Verify hashes in the release manifests#53162
Open
nagilson wants to merge 7 commits intodotnet:release/dnupfrom
Open
Verify hashes in the release manifests#53162nagilson wants to merge 7 commits intodotnet:release/dnupfrom
nagilson wants to merge 7 commits intodotnet:release/dnupfrom
Conversation
this is a throw away script but I dont want customers to hit this
Member
Author
|
/azp run |
|
Azure Pipelines failed to run 1 pipeline(s). |
Contributor
There was a problem hiding this comment.
Pull request overview
Adds a PowerShell-based verification step intended to catch invalid SHA-512 hashes in .NET release manifests earlier (before they break dotnetup CI), and wires this verification into the dnup PR pipeline.
Changes:
- Added
Verify-ReleaseHashes.ps1to download release assets referenced byreleases.jsonand verify their SHA-512 hashes. - Updated
.vsts-dnup-pr.ymlto run hash verification for channels 7.0–10.0 and to add an executables build stage.
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 6 comments.
| File | Description |
|---|---|
src/Installer/releases/Verify-ReleaseHashes.ps1 |
New script to fetch a channel’s releases.json, download .zip/.tar.gz assets, compute SHA-512, and report mismatches. |
.vsts-dnup-pr.yml |
Adds stages/jobs to build dotnetup executables and to run/publish hash verification results for multiple channels. |
Comments suppressed due to low confidence (1)
.vsts-dnup-pr.yml:11
- The PR branch include list adds a specific topic branch name (
nagilson-dnup-executables). If this branch is not intended to be a long-lived target branch, keeping it here will cause unexpected PR validation behavior and future maintenance churn. Consider removing it before merging unless it’s meant to be a permanent branch pattern.
- dnup
- release/dnup
- release/dotnetup
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
dotnetuphas failed in CI several times due to an invalid hash in the release, so let's check the hashes to help the release team see which releases need validation/changes.Throw away script and CI change.