profile
viewpoint
Kat Marchán zkat @Microsoft Oakland, CA beginner Rustacean, @nuget team, formerly @NPMjs

entropic-dev/entropic 5223

🦝 :package: a package registry for anything, but mostly javascript 🦝 🦝 🦝

tc39/proposal-pattern-matching 3057

Pattern matching syntax for ECMAScript

http-rs/surf 708

Surf the web – HTTP client framework

zkat/cipm 408

standalone ci-oriented package installer for npm projects (moved)

zkat/cacache 247

💩💵 but for your data. If you've got the hash, we've got the cache ™ (moved)

zkat/chanl 128

Portable channel-based concurrency for Common Lisp

zkat/cacache-rs 75

💩💵 but for your 🦀

entropic-dev/ds 46

entropy delta: the entropic client

zkat/chillax 36

CouchDB abstraction layer for Common Lisp

http-rs/http-types 28

Common types for HTTP operations

push eventNuGet/Entropy

Kat Marchán

commit sha c91a0652153aa478a2def9f40e810ecf4331a4c8

pr feedback

view details

push time in a day

Pull request review commentNuGet/Entropy

rewrites changelog generator to support zenhub-based releases

+using Azure;+using Octokit;+using System;+using System.Collections.Generic;+using System.Text;+using System.Threading.Tasks;+using ZenHub;+using ZenHub.Models;++namespace ChangelogGenerator+{+    class ChangelogGenerator+    {+        private readonly GitHubClient GitHubClient;+        private readonly ZenHubClient ZenHubClient;+        private readonly Options Options;++        public ChangelogGenerator(Options opts)+        {+            Options = opts;+            GitHubClient = new GitHubClient(new ProductHeaderValue("nuget-changelog-generator"));+            var creds = new Credentials(Options.GitHubToken);+            GitHubClient.Credentials = creds;+            ZenHubClient = new ZenHubClient(Options.ZenHubToken);+        }++        public async Task<string> GenerateChangelog()+        {+            string releaseId = await GetReleaseId();+            Dictionary<IssueType, List<Issue>> issues = await GetIssuesByType(releaseId);+            return GenerateMarkdown(releaseId, issues);+        }++        private async Task<string> GetReleaseId()+        {+            string[] repoParts = Options.Repo.Split('/');+            Repository repo = await GitHubClient.Repository.Get(repoParts[0], repoParts[1]);+            ZenHubRepositoryClient repoClient = ZenHubClient.GetRepositoryClient(repo.Id);++            Response<ReleaseReport[]> releases = await repoClient.GetReleaseReportsAsync();++            string releaseId = string.Empty;+            foreach (var release in releases.Value)+            {+                if (release.Title == Options.Release)+                {+                    releaseId = release.ReleaseId;+                    break;+                }+            }++            if (releaseId == string.Empty)+            {+                throw new Exception($"No such release: {Options.Release}");+            }+            return releaseId;+        }++        private async Task<Dictionary<IssueType, List<Issue>>> GetIssuesByType(string releaseId)+        {+            Dictionary<IssueType, List<Issue>> issuesByType = new Dictionary<IssueType, List<Issue>>();++            ZenHubReleaseClient releaseClient = ZenHubClient.GetReleaseClient(releaseId);+            IssueDetails[] zenHubIssueList = (await releaseClient.GetIssuesAsync()).Value;+            string[] repoParts = Options.Repo.Split('/');+            foreach (IssueDetails details in zenHubIssueList)+            {+                Issue issue = await GitHubClient.Issue.Get(repoParts[0], repoParts[1], details.IssueNumber);+                bool issueFixed = true;+                bool hidden = false;+                IssueType issueType = IssueType.None;+                bool epicLabel = false;+                bool regressionDuringThisVersion = false;+                bool engineeringImprovement = false;+                string requiredLabel = Options.RequiredLabel?.ToLower();+                bool foundRequiredLabel = string.IsNullOrEmpty(requiredLabel);++                foreach (var label in issue.Labels)+                {+                    if (label.Name.Contains("ClosedAs:"))+                    {+                        issueFixed = false;+                    }++                    if (label.Name == "RegressionDuringThisVersion")+                    {+                        regressionDuringThisVersion = true;+                        hidden = true;+                    }++                    if (label.Name == "Category:Engineering")

This is a good plan. I'll do that.

zkat

comment created time in a day

Pull request review commentNuGet/Entropy

rewrites changelog generator to support zenhub-based releases

-<?xml version="1.0" encoding="utf-8"?>-<Project ToolsVersion="14.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">-  <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />+<Project Sdk="Microsoft.NET.Sdk">   <PropertyGroup>-    <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>-    <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>-    <ProjectGuid>{95B80A75-AF6E-424A-880A-3EFA4FDF26F4}</ProjectGuid>     <OutputType>Exe</OutputType>-    <AppDesignerFolder>Properties</AppDesignerFolder>-    <RootNamespace>ChangelogGenerator</RootNamespace>-    <AssemblyName>ChangelogGenerator</AssemblyName>-    <TargetFrameworkVersion>v4.5.2</TargetFrameworkVersion>-    <FileAlignment>512</FileAlignment>+    <TargetFramework>net472</TargetFramework>     <AutoGenerateBindingRedirects>true</AutoGenerateBindingRedirects>+    <PublishUrl>publish\</PublishUrl>+    <Install>true</Install>+    <InstallFrom>Disk</InstallFrom>+    <UpdateEnabled>false</UpdateEnabled>+    <UpdateMode>Foreground</UpdateMode>+    <UpdateInterval>7</UpdateInterval>+    <UpdateIntervalUnits>Days</UpdateIntervalUnits>+    <UpdatePeriodically>false</UpdatePeriodically>

I have NO idea. It was added by one of the migrators???

zkat

comment created time in a day

Pull request review commentNuGet/Entropy

rewrites changelog generator to support zenhub-based releases

     <AppDesignerFolder>Properties</AppDesignerFolder>     <RootNamespace>ChangelogGenerator</RootNamespace>     <AssemblyName>ChangelogGenerator</AssemblyName>-    <TargetFrameworkVersion>v4.5.2</TargetFrameworkVersion>+    <TargetFrameworkVersion>v4.7.2</TargetFrameworkVersion>

Migrated. Hopefully I did that right?

zkat

comment created time in a day

push eventNuGet/Entropy

Kat Marchán

commit sha d4a45aa227c734fc0f5db0eae8fadd30533ea98f

migrate to PackageReference

view details

Kat Marchán

commit sha a04e43863bc4d67d42b65f935f4c28e8e6646814

migrated to sdk-style

view details

push time in a day

PR opened NuGet/Entropy

Reviewers
rewrites changelog generator to support zenhub-based releases

Fixes: https://github.com/NuGet/Home/issues/9085

+365 -237

0 comment

7 changed files

pr created time in a day

create barnchNuGet/Entropy

branch : dev-zkat-zenhub-changelog

created branch time in a day

delete branch NuGet/Entropy

delete branch : dev-rrelyea-improveReleaseNotesCreation

delete time in 3 days

push eventNuGet/Entropy

Rob Relyea

commit sha 5d8f5731cafb6dc1c677a560273b5ff47d9ceed0

add ability to find only those issues with a certain label, and more... (#23) Co-authored-by: Kat Marchán <kzm@zkat.tech>

view details

push time in 3 days

PR merged NuGet/Entropy

add ability to find only those issues with a certain label, and more...

@zkat - here was the tool in its current state. was originally written by @karann-msft .

I modified it a bit over the last several releases.

+14 -18

0 comment

1 changed file

rrelyea

pr closed time in 3 days

push eventNuGet/Entropy

Rob Relyea

commit sha 41e4be6fef25dc7c0708324ec7873bef13606497

ChangeLogGen - support requiredLabel, improve filename (#10)

view details

Rob Relyea

commit sha 52acf6960ec0dcffac604dcd5ccaf49adb4472dc

fix link with label and title with label (#11)

view details

Damon Tivel

commit sha 3c2c76bdcf83abdede60c615ed45c3260c4aa391

Add NuGet plugin log viewer. Also see: https://github.com/NuGet/NuGet.Client/pull/2753 https://github.com/NuGet/NuGet.Client/pull/2755 https://github.com/NuGet/NuGet.Client/pull/2771 https://github.com/NuGet/NuGet.Client/pull/2773

view details

Joel Verhagen

commit sha 6af8bb40daa830acd93d24b71b2967d109dd4335

Add CopyRegistration tool to copy the registration blobs for specific IDs

view details

Joel Verhagen

commit sha e2d2f18c3e2f2b3360391fa0564d41c7599640f9

Add tool to test ingestion performance on nuget.org

view details

Joel Verhagen

commit sha 27cbfe1382f9be6e228e3c15f1c788c03f70a7fc

Add ingestion perf output file that is written to immediately

view details

Andrei Grigorev

commit sha cf23f16762c0d093e47dc2442e3471fad1002067

Catalog fix tool (#13) * Catalog fix tool * documentation.

view details

Joel Verhagen

commit sha 0dff0fdbe42a036d759873b62a690ac5c4aff0e9

Export Application Insights data to CSV

view details

Joel Verhagen

commit sha b1868eab9840e2202a2ce9dc81c9db4016d8eed5

Add SearchScorer project with FeedbackEvaluator

view details

Joel Verhagen

commit sha 2c59b05cd4b09b6bcfa11aa67e91b1f25163d0ec

Initial work on a NDCG evaluator for search service Seed data is feedback and top search selection Move feedback data to a CSV instead of a mega class

view details

Joel Verhagen

commit sha 2beb0a0caf2e4f13fcb3a95ce80dc7e85367278c

Add helper for weighting by top queries

view details

Joel Verhagen

commit sha 01b963fc322c32f6cf37dccac1a0c570603f2d7c

Rename TestSearchQuery to FeedbackSearchQuery

view details

Joel Verhagen

commit sha 990ec6949ffcb6b2409d20c2de146267f8310c84

Start work on a curate search query list and evaluator

view details

Joel Verhagen

commit sha fd9cd4b91ab9b8b6b363d37262ca933098bd1166

Only use explicit aliasing

view details

Joel Verhagen

commit sha 6861477cf15cffcf037a4fe6cd3df3d723b17e5b

Add GitHub usage reader/writer

view details

Joel Verhagen

commit sha e555d8d328d99e65a06397bb72d0245e35059ae5

Output search selections to CSV without JSON...

view details

Joel Verhagen

commit sha 257c176949ae353f92750aa8411782fdb7c186bc

Add snapshot of latest data

view details

Joel Verhagen

commit sha ab1ca44b1eb36f4bf11f0cae9afb7ef6a3354bac

Add finished CuratedSearchQueries

view details

Joel Verhagen

commit sha 89a28b19d707b041f14d065478dd2e2ccac9c4f5

Pull in one more CuratedSearchQueries change

view details

Joel Verhagen

commit sha 939ba9857bf010d3737496b546a8bf1afb0d7043

Fix typos in the CuratedSearchQueries

view details

push time in 3 days

Pull request review commentNuGet/NuGet.Client

fix broken func test in SignatureUtilityTests

+// Copyright (c) .NET Foundation. All rights reserved.+// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.++using System;++namespace Test.Utility.Signing+{+    /// <summary>+    /// Folder names ensure uniqueness in path when signed packages are stored on disk for verification in later steps+    /// </summary>+    public enum FolderNames+    {+        One,+        Two+    }++    public static class TestFolderNames+    {+        public const string Windows_NetFullFrameworkFolder = "Windows_NetFullFramework";+        public const string Windows_NetCoreFolder = "Windows_NetCore";

how should we be distinguishing between legacy framework and .net "core" going forward, then?

kartheekp-ms

comment created time in 3 days

pull request commentNuGet/NuGet.Client

fixed package signing verification broken tests using utility methods

approved pending tests passing

kartheekp-ms

comment created time in 3 days

issue commentNuGet/Home

Broken test in TimestampTests

Sorry, I should've moved it back to In Progress.

heng-liu

comment created time in 7 days

issue openedNuGet/Home

Project fails to load after using PM Console

Details about Problem

NuGet product used (NuGet.exe | VS UI | Package Manager Console | dotnet.exe):

version (x.x.x.xxx): All versions, at least since 16.4.5

Detailed repro steps so we can see the same problem

  1. Create a new console project

  2. Open the PM Console

  3. Install-Package Newtonsoft.Json

  4. Try to open the PMUI for the project again.

Result

This error happens during Install-Package:

Install-Package : The operation failed as details for project ConsoleApp3 could not be loaded.
At line:1 char:1
+ Install-Package Newtonsoft.Json
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Install-Package], Exception
    + FullyQualifiedErrorId : NuGetCmdletUnhandledException,NuGet.PackageManagement.PowerShellCmdlets.InstallPackageCommand

Additionally, once this happens, the PM UI becomes unusable, with this error any time you try to open it for that project:

image

Notes

This seems pretty serious, but it doesn't always reproduce. I'm not really sure what's going on.

created time in 7 days

issue commentNuGet/Home

add tests on cross verifying signed packages

TODO: Make sure to check error cases, too

heng-liu

comment created time in 7 days

PR closed NuGet/NuGet.Client

Reviewers
Rebase xplat feature branch onto dev
+2289 -595

2 comments

163 changed files

zkat

pr closed time in 8 days

pull request commentNuGet/NuGet.Client

Rebase xplat feature branch onto dev

Sorry, I shouldn't have put this up for review, since it's not ready! I forgot I can check CI without making a PR. Please ignore. This was just doing a rebase onto dev and we need to make more concrete plans about integration/squashing/etc

zkat

comment created time in 8 days

push eventNuGet/NuGet.Client

Kat Marchán

commit sha 0857f36fa800cc88725027b6b0235ceed7e987be

fix

view details

push time in 8 days

PR opened NuGet/NuGet.Client

Reviewers
Rebase xplat feature branch onto dev
+2289 -595

0 comment

163 changed files

pr created time in 8 days

create barnchNuGet/NuGet.Client

branch : dev-zkat-xplat-rebase-2

created branch time in 8 days

delete branch NuGet/NuGet.Client

delete branch : dev-hengliu-xplat-fix1-signatureTrustAndValidityProvider

delete time in 10 days

push eventNuGet/NuGet.Client

Kat Marchán

commit sha cd7e2e156f64d0a8fbaa6370a8043be5015e2a1d

add mac crossverification Fixes: https://github.com/NuGet/Home/issues/9003

view details

push time in 13 days

push eventNuGet/NuGet.Client

Kat Marchán

commit sha 773302e00256506fdd5ee4b1b702b4def4e2d603

add mac crossverification Fixes: https://github.com/NuGet/Home/issues/9003

view details

push time in 13 days

push eventNuGet/NuGet.Client

Kat Marchán

commit sha f2ad30471c808cdb010eda96773895696736fea1

add mac crossverification Fixes: https://github.com/NuGet/Home/issues/9003

view details

push time in 13 days

push eventNuGet/NuGet.Client

Kat Marchán

commit sha 677af31a506bfdccdee8bd7674a12b6639d30def

add mac crossverification

view details

push time in 13 days

push eventNuGet/NuGet.Client

Kat Marchán

commit sha fe75082604200b036853c1c5b6be5590d0a997f7

get TimestampTests working again Fixes: https://github.com/NuGet/Home/issues/8935

view details

push time in 14 days

Pull request review commentNuGet/NuGet.Client

get TimestampTests working again

 public async Task Timestamp_Verify_WithOfflineRevocation_ReturnsCorrectFlagsAndL                     result.HasFlag(SignatureVerificationStatusFlags.UnknownRevocation).Should().BeTrue();                      var errors = logs.Where(l => l.Level == LogLevel.Error);-                    errors.Count().Should().Be(RuntimeEnvironmentHelper.IsWindows ? 2 : 1);--                    if (RuntimeEnvironmentHelper.IsWindows)-                    {-                        errors.Should().Contain(w => w.Code == NuGetLogCode.NU3028 && w.Message.Contains("The revocation function was unable to check revocation because the revocation server could not be reached."));-                        errors.Should().Contain(w => w.Code == NuGetLogCode.NU3028 && w.Message.Contains("The revocation function was unable to check revocation for the certificate."));-                    }-                    else-                    {-                        errors.Should().Contain(w => w.Code == NuGetLogCode.NU3028 && w.Message.Contains("unable to get certificate CRL"));-                    }++                    errors.Count().Should().Be(RuntimeEnvironmentHelper.IsMacOSX ? 1 : 2);++                    SigningTestUtility.AssertOfflineRevocation(errors, LogLevel.Error, NuGetLogCode.NU3028);+                    SigningTestUtility.AssertRevocationStatusUnknown(errors, LogLevel.Error, NuGetLogCode.NU3028);

haha, I messed up and typoed the message. The test should be passing now.

zkat

comment created time in 14 days

push eventNuGet/NuGet.Client

Kat Marchán

commit sha ab13f09a5a3f273f24244e03805674d3617f4919

get TimestampTests working again Fixes: https://github.com/NuGet/Home/issues/8935

view details

push time in 14 days

push eventNuGet/NuGet.Client

heng-liu

commit sha 0d3a2b3da8d13d2c075e602cb0fef3e3440cd3da

Enable timestamp provider test and fix 3 broken tests (#3210) enable all unit tests; enable 8 more tests; enable timestampProviderTest; fix 3 broken tests in TimestampProviderTests

view details

Heng Liu

commit sha e564be24357efb00fe2052145f4db751638e6cca

add crossVerify tests fix path in build.proj and common.project.props fix testFixture issue fix publishing on windows twice issue by using matrix in yaml add global.json for 2 crossVerify projects to use preview SDK when restored separately rename srcipt to runVerifySignedPackages.sh add dependsOn of Initialize_Build to verify phases fix target name fix artifactName and dowloadPath in yaml add other 7 cases for cross verify fix directory.create and simplify package name simplify case name add GenerateFixture for crossverify testing fix GetFiles for package and cert Remove and sort usings; Remove unused function fix install SDK preview version change sdk version change scipt to use bootstrap.proj use scripts/funcTests/dotnet-install.sh regenerate sln change CrossVerifyProjects in build.proj update verify script

view details

push time in 15 days

issue closedNuGet/Home

HTTPS://ANCENTNIE.SLACK.COM

Please read the following information before posting the issue.

Before posting the issue...

  • If you're having trouble with the NuGet.org Website, please post in NuGetGallery issues
  • If you're having trouble with the NuGet client tools (the Visual Studio extension, NuGet.exe command line tool, etc.), you are in the right place.

Remove the content above here and fill out details below.

Details about Problem

NuGet product used (NuGet.exe | VS UI | Package Manager Console | dotnet.exe):

NuGet version (x.x.x.xxx):

dotnet.exe --version (if appropriate):

VS version (if appropriate):

OS version (i.e. win10 v1607 (14393.321)):

Worked before? If so, with which NuGet version:

Detailed repro steps so we can see the same problem

...

Other suggested things

Verbose Logs

Please include verbose logs (NuGet.exe <COMMAND> -verbosity detailed | dotnet.exe <COMMAND> --verbosity diag | etc...)

Sample Project

Very helpful if you can zip a project and paste into this issue!

closed time in 16 days

dogmasega

issue commentNuGet/Home

HTTPS://ANCENTNIE.SLACK.COM

spam

dogmasega

comment created time in 16 days

push eventNuGet/NuGet.Client

push time in 17 days

create barnchNuGet/NuGet.Client

branch : dev-zkat-cross-verification-tests

created branch time in 17 days

issue closedNuGet/Home

18 tests in TrustedSignerActionsProviderTests are disabled for netcore, we need to enable them.

18 tests in TrustedSignerActionsProviderTests are disabled for netcore. We need to enable the test and the APIs it depends on, for netcoreapp5.0, to make xplat verification/signing have a better coverage of tests.

closed time in 18 days

heng-liu

Pull request review commentNuGet/NuGet.Client

get TimestampTests working again

 public static void VerifyByteArrays(byte[] expected, byte[] actual)         }          public static void AssertOfflineRevocation(IEnumerable<ILogMessage> issues, LogLevel logLevel)+        {+            AssertOfflineRevocation(issues, logLevel, NuGetLogCode.NU3018);+        }++        public static void AssertOfflineRevocation(IEnumerable<ILogMessage> issues, LogLevel logLevel, NuGetLogCode code)

Thanks for the review! I disagree about refactoring, since the methods are already fairly minimal on their own. I think refactoring them further would be a bit much, no? The bulk of their bodies is, after all, just picking that message, as you say.

zkat

comment created time in 20 days

issue commentNuGet/Home

[Test Failure] Expected error NU1004 disappear when building solution after enabling “RestoreLockedMode”

Moving this to the icebox -- I don't think this is high-priority enough for us to fix right now.

v-nancyj

comment created time in 21 days

issue commentNuGet/Home

[Test Failure] Expected error NU1004 disappear when building solution after enabling “RestoreLockedMode”

Update: This is not a regression during 16.5. I can repro it in 16.4.

The issue is that the ErrorListTableDataSource.ClearNuGetEntries() method isn't installed for the build action in VS. That gets installed into the build event when the PMUI is loaded.

So basically, the issue is not that this is getting cleared -- the issue is that we want it to clear on build (or at least that's what we intended to do), but the clear event isn't installed unless you use the PMUI. I don't know what our actual desired behavior is, but I'm tempted to open a separate issue and close this specific one so we can discuss from there.

v-nancyj

comment created time in 21 days

delete branch NuGet/NuGet.Client

delete branch : dev-zkat-xplat-fix-tsap-tests

delete time in 22 days

push eventNuGet/NuGet.Client

Kat Marchán

commit sha d3713c7af3ee67e9b0438cee335adebdb47e7550

enable TrustedSignerActionsProvider on netcore, along with tests (#3213) Fixes: https://github.com/NuGet/Home/issues/8921

view details

push time in 22 days

PR merged NuGet/NuGet.Client

Reviewers
enable TrustedSignerActionsProvider on netcore, along with tests

Fixes: https://github.com/NuGet/Home/issues/8921

+17 -17

1 comment

2 changed files

zkat

pr closed time in 22 days

issue commentNuGet/Home

[Test Failure] Expected error NU1004 disappear when building solution after enabling “RestoreLockedMode”

@v-nancyj confirmed. I tried again a couple of times and it's definitely still there. I'll take a closer look now, thanks!

v-nancyj

comment created time in 23 days

push eventNuGet/NuGet.Client

Kat Marchán

commit sha a44824debd7d7301cb33b8016d402f3bf27ef692

get TimestampTests working again Fixes: https://github.com/NuGet/Home/issues/8935

view details

push time in 23 days

push eventNuGet/NuGet.Client

Kat Marchán

commit sha 5a28a219eba8c9bc4fae0ab22c2a4da246a6fb14

get TimestampTests working again Fixes: https://github.com/NuGet/Home/issues/8935

view details

push time in 23 days

Pull request review commentNuGet/NuGet.Client

get TimestampTests working again

 public async Task Timestamp_Verify_WithOfflineRevocation_ReturnsCorrectFlagsAndL                     result.HasFlag(SignatureVerificationStatusFlags.UnknownRevocation).Should().BeTrue();                      var errors = logs.Where(l => l.Level == LogLevel.Error);-                    errors.Count().Should().Be(RuntimeEnvironmentHelper.IsWindows ? 2 : 1);                      if (RuntimeEnvironmentHelper.IsWindows)                     {+                        errors.Count().Should().Be(2);                         errors.Should().Contain(w => w.Code == NuGetLogCode.NU3028 && w.Message.Contains("The revocation function was unable to check revocation because the revocation server could not be reached."));                         errors.Should().Contain(w => w.Code == NuGetLogCode.NU3028 && w.Message.Contains("The revocation function was unable to check revocation for the certificate."));                     }+                    else if (RuntimeEnvironmentHelper.IsMacOSX)+                    {+                        errors.Count().Should().Be(1);+                        errors.Should().Contain(w => w.Code == NuGetLogCode.NU3028 && w.Message.Contains("An incomplete certificate revocation check occurred."));+                    }                     else                     {+                        errors.Count().Should().Be(2);+                        errors.Should().Contain(w => w.Code == NuGetLogCode.NU3028 && w.Message.Contains("The revocation function was unable to check revocation because the revocation server could not be reached."));                         errors.Should().Contain(w => w.Code == NuGetLogCode.NU3028 && w.Message.Contains("unable to get certificate CRL"));                     }

thanks, Damon! :)

zkat

comment created time in 23 days

Pull request review commentNuGet/NuGet.Client

get TimestampTests working again

 public async Task Timestamp_Verify_WithOfflineRevocation_ReturnsCorrectFlagsAndL                     result.HasFlag(SignatureVerificationStatusFlags.UnknownRevocation).Should().BeTrue();                      var errors = logs.Where(l => l.Level == LogLevel.Error);-                    errors.Count().Should().Be(RuntimeEnvironmentHelper.IsWindows ? 2 : 1);                      if (RuntimeEnvironmentHelper.IsWindows)                     {+                        errors.Count().Should().Be(2);                         errors.Should().Contain(w => w.Code == NuGetLogCode.NU3028 && w.Message.Contains("The revocation function was unable to check revocation because the revocation server could not be reached."));                         errors.Should().Contain(w => w.Code == NuGetLogCode.NU3028 && w.Message.Contains("The revocation function was unable to check revocation for the certificate."));                     }+                    else if (RuntimeEnvironmentHelper.IsMacOSX)+                    {+                        errors.Count().Should().Be(1);+                        errors.Should().Contain(w => w.Code == NuGetLogCode.NU3028 && w.Message.Contains("An incomplete certificate revocation check occurred."));+                    }                     else                     {+                        errors.Count().Should().Be(2);+                        errors.Should().Contain(w => w.Code == NuGetLogCode.NU3028 && w.Message.Contains("The revocation function was unable to check revocation because the revocation server could not be reached."));                         errors.Should().Contain(w => w.Code == NuGetLogCode.NU3028 && w.Message.Contains("unable to get certificate CRL"));                     }

Yup! I was just making sure 3028 wasn't a mistake (looking into it, it looks like we have separate codes for timestamps and signatures, so that makes sense).

zkat

comment created time in 23 days

Pull request review commentNuGet/NuGet.Client

get TimestampTests working again

 public async Task Timestamp_Verify_WithOfflineRevocation_ReturnsCorrectFlagsAndL                     result.HasFlag(SignatureVerificationStatusFlags.UnknownRevocation).Should().BeTrue();                      var errors = logs.Where(l => l.Level == LogLevel.Error);-                    errors.Count().Should().Be(RuntimeEnvironmentHelper.IsWindows ? 2 : 1);                      if (RuntimeEnvironmentHelper.IsWindows)                     {+                        errors.Count().Should().Be(2);                         errors.Should().Contain(w => w.Code == NuGetLogCode.NU3028 && w.Message.Contains("The revocation function was unable to check revocation because the revocation server could not be reached."));                         errors.Should().Contain(w => w.Code == NuGetLogCode.NU3028 && w.Message.Contains("The revocation function was unable to check revocation for the certificate."));                     }+                    else if (RuntimeEnvironmentHelper.IsMacOSX)+                    {+                        errors.Count().Should().Be(1);+                        errors.Should().Contain(w => w.Code == NuGetLogCode.NU3028 && w.Message.Contains("An incomplete certificate revocation check occurred."));+                    }                     else                     {+                        errors.Count().Should().Be(2);+                        errors.Should().Contain(w => w.Code == NuGetLogCode.NU3028 && w.Message.Contains("The revocation function was unable to check revocation because the revocation server could not be reached."));                         errors.Should().Contain(w => w.Code == NuGetLogCode.NU3028 && w.Message.Contains("unable to get certificate CRL"));                     }

Hm. I tried doing this, but the Utility uses NU3018, not NU3028 (as in the results of the tests). Is this pointing to a bug, or is this simply a corner case in this particular call? Do I need to look into this?

zkat

comment created time in 24 days

push eventNuGet/NuGet.Client

Kat Marchán

commit sha 6178ba758b5a20542c9c7b49781347767837a7bd

get TimestampTests working again Fixes: https://github.com/NuGet/Home/issues/8935

view details

push time in 24 days

push eventNuGet/NuGet.Client

Kat Marchán

commit sha 17aa47a01b746c8c382c08eb560d7ce19a8cda42

enable TrustedSignerActionsProvider on netcore, along with tests

view details

push time in 24 days

issue openedNuGet/Home

Write tool to tag icebox issues as such

Probably make a probot bot that will watch for when issues are moved to the icebox on zenhub and tag them as icebox so we can filter/search them. Probably do the same for the backlog.

created time in 24 days

Pull request review commentNuGet/NuGet.Client

Support for Signing using .NET Core 2.1+

 private static PrimarySignature CreatePrimarySignature(CmsSigner cmsSigner, Sign              try             {-                cms.ComputeSignature(cmsSigner);+                cms.ComputeSignature(cmsSigner, false); // silent is false to ensure PIN prompts appear if CNG/CAPI requires it

p.s. we'll make sure to replicate this change! Can you tell me more about why this is needed? I'm still fairly new to this work and the codebase, myself :)

onovotny

comment created time in 25 days

PR closed NuGet/NuGet.Client

Reviewers
Support for Signing using .NET Core 2.1+

cc @dtivel

This PR has the changes necessary to enable signing using .NET Core 2.1 and higher.

Mostly for reference when you're ready.

+103 -78

2 comments

38 changed files

onovotny

pr closed time in 25 days

pull request commentNuGet/NuGet.Client

Support for Signing using .NET Core 2.1+

Hey @onovotny! Thanks so much for your work on this PR and your interest in getting this working.

That said, this needs a bit more than just updating the conditionals and adjusting a couple of things. We've found that a lot of tests need to be updated (and in many cases, the associated functionality fixed). There's currently a large team effort going to enable cross-platform signing, and we expect it to become available by sometime around netcore5 preview 2, or so.

You can check out our toplevel epic for this work over at https://github.com/NuGet/Home/issues/7939 (you will need to have ZenHub installed in order to see the epic issues associated with this). You can also see the work in the dev-feature-xplatVerification feature branch in this repo.

Since this work is being done separately, I'd like to thank you again for the work you've done, and I'm going to close this particular PR in favor of the ongoing team work. Have a good one!

onovotny

comment created time in 25 days

issue closedNuGet/Home

RestoreCommand_PathTooLongException is disabled for netcore, we need to enable it

RestoreCommand_PathTooLongException is disabled for netcore. We need to enable the test.

There's an related issue: https://github.com/NuGet/Home/issues/7588

closed time in 25 days

heng-liu

delete branch NuGet/NuGet.Client

delete branch : dev-zkat-enable-pathtoolong-test

delete time in 25 days

push eventNuGet/NuGet.Client

Kat Marchán

commit sha 4654dadc18ded5e712c5bd561bdfe509c3b40312

enable PathTooLongException test (#3216) Fixes: https://github.com/NuGet/Home/issues/8920

view details

push time in 25 days

PR merged NuGet/NuGet.Client

Reviewers
enable PathTooLongException test

Fixes: https://github.com/NuGet/Home/issues/8920

Frankly, idk why that comment was there. This test seems to pass just fine without accounting for the * thing. Let's see what CI says, though!

+15 -7

0 comment

1 changed file

zkat

pr closed time in 25 days

push eventWeAllJS/weallbehave

Daniel Schmidt

commit sha ef9703bf761b2f9e54f7ad2065c2c57199690a09

test(ci): add node versions <= 10 (#6) to ensure future compatability

view details

push time in 25 days

PR merged WeAllJS/weallbehave

Add node versions <= 10 to travis

Hey there,

thank you for this cool project. I just came by it and thought it might be nice to add some more node versions to the CI to ensure we stay compatible 👍

+3 -0

0 comment

1 changed file

DanielMSchmidt

pr closed time in 25 days

issue commententropic-dev/ds

semver crate parsing feature parity with node-semver

This is awesome! Thanks again for the update!

zkat

comment created time in 25 days

PR opened NuGet/NuGet.Client

get TimestampTests working again

Fixes: https://github.com/NuGet/Home/issues/8935

NOTE

I'm not sure this is actually the right thing to do, and I haven't tested this change on OSX, but I wanna see how CI goes...

+2 -1

0 comment

1 changed file

pr created time in a month

push eventNuGet/NuGet.Client

Kat Marchán

commit sha 412bd21dcdddcef555c58605a519b35c692b7141

get TimestampTests working again Fixes: https://github.com/NuGet/Home/issues/8935

view details

push time in a month

create barnchNuGet/NuGet.Client

branch : dev-zkat-fix-timestamp-tests

created branch time in a month

issue commentNuGet/Home

Broken test in TimestampTests

Note: This is hanging when calling SignedArchiveTestUtility.CreateAuthorSignatureForPackageAsync, so the failure might just be a bug in our test utility. Looking into it now.

heng-liu

comment created time in a month

issue commentNuGet/Home

Signing: on Linux, verify untrusted certificates give unknown revocation doesn't affect the correctness of our code.

Sounds like we need to wait until the rest of the stuff is enabled to see what to do about this one. I'll drop it for now, then. Thanks, Heng!

heng-liu

comment created time in a month

issue commentNuGet/Home

Signing: on Linux, verify untrusted certificates give unknown revocation doesn't affect the correctness of our code.

I don't really understand what this task is referring to or where to look. Any pointers, @dtivel @heng-liu?

heng-liu

comment created time in a month

push eventNuGet/NuGet.Client

Kat Marchán

commit sha 6731041daade131e446f5129bad52cc3cf3f0bc1

enable PathTooLongException test Fixes: https://github.com/NuGet/Home/issues/8920

view details

push time in a month

issue closedNuGet/Home

Broken test in SignatureTest

In SignatureTest, Verify_WithUntrustedSelfSignedCertificateAndNotAllowUntrusted_FailsAsync failed on Linux and Mac

closed time in a month

heng-liu

issue commentNuGet/Home

Broken test in SignatureTest

This is done. See https://github.com/NuGet/NuGet.Client/pull/3208

heng-liu

comment created time in a month

Pull request review commentNuGet/NuGet.Client

enable PathTooLongException test

 public async Task RestoreCommand_LockedLockFileWithOutOfDateProjectAsync()             }         } -#if IS_DESKTOP-        // TODO: To work on coreclr we need to address https://github.com/NuGet/Home/issues/7588

I've pushed a new change that skips testing this if long paths are enabled on the current machine. Does that seem like the right way to go about this?

zkat

comment created time in a month

PR opened NuGet/NuGet.Client

Reviewers
enable PathTooLongException test

Fixes: https://github.com/NuGet/Home/issues/8920

Frankly, idk why that comment was there. This test seems to pass just fine without accounting for the * thing. Let's see what CI says, though!

+3 -6

0 comment

1 changed file

pr created time in a month

push eventNuGet/NuGet.Client

Kat Marchán

commit sha 1381bbfeddcc5c5bc1f3615a42802e2ad0cd5731

enable PathTooLongException test Fixes: https://github.com/NuGet/Home/issues/8920

view details

push time in a month

create barnchNuGet/NuGet.Client

branch : dev-zkat-enable-pathtoolong-test

created branch time in a month

PR opened NuGet/NuGet.Client

Reviewers
enable TrustedSignerActionsProvider on netcore, along with tests

Fixes: https://github.com/NuGet/Home/issues/8921

+4 -4

0 comment

2 changed files

pr created time in a month

create barnchNuGet/NuGet.Client

branch : dev-zkat-xplat-fix-tsap-tests

created branch time in a month

pull request commentNuGet/Home

Floating stable and prerelease versions in the same version range

Great! We're all good, then :)

nkolev92

comment created time in a month

delete branch NuGet/NuGet.Client

delete branch : dev-zkat-fix-self-signed-cert-error

delete time in a month

push eventNuGet/NuGet.Client

Kat Marchán

commit sha 7b0ee77d1f2beb0465055de4aecaff88d3ce0a3e

check different cross-platform error messages for self-signed cert test (#3208) Fixes: https://github.com/NuGet/Home/issues/8933

view details

push time in a month

PR merged NuGet/NuGet.Client

Reviewers
check different cross-platform error messages for self-signed cert test

Fixes: https://github.com/NuGet/Home/issues/8933

+1 -9

1 comment

1 changed file

zkat

pr closed time in a month

push eventNuGet/NuGet.Client

Kat Marchán

commit sha 0ec30d12eb57d19394ac8706c97844f7d48e260f

check different cross-platform error messages for self-signed cert test Fixes: https://github.com/NuGet/Home/issues/8933

view details

push time in a month

pull request commentNuGet/NuGet.Client

check different cross-platform error messages for self-signed cert test

omg I didn't notice that was already there. Sure, lemme just change that. :)

zkat

comment created time in a month

PR opened NuGet/NuGet.Client

Reviewers
check different cross-platform error messages for self-signed cert test

Fixes: https://github.com/NuGet/Home/issues/8933

+15 -1

0 comment

1 changed file

pr created time in a month

create barnchNuGet/NuGet.Client

branch : dev-zkat-fix-self-signed-cert-error

created branch time in a month

delete branch NuGet/Home

delete branch : dev-zkat-client-dev-process

delete time in a month

push eventNuGet/Home

Kat Marchán

commit sha 20acd18f85ba78d7323269f38978be3029943dfc

document client product dev process (#9050) Fixes: #8994

view details

push time in a month

PR merged NuGet/Home

Reviewers
document client product dev process

Fixes: #8994

Rendered

+151 -0

5 comments

1 changed file

zkat

pr closed time in a month

issue closedNuGet/Home

Overhaul team project management processes

Let's examine what we do right now, and how we use both GitHub and ZenHub to manage (and communicate) the work that the team does. This work will involve proposing a new process and getting comments and consensus for the team, and ultimately adopting it and documenting it for both the team and the community.

closed time in a month

zkat

issue commentNuGet/Home

[Test Failure] Expected error NU1004 disappear when building solution after enabling “RestoreLockedMode”

I can no longer reproduce this with the latest build. I don't know what fixed it, but it got fixed. Maybe it was something with VS itself.

v-nancyj

comment created time in a month

issue closedNuGet/Home

[Test Failure] Expected error NU1004 disappear when building solution after enabling “RestoreLockedMode”

Details about Problem

NuGet Version: Dev\5.5.0.6330 VS Version: Master\29623.15 OS Version: Windows-10-Enterprise-RS5

Installation steps:

  • https://devdiv.visualstudio.com/DevDiv/_build/results?buildId=3341765&view=results

Repro steps:

  1. Create above corresponding projects via VS.
  2. Install a few ‘PackageReference’ packages into the projects.
  3. Set MSBuild property “RestorePackagesWithLockFile” to true in csproj file. <RestorePackagesWithLockFile>true</RestorePackagesWithLockFile>
  4. Do a restore.
  5. Check it should have generated ‘packages.lock.json’ file alongside *.csproj file.
  6. Set msbuild property “RestoreLockedMode” to “true”. <RestoreLockedMode>true</RestoreLockedMode>
  7. Install another package.
  8. It should still work fine and update ‘packages.lock.json’ file.
  9. Manually add a new PackageReference item into csproj file.
<PackageReference Include="NUnit">
   <Version>3.12.0</Version>
 </PackageReference>
  1. Perform restore.
  2. Restore should fail with error “NU1004”
  3. Build the solution.

Expected:

The error was still showed on error list.

Actual:

The error disappear on error list.

Here is the record video for the repro steps:

restore

Notes:

  1. The issue repro on .NET Core project.
  2. The issue repro on Master\29623.15 + NuGet Client Dev\5.5.0.6355.
  3. The issue is not stable, the repro rate is almost 95% for us.

closed time in a month

v-nancyj

Pull request review commentNuGet/NuGet.Client

Rework the self updater with the new APIs that support semver2 and validate signatures

 public string AssemblyLocation             }         } -        public void UpdateSelf(bool prerelease)+        public async Task UpdateSelfAsync(bool prerelease, string updateFeed)         {             Assembly assembly = typeof(SelfUpdater).Assembly;-            CoreV2.NuGet.SemanticVersion version = GetNuGetVersion(assembly) ?? new CoreV2.NuGet.SemanticVersion(assembly.GetName().Version);-            SelfUpdate(AssemblyLocation, prerelease, version);+            var version = GetNuGetVersion(assembly) ?? new NuGetVersion(assembly.GetName().Version);+            await SelfUpdateAsync(AssemblyLocation, prerelease, version, updateFeed, CancellationToken.None);

SelfUpdate => UpdateSelfFromVersionAsync maybe?

nkolev92

comment created time in a month

Pull request review commentNuGet/NuGet.Client

Rework the self updater with the new APIs that support semver2 and validate signatures

+// Copyright (c) .NET Foundation. All rights reserved.+// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.++using System;+using System.Collections.Generic;+using System.IO;+using System.Linq;+using System.Net;+using Newtonsoft.Json.Linq;+using NuGet.Packaging.Core;+using NuGet.Protocol;++namespace NuGet.CommandLine.Test+{+    public class FileSystemBackedV3MockServer : MockServer+    {+        private string _packageDirectory;+        private readonly MockResponseBuilder _builder;+        public FileSystemBackedV3MockServer(string packageDirectory)+        {+            _packageDirectory = packageDirectory;+            _builder = new MockResponseBuilder(Uri.TrimEnd(new[] { '/' }));+            InitializeServer();+        }++        public ISet<PackageIdentity> UnlistedPackages { get; } = new HashSet<PackageIdentity>();++        public string ServiceIndexUri => Uri + _builder.GetV3IndexPath();++        private void InitializeServer()+        {+            Get.Add(+                _builder.GetV3IndexPath(),+                request =>+                {+                    return new Action<HttpListenerResponse>(response =>+                    {+                        var mockResponse = _builder.BuildV3IndexResponse(this);+                        response.ContentType = mockResponse.ContentType;+                        SetResponseContent(response, mockResponse.Content);+                    });+                });++            Get.Add("/", request =>+            {+                return ServerHandlerV3(request);+            });++        }++        private Action<HttpListenerResponse> ServerHandlerV3(HttpListenerRequest request)+        {+            try+            {+                var path = GetRequestUrlAbsolutePath(request);+                var parts = request.Url.AbsolutePath.Split(new[] { '/' }, StringSplitOptions.RemoveEmptyEntries);++                if (path.StartsWith("/flat/") && path.EndsWith("/index.json"))+                {+                    return new Action<HttpListenerResponse>(response =>+                    {+                        response.ContentType = "text/javascript";

nevermind, then!

nkolev92

comment created time in a month

Pull request review commentNuGet/NuGet.Client

Rework the self updater with the new APIs that support semver2 and validate signatures

 public string AssemblyLocation             }         } -        public void UpdateSelf(bool prerelease)+        public async Task UpdateSelfAsync(bool prerelease, string updateFeed)         {             Assembly assembly = typeof(SelfUpdater).Assembly;-            CoreV2.NuGet.SemanticVersion version = GetNuGetVersion(assembly) ?? new CoreV2.NuGet.SemanticVersion(assembly.GetName().Version);-            SelfUpdate(AssemblyLocation, prerelease, version);+            var version = GetNuGetVersion(assembly) ?? new NuGetVersion(assembly.GetName().Version);+            await SelfUpdateAsync(AssemblyLocation, prerelease, version, updateFeed, CancellationToken.None);

This UpdateSelf/SelfUpdate naming is pretty confusing. Is this a good time to improve it?

nkolev92

comment created time in a month

Pull request review commentNuGet/NuGet.Client

Rework the self updater with the new APIs that support semver2 and validate signatures

+// Copyright (c) .NET Foundation. All rights reserved.+// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.++using System;+using System.Collections.Generic;+using System.IO;+using System.Linq;+using System.Net;+using Newtonsoft.Json.Linq;+using NuGet.Packaging.Core;+using NuGet.Protocol;++namespace NuGet.CommandLine.Test+{+    public class FileSystemBackedV3MockServer : MockServer+    {+        private string _packageDirectory;+        private readonly MockResponseBuilder _builder;+        public FileSystemBackedV3MockServer(string packageDirectory)+        {+            _packageDirectory = packageDirectory;+            _builder = new MockResponseBuilder(Uri.TrimEnd(new[] { '/' }));+            InitializeServer();+        }++        public ISet<PackageIdentity> UnlistedPackages { get; } = new HashSet<PackageIdentity>();++        public string ServiceIndexUri => Uri + _builder.GetV3IndexPath();++        private void InitializeServer()+        {+            Get.Add(+                _builder.GetV3IndexPath(),+                request =>+                {+                    return new Action<HttpListenerResponse>(response =>+                    {+                        var mockResponse = _builder.BuildV3IndexResponse(this);+                        response.ContentType = mockResponse.ContentType;+                        SetResponseContent(response, mockResponse.Content);+                    });+                });++            Get.Add("/", request =>+            {+                return ServerHandlerV3(request);+            });++        }++        private Action<HttpListenerResponse> ServerHandlerV3(HttpListenerRequest request)+        {+            try+            {+                var path = GetRequestUrlAbsolutePath(request);+                var parts = request.Url.AbsolutePath.Split(new[] { '/' }, StringSplitOptions.RemoveEmptyEntries);++                if (path.StartsWith("/flat/") && path.EndsWith("/index.json"))+                {+                    return new Action<HttpListenerResponse>(response =>+                    {+                        response.ContentType = "text/javascript";

This MIME type is obsolete. Should this be application/javascript instead?

nkolev92

comment created time in a month

Pull request review commentNuGet/NuGet.Client

Rework the self updater with the new APIs that support semver2 and validate signatures

 public string AssemblyLocation             }         } -        public void UpdateSelf(bool prerelease)+        public async Task UpdateSelfAsync(bool prerelease, string updateFeed)         {             Assembly assembly = typeof(SelfUpdater).Assembly;-            CoreV2.NuGet.SemanticVersion version = GetNuGetVersion(assembly) ?? new CoreV2.NuGet.SemanticVersion(assembly.GetName().Version);-            SelfUpdate(AssemblyLocation, prerelease, version);+            var version = GetNuGetVersion(assembly) ?? new NuGetVersion(assembly.GetName().Version);+            await SelfUpdateAsync(AssemblyLocation, prerelease, version, updateFeed, CancellationToken.None);         } -        internal void SelfUpdate(string exePath, bool prerelease, CoreV2.NuGet.SemanticVersion version)+        internal async Task SelfUpdateAsync(string exePath, bool prerelease, NuGetVersion currentVersion, string source, CancellationToken cancellationToken)         {-            Console.WriteLine(LocalizedResourceManager.GetString("UpdateCommandCheckingForUpdates"), NuGetConstants.V2FeedUrl);--            // Get the nuget command line package from the specified repository-            CoreV2.NuGet.IPackageRepository packageRepository = _repositoryFactory.CreateRepository(NuGetConstants.V2FeedUrl);-            CoreV2.NuGet.IPackage package = packageRepository.GetUpdates(-                new [] { new CoreV2.NuGet.PackageName(NuGetCommandLinePackageId, version) },-                includePrerelease: prerelease, -                includeAllVersions: false, -                targetFrameworks: null,-                versionConstraints: null).FirstOrDefault();- -            Console.WriteLine(LocalizedResourceManager.GetString("UpdateCommandCurrentlyRunningNuGetExe"), version); // SemanticVersion is the problem+            var sourceCacheContext = new SourceCacheContext();+            _console.WriteLine(LocalizedResourceManager.GetString("UpdateCommandCheckingForUpdates"), source);++            var sourceRepository = Repository.Factory.GetCoreV3(source);+            var metadataResource = await sourceRepository.GetResourceAsync<MetadataResource>(cancellationToken);+            var latestVersion = await metadataResource.GetLatestVersion(NuGetCommandLinePackageId, prerelease, includeUnlisted: false, sourceCacheContext, _console, cancellationToken);++            _console.WriteLine(LocalizedResourceManager.GetString("UpdateCommandCurrentlyRunningNuGetExe"), currentVersion);              // Check to see if an update is needed-            if (package == null || version >= package.Version)+            if (latestVersion == null || currentVersion >= latestVersion)             {-                Console.WriteLine(LocalizedResourceManager.GetString("UpdateCommandNuGetUpToDate"));+                _console.WriteLine(LocalizedResourceManager.GetString("UpdateCommandNuGetUpToDate"));             }             else             {-                Console.WriteLine(LocalizedResourceManager.GetString("UpdateCommandUpdatingNuGet"), package.Version);+                _console.WriteLine(LocalizedResourceManager.GetString("UpdateCommandUpdatingNuGet"), latestVersion); -                // Get NuGet.exe file from the package-                CoreV2.NuGet.IPackageFile file = package.GetFiles().FirstOrDefault(f => Path.GetFileName(f.Path).Equals(NuGetExe, StringComparison.OrdinalIgnoreCase));+                var packageIdentity = new PackageIdentity(NuGetCommandLinePackageId, latestVersion); -                // If for some reason this package doesn't have NuGet.exe then we don't want to use it-                if (file == null)+                var tempDir = Path.Combine(NuGetEnvironment.GetFolderPath(NuGetFolderPath.Temp), "updateSelf");+                var nupkgPath = FileUtility.GetTempFilePath(tempDir);+                try                 {-                    throw new CommandLineException(LocalizedResourceManager.GetString("UpdateCommandUnableToLocateNuGetExe"));+                    DirectoryUtility.CreateSharedDirectory(tempDir);++                    var downloadResourceResult = await PackageDownloader.GetDownloadResourceResultAsync(+                                        sourceRepository,+                                        packageIdentity,+                                        new PackageDownloadContext(sourceCacheContext),+                                        tempDir,+                                        _console,+                                        cancellationToken);++                    // Get the exe path and move it to a temp file (NuGet.exe.old) so we can replace the running exe with the bits we got +                    // from the package repository+                    var nugetExeFile = (await downloadResourceResult.PackageReader.GetFilesAsync(CancellationToken.None)).FirstOrDefault(f => Path.GetFileName(f).Equals(NuGetExe, StringComparison.OrdinalIgnoreCase));++                    // If for some reason this package doesn't have NuGet.exe then we don't want to use it+                    if (nugetExeFile == null)+                    {+                        throw new CommandLineException(LocalizedResourceManager.GetString("UpdateCommandUnableToLocateNuGetExe"));+                    }++                    string renamedPath = exePath + ".old";++                    FileUtility.Move(exePath, renamedPath);++                    using (Stream fromStream = await downloadResourceResult.PackageReader.GetStreamAsync(nugetExeFile, cancellationToken), toStream = File.Create(exePath))+                    {+                        fromStream.CopyTo(toStream);+                    }+                }+                finally+                {+                    // Delete the temporary directory+                    try+                    {+                        Directory.Delete(tempDir, recursive: true);

Should we also delete renamedPath, or is the expectation that nuget.exe.old just stays around after update?

nkolev92

comment created time in a month

Pull request review commentNuGet/NuGet.Client

Rework the self updater with the new APIs that support semver2 and validate signatures

-// Copyright (c) .NET Foundation. All rights reserved.+// Copyright (c) .NET Foundation. All rights reserved. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. -extern alias CoreV2;

ding dong the witch is dead 🎶

nkolev92

comment created time in a month

issue closedNuGet/Home

9098

closed time in a month

zkat

issue commentNuGet/Home

9098

oops

zkat

comment created time in a month

issue openedNuGet/Home

9098

created time in a month

issue commentNuGet/Home

"dotnet list package --outdated --include-transitive" also checks project references

Update: The PR for this is mostly ready, but there's a test failure that needs to be taken care of before it can get merged.

mnmr

comment created time in a month

more