Skip to content

Preventing warning in bootstrapper package self contained scenario #7009

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Nov 5, 2021
Merged

Preventing warning in bootstrapper package self contained scenario #7009

merged 1 commit into from
Nov 5, 2021

Conversation

@MSLukeWest
Copy link
Contributor

@MSLukeWest MSLukeWest commented Nov 2, 2021

For 16.9 we made a change where bootstrapper packages can specify "0" for the public key value of a downloaded file and this will cause the bootstrapper to skip the public key comparison as long as the file is signed with a trusted MS cert. However, we didn't account for the scenario where a user wants to create a self contained bootstrapper, meaning it will include a copy of the package's installer. In this scenario we still perform the public key comparison and give a build warning when they don't match. This change skips this check when the package specifies 0 for the public key of the file in question.

Context

See the following thread: https://docs.microsoft.com/en-us/answers/questions/583383/publickey-token-warning-building-net-core-50-insta.html?childToView=602746#comment-602746

Changes Made

Skipping a check when a package's PublicKey value is set to "0".

Testing

Verified we no longer give this warning in this scenario, and that we still give it when the public key is non-zero and doesn't match the file on disk.

@MSLukeWest MSLukeWest added this to the MSBuild 17.1 milestone Nov 2, 2021
@MSLukeWest MSLukeWest self-assigned this Nov 2, 2021
@MSLukeWest
Copy link
Contributor Author

MSLukeWest commented Nov 2, 2021

@scoban @SvetBonev - Please review

@Forgind Forgind added the merge-when-branch-open PRs that are approved, except that there is a problem that means we are not merging stuff right now. label Nov 4, 2021
@rokonec rokonec merged commit 6278211 into dotnet:main Nov 5, 2021
@dependabot dependabot bot mentioned this pull request Aug 15, 2025
Closed
@dependabot dependabot bot mentioned this pull request Oct 15, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rainersigwald rainersigwald rainersigwald approved these changes

+3 more reviewers

@benvillalobos benvillalobos benvillalobos approved these changes

@Forgind Forgind Forgind approved these changes

@SvetBonev SvetBonev SvetBonev approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@MSLukeWest MSLukeWest

Labels

merge-when-branch-open PRs that are approved, except that there is a problem that means we are not merging stuff right now.

Projects

None yet

Milestone

VS 17.1

Development

Successfully merging this pull request may close these issues.

6 participants

@MSLukeWest @rainersigwald @benvillalobos @Forgind @SvetBonev @rokonec