluentAssertions" Version="6.12.1" />
<PackageVersion Include="Microsoft.Build" Version="17.10.4" />
<PackageVersion Include="Microsoft.Build.Framework" Version="17.11.4" />
<PackageVersion Include="Microsoft.Build.Locator" Version="1.7.8" />
<PackageVersion Include="Microsoft.Build.Utilities.Core" Version="17.11.4" />
<PackageVersion Include="Microsoft.CSharp" Version="4.7.0" />
<PackageVersion Include="Microsoft.Extensions.Caching.Memory" Version="8.0.1" />
<PackageVersion Include="Microsoft.Extensions.DependencyModel" Version="8.0.2" />
<PackageVersion Include="MSTest.TestAdapter" Version="3.6.1" />
<PackageVersion Include="MSTest.TestFramework" Version="3.6.1" />
<PackageVersion Include="Microsoft.ComponentDetection.Common" Version="$(ComponentDetectionPackageVersion)" />
<PackageVersion Include="Microsoft.ComponentDetection.Contracts" Version="$(ComponentDetectionPackageVersion)" />
<PackageVersion Include="Microsoft.ComponentDetection.Detectors" Version="$(ComponentDetectionPackageVersion)" />
<PackageVersion Include="Microsoft.ComponentDetection.Orchestrator" Version="$(ComponentDetectionPackageVersion)" />
<PackageVersion Include="Microsoft.Extensions.DependencyInjection" Version="8.0.1" />
<PackageVersion Include="Microsoft.Extensions.DependencyInjection.Abstractions" Version="8.0.2" />
<PackageVersion Include="Microsoft.Extensions.Hosting" Version="8.0.1" />
<PackageVersion Include="Microsoft.Extensions.Http" Version="8.0.1" />
<PackageVersion Include="Microsoft.Extensions.Logging.Abstractions" Version="8.0.2" />
<PackageVersion Include="Microsoft.IO.Redist" Version="6.0.1" />
<PackageVersion Include="Microsoft.NET.Test.Sdk" Version="17.11.1" />
<PackageVersion Include="Microsoft.SourceLink.GitHub" Version="8.0.0" />
<PackageVersion Include="Microsoft.VisualStudio.Threading.Analyzers" Version="17.11.20" />
<PackageVersion Include="MinVer" Version="6.0.0" />
<PackageVersion Include="Moq" Version="4.20.72" />
<PackageVersion Include="Newtonsoft.Json" Version="13.0.3" />
<PackageVersion Include="NuGet.Configuration" Version="6.11.1" />
<PackageVersion Include="NuGet.Frameworks" Version="6.11.1" />
<PackageVersion Include="NuGet.ProjectModel" Version="6.11.1" />
<PackageVersion Include="packageurl-dotnet" Version="1.1.0" />
<PackageVersion Include="PowerArgs" Version="3.6.0" />
<PackageVersion Include="Scrutor" Version="5.0.1" />
<PackageVersion Include="Serilog.Extensions.Hosting" Version="8.0.0" />
<PackageVersion Include="Serilog.Sinks.Async" Version="2.0.0" />
<PackageVersion Include="Serilog.Sinks.Console" Version="6.0.0" />
<PackageVersion Include="Serilog.Sinks.File" Version="6.0.0" />
<PackageVersion Include="Serilog.Sinks.Map" Version="2.0.0" />
<PackageVersion Include="Spectre.Console.Cli" Version="0.49.1" />
<PackageVersion Include="StyleCop.Analyzers" Version="1.2.0-beta.556" />
<PackageVersion Include="System.IO.Compression" Version="4.3.0" />
<PackageVersion Include="System.IO.FileSystem.AccessControl" Version="5.0.0" />
<PackageVersion Include="System.Linq.Async" Version="6.0.1" />
<PackageVersion Include="System.Memory" Version="4.5.5" />
<PackageVersion Include="System.Private.Uri" Version="4.3.2" />
<PackageVersion Include="System.Reactive" Version="6.0.1
<PackageVersion Include="System.Runtime.Loader" Version="4.3.0" />
<PackageVersion Include="System.Text.Json" Version="8.0.5" />
<PackageVersion Include="System.Threading.Channels" Version="6.0.0" />
<PackageVersion Include="System.Threading.Tasks.Dataflow" Version="8.0.1" />
<PackageVersion Include="System.Threading.Tasks.Extensions" Version="4.5.4" />
</ItemGroup>
</Project>
2 changes: 1 addition & 1 deletion Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ WORKDIR /app/src/Microsoft.Sbom.Tool
ARG RUNTIME=linux-x64
RUN dotnet publish -f net8.0 -r $RUNTIME --self-contained true -p:DebugType=None -p:DebugSymbols=false -p:PublishSingleFile=true -p:IncludeAllContentForSelfExtract=true -o output

FROM mcr.microsoft.com/dotnet/runtime-deps:6.0.8-bullseye-slim-amd64
FROM mcr.microsoft.com/dotnet/runtime-deps:7.0.20-bullseye-slim-amd64
WORKDIR /app/src/Microsoft.Sbom.Tool
COPY --from=build-env /app/src/Microsoft.Sbom.Tool/output .

Expand Down
Loading

0 comments on commit 4c58393

Please sign in to comment.