Update PowerShell to build against dotnet 5.0-RC.1#13643
Conversation
|
Should we track CA1416 in new issue and fix this later? |
|
@iSazonov I think there is nothing that needs to be fixed. For all the types and APIs that are supported only on Windows, we compile them only for Windows build. Do you spot anything that is not the case? |
I remember we had issues with referencing methods from wrong platform. So we could review the analyzer warnings and maybe use recommended workarounds. |
|
The new attribute doesn't offer a suggestion, it's like But there are lots of failures due to the warning and I surely didn't review them all. So please feel free to open an issue to track , and maybe also review them if you got time. Thanks! |
|
@daxian-dbw Tracking issue #13647. |
|
CI Linux fail with "OpenSslCryptographicException: error:141A90B5:SSL routines:ssl_cipher_list_to_bytes:no ciphers available". Do they disable Tls 1.0 and 1.1 in CI Linux image in OpenSSL? |
|
@iSazonov We are investigating but got nowhere so far :( How to check if the Tls 1.0 and 1.1 is disabled on Ubuntu? FYI, the version of openssl on the CI agent is: |
|
Dropping this here so it's not missed. Ctrl+C doesn't work on macOS this ^ is because of dotnet/runtime#42423 |
|
Use single file publish? (also outputs a copy native libs on Windows, should be a single file on Linux though) <PublishSingleFile>true</PublishSingleFile>Perhaps assembly trimming? Though that might not work for powershell (as you could invoke apis from script?) <PublishTrimmed>true</PublishTrimmed>
<TrimMode>Link</TrimMode>On Windows can include the R2R with the single file to make startup faster (in exchange for size) https://devblogs.microsoft.com/dotnet/customizing-trimming-in-net-core-5/ <PublishReadyToRun>True</PublishReadyToRun>
|
I see 3 cases:
|
We don't use the option today. (I tried locally and catch some issues). And we don't have PowerShell Committee conclusion whether we want to support the single file publish.
We don't use this. And you're right this is not acceptable in general. But it could be an option for specific minimal PowerShell distributions.
Yes, we use the feature. Welcome to investigate and contribute more in the scenario if you want. |
|
@iSazonov We learnt from .NET team that this is a by-design breaking change made in .NET 5 rc.1, which retired Tls1.0 and Tls1.1 from the default on Linux machines where OpenSSL 1.1 and above is used. The .NET PR is dotnet/runtime#40746 |
|
@daxian-dbw Thanks! Do you team to collect such by-design changes? It would be nice to see its in Release notes for 7.1 GA (I hope this reduce "false" feedbacks from PowerShell users and helps adoption to the new PowerShell version.). |
|
@iSazonov The breaking changes will all be documented in https://docs.microsoft.com/en-us/dotnet/core/compatibility/3.1-5.0, though the TSL one is not yet documented.
|
|
After grappling with this issue for some time, I'm going to mark the tests that are currently failing as pending. We now expect the particular command to fail on Linux due to the configuration of both .NET 5 and the test environment, and I think it should be fixed as a patch to RC2. As such I'll open an issue to track fixing the tests and possibly PowerShell's own error messages (although after spending some time looking into it, I'm not sure how we do the latter reliably). |
|
@iSazonov, @benaadams regarding single file, we don't want to take such a big change for an RC (which means not in 7.1). Certainly something we would look at for 7.2. File trimming would not work for PowerShell as it exists today as PowerShell is a platform for scripts that expect as many APIs as possible. As Ilya noted, it may be useful when we make more progress on minimal PowerShell where scripts that need .NET APIs would install those assemblies with PowerShellGet 3.x. |
|
What is a milestone should be for the PR and follow PRs? |
@SteveL-MSFT I am not agree when it comes to old API. Why blacklist things when it could be remove at source ? https://github.com/PowerShell/underhanded-powershell I don't want this Trimming should be study from a security POV and the toolchain update to release at least a minimal edition. A PowerShell.SecureSdk project without distribution binaries is enough. A security contest is welcome ! . A rank by binaries file size with minimal binaries command compatibilty.
|
Yeah we've discussed that and it's something we're gradually investigating as a sort of "minimal PowerShell". But what's old to you is required by others -- take anything out and we'll break someone, or at the very least make their migration path significantly more difficult. But also, my understanding is that trimming is an automatic process based on static code discovery, and PowerShell uses reflection pretty much everywhere. To make trimming work for us, we'd need to build a very large list of APIs we need to preserve from the trimming process. As I say, it's something we're investigating gradually, since there are a number of large hurdles that we'd need to overcome to make it work. |
|
@daxian-dbw thank you for helping find those last issues in RC1 so we could fix in RC2 and avoid shipping them. The more often Powershell can pick up .NET Core, the better for us! |
|
🎉 Handy links: |
PR Summary
Update code and project files to build PowerShell against dotnet 5.0-rc.1.
Major changes to code:
ComRuntimeHelpers.csto change the calling conventionstdcalltounmanaged, based on dotnet/runtime@e13f72b#diff-064c99755b7df4413ffd97baf9d833db committed 2 days ago.ReliabilityContractAttributeandSecurityPermissionAttributeas they are obsoleted.CA1416because In .NET 5.0 we have added new attributes to annotate platform-specific APIs.UTF7andBinaryFormatterwithSYSLIB0011instead. See Breaking changes for migration from version 3.1 to 5.0.Known issues in .NET 5 RC.1
The .NET 5 RC.1 regressions and by-design breaking changes we ran into so far are:
System.Console.TreatControlCAsInputis backwards in .NET 5 RC.1 on Linux and macOS. Issue: System.Console.TreatControlCAsInput is backwards in .NET 5 RC.1 dotnet/runtime#42423. The fix Console.Unix: fix inverted TreatControlCAsInput dotnet/runtime#42432 was made in .NET 5 RC.2System.Console.ReadKey()returningCtrl+JforENTERon macOS. Issue: System.Console.ReadKey() returning Ctrl+J for ENTER on macOS dotnet/runtime#42418. The fix [release/5.0-rc2] Revert "Make Console.ReadKey() distinguish between CR and LF inputs" dotnet/runtime#42477 was made in .NET 5 RC.2PR Checklist
.h,.cpp,.cs,.ps1and.psm1files have the correct copyright headerWIP:or[ WIP ]to the beginning of the title (theWIPbot will keep its status check atPendingwhile the prefix is present) and remove the prefix when the PR is ready.