update marc-romu/chat from dev #177
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…their strong-name, as well as limiting access to setting (#174) ## Description This update significantly strengthens SmartHopper’s security and configuration isolation: - **Enforce assembly signing**: only providers signed with our official certificate will load. Any unsigned or mismatched‑strong‑name assemblies are rejected at startup. - **Restrict settings access**: provider credentials (e.g. API keys) are now encapsulated behind `ProviderManager`. Other components cannot directly read or modify sensitive settings. - **Miscellaneous enhancements**: updated `.windsurfrules` to streamline code‑generation workflows. Happy Sant Jordi! ## Breaking Changes Existing provider assemblies built without the official signing certificate will no longer load. All providers must be recompiled with our current key to interoperate. ## Testing Done - Unit and integration tests confirm: - Settings load/save correctly via `ProviderManager`. - Signed providers load and unsigned ones fail as expected. - No unintended exposure of sensitive data. ## Checklist - [x] This PR is focused on a single feature or bug fix --> not exactly, but... - [x] Version in Solution.props was updated, if necessary, and follows semantic versioning - [x] CHANGELOG.md has been updated - [x] PR title follows [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0/) format - [x] PR description follows [Pull Request Description Template](#pull-request-description-template)
This PR updates the version badge in the README.md to match the current version in Solution.props. This is an automated PR created by the Update Version Badge workflow.
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
Comment on lines
+11
to
+28
| runs-on: windows-latest | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v3 | ||
|
|
||
| - name: Setup .NET | ||
| uses: actions/setup-dotnet@v3 | ||
| with: | ||
| dotnet-version: '7.0.x' | ||
|
|
||
| - name: Restore dependencies | ||
| run: dotnet restore SmartHopper.sln | ||
|
|
||
| - name: Build solution | ||
| run: dotnet build --no-restore --configuration Release SmartHopper.sln | ||
|
|
||
| - name: Run all tests | ||
| run: dotnet test --no-build --configuration Release --results-directory TestResults |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.