You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
OS version: Windows 11, Version 22H2 (OS Build 22621.2428)
Installed from: Microsoft Store
In case of a BUG:
While trying to publish a new release of Polly today, we encountered a failure when trying to validate the Authenticode signatures of the binaries in our NuGet packages. We do this by compiling AuthenticodeLint from source as the .NET 6 version is not available from NuGet.org (see vcsjones/AuthenticodeLint#34). There was no apparent feedback on what was wrong, just that the tool was failing to verify the signatures. See App-vNext/Polly#1760 for more context.
As part of investigating the issue, attempting to view the binaries inside the NuGet packages that were signed, NuGet Package Explorer fails to load the details for the DLLs, and instead shows this modal:
This error seems to correlate with the same exception I uncovered in AuthenticodeLint/AuthenticodeExaminer: vcsjones/AuthenticodeExaminer#19
Unpacking the NuGet package files shows the Authenticode signatures as valid in Windows Explorer, and rebuilding AuthenticodeLint as described in the issue above also then successfully validates the files (successful validation workflow).
I'm not aware of any workarounds to this issue - I expect that a dependency of some kind needs updating and the application recompiled and published for a new version to resolve the underlying code that has an issue with the signatures.
The text was updated successfully, but these errors were encountered:
Looking at the diff, it's not a dependency update that fixes it, but what looks like a bunch of code changes that have happened since v0.3.0 was released.
Type (choose one):
NPE version:
6.0.64+c118e46e01
OS version: Windows 11, Version 22H2 (OS Build 22621.2428)
Installed from: Microsoft Store
In case of a BUG:
While trying to publish a new release of Polly today, we encountered a failure when trying to validate the Authenticode signatures of the binaries in our NuGet packages. We do this by compiling AuthenticodeLint from source as the .NET 6 version is not available from NuGet.org (see vcsjones/AuthenticodeLint#34). There was no apparent feedback on what was wrong, just that the tool was failing to verify the signatures. See App-vNext/Polly#1760 for more context.
As part of investigating the issue, attempting to view the binaries inside the NuGet packages that were signed, NuGet Package Explorer fails to load the details for the DLLs, and instead shows this modal:
This error seems to correlate with the same exception I uncovered in AuthenticodeLint/AuthenticodeExaminer: vcsjones/AuthenticodeExaminer#19
Unpacking the NuGet package files shows the Authenticode signatures as valid in Windows Explorer, and rebuilding AuthenticodeLint as described in the issue above also then successfully validates the files (successful validation workflow).
I'm not aware of any workarounds to this issue - I expect that a dependency of some kind needs updating and the application recompiled and published for a new version to resolve the underlying code that has an issue with the signatures.
The text was updated successfully, but these errors were encountered: