Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

✒️ Enable ESRP Signing on the .VSIX #1885

Merged
merged 58 commits into from
Aug 12, 2024
Merged

Conversation

nagilson
Copy link
Member

@nagilson nagilson commented Jul 16, 2024

This creates a fake MS Build project thats enabling us to do MicroBuild signing on the .VSIX file and the .JS file within. This uses MicrosoftSHA2 and VSIXSha signing per requirements to sign the published files. Please check the internal dnceng pipeline to see results of the signature file vscode-dotnet-runtime.

This is similar to vs-green's signing process but with some alteration because we are in the dnc-eng org.

This also includes scripts to download tools for 'test' signing locally.
Verified using signcheck tool:
image

and cracking open .VSIX file and opening JS files to see signature stamps.

@baronfel
Copy link
Member

Does this resolve #1825?

sample/package.json Outdated Show resolved Hide resolved
nagilson and others added 9 commits July 31, 2024 13:43
maybe we can sign it after the bundle is created and it will  still be able to edit the bundle vsix internals? I thought not but perhaps extension.js is getting replaced by the webpack, so lets see if this works.
@nagilson
Copy link
Member Author

nagilson commented Aug 5, 2024

JS Signing is working now as well.

@nagilson nagilson requested review from joeloff and smitpatel August 5, 2024 21:19
@nagilson nagilson enabled auto-merge (squash) August 12, 2024 16:49
@nagilson nagilson merged commit cc797df into dotnet:main Aug 12, 2024
7 checks passed
@nagilson nagilson mentioned this pull request Aug 13, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants