Skip to content

Updated to .NET 7.0 #2

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
pinksnafu wants to merge 20 commits into
base: master
Choose a base branch
from
Open

Updated to .NET 7.0 #2

pinksnafu wants to merge 20 commits into from

Conversation

@pinksnafu
Copy link

@pinksnafu pinksnafu commented May 19, 2023

.NET 7.0 and NUGET dependency updates. Wanna merge or sumthing?

pinksnafu and others added 20 commits January 25, 2022 12:06
@pinksnafu
Upgrade to .Net 6
03566a9
@pinksnafu
Update To .net &
235f69b
@pinksnafu
Create dependabot.yml
682b54a
@pinksnafu
Update dependabot.yml
4e7aedf 
Added nuget?
@dependabot
Bump Microsoft.EntityFrameworkCore.Tools from 7.0.0 to 7.0.5
6fd4642 
Bumps [Microsoft.EntityFrameworkCore.Tools](https://github.com/dotnet/efcore) from 7.0.0 to 7.0.5.
- [Release notes](https://github.com/dotnet/efcore/releases)
- [Commits](dotnet/efcore@v7.0.0...v7.0.5)

---
updated-dependencies:
- dependency-name: Microsoft.EntityFrameworkCore.Tools
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump Moq from 4.18.2 to 4.18.4
865d2c0 
Bumps [Moq](https://github.com/moq/moq4) from 4.18.2 to 4.18.4.
- [Release notes](https://github.com/moq/moq4/releases)
- [Changelog](https://github.com/moq/moq4/blob/main/CHANGELOG.md)
- [Commits](devlooped/moq@v4.18.2...v4.18.4)

---
updated-dependencies:
- dependency-name: Moq
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@pinksnafu
Create codeql.yml
47c5bac
@pinksnafu
Merge pull request #5 from pinksnafu/dependabot/nuget/Moq-4.18.4
a98c69d 
Bump Moq from 4.18.2 to 4.18.4
@pinksnafu
Merge pull request #3 from pinksnafu/dependabot/nuget/Microsoft.Entit…
e5ad5de 
…yFrameworkCore.Tools-7.0.5

Bump Microsoft.EntityFrameworkCore.Tools from 7.0.0 to 7.0.5
@dependabot
Bump Microsoft.NET.Test.Sdk from 17.4.0 to 17.6.0
41257a1 
Bumps [Microsoft.NET.Test.Sdk](https://github.com/microsoft/vstest) from 17.4.0 to 17.6.0.
- [Release notes](https://github.com/microsoft/vstest/releases)
- [Changelog](https://github.com/microsoft/vstest/blob/main/docs/releases.md)
- [Commits](microsoft/vstest@v17.4.0...v17.6.0)

---
updated-dependencies:
- dependency-name: Microsoft.NET.Test.Sdk
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump Microsoft.EntityFrameworkCore.SqlServer from 7.0.0 to 7.0.5
4c4781a 
Bumps [Microsoft.EntityFrameworkCore.SqlServer](https://github.com/dotnet/efcore) from 7.0.0 to 7.0.5.
- [Release notes](https://github.com/dotnet/efcore/releases)
- [Commits](dotnet/efcore@v7.0.0...v7.0.5)

---
updated-dependencies:
- dependency-name: Microsoft.EntityFrameworkCore.SqlServer
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@pinksnafu
Merge pull request #4 from pinksnafu/dependabot/nuget/Microsoft.NET.T…
4e66884 
…est.Sdk-17.6.0

Bump Microsoft.NET.Test.Sdk from 17.4.0 to 17.6.0
@dependabot
Bump System.Data.SQLite from 1.0.116 to 1.0.117
3965a1c 
Bumps System.Data.SQLite from 1.0.116 to 1.0.117.

---
updated-dependencies:
- dependency-name: System.Data.SQLite
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@pinksnafu
Merge pull request #1 from pinksnafu/dependabot/nuget/Microsoft.Entit…
004d887 
…yFrameworkCore.SqlServer-7.0.5

Bump Microsoft.EntityFrameworkCore.SqlServer from 7.0.0 to 7.0.5
@pinksnafu
Merge pull request #2 from pinksnafu/dependabot/nuget/System.Data.SQL…
80aa18c 
…ite-1.0.117

Bump System.Data.SQLite from 1.0.116 to 1.0.117
@pinksnafu
Updates
b093e4f
@rdaunce @pinksnafu
split storage key and encryption key
a436285 
The .NET port did not convert the storage of encrypted passwords correctly.  It was using the encryption key as the dictionary key, storing the encrypted password and encrytion key in the same location.  This makes the encrypted password decryptable if someone were to compromise the underlying data store.  This commit creates a separate storage key for lookup purposes and does not store the encryption key.  A separate token is created that includes the storage key and the encryption key that is only used to generate the URL.  See pinterest/snappass#63 for additional conversation on the original source repo.
@rdaunce @pinksnafu
Fix preview mechanism
da440ed 
The .NET port included the password on a hidden form on the initial page request.  A button to reveal the password only unhid the form.  This caused the initial page request to expire the password, even if it wasn't viewed.  The intention of the preview feature was to prevent bots that prefetch the URL from destroying the secret.  This commit removes the password from the preview page and adds a new page where the secret is revealed.  Now the secret is only destroyed if the secret is revealed.  Ported based on pinterest/snappass#100
@rdaunce @pinksnafu
Quote url to fix equal sign breaking outlook client
dfed3b1 
This was not ported properly to encode the encryption key.  See pinterest/snappass#73
@rdaunce @pinksnafu
Added 2 weeks TTL and defaulted TTL to 1 hour
b462701
@pinksnafu
Copy link
Author

pinksnafu commented May 20, 2023

Rebased to address split storage key and encryption key.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@pinksnafu @rdaunce