Skip to content

Commit 457cfdc

Browse files
andrewnesterandrewnester
authored
Lock AzureSignTool to 7.0.1 (#4845)
## Changes Lock AzureSignTool to 7.0.1
1 parent 79a9521 commit 457cfdc

1 file changed

Lines changed: 4 additions & 1 deletion

File tree

.github/workflows/release.yml

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -98,10 +98,13 @@ jobs:
9898
echo "::add-mask::$accessToken"
9999
echo "AZURE_VAULT_TOKEN=$accessToken" >> $env:GITHUB_ENV
100100
101+
# AzureSignTool is installed from nuget.org (https://www.nuget.org/packages/AzureSignTool/7.0.1)
102+
# Security: On Windows, NuGet verifies repository signatures by default. The package is
103+
# version-pinned and pulled over HTTPS from nuget.org's CDN. Source: https://github.com/vcsjones/AzureSignTool
101104
- name: Install AzureSignTool
102105
shell: pwsh
103106
run: |
104-
dotnet tool install --global AzureSignTool
107+
dotnet tool install --global AzureSignTool --version 7.0.1
105108
106109
- name: Run GoReleaser for Windows
107110
uses: goreleaser/goreleaser-action@ec59f474b9834571250b370d4735c50f8e2d1e29 # v7.0.0

0 commit comments

Comments
 (0)