-
Notifications
You must be signed in to change notification settings - Fork 281
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
✒️ Enable ESRP Signing on the .VSIX #1885
Merged
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Does this resolve #1825? |
…, instead copy the artifact
…her maintenance processes this information is more suited for internal repo changes.
nagilson
commented
Jul 31, 2024
nagilson
commented
Jul 31, 2024
… or only non minified JS is signed
maybe we can sign it after the bundle is created and it will still be able to edit the bundle vsix internals? I thought not but perhaps extension.js is getting replaced by the webpack, so lets see if this works.
JS Signing is working now as well. |
nagilson
commented
Aug 5, 2024
joeloff
approved these changes
Aug 12, 2024
…n dnceng public causing public to fail eternally and hang
…ed to make sure that your condition has proper syntax
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This creates a fake MS Build project thats enabling us to do MicroBuild signing on the .VSIX file and the .JS file within. This uses MicrosoftSHA2 and VSIXSha signing per requirements to sign the published files. Please check the internal dnceng pipeline to see results of the signature file vscode-dotnet-runtime.
This is similar to vs-green's signing process but with some alteration because we are in the dnc-eng org.
This also includes scripts to download tools for 'test' signing locally.
Verified using signcheck tool:
and cracking open .VSIX file and opening JS files to see signature stamps.