Matt Mitchell
Matt Mitchell
### Release Note Category - [ ] Feature changes/additions - [ ] Bug fixes - [x] Internal Infrastructure Improvements ### Release Note Description
The mirror tooling should use a managed identity to perform the API lookups and push.
Disable Dependabot updates for mirrored repository.
The VMR introduces possible skew between what is built officially and what the repos test against. The VMR builds using https://github.com/dotnet/dotnet/blob/release/10.0.1xx/eng/pipelines/templates/variables/vmr-build.yml#L260-L293. However, repos like runtime and SDK may build using...
There have been asks by other teams outside of .NET to enable the type of recursive signing that we do in non-Arcade scenarios. This might include 'native' AzDO tasks that...
> What is the public key for these packages? It needs to be added in [SignTool](https://github.com/dotnet/arcade/blob/main/src/Microsoft.DotNet.SignTool/src/VerifySignatures.cs#L261) and [SignCheck](https://github.com/dotnet/arcade/blob/main/src/SignCheck/Microsoft.SignCheck/Utils.cs#L198) _Originally posted by @ellahathaway in [#3429](https://github.com/dotnet/dotnet/issues/3429#issuecomment-3553673652)_
If a binary is "loose" (meaning not within a parent container), and is designated to be signed, in certain circumstances the executable bit might not be preserved. This can happen...
In certain cases, SignTool will fail to preserve unix file modes when repacking archives. This can happen in various cases, but have the same general shape: Before repacking, a file...
- [ ] This issue is blocking - [ ] This issue is causing unreasonable pain In https://github.com/dotnet/arcade/pull/10148, the copyright check for native binaries was added as a message rather...
- [ ] This issue is blocking - [ ] This issue is causing unreasonable pain The Maestro promotion pipeline got some upgrades which prevent promotion of non-production builds to...