Skip to content

Commit 63ccb19

Browse files
zhhyuzhhyu
authored
Merge pull request #10768 from NuGet/dev
[ReleasePrep][2026.04.09]RI of dev into main
2 parents 0bc0e9a + 2d1034c commit 63ccb19

34 files changed

Lines changed: 1334 additions & 199 deletions

.gitignore

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -437,3 +437,4 @@ src/NuGetGallery/App_Data/Files/*
437437
!src/NuGetGallery/Branding/Views/Packages/
438438

439439

440+
/.idea

NuGet.Jobs.sln

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -243,6 +243,8 @@ Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "NuGet.Services.Messaging.Em
243243
EndProject
244244
Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "NuGet.Services.Validation.Issues", "src\NuGet.Services.Validation.Issues\NuGet.Services.Validation.Issues.csproj", "{9B159802-2A27-42EC-A357-06AAEFA70892}"
245245
EndProject
246+
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "UpdateBlobProperties", "src\UpdateBlobProperties\UpdateBlobProperties.csproj", "{6F2096D0-BA21-42D1-9C49-36038C51128F}"
247+
EndProject
246248
Global
247249
GlobalSection(SolutionConfigurationPlatforms) = preSolution
248250
Debug|Any CPU = Debug|Any CPU
@@ -631,6 +633,10 @@ Global
631633
{9B159802-2A27-42EC-A357-06AAEFA70892}.Debug|Any CPU.Build.0 = Debug|Any CPU
632634
{9B159802-2A27-42EC-A357-06AAEFA70892}.Release|Any CPU.ActiveCfg = Release|Any CPU
633635
{9B159802-2A27-42EC-A357-06AAEFA70892}.Release|Any CPU.Build.0 = Release|Any CPU
636+
{6F2096D0-BA21-42D1-9C49-36038C51128F}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
637+
{6F2096D0-BA21-42D1-9C49-36038C51128F}.Debug|Any CPU.Build.0 = Debug|Any CPU
638+
{6F2096D0-BA21-42D1-9C49-36038C51128F}.Release|Any CPU.ActiveCfg = Release|Any CPU
639+
{6F2096D0-BA21-42D1-9C49-36038C51128F}.Release|Any CPU.Build.0 = Release|Any CPU
634640
EndGlobalSection
635641
GlobalSection(SolutionProperties) = preSolution
636642
HideSolutionNode = FALSE
@@ -733,6 +739,7 @@ Global
733739
{63214B67-733D-4E9D-8249-25EEB2908FBE} = {54773F65-1227-4B35-8991-9E9C1CDACCF3}
734740
{9F3DD471-DBEE-4680-B49D-5AA451E59C4C} = {54773F65-1227-4B35-8991-9E9C1CDACCF3}
735741
{9B159802-2A27-42EC-A357-06AAEFA70892} = {54773F65-1227-4B35-8991-9E9C1CDACCF3}
742+
{6F2096D0-BA21-42D1-9C49-36038C51128F} = {523E282D-A2FE-49C2-A782-0EEC435E765E}
736743
EndGlobalSection
737744
GlobalSection(ExtensibilityGlobals) = postSolution
738745
SolutionGuid = {284A7AC3-FB43-4F1F-9C9C-2AF0E1F46C2B}

RemovedPackages.md

Lines changed: 66 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -108,6 +108,72 @@ Scanning is not perfect. Community partnership is a very valuable part of the ov
108108
| NCryptYo | 02/20/2026 | Malware |
109109
| SimpleWriter_ | 02/20/2026 | Potentially Malicious |
110110
| IRAOAuth2.0 | 02/20/2026 | Potentially Malicious |
111+
| bsure.Utils version 99.99.99 | 04/02/2026 | Malware |
112+
| bsure.Utils version 0.71.2 | 04/02/2026 | Malware |
113+
| bsure.Utils version 0.70.1 | 04/02/2026 | Malware |
114+
| bsure.binsec version 0.70.1 | 04/02/2026 | Malware |
115+
| a0f61a05228a44f5af43662234499b68 0.0.1 | 04/03/2026 | Potentially Malicious |
116+
| a0f61a05228a44f5af43662234499b68 0.0.2 | 04/03/2026 | Potentially Malicious |
117+
| a0f61a05228a44f5af43662234499b68 0.0.3 | 04/03/2026 | Potentially Malicious |
118+
| a0f61a05228a44f5af43662234499b68 0.0.4 | 04/03/2026 | Potentially Malicious |
119+
| a0f61a05228a44f5af43662234499b68 0.0.5 | 04/03/2026 | Potentially Malicious |
120+
| a170a4f911e646feb466baf21099b491 0.0.1 | 04/03/2026 | Potentially Malicious |
121+
| 7da3f64d1fc340d983ef7366243fffdd 1.0.0 | 04/03/2026 | Potentially Malicious |
122+
| Tracer.DotNet.APM 0.0.0 | 04/03/2026 | Potentially Malicious |
123+
| APMAzure.DotNet.Agent 1.8.0 | 04/03/2026 | Potentially Malicious |
124+
| asdftest 1.0.0 | 04/03/2026 | Potentially Malicious |
125+
| Axis.Podracers.AudioClips 1.0.4 | 04/03/2026 | Potentially Malicious |
126+
| Axis.Podracers.AudioClips 1.0.5 | 04/03/2026 | Potentially Malicious |
127+
| AxisAnalyzers 10.0.0 | 04/03/2026 | Potentially Malicious |
128+
| AxisAnalyzers 11.0.0 | 04/03/2026 | Potentially Malicious |
129+
| wk10 1.0.3 | 04/03/2026 | Potentially Malicious |
130+
| wk10 1.0.4 | 04/03/2026 | Potentially Malicious |
131+
| Regorus 0.9.1 | 04/03/2026 | Potentially Malicious |
132+
| Regorus 0.9.2 | 04/03/2026 | Potentially Malicious |
133+
| Rx.Kql 3.0.5 | 04/03/2026 | Potentially Malicious |
134+
| Rx.Kql 3.0.6 | 04/03/2026 | Potentially Malicious |
135+
| vc150 1.0.0 | 04/03/2026 | Potentially Malicious |
136+
| vc150 1.0.1 | 04/03/2026 | Potentially Malicious |
137+
| OG.AspNetCore.Identity 2026.4.3.6 | 04/03/2026 | Malware |
138+
| OG.Services.Core 2026.4.3.6 | 04/03/2026 | Malware |
139+
| OG.Services.Core.NoSql 2026.4.3.6 | 04/03/2026 | Malware |
140+
| OG.Services.Core.Shared 1.0.0 | 04/03/2026 | Malware |
141+
| OG.Services.Core.Shared 2025.4.2.3 | 04/03/2026 | Malware |
142+
| OG.Services.Core.Shared 2025.4.3.2 | 04/03/2026 | Malware |
143+
| OG.Services.Core.Shared 2025.4.3.3 | 04/03/2026 | Malware |
144+
| OG.Services.Core.Shared 2025.4.3.4 | 04/03/2026 | Malware |
145+
| OG.Services.Core.Shared 2026.4.3.2 | 04/03/2026 | Malware |
146+
| OG.Services.Core.Shared 2026.4.3.3 | 04/03/2026 | Malware |
147+
| OG.Services.Core.Shared 2026.4.3.4 | 04/03/2026 | Malware |
148+
| OG.Services.Core.Shared 2026.4.3.5 | 04/03/2026 | Malware |
149+
| OG.Services.Core.Shared 2026.4.3.6 | 04/03/2026 | Malware |
150+
| OG.Services.Core.Shared 2026.4.3.7 | 04/03/2026 | Malware |
151+
| OG.Services.Core.Shared 2027.4.3.8 | 04/03/2026 | Malware |
152+
| OG.Services.Events 2026.4.3.6 | 04/03/2026 | Malware |
153+
| TZ.Abstractions 5.1.0 | 04/03/2026 | Malware |
154+
| tz.gatewayapis 0.0.49 | 04/03/2026 | Malware |
155+
| TZ.Pad.AppMonitor 5.0.21070952 | 04/03/2026 | Malware |
156+
| TZ.Pad.Test 6.0.2 | 04/03/2026 | Malware |
157+
| TZ.Pad.Test 6.0.3 | 04/03/2026 | Malware |
158+
| TZ.Pad.Web 5.0.3 | 04/03/2026 | Malware |
159+
| tz.smartgateway2 2.0.0.11 | 04/03/2026 | Malware |
160+
| esharpwin 137.0.100 | 04/06/2026 | Malware |
161+
| esharpwin 137.0.101 | 04/06/2026 | Malware |
162+
| DemoDLL2 2.0.7 | 04/06/2026 | Malware |
163+
| AutoFactories 1.1.10 | 04/06/2026 | Malware |
164+
| CardVaultClient 1.0.0 | 04/08/2026 | Malware |
165+
| MyHelloTest 2.0.1 | 04/08/2026 | Malware |
166+
| MyHelloTest 2.0.3 | 04/08/2026 | Malware |
167+
| CCX-Arbitrary 1.1.0.276 | 04/08/2026 | Malware |
168+
| CCX-Arbitrary 1.1.0.278 | 04/08/2026 | Malware |
169+
| CCX-Arbitrary 1.1.0.279 | 04/08/2026 | Malware |
170+
| Detectable.BuildHookAndObf 0.1.0 | 04/08/2026 | Malware |
171+
| Detectable.ObfuscatedCode 0.1.0 | 04/08/2026 | Malware |
172+
| Safe.BuildMessage 0.0.2 | 04/08/2026 | Malware |
173+
| Safe.ExfilIntent 0.0.2 | 04/08/2026 | Malware |
174+
| Safe.Obfuscation 0.0.2 | 04/08/2026 | Malware |
175+
| Safe.TypoTaregt 0.0.2 | 04/08/2026 | Malware |
176+
| Safe.TypoTarget 0.0.2 | 04/08/2026 | Malware |
111177

112178

113179
Legend:

python/StatsLogParser/pyproject.toml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
[tool.poetry]
22
name = "loginterpretation"
3-
version = "0.4.0"
3+
version = "0.5.0"
44
description = "Helper functions for parsing CDN logs to generate statistics"
55
authors = ["NuGet Server Team Engineering <[email protected]>"]
66
readme = "README.md"

src/Catalog/Dnx/DnxCatalogCollector.cs

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -85,8 +85,6 @@ protected override async Task<bool> FetchAsync(
8585
ReadCursor back,
8686
CancellationToken cancellationToken)
8787
{
88-
await DnxPackageVersionIndexCacheControl.LoadPackageIdsToIncludeAsync(_storageFactory.Create(), _logger, cancellationToken);
89-
9088
return await CatalogCommitUtilities.ProcessCatalogCommitsAsync(
9189
client,
9290
front,
@@ -158,7 +156,7 @@ await catalogEntries.ForEachAsync(_maxConcurrentCommitItemsWithinBatch, async ca
158156
cancellationToken);
159157
var areRequiredPropertiesPresent = await AreRequiredPropertiesPresentAsync(destinationStorage, destinationUri);
160158

161-
if (isNupkgSynchronized && areRequiredPropertiesPresent && isPackageInIndex && !DnxPackageVersionIndexCacheControl.PackageIdsToInclude.Contains(packageId))
159+
if (isNupkgSynchronized && areRequiredPropertiesPresent && isPackageInIndex)
162160
{
163161
_logger.LogInformation("No changes detected: {Id}/{Version}", packageId, normalizedPackageVersion);
164162

src/Catalog/Dnx/DnxConstants.cs

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,9 @@ public static class DnxConstants
1818
{ StorageConstants.ContentType, ApplicationOctetStreamContentType }
1919
};
2020

21+
// Default Cache Control of Package Version Index (at Storage)
22+
public const string DefaultCacheControlOfPackageVersionIndex = "max-age=10";
23+
2124
// Cache Duration of Package Version Index (at CDN)
2225
public static readonly TimeSpan CacheDurationOfPackageVersionIndex = TimeSpan.FromSeconds(60);
2326

src/Catalog/Dnx/DnxPackageVersionIndexCacheControl.cs

Lines changed: 9 additions & 43 deletions
Original file line numberDiff line numberDiff line change
@@ -2,62 +2,28 @@
22
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
33

44
using System.Collections.Generic;
5-
using System.Threading;
6-
using System.Threading.Tasks;
5+
using System.Linq;
76
using Microsoft.Extensions.Logging;
8-
using Newtonsoft.Json.Linq;
9-
using NuGet.Services.Metadata.Catalog.Persistence;
107

118
namespace NuGet.Services.Metadata.Catalog.Dnx
129
{
1310
public static class DnxPackageVersionIndexCacheControl
1411
{
15-
private const string DefaultCacheControlForPackageVersionIndex = "max-age=10";
16-
private const string BlobNameOfPackageIdsToInclude = "PackageIdsToIncludeForCachingPackageVersionIndex.json";
17-
18-
public static HashSet<string> PackageIdsToInclude = new HashSet<string>();
12+
private static readonly IList<string> PackageIdsToExclude = new List<string>() {
13+
"BaseTestPackage",
14+
}.Select(p => p.ToLowerInvariant()).ToList();
1915

2016
public static string GetCacheControl(string id, ILogger logger)
2117
{
22-
if (PackageIdsToInclude.Contains(id))
23-
{
24-
logger.LogInformation("Add caching to the package version index of Package Id: {id}.", id);
25-
26-
return DefaultCacheControlForPackageVersionIndex;
27-
}
28-
else
18+
var cacheControl = DnxConstants.DefaultCacheControlOfPackageVersionIndex;
19+
if (PackageIdsToExclude.Contains(id))
2920
{
30-
return Constants.NoStoreCacheControl;
21+
cacheControl = Constants.NoStoreCacheControl;
3122
}
32-
}
3323

34-
public static async Task LoadPackageIdsToIncludeAsync(IStorage storage, ILogger logger, CancellationToken cancellationToken)
35-
{
36-
if (!storage.Exists(BlobNameOfPackageIdsToInclude))
37-
{
38-
logger.LogInformation("{BlobName} does not exist, at {Address}.", BlobNameOfPackageIdsToInclude, storage.BaseAddress);
39-
40-
return;
41-
}
42-
43-
logger.LogInformation("Loading the list of Package Ids from {BlobName}, at {Address}.", BlobNameOfPackageIdsToInclude, storage.BaseAddress);
44-
45-
PackageIdsToInclude = new HashSet<string>();
46-
string jsonFile = await storage.LoadStringAsync(storage.ResolveUri(BlobNameOfPackageIdsToInclude), cancellationToken);
47-
if (jsonFile != null)
48-
{
49-
JObject obj = JObject.Parse(jsonFile);
50-
JArray ids = obj["ids"] as JArray;
51-
if (ids != null)
52-
{
53-
foreach (JToken id in ids)
54-
{
55-
PackageIdsToInclude.Add(id.ToString().ToLowerInvariant());
56-
}
57-
}
58-
}
24+
logger.LogInformation("Get cache control: {cacheControl} for the package version index of package Id: {id}.", cacheControl, id);
5925

60-
logger.LogInformation("Loaded the list of Package Ids (Count: {Count}) from {BlobName}, at {Address}.", PackageIdsToInclude.Count, BlobNameOfPackageIdsToInclude, storage.BaseAddress);
26+
return cacheControl;
6127
}
6228
}
6329
}

src/GitHubVulnerabilities2v3/Configuration/DestinationConfiguration.cs

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,18 @@
1+
// Copyright (c) .NET Foundation. All rights reserved.
2+
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
3+
4+
namespace GitHubVulnerabilities2v3.Configuration
5+
{
6+
public class DestinationConfiguration
7+
{
8+
/// <summary>
9+
/// The storage connection to use to save the job's output.
10+
/// </summary>
11+
public string StorageConnectionString { get; set; }
12+
13+
/// <summary>
14+
/// Base URL to use for absolute URLs of child documents.
15+
/// </summary>
16+
public string V3BaseUrl { get; set; }
17+
}
18+
}

src/GitHubVulnerabilities2v3/Configuration/GitHubVulnerabilities2v3Configuration.cs

Lines changed: 2 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -1,27 +1,20 @@
11
// Copyright (c) .NET Foundation. All rights reserved.
22
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
33

4+
using System.Collections.Generic;
45
using NuGet.Services.GitHub.Configuration;
56

67
namespace GitHubVulnerabilities2v3.Configuration
78
{
89
public class GitHubVulnerabilities2v3Configuration : GraphQLQueryConfiguration
910
{
10-
/// <summary>
11-
/// The storage connection to use to save the job's output.
12-
/// </summary>
13-
public string StorageConnectionString { get; set; }
11+
public IReadOnlyList<DestinationConfiguration> Destinations { get; set; }
1412

1513
/// <summary>
1614
/// The storage container to save the job's output in.
1715
/// </summary>
1816
public string V3VulnerabilityContainerName { get; set; } = "v3-vulnerabilities";
1917

20-
/// <summary>
21-
/// Service Index Root
22-
/// </summary>
23-
public string V3BaseUrl { get; set; } = "https://api.nuget.org/";
24-
2518
/// <summary>
2619
/// The name of the blob to save the job's advisories cursor in.
2720
/// </summary>

0 commit comments

Comments
 (0)