Strong-name sign .NET SDK#1778
Merged
Merged
Conversation
Use the canonical .NET Open.snk key to strong-name sign the GitHub.Copilot.SDK assembly. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Contributor
There was a problem hiding this comment.
Pull request overview
This PR enables strong-name signing for the .NET SDK assembly (GitHub.Copilot.SDK) so it can be consumed by environments that require strong-named dependencies, using the canonical Open.snk key under the dotnet/ directory.
Changes:
- Turn on strong-name signing for the
GitHub.Copilot.SDKproject viaDirectory.Build.props. - Configure the project to use
dotnet/Open.snkas theAssemblyOriginatorKeyFilewhen building that assembly.
Show a summary per file
| File | Description |
|---|---|
dotnet/Directory.Build.props |
Adds a project-scoped MSBuild property group enabling strong-name signing for GitHub.Copilot.SDK using dotnet/Open.snk. |
Copilot's findings
- Files reviewed: 1/2 changed files
- Comments generated: 0
Contributor
Cross-SDK Consistency Review ✅This PR adds strong-name signing to the .NET SDK — a .NET-specific assembly concept. Strong-name signing has no equivalent in the other SDK implementations (Node.js/TypeScript, Python, Go, Java, Rust), so this change does not create any cross-language consistency gaps. No action required in other SDKs.
|
anishi1222
added a commit
to anishi1222/copilot-sdk
that referenced
this pull request
Jun 24, 2026
* HTTP request callback support (github#1689) * fix(rust): backdate extracted CLI mtime to stop build.rs self-invalidation (github#1776) * fix(rust): backdate extracted CLI mtime to stop self-invalidation When `bundled-cli` is off, `build.rs` watches the extracted CLI binary via `cargo:rerun-if-changed` so a deleted cache binary forces a re-extract. On a cold cache the same build script *creates* that binary mid-build, after the download — so its mtime ends up newer than cargo's build-script `output` reference (stamped when the script was spawned). The next identical `cargo` invocation then sees the watched file as "changed", reruns build.rs, recompiles the SDK crate, and relinks every downstream crate (observed ~9 min of wasted CI on a second cargo invocation in the same job). Backdate the staged binary's mtime to the Unix epoch before the atomic rename (rename preserves mtime), so it lands unambiguously older than any real build reference and a no-change rebuild stays a true no-op. Best-effort: on error we emit a `cargo:warning` and continue, reverting to the prior redundant-rebuild behaviour rather than breaking the build. The deleted-file recovery contract is untouched — a missing file still can't be stat'd, so cargo still reruns. Embed mode (`bundled-cli` on) is unaffected: it emits no `rerun-if-changed` on any build-created file. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * refactor(rust): write staging binary through a single file handle Address review: open the staging file once and perform the write, permission-set, and mtime-backdate on one handle instead of reopening it for each step. Write and chmod failures stay fatal; the epoch backdate stays best-effort (warn and continue). Behavior is otherwise unchanged: the extracted binary still lands epoch-dated so a no-change rebuild is a true no-op. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Address review feedback on HTTP request callback support (+ cross-SDK parity) (github#1775) * Strong-name sign .NET SDK (github#1778) Use the canonical .NET Open.snk key to strong-name sign the GitHub.Copilot.SDK assembly. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --------- Co-authored-by: Steve Sanderson <SteveSandersonMS@users.noreply.github.com> Co-authored-by: Paolo Tranquilli <redsun82@github.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> Co-authored-by: Stephen Toub <stoub@microsoft.com>
anishi1222
added a commit
to anishi1222/copilot-sdk
that referenced
this pull request
Jun 24, 2026
* HTTP request callback support (github#1689) * fix(rust): backdate extracted CLI mtime to stop build.rs self-invalidation (github#1776) * fix(rust): backdate extracted CLI mtime to stop self-invalidation When `bundled-cli` is off, `build.rs` watches the extracted CLI binary via `cargo:rerun-if-changed` so a deleted cache binary forces a re-extract. On a cold cache the same build script *creates* that binary mid-build, after the download — so its mtime ends up newer than cargo's build-script `output` reference (stamped when the script was spawned). The next identical `cargo` invocation then sees the watched file as "changed", reruns build.rs, recompiles the SDK crate, and relinks every downstream crate (observed ~9 min of wasted CI on a second cargo invocation in the same job). Backdate the staged binary's mtime to the Unix epoch before the atomic rename (rename preserves mtime), so it lands unambiguously older than any real build reference and a no-change rebuild stays a true no-op. Best-effort: on error we emit a `cargo:warning` and continue, reverting to the prior redundant-rebuild behaviour rather than breaking the build. The deleted-file recovery contract is untouched — a missing file still can't be stat'd, so cargo still reruns. Embed mode (`bundled-cli` on) is unaffected: it emits no `rerun-if-changed` on any build-created file. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * refactor(rust): write staging binary through a single file handle Address review: open the staging file once and perform the write, permission-set, and mtime-backdate on one handle instead of reopening it for each step. Write and chmod failures stay fatal; the epoch backdate stays best-effort (warn and continue). Behavior is otherwise unchanged: the extracted binary still lands epoch-dated so a no-change rebuild is a true no-op. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Address review feedback on HTTP request callback support (+ cross-SDK parity) (github#1775) * Strong-name sign .NET SDK (github#1778) Use the canonical .NET Open.snk key to strong-name sign the GitHub.Copilot.SDK assembly. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --------- Co-authored-by: Steve Sanderson <SteveSandersonMS@users.noreply.github.com> Co-authored-by: Paolo Tranquilli <redsun82@github.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> Co-authored-by: Stephen Toub <stoub@microsoft.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The .NET SDK assembly was not being strong-name signed, which can block consumers that require strong-named dependencies.
This enables signing for
GitHub.Copilot.SDKusing the canonical .NET Open.snk key and keeps the .NET-specific key under thedotnetdirectory. The resulting SDK assemblies use public key tokencc7b13ffcd2ddd51, matching the .NET open-source strong-name key.Validation:
dotnet build dotnet\src\GitHub.Copilot.SDK.csproj -v minimal