Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix issues exposed by dotnet 9 sdk #920

Merged
merged 3 commits into from
Nov 22, 2024
Merged

Fix issues exposed by dotnet 9 sdk #920

merged 3 commits into from
Nov 22, 2024

Conversation

ivarne
Copy link
Member

@ivarne ivarne commented Nov 21, 2024

  • Add direct reference to new versions of JWTCookieAuthentication's insecure depencencies
  • Activate security scan of transitive depencecies on net8 (but not as errors in CI)
  • Warn on IDE0052: Remove unread private member
  • Warn on CA1859: Use concrete types when possible for improved performance (but not in test)
  • Fix related code

Verification

  • Your code builds clean without any errors or warnings
  • Manual testing done (required)
  • Relevant automated test added (if you find this hard, leave it and we'll help out)
  • All tests run green

Documentation

  • User documentation is updated with a separate linked PR in altinn-studio-docs. (if applicable)

@ivarne
Fix issues exposed by dotnet 9 sdk
a0486ad 
* Add direct reference to new versions of JWTCookieAuthentication's insecure depencencies
* Activate security scan of transitive depencecies on net8
* Warn on IDE0052: Remove unread private member
* Warn on CA1859: Use concrete types when possible for improved performance (but not in test)
* Fix related code
@ivarne ivarne requested a review from martinothamar November 21, 2024 13:39
@ivarne ivarne added the dependency Label Pull requests with dependency updates. Used when generation releasenotes label Nov 21, 2024
@ivarne
Copy link
Member Author

ivarne commented Nov 21, 2024
edited
Loading

Testing with localtest exposed that it fails because http://localhost:5101/authentication/api/v1/openid/.well-known/openid-configuration returns a json document where frontchannel_logout_supported and frontchannel_logout_session_supported was null instead of false or missing. This is fixed in Altinn/app-localtest#125

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
40.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@ivarne ivarne merged commit 2322191 into main Nov 22, 2024
11 checks passed
@ivarne ivarne deleted the deps/addDirectReferenceToTransitiveDeps branch November 22, 2024 11:22
@martinothamar
Copy link
Contributor

Since we're merging this now, we should probably post a message in the product channel that people need to pull latest localtest?

@ivarne
Copy link
Member Author

ivarne commented Nov 22, 2024

Yes, it’s just that #921 failed the publish

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@martinothamar martinothamar martinothamar approved these changes

Assignees
No one assigned
Labels
dependency Label Pull requests with dependency updates. Used when generation releasenotes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ivarne @martinothamar