Releases: NuGet/NuGet.Jobs
v2018.05.30
- [Repository Signing] Strip repository signatures that fail verification (#441)
- Remove Respond JS dependency (#449)
- Skipping test packages for scan and sign (#451)
- More appropriate handling of the optional validations in the Orchestrator (#450)
- Improve performance of RetrievePackageDimensions (#442)
- Added reporting the package download speed along with the download time as its own metric. (#413)
- Repository sign packages at ingestion (#452)
- Moved scan and sign enqueuer to the shared library. (#453)
v2018.05.14
- Make Certificate Validator gracefully handle repository signed packages (#431)
- SQL auto-rotation: Gallery.Maintenance (#418)
- Update Gallery.CredentialExpiration to use SqlConnectionFactory (#419)
- SQL auto-rotation: UpdateLicenseReports (#420)
- SQL auto rotation: Search.GenerateAuxillaryData (#421)
- Update SupportRequests.Notifications to use ISqlConnectionFactory (#422)
- NuGetGallery.Core update (#432)
- Update ArchivePackages to use ISqlConnectionFactory (#423)
- Update Stats.AggregateCdnDownloads to use ISqlConnectionFactory (#424)
- Update Stats.CreateAzureCdnWarehouseReports to use ISqlConnectionFactory (#425)
- SQL auto rotation: Stats.ImportAzureCdnStatistics (#427)
- Update Stats.RefreshClientDimension to use ISqlConnectionFactory (#428)
- Update Stats.RollupDownloadFacts to use ISqlConnectionFactory (#429)
- Package Lag Monitor (#433)
- [Repository Signing] Add Signature Validator (#426)
- Scan and Sign validator, orchestrator side (#440)
- Proper way to reference sign.targets in new project (#446)
v2018.05.02
v2018.04.25
- Changed the way Validators are referred by their "names" (#396)
- Search.GenerateAuxiliaryData should copy Downloads.v1.json to search metadata location (#398)
- Fix for missed argument type update (#399)
- [Validate Certificate] Fixed incorrect log message (#400)
- Temp file handling (#397)
- Disabled SSL3 and Enabled TLS1.2 in callback service. (#403)
- Persist repository signature information in database (#401)
- Filter repository signatures from Validate Certificate, Revalidate jobs (#402)
- [Package Signing] Make the Revalidate Certificate job initialize once per day (#405)
- Remove dead code (#406)
- Fix TSA issues (#408)
- [SDL] Validate Key Vault's secrets certificate (#407)
v2018.03.22
- Extract gallery DB and packages container update logic to its own class (#362)
- Add Asia deployment script for Search.GenerateAuxiliaryData (#369)
- Update the package hash and length in DB after blob copy (#364)
- Check package hash even when the package is already available (#367)
- Add new script to package (#372)
- Make validator provider cache the types it discovers (#370)
- [Orchestrator] Remove validation failure on timeout (#368)
- Copy validation result .nupkg URL from processor (#373)
- Back up the package if there are any processors (#374)
- Call CleanUpAsync on the validator after reaching a terminal status (#375)
- Add log on user notification (#379)
- [Package Signing] Improve logging (#376)
- Introduce LoggerDiagnosticsService for improved NuGetGallery.Core logging (#378)
- Rename extract and validate job to process signature (#381)
- Fix ValidationSetTimeout metric name (#380)
- Move to 4.7.0-preview1.5029 of client APIs (#382)
- Drop validation messages for soft deleted packages (#383)
- Fixed test that fails when time format on a computer that runs the test is set to use 24 hour clock. (#387)
v2018.03.08
Enable TLS 1.2 in build.ps1 (#352)
[Package Signing] Validate TrustedTimestamps' certificates (#351)
Split arguments into separate lines. Updated SMTP and DB settings to to be taken from Octopus (#357)
Allow package to exist in packages container when becoming to Available (#356)
Add initial integration with IProcessor in orchestrator (#353)
Use topological sort to verify processors never run in parallel (#355)
Use validator type instead of instance for configuration validation (#360)
Allow signatures in Valid or InGracePeriod states (#358)
v2018.02.27
v2018.02.23
v2018.02.05
#320 - Use local TSA instead of remote TSA
#323 - Add integration test for untrusted and unavailable revocation TSA certificates
#324 - Added logic on how to update signatures after certificate status changes
#325 - Flush Application Insights on shutdown
#326 - [Package Signing] Improved CertificateVerificationResult type
v2018.01.29
d436073
joelverhagen
Joel Verhagen
#299 - Persist and connect EndCertificates and ParentCertificates
#300 - Integrate with client validation APIs and add initial integration tests
#291 - Added validator usage status to indicate whether validation is required or disabled
#302 - Killing HandlePackageEdits job in the name of package immutability.
#301 - Update ServerCommon packages and start emitting issues from extract and validate
#303 - Copy validator issues to package validation issues in orchestrator process
#304 - Update to latest version of client APIs
#305 - Block Zip64 packages in extract and validate job
#306 - Use IPackageSignatureVerifier to verify the format of the signature file before reading the signature
#307 - Update Service Bus dependencies
#308 - Validate there are no author or repo counter signatures and require signature V1
#310 - Ignore support requests for which user data is removed when retrieving unresolved issues
#311 - Add trust verifier to extract and validate job
#312 - VSIX user agent string update
#313 - Persist signature and timestamp entities
#314 - Allow unavailable revocation information during extract and validate
#315 - Prevent duplicate validations from starting during some grace period
#317 - Add initial telemetry service with stub implementation
#318 - Fix support requests notifications job sql query
#319 - Integrate orchestrator telemetry with Application Insights