Release GCM 2.6 #1712
Merged
Release GCM 2.6 #1712
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Bumps [actions/setup-dotnet](https://github.com/actions/setup-dotnet) from 4.0.0 to 4.0.1. - [Release notes](https://github.com/actions/setup-dotnet/releases) - [Commits](actions/setup-dotnet@v4.0.0...v4.0.1) --- updated-dependencies: - dependency-name: actions/setup-dotnet dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
The `git-credential-manager` cask is part of the 'autobump' for the public tap of Homebrew. We no longer need to maintain our own publishing workflow. Error message when we try to publish our own package bump: ```log Error: Whoops, the git-credential-manager cask has its version update pull requests automatically opened by BrewTestBot every ~3 hours! We'd still love your contributions, though, so try another one that's not in the autobump list: https://github.com/Homebrew/homebrew-cask/blob/master/.github/autobump.txt ```
The `git-credential-manager` cask is part of the 'autobump' for the public tap of Homebrew. We no longer need to maintain our own publishing workflow. Error message when we try to publish our own package bump: ```log Error: Whoops, the git-credential-manager cask has its version update pull requests automatically opened by BrewTestBot every ~3 hours! We'd still love your contributions, though, so try another one that's not in the autobump list: https://github.com/Homebrew/homebrew-cask/blob/master/.github/autobump.txt ``` https://github.com/git-ecosystem/git-credential-manager/actions/runs/9879897955/job/27287165181
overriden -> overridden
overriden -> overridden
…n parsing a boolean config option
…w x5c MSAL claim option
…ficate for authentication (#1666) When using a service principal with certificate authentication, every time the certificate is renewed, the new certificate needs to be uploaded to the service principal's AAD app registration in order for authentication to continue to work. However, a technology called "X5C" has made this unnecessary by allowing _any_ certificate, with a _specific_ subject, issued by a known, trusted, predetermined CA, to be used. For this to work, the AAD app registration's manifest needs to be updated to reflect the subject name, and during authentication, the request for "X5C" authentication needs to be sent along with the certificate's signature. This change enables that to take place.
Bumps [azure/trusted-signing-action](https://github.com/azure/trusted-signing-action) from 0.3.20 to 0.4.0. - [Release notes](https://github.com/azure/trusted-signing-action/releases) - [Commits](Azure/trusted-signing-action@v0.3.20...v0.4.0) --- updated-dependencies: - dependency-name: azure/trusted-signing-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
…1669) Bumps [azure/trusted-signing-action](https://github.com/azure/trusted-signing-action) from 0.3.20 to 0.4.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/azure/trusted-signing-action/releases">azure/trusted-signing-action's releases</a>.</em></p> <blockquote> <h2>v0.4.0</h2> <h2>What's Changed</h2> <ul> <li>Add input that enables trace logging by <a href="https://github.com/japarson"><code>@japarson</code></a> in <a href="https://redirect.github.com/Azure/trusted-signing-action/pull/36">Azure/trusted-signing-action#36</a></li> <li>Updated actions/cache to v4. by <a href="https://github.com/dlemstra"><code>@dlemstra</code></a> in <a href="https://redirect.github.com/Azure/trusted-signing-action/pull/40">Azure/trusted-signing-action#40</a></li> <li>Add documentation about OIDC and Federated Credentials by <a href="https://github.com/japarson"><code>@japarson</code></a> in <a href="https://redirect.github.com/Azure/trusted-signing-action/pull/37">Azure/trusted-signing-action#37</a></li> <li>Update to Trusted Signing module 0.4.1 by <a href="https://github.com/japarson"><code>@japarson</code></a> in <a href="https://redirect.github.com/Azure/trusted-signing-action/pull/38">Azure/trusted-signing-action#38</a></li> <li>Update files input docs to reflect support for newline characters by <a href="https://github.com/japarson"><code>@japarson</code></a> in <a href="https://redirect.github.com/Azure/trusted-signing-action/pull/44">Azure/trusted-signing-action#44</a></li> <li>Remove docs about WUS server instability by <a href="https://github.com/japarson"><code>@japarson</code></a> in <a href="https://redirect.github.com/Azure/trusted-signing-action/pull/43">Azure/trusted-signing-action#43</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/Azure/trusted-signing-action/compare/v0.3.20...v0.4.0">https://github.com/Azure/trusted-signing-action/compare/v0.3.20...v0.4.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/Azure/trusted-signing-action/commit/acc6d03023f35c22bfc9ac05d2981db9dc008330"><code>acc6d03</code></a> Remove docs about WUS server instability (<a href="https://redirect.github.com/azure/trusted-signing-action/issues/43">#43</a>)</li> <li><a href="https://github.com/Azure/trusted-signing-action/commit/e300e2150c15d578c2fa664cadaf4fe28ab74b29"><code>e300e21</code></a> Update files input docs to reflect support for newline characters (<a href="https://redirect.github.com/azure/trusted-signing-action/issues/44">#44</a>)</li> <li><a href="https://github.com/Azure/trusted-signing-action/commit/9b24fb52e0f6eed324d94ce8d76dba3542024b51"><code>9b24fb5</code></a> Update to Trusted Signing module 0.4.1 (<a href="https://redirect.github.com/azure/trusted-signing-action/issues/38">#38</a>)</li> <li><a href="https://github.com/Azure/trusted-signing-action/commit/38c76215fa78efc78b1992c0feca453550745b63"><code>38c7621</code></a> Add documentation about OIDC and Federated Credentials (<a href="https://redirect.github.com/azure/trusted-signing-action/issues/37">#37</a>)</li> <li><a href="https://github.com/Azure/trusted-signing-action/commit/920a5e646c9a53610b53aba89bde205645de8f90"><code>920a5e6</code></a> Updated actions/cache to v4. (<a href="https://redirect.github.com/azure/trusted-signing-action/issues/40">#40</a>)</li> <li><a href="https://github.com/Azure/trusted-signing-action/commit/29ddaa72ddcf260d4c9c0e4fbb8d1ebffd7b721b"><code>29ddaa7</code></a> Add input that enables trace logging (<a href="https://redirect.github.com/azure/trusted-signing-action/issues/36">#36</a>)</li> <li>See full diff in <a href="https://github.com/azure/trusted-signing-action/compare/v0.3.20...v0.4.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
Bumps [actions/setup-dotnet](https://github.com/actions/setup-dotnet) from 4.0.0 to 4.0.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-dotnet/releases">actions/setup-dotnet's releases</a>.</em></p> <blockquote> <h2>v4.0.1</h2> <h2>What's Changed</h2> <h3>Documentation changes:</h3> <ul> <li>Update README.md to use latest action version by <a href="https://github.com/mikes-gh"><code>@mikes-gh</code></a> in <a href="https://redirect.github.com/actions/setup-dotnet/pull/502">actions/setup-dotnet#502</a></li> <li>Update links to runner software by <a href="https://github.com/samuel-w"><code>@samuel-w</code></a> in <a href="https://redirect.github.com/actions/setup-dotnet/pull/499">actions/setup-dotnet#499</a></li> </ul> <h3>Dependency updates:</h3> <ul> <li>Bump undici from 5.27.2 to 5.28.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-dotnet/pull/515">actions/setup-dotnet#515</a></li> <li>Bump braces from 3.0.2 to 3.0.3 and other dependency updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-dotnet/pull/533">actions/setup-dotnet#533</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/mikes-gh"><code>@mikes-gh</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-dotnet/pull/502">actions/setup-dotnet#502</a></li> <li><a href="https://github.com/samuel-w"><code>@samuel-w</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-dotnet/pull/499">actions/setup-dotnet#499</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-dotnet/compare/v4...v4.0.1">https://github.com/actions/setup-dotnet/compare/v4...v4.0.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/setup-dotnet/commit/6bd8b7f7774af54e05809fcc5431931b3eb1ddee"><code>6bd8b7f</code></a> Bump braces from 3.0.2 to 3.0.3 (<a href="https://redirect.github.com/actions/setup-dotnet/issues/533">#533</a>)</li> <li><a href="https://github.com/actions/setup-dotnet/commit/5d1464d5da459f3d7085106d52e499f4dc5d0f59"><code>5d1464d</code></a> Bump undici from 5.27.2 to 5.28.3 (<a href="https://redirect.github.com/actions/setup-dotnet/issues/515">#515</a>)</li> <li><a href="https://github.com/actions/setup-dotnet/commit/3e6b9fe3930cac7c59c651af5de1514b47a805b9"><code>3e6b9fe</code></a> Update links to runner software (<a href="https://redirect.github.com/actions/setup-dotnet/issues/499">#499</a>)</li> <li><a href="https://github.com/actions/setup-dotnet/commit/769316e2e4f02f2c0567d7990a3f6d9f83b2be98"><code>769316e</code></a> Update README.md to use latest action version (<a href="https://redirect.github.com/actions/setup-dotnet/issues/502">#502</a>)</li> <li>See full diff in <a href="https://github.com/actions/setup-dotnet/compare/v4.0.0...v4.0.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
Updating the security policy for this open source project.
Updating the security policy for this open source project. The currently security policy does not accurately represent its eligibility for rewards under the GitHub Bug Bounty Program.
I found this change beneficial when using conditional git configuration includes for multiple git identities and `pass` password stores. It lets me transparently select appropriate password store without need to set its path explicitly by environment variable. For example: > ~/.config/git/config: ``` [user] name = John Doe email = [email protected] [credential] credentialStore = gpg helper = /usr/local/bin/git-credential-manager gpgPassStorePath = /home/jdoe/.password-store [includeIf "gitdir:~/Work/"] path = config.work ``` > ~/.config/git/config.work: ``` [user] name = John Doe (Umbrella Corp.) email = [email protected] [credential] gpgPassStorePath = /home/jdoe/.password-store.umbrella ```
Building in Visual Studio causes some tasks to be run concurrently that would be run in a specific order in MSBuild instead. The symptom would look like this: MSB4044: The "GenerateWindowsAppManifest" task was not given a value for the required parameter "Version". Let's help Visual Studio realize that there are certain dependencies between the `GetVersion` and the `GenerateWindowsAppManifest` task. Reported by Michael J. Lyons. Signed-off-by: Johannes Schindelin <[email protected]>
There is actually v6.3.3 already, but it does not seem to have propagated to nuget.org yet. While at it, use a centrally-defined property instead of repeating the version number several times. Signed-off-by: Johannes Schindelin <[email protected]>
Previously, we only required Windows 7, but that is not recommended by InnoSetup. Let's do enforce at least SP1 of that Windows version, which is past its end-of-life, anyway. Signed-off-by: Johannes Schindelin <[email protected]>
It has been renamed to `GetVersionComponents()` (leaving a deprecated shim in place of the original name). Signed-off-by: Johannes Schindelin <[email protected]>
Under certain circumstances, it is possible for `[UninstallRun]` entries to be run multiple times. To avoid that, we now use a `RunOnceId`. Signed-off-by: Johannes Schindelin <[email protected]>
Visual Studio pointed out that a couple of dependencies were in need of being updated. After already upgrading InnoSetup over the preceding commits, this here commit does _almost_ what Visual Studio suggested. The only exception is that we continue to define the `System.Text.Json` version centrally, in `Directory.Build.props`, which Visual Studio did not know how to update (and therefore wanted to add the dependency individually to seven `.csproj` files instead). Signed-off-by: Johannes Schindelin <[email protected]>
Pointed out by Visual Studio. Signed-off-by: Johannes Schindelin <[email protected]>
Visual Studio pointed out that this coding pattern is preferred to `Assert.True(false, message)`. Signed-off-by: Johannes Schindelin <[email protected]>
Visual Studio pointed out a couple of instances where `Assert.Equal(0, X.Count)` was used instead of `Assert.Empty(X)`, and similarly `Assert.Equal(1, X.Count)` instead of `Assert.Single(X)`. Let's accept the suggested fixes and thereby address the last remaining warnings when building in Visual Studio. Signed-off-by: Johannes Schindelin <[email protected]>
It seems that (probably due to updated dependencies), there is a problem where the `Trace2Exception` no longer inherits from `InvalidOperationException`. Let's use the former, then. Signed-off-by: Johannes Schindelin <[email protected]>
We just upgraded XUnit to a newer version, which unfortunately no longer works with the `PlatformFact()` constructs of `Xunit.SkippableFact` even though we updated to the latest version, v1.4.13. It might have something to do with the fact that that package has not been updated since July 9th, 2024. Happily, XUnit has grown equivalent features in the meantime that we can use instead. So let's use those XUnit-native constructs instead. Note that we still cannot drop the `SkippableFact` dependency altogether because we need it in the `MacOSKeychain_ReadWriteDelete` test case. It is needed to work around a flaky test that is caused by semi-random broken states of macOS' key-chain, and that can only be detected while the test case is running (and hence _needs_ `AssertEx.Skip()`, which in turn requires `Xunit.Skip.If()` that is provided only via the `SkippableFact` package and there is no equivalent native XUnit functionality). Helped-by: Matthew Cheetham <[email protected]> Signed-off-by: Johannes Schindelin <[email protected]>
Michael J. Lyons reached out privately and reported a problem with building inside Visual Studio. The symptom is: | Error (active) | MSB4044 | The "GenerateWindowsAppManifest" task was not given a value for the required parameter "Version". | | - | - | - | This PR fixes this error, and then also addresses all the warnings pointed out by Visual Studio.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Changes: