Merge remote-tracking branch 'remotes/origin/dev' into fix-nuget-package-file-name

Author: gekka

.gdn/.gdnsuppress

@@ -58,12 +58,13 @@
     <PackageVersion Include="Microsoft.Extensions.FileSystemGlobbing" Version="$(MicrosoftExtensionsFileSystemGlobbingPackageVersion)" />
     <PackageVersion Include="Microsoft.Internal.VisualStudio.Shell.Framework" Version="17.10.40173" />
     <PackageVersion Include="Microsoft.NET.StringTools" Version="$(MicrosoftBuildVersion)" />
-    <PackageVersion Include="Microsoft.NET.Test.Sdk" Version="17.14.1" />
+    <PackageVersion Include="Microsoft.NET.Test.Sdk" Version="18.0.1" />
     <PackageVersion Include="Microsoft.PowerShell.3.ReferenceAssemblies" Version="1.0.0" />
     <!-- Microsoft.TeamFoundationServer.ExtendedClient has vulnerable dependencies Microsoft.IdentityModel.JsonWebTokens and System.IdentityModel.Tokens.Jwt . When it's upgraded, try removing the pinned packages -->
     <PackageVersion Include="Microsoft.TeamFoundationServer.ExtendedClient" Version="16.153.0" />
     <PackageVersion Include="Microsoft.Test.Apex.VisualStudio" Version="18.0.0-preview-1-10723-180" />
     <PackageVersion Include="Microsoft.TestPlatform.Portable" Version="17.1.0" />
+    <PackageVersion Include="Microsoft.VisualStudio.Copilot" Version="18.0.848-alpha" />
     <PackageVersion Include="Microsoft.VisualStudio.LanguageServices" Version="4.3.1" />
     <PackageVersion Include="Microsoft.VisualStudio.Markdown.Platform" Version="17.14.76-preview" />
     <PackageVersion Include="Microsoft.VisualStudio.ProjectSystem" Version="17.4.221-pre" />
@@ -104,7 +105,7 @@
     <PackageVersion Include="System.Threading.Tasks.Dataflow" Version="4.9.0" />
     <PackageVersion Include="VsWebSite.Interop" Version="17.10.40173" />
     <PackageVersion Include="xunit" Version="2.9.0" />
-    <PackageVersion Include="xunit.runner.visualstudio" Version="2.4.5" />
+    <PackageVersion Include="xunit.runner.visualstudio" Version="3.1.5" />
     <PackageVersion Include="Xunit.StaFact" Version="1.1.11" />
   </ItemGroup>
 

Directory.Packages.props

@@ -20,6 +20,7 @@
       <package pattern="Azure.Core " />
       <package pattern="ben.demystifier" />
       <package pattern="castle.core" />
+      <package pattern="Google.Protobuf" />
       <package pattern="Humanizer.Core" />
       <package pattern="ilrepack" />
       <package pattern="lucene.net" />
@@ -73,7 +74,7 @@
       <package pattern="microsoft.test.apex.visualstudio" />
       <package pattern="Microsoft.VisualStudio.*" />
       <package pattern="Microsoft.VisualStudioEng.MicroBuild.Core" />
-      <package pattern="Microsoft.VSSDK.BuildTools" />
+      <package pattern="Microsoft.VSSDK.*" />
       <package pattern="stdole" />
       <package pattern="streamjsonrpc" />
       <package pattern="vslangproj" />

NuGet.Config

@@ -2,4 +2,4 @@
 # To make sure that the right version of dotnet.exe (and maybe other files) is used, always install from lowest version to highest version
 -Channel 8.0 -Runtime dotnet
 -Channel 9.0 -Runtime dotnet
--Channel 10.0.2xx -Version 10.0.200-preview.0.25609.107
+-Channel 10.0.3xx -Quality daily

build/DotNetSdkTestVersions.txt

@@ -1,2 +1,2 @@
 # Each line represents arguments for the .NET SDK installer script (https://learn.microsoft.com/dotnet/core/tools/dotnet-install-script)
--Channel 9.0.3xx
+-Channel 10.0.1xx

build/DotNetSdkVersions.txt

@@ -13,7 +13,7 @@
     <NetStandardVersion>netstandard2.0</NetStandardVersion>
     <NETCoreTargetFramework>net8.0</NETCoreTargetFramework>
     <NETCoreTargetFramework Condition="'$(DotNetBuildSourceOnly)' == 'true' and '$(DotNetBuildFromVMR)' == 'true'">net10.0</NETCoreTargetFramework>
-    <LatestNETCoreTargetFramework>net9.0</LatestNETCoreTargetFramework>
+    <LatestNETCoreTargetFramework>net10.0</LatestNETCoreTargetFramework>
     <LatestNETCoreTargetFramework Condition="'$(DotNetBuildSourceOnly)' == 'true' and '$(DotNetBuildFromVMR)' == 'true'">net10.0</LatestNETCoreTargetFramework>
 
     <!-- Target frameworks for class libraries-->
@@ -88,7 +88,7 @@
     <Features>strict</Features>
     <!-- Same as SDK default, but without CandidateAssemblyFiles in front, which would search in Content items -->
     <AssemblySearchPaths>{HintPathFromItem};{TargetFrameworkDirectory};{RawFileName}</AssemblySearchPaths>
-    <LangVersion>12</LangVersion>
+    <LangVersion>14</LangVersion>
     <LangVersion Condition="'$(DotNetBuildSourceOnly)' == 'true'">latest</LangVersion>
   </PropertyGroup>
 

build/common.project.props

@@ -13,14 +13,14 @@
     <!-- **  Change for each new version -->
     <!-- when changing any of the NuGetVersion props below, run tools-local\ship-public-apis -->
     <MajorNuGetVersion Condition="'$(MajorNuGetVersion)' == ''">7</MajorNuGetVersion>
-    <MinorNuGetVersion Condition="'$(MinorNuGetVersion)' == ''">4</MinorNuGetVersion>
+    <MinorNuGetVersion Condition="'$(MinorNuGetVersion)' == ''">5</MinorNuGetVersion>
     <PatchNuGetVersion Condition="'$(PatchNuGetVersion)' == ''">0</PatchNuGetVersion>
     <SemanticVersion Condition=" '$(SemanticVersion)' == '' ">$(MajorNuGetVersion).$(MinorNuGetVersion).$(PatchNuGetVersion)</SemanticVersion>
 
     <!-- ** Change for each new preview/rc -->
     <!-- Check the VS schedule and manually enter a preview number here that makes sense. -->
     <!-- Preview 3 is typically the last "main branch" preview, so we start using rc at this time -->
-    <ReleaseLabel Condition=" '$(ReleaseLabel)' == '' ">preview.1</ReleaseLabel>
+    <ReleaseLabel Condition=" '$(ReleaseLabel)' == '' ">rc</ReleaseLabel>
 
     <IsEscrowMode Condition="'$(IsEscrowMode)' == ''">false</IsEscrowMode>
 

build/config.props

@@ -8,101 +8,96 @@ resources:
       trigger:
         branches:
           - dev
+  repositories:
+  - repository: MicroBuildTemplate
+    type: git
+    name: 1ESPipelineTemplates/MicroBuildTemplate
+    ref: refs/tags/release
 
-jobs:
-  - job: Static_Analysis
-    displayName: "Static Analysis"
-    timeoutInMinutes: 180
-    pool:
-      name: VSEngSS-MicroBuild2022-1ES
-
-    steps:
-      - task: CredScan@2
-        inputs:
-          toolMajorVersion: "V2"
+variables:
+- group: NuGet.Client Build Variables
 
-      - task: PoliCheck@1
-        inputs:
-          inputType: "Basic"
-          targetType: "F"
-          targetArgument: "$(Build.SourcesDirectory)"
-          result: "PoliCheck.xml"
+extends:
+  template: azure-pipelines/MicroBuild.1ES.Unofficial.yml@MicroBuildTemplate
+  parameters:
+    sdl:
+      sourceAnalysisPool: VSEngSS-MicroBuild2022-1ES
+      binskim:
+        enabled: true
+        scanOutputDirectoryOnly: true
+      policheck:
+        enabled: true
+      suppression:
+        suppressionFile: $(Build.SourcesDirectory)\.gdn\.gdnsuppress
+      tsa:
+        enabled: true
+        config:
+          codebaseName: "NuGet.Client_Trusted_dev"
+          instanceUrl: https://dev.azure.com/devdiv/
+          projectName: DevDiv
+          areaPath: "DevDiv\\NuGet\\NuGet Clients"
+          notificationAliases: $(TsaNotificationAliases)
+    pool:
+      name: AzurePipelines-EO
+      image: VSEngSS-MicroBuild2022-1ES
+      os: windows
+    stages:
+    - stage: compliance
+      displayName: "Run Compliance Tasks"
+      jobs:
+      - job: Static_Analysis
+        displayName: "Static Analysis"
+        timeoutInMinutes: 180
+        pool:
+          name: VSEngSS-MicroBuild2022-1ES
+        templateContext:
+          inputs:
+            - input: pipelineArtifact
+              pipeline: nugetclientofficial
+              artifactName: symbols - NonRTM
+              targetPath: $(Pipeline.Workspace)\symbols\NonRTM
 
-      - task: DownloadPipelineArtifact@2
-        displayName: "Download symbols - NonRTM artifact"
-        inputs:
-          source: specific
-          project: "devdiv"
-          pipeline: NuGet.Client-Official
-          artifact: "symbols - NonRTM"
-          path: $(Pipeline.Workspace)\symbols\NonRTM
+        steps:
+        - pwsh: "Get-ChildItem Env: | Sort-Object Name | Format-Table -Wrap -AutoSize"
+          displayName: 'Print Environment Variables'
 
-      ## Run latest version of APIScan listed at https://www.1eswiki.com/wiki/APIScan_Build_Task
-      - task: APIScan@2
-        displayName: Run APIScan
-        inputs:
-          softwareFolder: $(Pipeline.Workspace)\symbols
-          softwareName: "NuGet.Client"
-          softwareVersionNum: "$(Build.BuildId)"
-          isLargeApp: true
-          toolVersion: "Latest"
-          azureSubscription: 'VSEng-APIScanSC'
-        env:
-          AzureServicesAuthConnectionString: RunAs=App;AppId=d318cba7-db4d-4fb3-99e1-01879cb74e91;TenantId=72f988bf-86f1-41af-91ab-2d7cd011db47;ServiceConnectionId=93e24264-c5e6-4681-8175-ec8a41668480;
-          SYSTEM_ACCESSTOKEN: $(System.AccessToken)
+        - task: APIScan@2
+          displayName: Run APIScan
+          inputs:
+            softwareFolder: $(Pipeline.Workspace)\symbols
+            softwareName: "NuGet.Client"
+            softwareVersionNum: "$(Resources.Pipeline.nugetclientofficial.RunName)"
+            isLargeApp: false
+            toolVersion: "Latest"
+            azureSubscription: 'VSEng-APIScanSC'
+            preserveLogsFolder: true
+          env:
+            AzureServicesAuthConnectionString: RunAs=App;AppId=d318cba7-db4d-4fb3-99e1-01879cb74e91;TenantId=72f988bf-86f1-41af-91ab-2d7cd011db47;ServiceConnectionId=93e24264-c5e6-4681-8175-ec8a41668480;
+            SYSTEM_ACCESSTOKEN: $(System.AccessToken)
 
-      - task: SdtReport@1
-        displayName: "Generate Analysis Report"
-        inputs:
-          CredScan: true
-          PoliCheck: true
-          APIScan: true
-          ToolLogsNotFoundAction: "Standard"
+        - pwsh: |
+            $tsaOptionsPath = Join-Path $env:AGENT_TEMPDIRECTORY 'TSAOptions.json'
+            Write-Host "TsaNotificationAliases: $env:TSA_NOTIFICATION_ALIASES"
+            $notificationAliases = @($env:TSA_NOTIFICATION_ALIASES | ConvertFrom-Json)
+            $tsaOptions = [ordered]@{
+              tsaVersion = 'TsaV2'
+              codebaseName = 'NuGet.Client_Trusted_dev'
+              instanceUrl = 'https://dev.azure.com/devdiv/'
+              projectName = 'DevDiv'
+              areaPath = 'DevDiv\\NuGet\\NuGet Clients'
+              notificationAliases = $notificationAliases
+            }
 
-      - task: TSAUpload@1
-        displayName: "Upload to TSA"
-        inputs:
-          tsaVersion: "TsaV2"
-          codebase: "$(TsaCodebase)"
-          tsaEnvironment: "PROD"
-          codeBaseName: "$(TsaCodebaseName)"
-          notificationAlias: "$(TsaNotificationEmail)"
-          codeBaseAdmins: "$(TsaCodebaseAdmins)"
-          instanceUrlForTsaV2: "$(TsaInstanceUrl)"
-          projectNameDEVDIV: "$(TsaProjectName)"
-          areaPath: "$(TsaBugAreaPath)"
-          iterationPath: "$(TsaIterationPath)"
-          uploadAPIScan: false
-          uploadBinSkim: false
-          uploadCredScan: true
-          uploadFortifySCA: false
-          uploadFxCop: false
-          uploadModernCop: false
-          uploadPoliCheck: true
-          uploadPREfast: false
-          uploadRoslyn: false
-          uploadTSLint: false
-          uploadAsync: true
+            $json = $tsaOptions | ConvertTo-Json -Depth 5
+            Write-Host $json
+            Write-Host "Writing TSA options to $tsaOptionsPath"
+            $json| Out-File -FilePath $tsaOptionsPath -Encoding utf8 -Force
+          displayName: Write TSAOptions.json
+          env:
+            TSA_NOTIFICATION_ALIASES: $(TsaNotificationAliases)
 
-      - task: PublishSecurityAnalysisLogs@2
-        displayName: "Publish CodeAnalysis Logs"
-        inputs:
-          ArtifactName: "CodeAnalysisLogs"
-          ArtifactType: "Container"
-          AllTools: false
-          AntiMalware: false
-          APIScan: true
-          BinSkim: false
-          CodesignValidation: false
-          CredScan: true
-          FortifySCA: false
-          FxCop: false
-          ModernCop: false
-          MSRD: false
-          PoliCheck: true
-          RoslynAnalyzers: false
-          SDLNativeRules: false
-          Semmle: false
-          TSLint: false
-          WebScout: false
-          ToolLogsNotFoundAction: "Standard"
+        - task: TSAUpload@2
+          displayName: TSA upload
+          inputs:
+            GdnPublishTsaOnboard: True
+            GdnPublishTsaConfigFile: $(Agent.TempDirectory)\TSAOptions.json

eng/pipelines/compliance.yml

@@ -39,8 +39,6 @@ extends:
         enabled: true
       credscan:
         enabled: false
-      suppression:
-        suppressionFile: $(Build.SourcesDirectory)\.gdn\.gdnsuppress
     pool:
       name: AzurePipelines-EO
       image: 1ESPT-Windows2022
@@ -53,7 +51,7 @@ extends:
     - template: /eng/pipelines/templates/pipeline.yml@self
       parameters:
         isOfficialBuild: true
-        ${{ if or(eq(variables['Build.SourceBranch'], 'refs/heads/dev'), startsWith(variables['Build.SourceBranch'], 'refs/heads/release/')) }}:
+        ${{ if or(eq(variables['Build.SourceBranch'], 'refs/heads/dev'), eq(variables['Build.SourceBranch'], format('refs/heads/{0}', variables['OneLocReleaseBranch']))) }}:
           RunOneLocBuild: true
         RunBuildForPublishing: ${{parameters.RunBuildForPublishing}}
         SigningType: ${{ parameters.SigningType }}