Closed kirillkovalenko closed 1 year ago
@kirillkovalenko Do you have a basic sample project that I can test with?
I've created a simple project Sns80.zip
BTW, does your tool respect AssemblyOriginatorKeyFile
MsBuild property?
BTW, does your tool respect AssemblyOriginatorKeyFile MsBuild property?
No, it's completely separate from any MSBuild specifics that project files could be using and you would need to pass you key file in the same way.
The problem you are experiencing with your project is related to PR #78
Package references go into cache directories such as C:\Users\USER_NAME\.nuget\packages\ntapidotnet
, the locations are explicitly excluded with the automatic build task because there are usually thousands of packages in there, none of which we want to traverse and check for each project's build unnecessarily.
A solution now would be to sign explicitly using the console application with build events as described here: https://github.com/brutaldev/StrongNameSigner#build-process You could also sign using the application, re-publish to your own local (or private NuGet repository) or just reference the final signed file directly. Ther project you are referring to is also open source so you could request from the developers to sign it or fork your own version, sign it and make another NuGet package for them.
You have a lot of options that make it not necessary to use this tool since it is intended as a last resort.
A solution now would be to sign explicitly using the console application
Thanks, I've already implemented this approach.
I trying to use strong name signer tool to have a new 3rd party dependency assembly signed automatically. It seems that the tool finds in project dependencies referenced via
ProjectReference
, but does not process those referenced viaPackageReference
tag. Is SDK style not supported or it's me doing something wrong?