Merging changes synced from https://github.com/MicrosoftDocs/visualstudio-docs-pr (branch live)

Author: Learn Build Service GitHub App

docs/deployment/accessing-local-and-remote-data-in-clickonce-applications.md

@@ -74,6 +74,8 @@ Most applications consume or produce data. ClickOnce gives you a variety of opti
 
  Isolated Storage works in all versions of the .NET Framework. Isolated Storage also works in partially trusted applications without the need for additional permission grants. You should use Isolated Storage if your application must run in partial trust, but must maintain application-specific data.
 
+ [!INCLUDE[ndptecclick](../deployment/includes/code-access-security-partial-trust.md)]
+
  For more information, see [Isolated Storage](/dotnet/standard/io/isolated-storage).
 
 ### Other local files

docs/deployment/clickonce-security-and-deployment.md

@@ -1,7 +1,7 @@
 ---
 title: "ClickOnce Deployment and Security"
 description: Learn about Visual Studio support for ClickOnce, a deployment technology that enables you to create self-updating Windows-based applications.
-ms.date: "09/23/2024"
+ms.date: "04/25/2025"
 ms.topic: "conceptual"
 dev_langs:
   - "VB"
@@ -47,7 +47,7 @@ ClickOnce is a deployment technology that enables you to create self-updating Wi
 ### Code access security
  Code access security helps limit the access that code has to protected resources. In most cases, you can choose the Internet or Local Intranet zones to limit the permissions. Use the **Security** page in the **Project Designer** to request the zone appropriate for the application. You can also debug applications with restricted permissions to emulate the end-user experience. For more information, see [Code access security for ClickOnce applications](../deployment/code-access-security-for-clickonce-applications.md).
 
- [!INCLUDE[ndptecclick](../deployment/includes/dotnet-feature-unsupported.md)]
+ [!INCLUDE[ndptecclick](../deployment/includes/code-access-security.md)]
 
 ### ClickOnce trust prompt
  If the application requests more permissions than the zone allows, the end user can be prompted to make a trust decision. The end user can decide if ClickOnce applications such as Windows Forms applications, Windows Presentation Foundation applications, console applications, XAML browser applications, and Office solutions are trusted to run. For more information, see [How to: Configure the ClickOnce trust prompt behavior](../deployment/how-to-configure-the-clickonce-trust-prompt-behavior.md).

docs/deployment/code-access-security-for-clickonce-applications.md

@@ -1,7 +1,7 @@
 ---
 title: "Code Access Security for ClickOnce Applications"
 description: Explore code access security for ClickOnce applications and how to configure the code access security permissions in Visual Studio.
-ms.date: "11/04/2016"
+ms.date: "04/25/2025"
 ms.topic: "conceptual"
 f1_keywords:
   - "vb.XBAPProjectPropertiesSecurity.HowTo"
@@ -29,7 +29,7 @@ ClickOnce applications are based on the .NET Framework and are subject to code a
 
  Code access security is a mechanism in the .NET Framework that helps limit the access that code has to protected resources and operations. You should configure the code access security permissions for your ClickOnce application to use the zone appropriate for the location of the application installer. In most cases, you can choose the **Internet** zone for a limited set of permissions or the **Local Intranet** zone for a greater set of permissions.
 
-[!INCLUDE[ndptecclick](../deployment/includes/dotnet-feature-unsupported.md)]
+ [!INCLUDE[ndptecclick](../deployment/includes/code-access-security.md)]
 
 ## Default ClickOnce code access security
  By default, a ClickOnce application receives Full Trust permissions when it is installed or run on a client computer.

docs/deployment/how-to-enable-clickonce-security-settings.md

@@ -1,7 +1,7 @@
 ---
 title: Enable & configure ClickOnce security
 description: Learn how the Publish wizard automatically enables code access security for ClickOnce applications to publish the application.
-ms.date: 08/04/2023
+ms.date: 04/25/2025
 ms.topic: how-to
 dev_langs: 
   - VB
@@ -20,7 +20,7 @@ ms.subservice: deployment
 
 You can enable and configure ClickOnce security settings in the **Security** page of the **Project Designer**. In this article, you learn how to enable security settings, configure security zones, and configure customized security zones.
 
- [!INCLUDE[ndptecclick](../deployment/includes/dotnet-task-unsupported.md)]
+ [!INCLUDE[ndptecclick](../deployment/includes/code-access-security.md)]
 
 ## Enable ClickOnce security settings
 

docs/deployment/how-to-specify-where-visual-studio-copies-the-files.md

@@ -119,7 +119,7 @@ The ClickOnce `Publish Version` property determines whether or not the applicati
 The `Publish Version` property can be set on the **Publish** page of the **Project Designer**.
 
 > [!NOTE]
-> There is a project option that will automatically increment the `Publish Version` property each time the application is published; this option is enabled by default. For more information, see [Automatically Increment the ClickOnce Publish Version](../deployment/how-to-specify-where-visual-studio-copies-the-files.md#automatically-increment-the-clickonce-publish-version).
+> There's a project option that will automatically increment the `Publish Version` property each time the application is published; this option is enabled by default. For more information, see [Automatically Increment the ClickOnce Publish Version](../deployment/how-to-specify-where-visual-studio-copies-the-files.md#automatically-increment-the-clickonce-publish-version).
 
 ### Change the publish version
 
@@ -153,7 +153,7 @@ You can disable this behavior on the **Publish** page of the **Project Designer*
 
 When publishing a ClickOnce application, a default Web page (publish.htm) is generated and published along with the application. This page contains the name of the application, a link to install the application and/or any prerequisites, and a link to a Help topic describing ClickOnce. The **Publish Page** property for your project allows you to specify a name for the Web page for your ClickOnce application.
 
-Once the publish page has been specified, the next time you publish, it will be copied to the publish location; it will not be overwritten if you publish again. If you wish to customize the appearance of the page, you can do so without worrying about losing your changes. For more information, see [Customize the ClickOnce default Web page](#customize-the-default-web-page-for-a-clickonce-application).
+Once the publish page has been specified, the next time you publish, it will be copied to the publish location; it won't be overwritten if you publish again. If you wish to customize the appearance of the page, you can do so without worrying about losing your changes. For more information, see [Customize the ClickOnce default Web page](#customize-the-default-web-page-for-a-clickonce-application).
 
 The **Publish Page** property can be set in the **Publish Options** dialog box, accessible from the **Publish** pane of the **Project Designer**.
 
@@ -229,7 +229,7 @@ To specify a support URL:
 
 A ClickOnce deployment can test for a number of prerequisites that must be available on the client computer for the ClickOnce application to run. These dependencies include the required minimum version of the .NET Framework, the version of the operating system, and any assemblies that must be preinstalled in the global assembly cache (GAC). ClickOnce, however, can't install any of these prerequisites itself; if a prerequisite isn't found, it simply halts installation and displays a dialog box explaining why the installation failed.
 
-There are two methods for installing prerequisites. You can install them using a bootstrapper application. Alternatively, you can specify a support URL for individual prerequisites, which is displayed to users on the dialog box if the prerequisite isn't found. The page referenced by that URL can contain links to instructions for installing the required prerequisite. If an application doesn't specify a support URL for an individual prerequisite, ClickOnce displays the support URL specified in the deployment manifest for the application as a whole, if it is defined.
+There are two methods for installing prerequisites. You can install them using a bootstrapper application. Alternatively, you can specify a support URL for individual prerequisites, which is displayed to users on the dialog box if the prerequisite isn't found. The page referenced by that URL can contain links to instructions for installing the required prerequisite. If an application doesn't specify a support URL for an individual prerequisite, ClickOnce displays the support URL specified in the deployment manifest for the application as a whole, if it's defined.
 
 While Visual Studio, *Mage.exe*, and *MageUI.exe* can all be used to generate ClickOnce deployments, none of these tools directly support specifying a support URL for individual prerequisites. This document describes how to modify your deployment's application manifest and deployment manifest to include these support URLs.
 
@@ -288,6 +288,8 @@ While Visual Studio, *Mage.exe*, and *MageUI.exe* can all be used to generate Cl
 
 The support URL isn't displayed on the dialog box if the application is marked to run in partial trust.
 
+ [!INCLUDE[ndptecclick](../deployment/includes/code-access-security-partial-trust.md)]
+
 ## Change the publish language for a ClickOnce application
 
 When publishing a ClickOnce application, the user interface displayed during installation defaults to the language and culture of your development computer. If you're publishing a localized application, you'll need to specify a language and culture to match the localized version. This is determined by the `Publish language` property for your project.

docs/deployment/includes/code-access-security-partial-trust.md

@@ -0,0 +1,12 @@
+---
+title: Visual Studio ClickOnce partial trust and code access security
+author: mikejo5000
+description: Learn about partial trust and Code Access Security support in ClickOnce
+ms.author: mikejo
+ms.date: 04/25/2025
+ms.subservice: deployment
+ms.topic: include
+---
+
+> [!NOTE]
+> In ClickOnce for .NET Core and .NET 5 or later, partial trust, which requires Code Access Security, is unsupported. In .NET Framework, the use of Code Access Security is not a best practice and is not recommended.

docs/deployment/includes/code-access-security.md

@@ -0,0 +1,12 @@
+---
+title: Visual Studio ClickOnce code access security
+author: mikejo5000
+description: Learn about Code Access Security support in ClickOnce
+ms.author: mikejo
+ms.date: 04/25/2025
+ms.subservice: deployment
+ms.topic: include
+---
+
+> [!NOTE]
+> In ClickOnce for .NET Core and .NET 5 or later, Code Access Security is unsupported. In .NET Framework, the use of Code Access Security is not a best practice and is not recommended.

docs/deployment/securing-clickonce-applications.md

@@ -39,7 +39,7 @@ ClickOnce applications are subject to code access security constraints in the .N
 ## Code access security policies
  Permissions for an application are determined by the settings in the [\<trustInfo> Element](../deployment/trustinfo-element-clickonce-application.md) element of the application manifest. Visual Studio automatically generates this information based on the settings on the project's **Security** property page. A ClickOnce application is granted only the specific permissions that it requests. For example, where file access requires full-trust permissions, if the application requests file-access permission, it will only be granted file-access permission, not full-trust permissions. When developing your ClickOnce application, you should make sure that you request only the specific permissions that the application needs. In most cases, you can use the Internet or Local Intranet zones to limit your application to partial trust. For more information, see [How to: Set a security zone for a ClickOnce application](../deployment/how-to-enable-clickonce-security-settings.md#set-a-security-zone-for-a-clickonce-application). If your application requires custom permissions, you can create a custom zone. For more information, see [How to: Set custom permissions for a ClickOnce application](../deployment/how-to-enable-clickonce-security-settings.md#set-custom-permissions-for-a-clickonce-application).
 
- [!INCLUDE[ndptecclick](../deployment/includes/dotnet-feature-unsupported.md)]
+ [!INCLUDE[ndptecclick](../deployment/includes/code-access-security.md)]
 
  Including a permission that isn't part of the default permission set for the zone from which the application is deployed will cause the end user to be prompted to grant permission at install or update time. To prevent users from being prompted, a system administrator can specify a ClickOnce deployment policy that defines a specific application publisher as a trusted source. On computers where this policy is deployed, permissions will automatically be granted and the user won't be prompted.
 

docs/deployment/security-versioning-and-manifest-issues-in-clickonce-deployments.md

@@ -41,6 +41,8 @@ If you're developing an application that requires administrator permissions for
 
 If your ClickOnce application runs online instead of through an installation, it must fit within the quota set aside for online applications. Also, a network application that runs in partial trust, such as with a restricted set of security permissions, can't be larger than half of the quota size.
 
+ [!INCLUDE[ndptecclick](../deployment/includes/code-access-security-partial-trust.md)]
+
 For more information, and instructions about how to change the online application quota, see [ClickOnce cache overview](../deployment/clickonce-cache-overview.md).
 
 ## Versioning issues

docs/xaml-tools/xaml-hot-reload.md

@@ -1,7 +1,7 @@
 ---
 title: "XAML Hot Reload for WPF and UWP apps"
 description: Modify XAML code in running .NET MAUI, WinUI 3, Windows Presentation Foundation (WPF), or Universal Windows Platform (UWP) apps with edit and continue features in XAML Hot Reload.
-ms.date: 08/27/2024
+ms.date: 04/24/2025
 ms.topic: conceptual
 helpviewer_keywords:
   - "xaml edit and continue"
@@ -23,15 +23,17 @@ With XAML Hot Reload, you can incrementally build and test XAML code for your .N
 
 ## Where to get XAML Hot Reload
 
-Visual Studio XAML Hot Reload is currently supported only when you're running an application in **Visual Studio** -or- **Blend for Visual Studio** (if supported by the framework) with the debugger attached (**F5** or **Start debugging**).
+Visual Studio XAML Hot Reload is supported when you're running an application in **Visual Studio** -or- **Blend for Visual Studio** (if supported by the framework) with the debugger attached (**F5** or **Start debugging**).
+
+Starting in Visual Studio 2022 version 17.14 Preview 2, XAML Hot Reload and [XAML Live Preview](../xaml-tools/xaml-live-preview.md) are available at design-time and not just during a debugging session.
 
 You can't enable this experience by using [Attach to process](../debugger/attach-to-running-processes-with-the-visual-studio-debugger.md) unless you [manually set an environment variable](xaml-hot-reload-troubleshooting.md#verify-that-you-use-start-debugging-rather-than-attach-to-process).
 
-## Applications for XAML Hot Reload
+## Scenarios for XAML Hot Reload
 
 XAML Hot Reload is especially helpful in these scenarios:
 
-* Fixing UI problems found in your XAML code after the app was started in debug mode.
+* Fixing UI problems found in your XAML code.
 
 * Building a new UI component for an app that is under development, while taking advantage of your app's runtime context.