Main

.devcontainer/# Code Citations.md

@@ -0,0 +1,71 @@
+# Code Citations
+
+## License: MIT
+https://github.com/Mapsui/Mapsui/tree/0bc70db277841f06e238dadb47ca128dc5f86226/dotnetcli/sdk/6.0.401/Sdks/Microsoft.NET.Sdk.Web/Sdk/Sdk.targets
+
+```
+Incorrect changes to this file will make it
+          impossible to load or build your projects from the command-line or the IDE.
+
+Copyright (c) .NET Foundation. All rights reserved.
+***********************************************************************************************
+-->
+<Project ToolsVersion="14.0" xmlns="http:/
+```
+
+
+## License: MIT
+https://github.com/Ollon/NuGetPackages/tree/a93e38e7a3019f318f6e1237386608372d9581ce/Src/MSBuildToolset/tools/AIO/NETStandard.pp.proj
+
+```
+>
+<!--
+***********************************************************************************************
+Microsoft.NET.Sdk.targets
+
+WARNING:  DO NOT MODIFY this file unless you are knowledgeable about MSBuild and have
+          created a backup copy.  Incorrect changes to this file will make it
+          impossible to load or build your projects from the command-line or the
+```
+
+
+## License: MIT
+https://github.com/dotnet/razor-compiler/tree/076fc261dcc1d51f5767e020114d713a65aa3788/src/RazorSdk/Sdk/Sdk.Razor.StaticAssets.ProjectSystem.props
+
+```
+WARNING:  DO NOT MODIFY this file unless you are knowledgeable about MSBuild and have
+          created a backup copy.  Incorrect changes to this file will make it
+          impossible to load or build your projects from the command-line or the IDE.
+
+Copyright (c) .NET Foundation. All rights reserved
+```
+
+
+## License: unknown
+https://github.com/marcin-krystianc/nuget_11031_benchmark/tree/bdd8dd60700dfadf54003fbaa8a7461f16943912/dotnet/sdk/6.0.100-mmapio/Sdks/Microsoft.NET.Sdk/targets/Microsoft.NET.Sdk.targets
+
+```
+***********************************************************************************************
+Microsoft.NET.Sdk.targets
+
+WARNING:  DO NOT MODIFY this file unless you are knowledgeable about MSBuild and have
+          created a backup copy.  Incorrect changes to this file will make it
+          impossible to load or build your projects from the command-line or the IDE.
+
+Copyright (c
+```
+
+
+## License: unknown
+https://github.com/Weilin-t/mono/tree/ec8fabe97fa3a4b619b256c7e13bf4166bdb1cf2/lib/mono/msbuild/15.0/bin/Sdks/Microsoft.NET.Sdk/targets/Microsoft.NET.RuntimeIdentifierInference.targets
+
+```
+a backup copy.  Incorrect changes to this file will make it
+          impossible to load or build your projects from the command-line or the IDE.
+
+Copyright (c) .NET Foundation. All rights reserved.
+***********************************************************************************************
+-->
+<Project ToolsVersion="14.0" xmlns=
+```
+

.github/dependabot.yml

@@ -1,9 +1,12 @@
-version: 2
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for more information:
+# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+# https://containers.dev/guide/dependabot
 
+version: 2
 updates:
-
-  # Enable version updates for GitHub ecosystem
-  - package-ecosystem: "github-actions"
-    directory: "/"
-    schedule:
-      interval: "daily"
+ - package-ecosystem: "devcontainers"
+   directory: "/"
+   schedule:
+     interval: weekly

.github/workflows/codeql-analysis.yml

@@ -25,7 +25,7 @@ jobs:
     - uses: actions/checkout@v4
 
     - name: Setup .NET
-      uses: actions/setup-dotnet@v4.0.1
+      uses: actions/setup-dotnet@v4.2.0
       with:
         dotnet-version: 8.0.x
 

.github/workflows/continuous-integration.yml

@@ -19,7 +19,7 @@ jobs:
     - uses: actions/checkout@v4
 
     - name: Setup .NET
-      uses: actions/setup-dotnet@v4.0.1
+      uses: actions/setup-dotnet@v4.2.0
       with:
         dotnet-version: 8.0.x
 
@@ -54,20 +54,26 @@ jobs:
   linux:
     name: Linux
     runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        runtime: [ linux-x64, linux-arm64, linux-arm ]
 
     steps:
     - uses: actions/checkout@v4
 
     - name: Setup .NET
-      uses: actions/setup-dotnet@v4.0.1
+      uses: actions/setup-dotnet@v4.2.0
       with:
         dotnet-version: 8.0.x
 
     - name: Install dependencies
       run: dotnet restore
 
     - name: Build
-      run: dotnet build --configuration LinuxRelease
+      run: |
+        dotnet build src/linux/Packaging.Linux/*.csproj \
+         --configuration=Release --no-self-contained \
+         --runtime=${{ matrix.runtime }}
 
     - name: Test
       run: |
@@ -82,7 +88,7 @@ jobs:
     - name: Upload artifacts
       uses: actions/upload-artifact@v4
       with:
-        name: linux-x64
+        name: ${{ matrix.runtime }}
         path: |
           artifacts
 
@@ -100,7 +106,7 @@ jobs:
     - uses: actions/checkout@v4
 
     - name: Setup .NET
-      uses: actions/setup-dotnet@v4.0.1
+      uses: actions/setup-dotnet@v4.2.0
       with:
         dotnet-version: 8.0.x
 

.github/workflows/lint-docs.yml

@@ -20,7 +20,7 @@ jobs:
     steps:
       - uses: actions/checkout@v4
 
-      - uses: DavidAnson/markdownlint-cli2-action@b4c9feab76d8025d1e83c653fa3990936df0e6c8
+      - uses: DavidAnson/markdownlint-cli2-action@eb5ca3ab411449c66620fe7f1b3c9e10547144b0
         with:
           globs: |
             "**/*.md"
@@ -35,7 +35,7 @@ jobs:
       - name: Run link checker
         # For any troubleshooting, see:
         # https://github.com/lycheeverse/lychee/blob/master/docs/TROUBLESHOOTING.md
-        uses: lycheeverse/lychee-action@c053181aa0c3d17606addfe97a9075a32723548a
+        uses: lycheeverse/lychee-action@f81112d0d2814ded911bd23e3beaa9dda9093915
 
         with:
           # user-agent: if a user agent is not specified, some websites (e.g.

.github/workflows/release.yml

@@ -35,7 +35,7 @@ jobs:
     - uses: actions/checkout@v4
 
     - name: Set up .NET
-      uses: actions/setup-dotnet@v4.0.1
+      uses: actions/setup-dotnet@v4.2.0
       with:
         dotnet-version: 8.0.x
 
@@ -57,8 +57,8 @@ jobs:
 
     - name: Set up signing/notarization infrastructure
       env:
-        A1: ${{ secrets.APPLICATION_CERTIFICATE_BASE64 }}
-        A2: ${{ secrets.APPLICATION_CERTIFICATE_PASSWORD }}
+        A1: ${{ secrets.GATEWATCHER_DEVELOPER_ID_CERT }}
+        A2: ${{ secrets.GATEWATCHER_DEVELOPER_ID_PASSWORD }}
         I1: ${{ secrets.INSTALLER_CERTIFICATE_BASE64 }}
         I2: ${{ secrets.INSTALLER_CERTIFICATE_PASSWORD }}
         N1: ${{ secrets.APPLE_TEAM_ID }}
@@ -150,7 +150,7 @@ jobs:
     - uses: actions/checkout@v4
 
     - name: Set up .NET
-      uses: actions/setup-dotnet@v4.0.1
+      uses: actions/setup-dotnet@v4.2.0
       with:
         dotnet-version: 8.0.x
 
@@ -177,7 +177,7 @@ jobs:
         subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
 
     - name: Sign payload files with Azure Code Signing
-      uses: azure/trusted-signing-action@v0.4.0
+      uses: azure/trusted-signing-action@v0.5.0
       with:
         endpoint: https://wus2.codesigning.azure.net/
         trusted-signing-account-name: git-fundamentals-signing
@@ -190,7 +190,7 @@ jobs:
 
     # The Azure Code Signing action overrides the .NET version, so we reset it.
     - name: Set up .NET
-      uses: actions/setup-dotnet@v4.0.1
+      uses: actions/setup-dotnet@v4.2.0
       with:
         dotnet-version: 8.0.x
 
@@ -204,7 +204,7 @@ jobs:
          -Destination $env:GITHUB_WORKSPACE\installers
 
     - name: Sign installers with Azure Code Signing
-      uses: azure/trusted-signing-action@v0.4.0
+      uses: azure/trusted-signing-action@v0.5.0
       with:
         endpoint: https://wus2.codesigning.azure.net/
         trusted-signing-account-name: git-fundamentals-signing
@@ -232,16 +232,22 @@ jobs:
     runs-on: ubuntu-latest
     environment: release
     needs: prereqs
+    strategy:
+      matrix:
+        runtime: [ linux-x64, linux-arm64, linux-arm ]
     steps:
     - uses: actions/checkout@v4
 
     - name: Set up .NET
-      uses: actions/setup-dotnet@v4.0.1
+      uses: actions/setup-dotnet@v4.2.0
       with:
         dotnet-version: 8.0.x
 
     - name: Build
-      run: dotnet build --configuration=LinuxRelease
+      run: |
+        dotnet build src/linux/Packaging.Linux/*.csproj \
+        --configuration=LinuxRelease --no-self-contained \
+        --runtime=${{ matrix.runtime }}
 
     - name: Run Linux unit tests
       run: |
@@ -286,18 +292,18 @@ jobs:
       run: |
         # Sign Debian package
         version=${{ needs.prereqs.outputs.version }}
-        mv out/linux/Packaging.Linux/Release/deb/gcm-linux_amd64.$version.deb .
-        debsigs --sign=origin --verify --check gcm-linux_amd64.$version.deb
+        mv out/linux/Packaging.Linux/Release/deb/gcm-${{ matrix.runtime }}.$version.deb .
+        debsigs --sign=origin --verify --check gcm-${{ matrix.runtime }}.$version.deb
 
         # Generate tarball signature file
         mv -v out/linux/Packaging.Linux/Release/tar/* .
-        gpg --batch --yes --armor --output gcm-linux_amd64.$version.tar.gz.asc \
-          --detach-sig gcm-linux_amd64.$version.tar.gz
+        gpg --batch --yes --armor --output gcm-${{ matrix.runtime }}.$version.tar.gz.asc \
+          --detach-sig gcm-${{ matrix.runtime }}.$version.tar.gz
 
     - name: Upload artifacts
       uses: actions/upload-artifact@v4
       with:
-        name: linux-artifacts
+        name: ${{ matrix.runtime }}-artifacts
         path: |
           ./*.deb
           ./*.asc
@@ -314,7 +320,7 @@ jobs:
     - uses: actions/checkout@v4
 
     - name: Set up .NET
-      uses: actions/setup-dotnet@v4.0.1
+      uses: actions/setup-dotnet@v4.2.0
       with:
         dotnet-version: 8.0.x
 
@@ -387,7 +393,7 @@ jobs:
         path: signed
 
     - name: Set up .NET
-      uses: actions/setup-dotnet@v4.0.1
+      uses: actions/setup-dotnet@v4.2.0
       with:
         dotnet-version: 8.0.x
 
@@ -466,9 +472,9 @@ jobs:
       matrix:
         component:
           - os: ubuntu-latest
-            artifact: linux-artifacts
+            artifact: linux-x64-artifacts
             command: git-credential-manager
-            description: linux
+            description: linux-x64
           - os: macos-latest
             artifact: macos-osx-x64-artifacts
             command: git-credential-manager
@@ -491,7 +497,7 @@ jobs:
       - uses: actions/checkout@v4
 
       - name: Set up .NET
-        uses: actions/setup-dotnet@v4.0.1
+        uses: actions/setup-dotnet@v4.2.0
         with:
           dotnet-version: 8.0.x
 
@@ -510,15 +516,15 @@ jobs:
             Start-Process -Wait -FilePath "$exePath" -ArgumentList "/SILENT /VERYSILENT /NORESTART"
           }
 
-      - name: Install Linux (Debian package)
-        if: contains(matrix.component.description, 'linux')
+      - name: Install Linux x64 (Debian package)
+        if: contains(matrix.component.description, 'linux-x64')
         run: |
           debpath=$(find ./*.deb)
           sudo apt install $debpath
           "${{ matrix.component.command }}" configure
 
-      - name: Install Linux (tarball)
-        if: contains(matrix.component.description, 'linux')
+      - name: Install Linux x64 (tarball)
+        if: contains(matrix.component.description, 'linux-x64')
         run: |
           # Ensure we find only the source tarball, not the symbols
           tarpath=$(find . -name '*[[:digit:]].tar.gz')
@@ -561,7 +567,7 @@ jobs:
       - uses: actions/checkout@v4
 
       - name: Set up .NET
-        uses: actions/setup-dotnet@v4.0.1
+        uses: actions/setup-dotnet@v4.2.0
         with:
           dotnet-version: 8.0.x
 
@@ -598,7 +604,9 @@ jobs:
           az keyvault secret show --name "$GPG_PUBLIC_KEY_SECRET_NAME" \
             --vault-name "$AZURE_VAULT" --query "value" \
             | sed -e 's/^"//' -e 's/"$//' | base64 -d >gcm-public.asc
-          mv gcm-public.asc linux-artifacts
+          cp gcm-public.asc linux-x64-artifacts/
+          cp gcm-public.asc linux-arm64-artifacts/
+          mv gcm-public.asc linux-arm-artifacts
 
       - uses: actions/github-script@v7
         with:
@@ -655,7 +663,9 @@ jobs:
               uploadDirectoryToRelease('osx-payload-and-symbols'),
 
               // Upload Linux artifacts
-              uploadDirectoryToRelease('linux-artifacts'),
+              uploadDirectoryToRelease('linux-x64-artifacts'),
+              uploadDirectoryToRelease('linux-arm64-artifacts'),
+              uploadDirectoryToRelease('linux-arm-artifacts'),
 
               // Upload .NET tool package
               uploadDirectoryToRelease('dotnet-tool-sign'),

.github/workflows/validate-install-from-source.yml

@@ -21,20 +21,24 @@ jobs:
         # tgagor is a contributor who pushes updated images weekly, which should
         # be sufficient for our validation needs.
         - image: tgagor/centos
-        - image: tgagor/centos-stream
         - image: redhat/ubi8
         - image: alpine
         - image: alpine:3.14.10
         - image: opensuse/leap
         - image: opensuse/tumbleweed
         - image: registry.suse.com/suse/sle15:15.4.27.11.31
+        - image: archlinux
+        - image: mcr.microsoft.com/cbl-mariner/base/core:2.0
     container: ${{matrix.vector.image}}
     steps:
       - run: |
           if [[ ${{matrix.vector.image}} == *"suse"* ]]; then
             zypper -n install tar gzip
           elif [[ ${{matrix.vector.image}} == *"centos"* ]]; then
             dnf install which -y
+          elif [[ ${{matrix.vector.image}} == *"mariner"* ]]; then
+            GNUPGHOME=/root/.gnupg tdnf update -y &&
+            GNUPGHOME=/root/.gnupg tdnf install tar -y # needed for `actions/checkout`
           fi
 
       - uses: actions/checkout@v4