Skip to content

Enforce Permissible Binary Source Policy #4254

New issue
New issue
Open
Open
Enforce Permissible Binary Source Policy#4254
Labels
area-buildImprovements in source-build's own build process
@MichaelSimons

Description

@MichaelSimons
MichaelSimons
opened on Mar 25, 2024

PR validation should enforce the Permissible Source Policy in regard to binaries. What this means concretely is we scan for binaries in PR validation and fail the build if non-permissible binaries are found.

When should this be enabled? If this is enabled now, it will introduce yet another reason why the sdk->installer dependency flow can break. This may not be in our best interest. This should be enabled for sure when the repo dependency flow is switched to go directly into the VMR. Would it make sense to enable sooner, e.g. once the sdk->installer repos are merged?

Metadata

Metadata

Assignees

No one assigned

    Labels

    area-buildImprovements in source-build's own build process

    Type

    No type

    Projects

    .NET Source Build

    Status

    10.0

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions