search

web-push-libs / web-push-csharp

Web Push library for C#
Mozilla Public License 2.0
429 stars 108 forks source link

Add strong name to assemby #30

Open force-net opened 6 years ago

force-net commented 6 years ago

It is impossible to use this library in strong named applications, because it does not have strong name.

Also, there are no sense to use netcoreapp1.0;netcoreapp1.1;netcoreapp2.0 as target frameworks, this frameworks are actual for applications not library. Better to use netstandard2.0 framework for dotnetcore and net46 for normal windows framework (without this target 'big' framework will use netstandard1.1 and lot of shims). So, all set of frameworks should be similar to this: netstandard1.1;netstandard2.0;net46

coryjthompson commented 6 years ago

Thanks for your tip on targeting "big" frameworks. I've made this change and it's helped.

Adding a stronger name assembly will require a bit more research on my end because it's a technology i have never used before and I don't understand the implications of implementing it yet. Once I get a bit of free time I shall do some research and possibly implement.

force-net commented 6 years ago

Strong naming is idea introduced by Microsoft with first version of .NET framework. It consisted in signing assembly (dll or exe) with key (this key can be simply generated in Visual Studio). Main idea to distinquish same named libraries from different developers, also only strong-named assembly can have "version" and can be moved to GAC.

So, if you use strong-named assemblies, you should use all strong-named references for it (limitation from Microsoft). With .NET Core this limitation was mitigated, but for "big" framework it is still hard to use this libraries.

So, you can just add any key as strong name and put it into repository (Microsoft considers that it normal behavior due key is used only for signing assembly for .NET, not for security). But if you want to keep this key as private, you can add it to .gitignore and add some build configuration which will use this key and other (e.g. 'Debug' without key for others, who use your repository from sources).

flensrocker commented 2 years ago

Thank you for your project!

Please have a look at my PR to add strong name signing.

flensrocker commented 2 years ago

Hi, just a friendly reminder. Any news on this? If you have any questions, feel free to ask.

Thanks for your work!

flensrocker commented 1 year ago

Hi again!

To @coryjthompson @JTOne123 @GurGaller or other contributors:
Is this project still alive? Or should one migrate to alternatives? Any kind of "ping" would help...

Thank you!