Skip to content

[source-build] Poison check should scan all shipping packages #4921

New issue
New issue
Closed
dotnet/sdk
#47176
Closed
[source-build] Poison check should scan all shipping packages#4921
dotnet/sdk
#47176
Assignees
NikolaMilosavljevic
Labels
area-poisonPoison leaks and the leak detection infrastructureuntriaged
@NikolaMilosavljevic

Description

@NikolaMilosavljevic
NikolaMilosavljevic
opened on Feb 27, 2025

It appears that NuGet packages are not being scanned for poison - the following line will not include any packages: https://github.com/dotnet/sdk/blob/50702508f006c8c0b362493bd1a8b945845b06e4/src/SourceBuild/content/eng/finish-source-only.proj#L134-L135

      <!-- Include shipping nuget packages. -->
      <PoisonFileToCheck Include="$(ArtifactsShippingPackagesDir)*.nupkg" />

This was likely caused by distributed/parallelized build refactoring that moved packages to repo sub-directories.

Tasks:

  • Fix this issue in main
  • Ensure 9.0 is correct
  • Harden the infra to prevent this regression in the future

Metadata

Metadata

Assignees

Labels

area-poisonPoison leaks and the leak detection infrastructureuntriaged

Type

No type

Projects

.NET Source Build

Status

Done

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions