Security review

.azuredevops/pipelines/build-and-release.yml

@@ -0,0 +1,120 @@
+name: "$(Build.DefinitionName) #$(Build.BuildId)"
+
+trigger: none # Manual Publish
+pr: none # GitHub Actions handle PRs
+
+parameters:
+  - name: AgentPoolName
+    displayName: Agent pool name
+    type: string
+    default: Default
+
+  - name: AgentName
+    displayName: Agent name - single char for any
+    type: string
+    default: " "
+
+variables:
+  - name: SIGN_FILE
+    value: true
+
+stages:
+  - stage: Build
+    jobs:
+      - job: Build
+        displayName: Build, Sign, and Pack
+
+        pool:
+          name: ${{ parameters.AgentPoolName }}
+          ${{ if ne(length(parameters.AgentName), 1) }}:
+            demands:
+              - Agent.Name -equals ${{ parameters.AgentName }}
+
+        variables:
+          - group: 14.0 Authenticode signature parameters
+
+          - name: Configuration
+            value: Release
+
+          - name: ProjectPath
+            value: src/Kentico.Xperience.Manager.csproj
+
+        steps:
+          - task: UseDotNet@2
+            displayName: Select dotnet version
+            inputs:
+              packageType: sdk
+              useGlobalJson: true
+
+          - task: DotNetCoreCLI@2
+            displayName: Restore dependencies
+            inputs:
+              command: restore
+              projects: ${{ variables.ProjectPath }}
+              feedsToUse: select
+              restoreArguments: --locked-mode
+
+          - task: DotNetCoreCLI@2
+            displayName: Build
+            inputs:
+              command: build
+              projects: ${{ variables.ProjectPath }}
+              configuration: ${{ variables.Configuration }}
+              arguments: --no-restore
+
+          - task: DotNetCoreCLI@2
+            displayName: Create NuGet package
+            inputs:
+              command: pack
+              packagesToPack: ${{ variables.ProjectPath }}
+              configuration: ${{ variables.Configuration }}
+              packDirectory: $(System.DefaultWorkingDirectory)/packages
+              includesymbols: true
+              nobuild: true
+              versioningScheme: off
+
+          - publish: $(System.DefaultWorkingDirectory)/packages
+            displayName: Publish NuGet package as artifact
+            artifact: artifact
+
+  - ${{ if eq(variables['Build.SourceBranch'], 'refs/heads/master') }}:
+      - stage: PublishNuGetPackages
+        displayName: Publish NuGet packages
+        dependsOn: Build
+
+        jobs:
+          - deployment: PublishNuGetPackages
+            displayName: Publish NuGet packages
+
+            pool:
+              name: ${{ parameters.AgentPoolName }}
+              ${{ if ne(length(parameters.AgentName), 1) }}:
+                demands:
+                  - Agent.Name -equals ${{ parameters.AgentName }}
+
+            environment: integrations-release-nuget
+            workspace:
+              clean: all
+            strategy:
+              runOnce:
+                deploy:
+                  steps:
+                    - checkout: none
+
+                    - task: NuGetToolInstaller@1
+                      displayName: Install latest nuget.exe
+                      inputs:
+                        versionSpec: ">=5.6"
+                        checkLatest: true
+
+                    - task: NuGetAuthenticate@1
+                      displayName: NuGet Authenticate
+
+                    - task: NuGetCommand@2
+                      displayName: NuGet push
+                      inputs:
+                        command: push
+                        packagesToPush: $(Pipeline.Workspace)/artifact/*.nupkg
+                        nuGetFeedType: external
+                        publishFeedCredentials: nuget.org
+                        allowPackageConflicts: true

.github/workflows/build.yml

@@ -24,10 +24,3 @@ jobs:
     - name: Test
       run: dotnet test --no-build --verbosity normal
       working-directory: test
-    - name: NuGet pack
-      run: dotnet pack
-    - name: Upload artifact
-      uses: actions/upload-artifact@v3
-      with:
-        name: NuGet
-        path: ./dist/*.nupkg

.vscode/launch.json

@@ -2,25 +2,15 @@
     "version": "0.2.0",
     "configurations": [
         {
-            // Use IntelliSense to find out which attributes exist for C# debugging
-            // Use hover for the description of the existing attributes
-            // For further information visit https://github.com/dotnet/vscode-csharp/blob/main/debugger-launchjson.md
             "name": ".NET Core Launch (console)",
             "type": "coreclr",
             "request": "launch",
             "preLaunchTask": "build",
-            // If you have changed target frameworks, make sure to update the program path.
-            "program": "${workspaceFolder}/bin/Debug/net7.0/xperience.xman.dll",
-            "args": [],
+            "program": "${workspaceFolder}/src/bin/Debug/net7.0/Kentico.Xperience.Manager.dll",
+            "args": ["i"],
             "cwd": "${workspaceFolder}",
-            // For more information about the 'console' field, see https://aka.ms/VSCode-CS-LaunchJson-Console
-            "console": "internalConsole",
+            "console": "externalTerminal",
             "stopAtEntry": false
-        },
-        {
-            "name": ".NET Core Attach",
-            "type": "coreclr",
-            "request": "attach"
         }
     ]
 }

.vscode/tasks.json

@@ -0,0 +1,15 @@
+{
+	"version": "2.0.0",
+    "tasks": [
+        {
+            "label": "build",
+            "command": "dotnet",
+            "type": "process",
+            "args": [
+                "build",
+                "${workspaceFolder}/src/Kentico.Xperience.Manager.csproj"
+            ],
+            "problemMatcher": "$msCompile"
+        }
+    ]
+}

Directory.Build.targets

@@ -0,0 +1,14 @@
+<Project>
+    <Target Name="SignAssemblyWithAuthenticodeSignature" AfterTargets="AfterBuild" Condition="'$(MSBuildProjectFullPath.Contains(&quot;node_modules&quot;))' == 'false' And $(Configuration) == 'Release' And $(SIGN_FILE) != 'false'">
+        <PropertyGroup>
+            <XmlSerializersTargetPath>$(TargetDir)$(TargetName).XmlSerializers.dll</XmlSerializersTargetPath>
+        </PropertyGroup>
+
+        <ItemGroup>
+            <AssemblyToSign Include="$(TargetPath)" />
+            <AssemblyToSign Include="$(XmlSerializersTargetPath)" Condition="Exists('$(XmlSerializersTargetPath)')" />
+        </ItemGroup>
+
+        <SignFile CertificateThumbprint="$(AuthenticodeCertificateThumbprint)" TimestampUrl="http://time.certum.pl" SigningTarget="%(AssemblyToSign.Identity)" />
+    </Target>
+</Project>

Kentico.Xperience.Manager.sln

@@ -0,0 +1,31 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Version 17
+VisualStudioVersion = 17.5.002.0
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Kentico.Xperience.Manager", "src\Kentico.Xperience.Manager.csproj", "{00F97378-521B-4842-95D3-74D762FEDF2B}"
+EndProject
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Kentico.Xperience.Manager.Tests", "test\Kentico.Xperience.Manager.Tests.csproj", "{10B380EA-3413-4A16-9E36-2739CF607395}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Any CPU = Debug|Any CPU
+		Release|Any CPU = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{00F97378-521B-4842-95D3-74D762FEDF2B}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{00F97378-521B-4842-95D3-74D762FEDF2B}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{00F97378-521B-4842-95D3-74D762FEDF2B}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{00F97378-521B-4842-95D3-74D762FEDF2B}.Release|Any CPU.Build.0 = Release|Any CPU
+		{10B380EA-3413-4A16-9E36-2739CF607395}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{10B380EA-3413-4A16-9E36-2739CF607395}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{10B380EA-3413-4A16-9E36-2739CF607395}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{10B380EA-3413-4A16-9E36-2739CF607395}.Release|Any CPU.Build.0 = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+	GlobalSection(ExtensibilityGlobals) = postSolution
+		SolutionGuid = {87BA7F68-498B-4937-8859-0077C20C8AE2}
+	EndGlobalSection
+EndGlobal

README.md

@@ -1,4 +1,4 @@
-[![Nuget](https://img.shields.io/nuget/v/Xperience.Xman)](https://www.nuget.org/packages/Xperience.Xman#versions-body-tab)
+[![Nuget](https://img.shields.io/nuget/v/Kentico.Xperience.Manager)](https://www.nuget.org/packages/Kentico.Xperience.Manager#versions-body-tab)
 [![build](https://github.com/kentico/xperience-manager/actions/workflows/build.yml/badge.svg)](https://github.com/kentico/xperience-manager/actions/workflows/build.yml)
 
 # Xperience Manager (xman)
@@ -12,15 +12,15 @@ This tool simplifies the process of installing and managing Xperience by Kentico
 Run the following command from a command prompt such as Powershell:
 
 ```bash
-dotnet tool install Xperience.Xman -g
+dotnet tool install Kentico.Xperience.Manager -g
 ```
 
 ## Updating the tool
 
 Run the following command from a command prompt such as Powershell:
 
 ```bash
-dotnet tool update xperience.xman -g
+dotnet tool update Kentico.Xperience.Manager -g
 ```
 
 ## Getting started
@@ -33,7 +33,7 @@ The `xman.json` file contains information about the tool, your default options,
 
 ```json
 {
-  "Version": "3.1.0.0",
+  "Version": "3.4.1.0",
   "Profiles": [
     {
       "ProjectName": "28dev",
@@ -48,8 +48,7 @@ The `xman.json` file contains information about the tool, your default options,
     "InstallRootPath": "C:\\inetpub\\wwwroot",
     "UseCloud": false,
     "DatabaseName": "xperience",
-    "ServerName": "my-server",
-    "AdminPassword": "mypassword"
+    "ServerName": "my-server"
   },
   "CDRootPath": "C:\\inetpub\\wwwroot\\ContinuousDeployment"
 }
@@ -95,6 +94,8 @@ xman p delete
 
 When installing a new project, a new folder will be created in the `InstallRootPath` of the [configuration file](#configuration-file), or in a custom directory that you specify in the installation wizard. After installation, a new [profile](#managing-profiles) is created for the instance.
 
+The installation wizard will automatically generate an administrator password for you, but you can enter your own password during installation if needed.
+
 1. Run the `install` command from the directory containing the [configuration file](#configuration-file) which will begin the installation wizard:
 
    ```bash

global.json

@@ -0,0 +1,7 @@
+{
+    "sdk": {
+      "version": "8.0.100",
+      "rollForward": "latestMajor",
+      "allowPrerelease": false
+    }
+  }

src/Commands/Base/AbstractCommand.cs

@@ -11,7 +11,7 @@ namespace Xperience.Xman.Commands
     /// </summary>
     public abstract class AbstractCommand : ICommand
     {
-        public List<string> Errors { get; } = new();
+        public List<string> Errors { get; } = [];
 
 
         public bool StopProcessing { get; set; }

src/Commands/BuildCommand.cs

@@ -14,7 +14,7 @@ public class BuildCommand : AbstractCommand
         private readonly IScriptBuilder scriptBuilder;
 
 
-        public override IEnumerable<string> Keywords => new string[] { "b", "build" };
+        public override IEnumerable<string> Keywords => ["b", "build"];
 
 
         public override IEnumerable<string> Parameters => Enumerable.Empty<string>();

src/Commands/CodeGenerateCommand.cs

@@ -17,7 +17,7 @@ public class CodeGenerateCommand : AbstractCommand
         private readonly IWizard<CodeGenerateOptions> wizard;
 
 
-        public override IEnumerable<string> Keywords => new string[] { "g", "generate" };
+        public override IEnumerable<string> Keywords => ["g", "generate"];
 
 
         public override IEnumerable<string> Parameters => Enumerable.Empty<string>();

src/Commands/ContinuousDeploymentCommand.cs

@@ -24,10 +24,10 @@ public class ContinuousDeploymentCommand : AbstractCommand
         private readonly IWizard<RepositoryConfiguration> wizard;
 
 
-        public override IEnumerable<string> Keywords => new string[] { "cd" };
+        public override IEnumerable<string> Keywords => ["cd"];
 
 
-        public override IEnumerable<string> Parameters => new string[] { STORE, RESTORE, CONFIG };
+        public override IEnumerable<string> Parameters => [STORE, RESTORE, CONFIG];
 
 
         public override string Description => "Stores or restores CD data, or edits the config file";
@@ -84,14 +84,14 @@ public override async Task Execute(ToolProfile? profile, string? action)
             else if (action?.Equals(STORE, StringComparison.OrdinalIgnoreCase) ?? false)
             {
                 await AnsiConsole.Progress()
-                    .Columns(new ProgressColumn[]
-                    {
+                    .Columns(
+                    [
                         new SpinnerColumn(),
                         new ElapsedTimeColumn(),
                         new TaskDescriptionColumn(),
                         new ProgressBarColumn(),
                         new PercentageColumn()
-                    })
+                    ])
                     .StartAsync(async ctx =>
                     {
                         var task = ctx.AddTask($"[{Constants.EMPHASIS_COLOR}]Running the CD store script[/]");
@@ -107,12 +107,12 @@ await AnsiConsole.Progress()
                 }
 
                 await AnsiConsole.Progress()
-                    .Columns(new ProgressColumn[]
-                    {
+                    .Columns(
+                    [
                         new SpinnerColumn(),
                         new ElapsedTimeColumn(),
                         new TaskDescriptionColumn()
-                    })
+                    ])
                     .StartAsync(async ctx =>
                     {
                         var task = ctx.AddTask($"[{Constants.EMPHASIS_COLOR}]Running the CD restore script[/]");