Skip to content

Update referenced version of Octopus.Client to 17.0.2288 to correct code signatures. Update global.json to reference 8.0.413 to pick up security fixes for net8 self-contained tentacle #1119

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Aug 15, 2025
Merged

Update referenced version of Octopus.Client to 17.0.2288 to correct code signatures. Update global.json to reference 8.0.413 to pick up security fixes for net8 self-contained tentacle #1119

merged 1 commit into from
Aug 15, 2025

Conversation

borland
Copy link
Contributor

@borland borland commented Aug 15, 2025
edited
Loading

Background

A customer used a scanning tool to inspect our current release of Tentacle (8.0.3103 at time of writing).

The tool showed

  • The Octopus.Client.dll bundled with Tentacle had an invalid code signature
  • The net8 variant of Tentacle was using version 8.0.7 of the .NET runtime

Results

The Octopus.Client code signature was corrected in release 17.0.2288

This PR

  • Updates Tentacle to reference the Octopus.Client version 17.0.2288
  • Updates the global.json file which will cause Tentacle to build with the current 8.0.19 version of the .NET runtime.

[SC-118759]

Fixes #1121
Fixes #1122

How to review this PR

Quality ✔️

The PR validation build passed all tests. I manually verified that the bundled .NET runtime is now 8.0.19

image

Pre-requisites

  • I have read How we use GitHub Issues for help deciding when and where it's appropriate to make an issue.
  • I have considered informing or consulting the right people, according to the ownership map.
  • I have considered appropriate testing for my change.

@borland
Update referenced version of Octopus.Client to 17.0.2288 to correct c…
cb7695a 
…ode signatures. Update global.json to reference 8.0.413 to pick up security fixes for net8 self-contained tentacle
@borland borland requested a review from a team as a code owner August 15, 2025 03:18
rhysparry
rhysparry approved these changes Aug 15, 2025
View reviewed changes
Copy link
Contributor

@rhysparry rhysparry left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

✅ LGTM

source/Octopus.Tentacle/Octopus.Tentacle.csproj
<ItemGroup>
<PackageReference Include="BouncyCastle.Cryptography" Version="2.5.1" />
<PackageReference Include="Octopus.Client" Version="15.2.2240" />
<PackageReference Include="Octopus.Client" Version="17.0.2288" />
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changes seem reasonable to me. It doesn't look like we're impacted by breaking changes.

@rhysparry rhysparry mentioned this pull request Aug 15, 2025
Closed
3 tasks
@borland borland merged commit 9e5c55a into main Aug 15, 2025
51 checks passed
@borland borland deleted the orion/update-clients-and-dotnet branch August 15, 2025 05:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rhysparry rhysparry rhysparry approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

2 participants

@borland @rhysparry