Skip to content

Fix KeyNotFoundException when DoNotUnpack flag is set on containers #16438

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
Copilot wants to merge 2 commits into
base: main
Choose a base branch
from
Draft

Fix KeyNotFoundException when DoNotUnpack flag is set on containers #16438

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
42252bd
Initial plan
Copilot Jan 10, 2026
535e462
Fix KeyNotFoundException when DoNotUnpack flag is set on containers
Copilot Jan 10, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
25 changes: 19 additions & 6 deletions src/Microsoft.DotNet.SignTool/src/Configuration.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -279,12 +279,20 @@ private FileSignInfo TrackFile(PathWithHash file, PathWithHash parentContainer,
{
// Only sign containers if the file itself is unsigned, or
// an item in the container is unsigned.
hasSignableParts = _zipDataMap[fileSignInfo.FileContentKey].NestedParts.Values.Any(b => b.FileSignInfo.SignInfo.ShouldSign || b.FileSignInfo.HasSignableParts);
if (hasSignableParts)
// Use TryGetValue to avoid KeyNotFoundException when DoNotUnpack skips adding to _zipDataMap
if (_zipDataMap.TryGetValue(fileSignInfo.FileContentKey, out var zipData))
{
// If the file has contents that need to be signed, then re-evaluate the signing info
fileSignInfo = fileSignInfo.WithSignableParts();
_filesByContentKey[fileSignInfo.FileContentKey] = fileSignInfo;
hasSignableParts = zipData.NestedParts.Values.Any(b => b.FileSignInfo.SignInfo.ShouldSign || b.FileSignInfo.HasSignableParts);
if (hasSignableParts)
{
// If the file has contents that need to be signed, then re-evaluate the signing info
fileSignInfo = fileSignInfo.WithSignableParts();
_filesByContentKey[fileSignInfo.FileContentKey] = fileSignInfo;
}
}
else
{
_log.LogError($"Container '{fileSignInfo.FullPath}' was not unpacked. Cannot determine signable parts. This may indicate an internal error in the signing logic.");
Copy link
Member

@ericstj ericstj Jan 12, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I thought you were saying that key not found was expected in some cases, yet this will error in that case.

}
}
if (fileSignInfo.ShouldTrack)
Expand Down Expand Up @@ -353,7 +361,12 @@ private FileSignInfo ExtractSignInfo(
// Hash doesn't exist so we use the CollisionPriorityId from the parent container
SignedFileContentKey parentSignedFileContentKey =
new SignedFileContentKey(parentContainer.ContentHash, parentContainer.FileName);
collisionPriorityId = _hashToCollisionIdMap[parentSignedFileContentKey];
// Use TryGetValue to avoid KeyNotFoundException when parent has DoNotUnpack flag
if (!_hashToCollisionIdMap.TryGetValue(parentSignedFileContentKey, out collisionPriorityId))
{
_log.LogError($"Unable to find collision priority ID for parent container '{parentContainer.FileName}' (hash: {parentContainer.ContentHash}) when processing nested file '{file.FileName}'. This may occur if the parent container was not properly tracked or had issues during processing.");
collisionPriorityId = string.Empty; // Use empty string as fallback
}
}
}

Expand Down
Loading