Exclude MXC executables from VersionInfo sanity check (#318077)

* Exclude MXC SDK catalog manifests from Authenticode checks

* Exclude MXC executables from VersionInfo sanity check
This commit is contained in:
dileepyavan
2026-05-23 01:13:34 -07:00
committed by GitHub
parent e64cb01425
commit b86c170235

View File

@@ -35,7 +35,9 @@ export class TestContext {
// MXC SDK ships per-arch SPDX catalog manifests that Get-AuthenticodeSignature reports as UnknownError.
private static readonly authenticodeExclude = /[\\/]node_modules[\\/]@microsoft[\\/]mxc-sdk[\\/]bin[\\/][^\\/]+[\\/]_manifest[\\/][^\\/]+[\\/]manifest\.cat$/i;
private static readonly versionInfoInclude = /^.+\.(exe|dll|node|msi)$/i;
private static readonly versionInfoExclude = /^(dxil\.dll|ffmpeg\.dll|msalruntime\.dll)$/i;
private static readonly versionInfoFileExclude = /^(dxil\.dll|ffmpeg\.dll|msalruntime\.dll)$/i;
// MXC SDK Windows executables are signed, but they do not carry a ProductName VersionInfo resource.
private static readonly versionInfoPathExclude = /(?:^|[\\/])node_modules(?:\.asar\.unpacked)?[\\/]@microsoft[\\/]mxc-sdk[\\/]bin[\\/][^\\/]+[\\/][^\\/]+\.exe$/i;
private static readonly dpkgLockError = /dpkg frontend lock was locked by another process|unable to acquire the dpkg frontend lock|could not get lock \/var\/lib\/dpkg\/lock-frontend/i;
private readonly tempDirs = new Set<string>();
@@ -436,7 +438,7 @@ export class TestContext {
if (entry.isDirectory()) {
this.collectVersionInfoFiles(filePath, files);
} else if (TestContext.versionInfoInclude.test(entry.name)) {
if (TestContext.versionInfoExclude.test(entry.name)) {
if (TestContext.versionInfoFileExclude.test(entry.name) || TestContext.versionInfoPathExclude.test(filePath)) {
this.log(`Skipping excluded file from VersionInfo validation: ${filePath}`);
} else {
files.push(filePath);