Closed JuanZamudioGBM closed 3 years ago
huysentruitw
commented
3 years ago Hi Juan, I have been asked this before, but since this package is only useful in unit-test projects we decided it was not needed to sign unit-test projects. Is there a reason why you're signing unit-test projects?
JuanZamudioGBM
commented
3 years ago We share a props file per type of project with all our configurations (one for netstandard and another for netcoreapp) the props file for the test project is shared with another netcoreapps in the solution, that's why its signed
huysentruitw
commented
3 years ago Hi, Juan, I was able to do some research whether signing an open-sourced package is valuable since the signing key will be publicly visible in the repository. My conclusion is that it doesn't add any additional safety as anyone can take the key and sign a build themselves.
Anyway, I understand why you need it, so if you create a PR with signing key, I'd integrate it.
JuanZamudioGBM
commented
3 years ago I will create a PR then.
Thanks for your time
huysentruitw
commented
3 years ago @JuanZamudioGBM Finally had some time to get into strong naming and change the AppVeyor pipeline to GitHub actions.
As of version 2.1.0, this library should be signed.
Hi, I have all the projects in my solution signed with a SNK, I installed the nuget version 2.0.0.107 so i can mock an exception during SavingChanges, but i got this error during build:
Referenced assembly 'EntityFrameworkCoreMock.Moq, Version=2.0.0.107, Culture=neutral, PublicKeyToken=null' does not have a strong name.Do you have a nuget version with the packages signed?
Thanks a lot.