Fix build error after update the SDK submodule in BinSkim #915
Conversation
| <?xml version="1.0" encoding="utf-8"?> | ||
| <configuration> | ||
| <config> | ||
| <add key="globalPackagesFolder" value="./src/packages" /> |
There was a problem hiding this comment.
we have similar settings in SDK with 2 settings, based on building and testing only this one is needed. #Closed
ReleaseHistory.md
Outdated
| @@ -17,6 +17,7 @@ | |||
|
|
|||
| ## UNRELEASED | |||
| * DEP: Update `Microsoft.CodeAnalysis.NetAnalyzers` package from 7.0.0 to 7.0.1 to resolve build warnings. [#903](https://github.com/microsoft/binskim/pull/903) | |||
| * DEP: Update Sarif.Sdk submodule from [bc8cb57 to dd8b7b8](https://github.com/microsoft/sarif-sdk/compare/bc8cb57...dd8b7b8). Full [SARIF SDK Release History](https://github.com/microsoft/sarif-sdk/blob/dd8b7b8/ReleaseHistory.md). | |||
There was a problem hiding this comment.
this is the current latest SDK (when this PR created) #Closed
| @@ -37,7 +37,7 @@ | |||
|
|
|||
| <ItemGroup> | |||
| <Reference Include="dia2lib"> | |||
| <HintPath>..\..\refs\dia2lib.dll</HintPath> | |||
| <HintPath>..\..\refs\Dia2Lib.dll</HintPath> | |||
There was a problem hiding this comment.
The name changed is needed because in Linux it is case sensitive. #Resolved
There was a problem hiding this comment.
@shaopeng-gh What exactly is the issue when the SARIF SDK Dia2Lib.dll is used?
There was a problem hiding this comment.
misssing classes: IDiaEnumSegments, IDiaSectionContrib etc.
conflict classes: IDiaDataSource2, IDiaDataSource3
There was a problem hiding this comment.
If there isn't a reason not to change the Reference itself (as opposed to the hint), can you please change it to agree with the hint?
There was a problem hiding this comment.
updated the
<Reference Include="dia2lib">
to
<Reference Include="Dia2Lib">.
I have searched the whole repo there is 0 lower case of dia2lib.
| <PropertyGroup> | ||
| <PreBuildEvent Condition="$(OS) == 'Windows_NT'"> | ||
| echo Copying file from "$(MSBuildProjectDirectory)\..\..\refs\Dia2Lib.dll" to "$(MSBuildProjectDirectory)\..\..\src\packages\microsoft.diagnostics.tracing.traceevent\3.1.3\lib\netstandard2.0\" | ||
| copy "$(MSBuildProjectDirectory)\..\..\refs\Dia2Lib.dll" "$(MSBuildProjectDirectory)\..\..\src\packages\microsoft.diagnostics.tracing.traceevent\3.1.3\lib\netstandard2.0\" |
There was a problem hiding this comment.
This is to replace with our version of Dia2Lib.dll that works with our code. #Closed
There was a problem hiding this comment.
@shaopeng-gh I am not sure this is the best fix here. So you are essentially hard coding the Dia2Lib.dll to use? From the PR description, it seems like this dll is used for the new events model. Would hard-coding our version of the dll affect the generation of events?
There was a problem hiding this comment.
This is good point if it will break the generation of events.
I am not familiar about it,
I see the code we are doing check like:
if (!string.IsNullOrEmpty(globalContext.EventsFilePath))
to enable generation of events, and the setting of Context.EventsFilePath is:
context.EventsFilePath = Environment.GetEnvironmentVariable("SPMI_ETW") ?? options.EventsFilePath ?? context.EventsFilePath;
Is this only enabled in SPMI?
| @@ -37,7 +37,7 @@ | |||
|
|
|||
| <ItemGroup> | |||
| <Reference Include="dia2lib"> | |||
| <HintPath>..\..\refs\dia2lib.dll</HintPath> | |||
| <HintPath>..\..\refs\Dia2Lib.dll</HintPath> | |||
There was a problem hiding this comment.
@shaopeng-gh What exactly is the issue when the SARIF SDK Dia2Lib.dll is used?
| <PropertyGroup> | ||
| <PreBuildEvent Condition="$(OS) == 'Windows_NT'"> | ||
| echo Copying file from "$(MSBuildProjectDirectory)\..\..\refs\Dia2Lib.dll" to "$(MSBuildProjectDirectory)\..\..\src\packages\microsoft.diagnostics.tracing.traceevent\3.1.3\lib\netstandard2.0\" | ||
| copy "$(MSBuildProjectDirectory)\..\..\refs\Dia2Lib.dll" "$(MSBuildProjectDirectory)\..\..\src\packages\microsoft.diagnostics.tracing.traceevent\3.1.3\lib\netstandard2.0\" |
There was a problem hiding this comment.
@shaopeng-gh I am not sure this is the best fix here. So you are essentially hard coding the Dia2Lib.dll to use? From the PR description, it seems like this dll is used for the new events model. Would hard-coding our version of the dll affect the generation of events?
|
Note: We will explore upgrading of the lib before revisit this. #Closed |
ReleaseHistory.md
Outdated
| @@ -16,6 +16,7 @@ | |||
| - NEW => new feature | |||
|
|
|||
| ## UNRELEASED | |||
| * DEP: Update Sarif.Sdk submodule from [bc8cb57 to fd6e615](https://github.com/microsoft/sarif-sdk/compare/bc8cb57...fd6e615). Full [SARIF SDK Release History](https://github.com/microsoft/sarif-sdk/blob/fd6e615/ReleaseHistory.md). | |||
There was a problem hiding this comment.
Reopen this PR.
The was for: if update SARIF sub module, the Dia will not work. At that moment I created this PR but we did not have any urgent fix we need from SARIF SDK.
Now there is fix that is needed, I reopen this PR and update to point to latest SDK.
There is no new test added, but without this fix many tests will fail.
Please see PR description for some info.
|
our code uses the old classes, if re-create the dll, our current code that uses the dll will need a major re-write. In reply to: 1591721869 |
ReleaseHistory.md
Outdated
| @@ -16,6 +16,7 @@ | |||
| - NEW => new feature | |||
|
|
|||
| ## UNRELEASED | |||
| * DEP: Update Sarif.Sdk submodule from [bc8cb57 to fd6e615](https://github.com/microsoft/sarif-sdk/compare/bc8cb57...fd6e615). Full [SARIF SDK Release History](https://github.com/microsoft/sarif-sdk/blob/fd6e615/ReleaseHistory.md). | |||
There was a problem hiding this comment.
- Add backticks around
Sarif.SDKsubmodule. - Rewrite second sentence to "Reference full SARIF SDK Release History." #Resolved
There was a problem hiding this comment.
Fixed. I left the full word out of the link, let me know if you think we should include it.
|
updated, thanks. In reply to: 1765562052 |
| @@ -16,6 +16,7 @@ | |||
| - NEW => new feature | |||
|
|
|||
| ## UNRELEASED | |||
| * DEP: Update `Sarif.Sdk` submodule from [bc8cb57 to fd6e615](https://github.com/microsoft/sarif-sdk/compare/bc8cb57...fd6e615). Reference full [SARIF SDK Release History](https://github.com/microsoft/sarif-sdk/blob/fd6e615/ReleaseHistory.md). | |||
|
|
|||
There was a problem hiding this comment.
This line is inconsistent with other entries in this file: they all need to be consistent. I think Stacy recommended removing the word Full, as below:
if that is correct, please update the entire release history to bring all of these DEP entries into conformance. Also someone needs to make sure our release notes maintenance documentation has the correct standard listed there.
- DEP: Update
Sarif.Sdksubmodule from bc8cb57 to fd6e615. SARIF SDK Release History.
There was a problem hiding this comment.
Also, why exactly did you need to make this dependency update? It is a good practice to cite the specific incoming change that's critical to binskim.
There was a problem hiding this comment.
I think Stacy recommended removing the word Full --- The original recommendation from Stacy was to add Reference not removing full, I checked with her we both agree removing full looks good. i have updated.
why exactly did you need to make this dependency update? ---- Only needed is the change that we disable the warning for using Newton old versions 9. So that build will not just stop as error. This is only to fix our build process not related to the user.
Found an issue, when Binskim update SDK Submodule to latest will break the build. I narrow down to it is caused by this PR: microsoft/sarif-sdk#2669
The added "Microsoft.Diagnostics.Tracing.TraceEvent" in SDK contains a Dia2Lib.dll which will be brought into BinSkim and conflict with our existing Dia2Lib.dll. Can't seem to remove it, and this version will not work with our code missing classes. Not sure how to resolve this.
The Dia2Lib.dll in TraceEvent has a different public key than the existing one we have, and is version 2.0.0.0.
The existing one we have don't have version number.
---- found a possible fix, to replace TraceEvent Dia2Lib.dll with our own.
The build will pass after the other issue is fixed, so need to go after this PR:
#896