[Release] Milestones M195 #1821
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
If the binPath isn't quoted, sc.exe will first look for a file at C:\Program. Starting that will yield CreateProcess error 193 (aka invalid Win32 program). By properly quoting the binPath, we guarantee that the correct file will be loaded.
The primary reason is that Component Detection (https://github.com/microsoft/component-detection) pointed out that the version we used is missing legal information. As of clearlydefined/curated-data#23677, version 6.2.1 of this package has a documented license. Therefore, this issue should be hereby resolved. Besides, it's always good to stay up to date with dependencies. Signed-off-by: Johannes Schindelin <[email protected]>
The primary reason is that Component Detection (https://github.com/microsoft/component-detection) pointed out that the version we used is missing legal information. Noticing that https://www.nuget.org/packages/LibGit2Sharp.NativeBinaries/2.0.278/License shows only a link into the repository, but the full license is shown at https://www.nuget.org/packages/LibGit2Sharp.NativeBinaries/2.0.322/License this issue should be hereby resolved. Besides, it's always good to stay up to date with dependencies. Since libgit2 is very careful about backwards-compatibility (and therefore LibGit2Sharp, too), this update should not result in any change of behavior. Signed-off-by: Johannes Schindelin <[email protected]>
Now that we addressed the Component Detection issues, let's just go ahead and proactively update the remaining dependencies, too. Signed-off-by: Johannes Schindelin <[email protected]>
Update dependencies
The v2 version of `upload-artifact`/`download-artifact` is no longer supported and stopped working. Let's update to v4, which _does_ work. Signed-off-by: Johannes Schindelin <[email protected]>
Every once in a while, the GitHub Actions we use (such as `checkout`, `upload-artifact`, etc) require updates as the old versions stop working. Let's ask Dependabot to take care of this tedious task. Signed-off-by: Johannes Schindelin <[email protected]>
`HttpClientHandler` will automatically resubmit an HTTP request that fails in certain circumstances. One such circumstance is when `UseDefaultCredentials` is set to `true``, alternative credentials were provided on the request, and the request failed with "401 Unauthorized", then it will resubmit using the default credentials. If an exception is thrown when getting the default credentials that exception is not handled, but is wrapped in `HttpRequestExceptio`n and thrown by `SendAsync` instead of returning the original response with the failing status code. See the following code snippet from `HttpWebRequest`: https://referencesource.microsoft.com/#System/net/System/Net/HttpWebRequest.cs,5535 When this happens in GVFS, the result is that GVFS does not recognize the failure as being authentication related, so it does not refresh the credential. Instead, it loops through all its retries, and eventually fails the request. This is typically visible to users as a file system exception (e.g. file not found) if the GVFS trigger was accessing a virtual file or other operation on an individual file, or various errors (including "this repository requires the GVFS protocol") for a `git pull`. The symptoms will continue for the user until they remount the GVFS enlistment, which forces GVFS to refresh its credential. This commit adds an exception handler for `HttpRequestException`` to `client.SendAsync`, which attempts to find the original failed response embedded in the inner exception properties. If it does so, it logs a warning and continues processing using the original failed response, which will trigger the logic for handling the various possible status codes. If it can't extract the original failed response, then it will let the exception bubble up. Signed-off-by: Tyrie Vella <[email protected]> Signed-off-by: Johannes Schindelin <[email protected]>
…arguments Point GVFS.Service to the correct executable when C:\Program exists
Handle nested failures in HttpRequestException
Bumps [actions/setup-dotnet](https://github.com/actions/setup-dotnet) from 1 to 4. - [Release notes](https://github.com/actions/setup-dotnet/releases) - [Commits](actions/setup-dotnet@v1...v4) --- updated-dependencies: - dependency-name: actions/setup-dotnet dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v2...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [microsoft/setup-msbuild](https://github.com/microsoft/setup-msbuild) from 1.0.2 to 2.0.0. - [Release notes](https://github.com/microsoft/setup-msbuild/releases) - [Changelog](https://github.com/microsoft/setup-msbuild/blob/main/building-release.md) - [Commits](microsoft/setup-msbuild@v1.0.2...v2.0.0) --- updated-dependencies: - dependency-name: microsoft/setup-msbuild dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
…ions/setup-dotnet-4 build(deps): bump actions/setup-dotnet from 1 to 4
…ions/checkout-4 build(deps): bump actions/checkout from 2 to 4
…rosoft/setup-msbuild-2.0.0 build(deps): bump microsoft/setup-msbuild from 1.0.2 to 2.0.0
derrickstolee
approved these changes
Oct 24, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This release fixes endless authentication loops when "401 Unauthenticated" messages are put into nested exceptions (see #1816).