Doesn't allow multiple nupkg files for trusted-signers add command#3993
Conversation
…indly, we have to be specific for better security practice.
|
@dtivel @heng-liu @kartheekp-ms |
heng-liu
left a comment
There was a problem hiding this comment.
Thanks for fixing this issue!
LGTM
By the way, we might also need to call it out it in the doc https://docs.microsoft.com/en-us/nuget/reference/cli-reference/cli-ref-trusted-signers.
|
The docs Heng linked currently explicitly say "one or more nupkgs", so it definately needs to be changed. By the way, any pull request that changes behaviour from a customer point of view (basically, all PRs that are not bug fixes or infrastructure) should require docs changes, so when filling out the PR template don't select "N/A" out of habit. |
|
What's the customer experience when they try to pass more than one file? The code throws an exception. Does the customer see a stack trace? Do they see "System.ArgumentException"? |
They'll see
|
Bug
Fixes: NuGet/Home#10647
Regression? Last working version:
Description
Considering other certificate/security commands doesn't accept multiple files for add/trust action we'll throw if multiple nupkg files detected on path.
Here are examples of other certificate/security commands doesn't accept multiple files:
certutil -addstore root <file path>, which adds a certificate to a trusted certificate store as a trusted root authority, disallows wildcards in the file path. The file path must resolve to a single file.Import-Certificate -CertStoreLocation Cert:\LocalMachine\Root -FilePath <file path>, which adds a certificate to a certificate store as a trusted root authority, disallows wildcards in the file path.Here sample command which can cause problem:
nuget trusted-signers add C:\MyPackages\*.nupkg -Name signer -AuthorPR Checklist
PR has a meaningful title
PR has a linked issue.
Described changes
Tests
Documentation