Fix markdown syntax violations (#5764)
This commit is contained in:
Родитель
ef85b41134
Коммит
4ff34b213c
|
@ -26,4 +26,4 @@ jobs:
|
|||
run: |
|
||||
echo "::add-matcher::.github/workflows/markdownlint-problem-matcher.json"
|
||||
npm i -g markdownlint-cli
|
||||
markdownlint "**/*.md"
|
||||
markdownlint "**/*.md" -i "eng/readme-templates/*" -i "eng/common/*"
|
||||
|
|
|
@ -6,27 +6,16 @@
|
|||
// Follow-up work will be done to enable these rules and clean up the violations.
|
||||
"MD001": false, // heading-increment Heading levels should only increment by one level at a time
|
||||
"MD004": false, // ul-style Unordered list style
|
||||
"MD005": false, // list-indent Inconsistent indentation for list items at the same level
|
||||
"MD007": false, // ul-indent Unordered list indentation
|
||||
"MD009": false, // no-trailing-spaces Trailing spaces
|
||||
"MD010": false, // no-hard-tabs Hard tabs
|
||||
"MD011": false, // no-reversed-links Reversed link syntax
|
||||
"MD012": false, // no-multiple-blanks Multiple consecutive blank lines
|
||||
"MD013": false, // line length
|
||||
"MD014": false, // commands-show-output Dollar signs used before commands without showing output
|
||||
"MD022": false, // blanks-around-headings Headings should be surrounded by blank lines
|
||||
"MD024": false, // no-duplicate-heading Multiple headings with the same content
|
||||
"MD025": false, // single-title/single-h1 Multiple top-level headings in the same document
|
||||
"MD026": false, // no-trailing-punctuation Trailing punctuation in heading
|
||||
"MD028": false, // no-blanks-blockquote Blank line inside blockquote
|
||||
"MD031": false, // blanks-around-fences Fenced code blocks should be surrounded by blank lines
|
||||
"MD032": false, // blanks-around-lists Lists should be surrounded by blank lines
|
||||
"MD034": false, // no-bare-urls Bare URL used
|
||||
"MD036": false, // no-emphasis-as-heading Emphasis used instead of a heading
|
||||
"MD037": false, // no-space-in-emphasis Spaces inside emphasis markers
|
||||
"MD040": false, // fenced-code-language Fenced code blocks should have a language specified
|
||||
"MD041": false, // first-line-heading/first-line-h1 First line in a file should be a top-level heading
|
||||
"MD047": false, // single-trailing-newline Files should end with a single newline character
|
||||
"MD049": false, // emphasis-style Emphasis style
|
||||
"MD051": false, // link-fragments Link fragments should be valid
|
||||
}
|
||||
|
|
|
@ -23,9 +23,9 @@ The dashboard shows:
|
|||
|
||||
The dashboard must be configured when it is started. The configuration is done via environment variables. The following environment variables are supported:
|
||||
|
||||
- `ASPNETCORE_URLS` specifies one or more HTTP endpoints through which the dashboard frontend is served. The frontend endpoint is used to view the dashboard in a browser. Defaults to http://localhost:18888.
|
||||
- `DOTNET_DASHBOARD_OTLP_ENDPOINT_URL` specifies the [OTLP/gRPC](https://opentelemetry.io/docs/specs/otlp/#otlpgrpc) endpoint. This endpoint hosts an OTLP service and receives telemetry using gRPC. When the dashboard is launched by the .NET Aspire app host this address is secured with HTTPS. Securing the dashboard with HTTPS is recommended. Defaults to http://localhost:18889.
|
||||
- `DOTNET_DASHBOARD_OTLP_HTTP_ENDPOINT_URL` specifies the [OTLP/HTTP](https://opentelemetry.io/docs/specs/otlp/#otlphttp) endpoint. This endpoint hosts an OTLP service and receives telemetry using Protobuf over HTTP. Defaults to http://localhost:18890.
|
||||
- `ASPNETCORE_URLS` specifies one or more HTTP endpoints through which the dashboard frontend is served. The frontend endpoint is used to view the dashboard in a browser. Defaults to `http://localhost:18888`.
|
||||
- `DOTNET_DASHBOARD_OTLP_ENDPOINT_URL` specifies the [OTLP/gRPC](https://opentelemetry.io/docs/specs/otlp/#otlpgrpc) endpoint. This endpoint hosts an OTLP service and receives telemetry using gRPC. When the dashboard is launched by the .NET Aspire app host this address is secured with HTTPS. Securing the dashboard with HTTPS is recommended. Defaults to `http://localhost:18889`.
|
||||
- `DOTNET_DASHBOARD_OTLP_HTTP_ENDPOINT_URL` specifies the [OTLP/HTTP](https://opentelemetry.io/docs/specs/otlp/#otlphttp) endpoint. This endpoint hosts an OTLP service and receives telemetry using Protobuf over HTTP. Defaults to `http://localhost:18890`.
|
||||
- `DOTNET_DASHBOARD_UNSECURED_ALLOW_ANONYMOUS` specifies the dashboard doesn't use authentication and accepts anonymous access. This setting is a shortcut to configuring `Dashboard:Frontend:AuthMode` and `Dashboard:Otlp:AuthMode` to `Unsecured`.
|
||||
- `DOTNET_DASHBOARD_CONFIG_FILE_PATH` specifies the path for an optional JSON configuration file.
|
||||
|
||||
|
@ -126,6 +126,7 @@ View the current tags at the [Microsoft Artifact Registry portal](https://mcr.mi
|
|||
### CVE Update Policy
|
||||
|
||||
.NET container images are regularly monitored for the presence of CVEs. A given image will be rebuilt to pick up fixes for a CVE when:
|
||||
|
||||
* We detect the image contains a CVE with a [CVSS](https://nvd.nist.gov/vuln-metrics/cvss) score of "Critical"
|
||||
* **AND** the CVE is in a package that is added in our Dockerfile layers (meaning the CVE is in a package we explicitly install or any transitive dependencies of those packages)
|
||||
* **AND** there is a CVE fix for the package available in the affected base image's package repository.
|
||||
|
|
|
@ -87,6 +87,7 @@ View the current tags at the [Microsoft Artifact Registry portal](https://mcr.mi
|
|||
### CVE Update Policy
|
||||
|
||||
.NET container images are regularly monitored for the presence of CVEs. A given image will be rebuilt to pick up fixes for a CVE when:
|
||||
|
||||
* We detect the image contains a CVE with a [CVSS](https://nvd.nist.gov/vuln-metrics/cvss) score of "Critical"
|
||||
* **AND** the CVE is in a package that is added in our Dockerfile layers (meaning the CVE is in a package we explicitly install or any transitive dependencies of those packages)
|
||||
* **AND** there is a CVE fix for the package available in the affected base image's package repository.
|
||||
|
|
|
@ -21,8 +21,8 @@
|
|||
|
||||
You can use C# or F# to write .NET apps.
|
||||
|
||||
- [C#](https://docs.microsoft.com/dotnet/csharp/) is powerful, type-safe, and object-oriented while retaining the expressiveness and elegance of C-style languages. Anyone familiar with C and similar languages will find it straightforward to write in C#.
|
||||
- [F#](https://docs.microsoft.com/dotnet/fsharp/) is a cross-platform, open-source, functional programming language for .NET. It also includes object-oriented and imperative programming.
|
||||
* [C#](https://docs.microsoft.com/dotnet/csharp/) is powerful, type-safe, and object-oriented while retaining the expressiveness and elegance of C-style languages. Anyone familiar with C and similar languages will find it straightforward to write in C#.
|
||||
* [F#](https://docs.microsoft.com/dotnet/fsharp/) is a cross-platform, open-source, functional programming language for .NET. It also includes object-oriented and imperative programming.
|
||||
|
||||
[.NET](https://github.com/dotnet/core) is open source (MIT and Apache 2 licenses) and was contributed to the [.NET Foundation](http://dotnetfoundation.org) by Microsoft in 2014. It can be freely adopted by individuals and companies, including for personal, academic or commercial purposes. Multiple companies use .NET as part of apps, tools, new platforms and hosting services.
|
||||
|
||||
|
|
|
@ -69,6 +69,7 @@ View the current tags at the [Microsoft Artifact Registry portal](https://mcr.mi
|
|||
### CVE Update Policy
|
||||
|
||||
.NET container images are regularly monitored for the presence of CVEs. A given image will be rebuilt to pick up fixes for a CVE when:
|
||||
|
||||
* We detect the image contains a CVE with a [CVSS](https://nvd.nist.gov/vuln-metrics/cvss) score of "Critical"
|
||||
* **AND** the CVE is in a package that is added in our Dockerfile layers (meaning the CVE is in a package we explicitly install or any transitive dependencies of those packages)
|
||||
* **AND** there is a CVE fix for the package available in the affected base image's package repository.
|
||||
|
|
|
@ -70,6 +70,7 @@ View the current tags at the [Microsoft Artifact Registry portal](https://mcr.mi
|
|||
### CVE Update Policy
|
||||
|
||||
.NET container images are regularly monitored for the presence of CVEs. A given image will be rebuilt to pick up fixes for a CVE when:
|
||||
|
||||
* We detect the image contains a CVE with a [CVSS](https://nvd.nist.gov/vuln-metrics/cvss) score of "Critical"
|
||||
* **AND** the CVE is in a package that is added in our Dockerfile layers (meaning the CVE is in a package we explicitly install or any transitive dependencies of those packages)
|
||||
* **AND** there is a CVE fix for the package available in the affected base image's package repository.
|
||||
|
|
|
@ -68,6 +68,7 @@ View the current tags at the [Microsoft Artifact Registry portal](https://mcr.mi
|
|||
### CVE Update Policy
|
||||
|
||||
.NET container images are regularly monitored for the presence of CVEs. A given image will be rebuilt to pick up fixes for a CVE when:
|
||||
|
||||
* We detect the image contains a CVE with a [CVSS](https://nvd.nist.gov/vuln-metrics/cvss) score of "Critical"
|
||||
* **AND** the CVE is in a package that is added in our Dockerfile layers (meaning the CVE is in a package we explicitly install or any transitive dependencies of those packages)
|
||||
* **AND** there is a CVE fix for the package available in the affected base image's package repository.
|
||||
|
|
|
@ -76,6 +76,7 @@ View the current tags at the [Microsoft Artifact Registry portal](https://mcr.mi
|
|||
### CVE Update Policy
|
||||
|
||||
.NET container images are regularly monitored for the presence of CVEs. A given image will be rebuilt to pick up fixes for a CVE when:
|
||||
|
||||
* We detect the image contains a CVE with a [CVSS](https://nvd.nist.gov/vuln-metrics/cvss) score of "Critical"
|
||||
* **AND** the CVE is in a package that is added in our Dockerfile layers (meaning the CVE is in a package we explicitly install or any transitive dependencies of those packages)
|
||||
* **AND** there is a CVE fix for the package available in the affected base image's package repository.
|
||||
|
|
|
@ -95,6 +95,7 @@ These sample images are not intended for production use and may be subject to br
|
|||
### CVE Update Policy
|
||||
|
||||
.NET container images are regularly monitored for the presence of CVEs. A given image will be rebuilt to pick up fixes for a CVE when:
|
||||
|
||||
* We detect the image contains a CVE with a [CVSS](https://nvd.nist.gov/vuln-metrics/cvss) score of "Critical"
|
||||
* **AND** the CVE is in a package that is added in our Dockerfile layers (meaning the CVE is in a package we explicitly install or any transitive dependencies of those packages)
|
||||
* **AND** there is a CVE fix for the package available in the affected base image's package repository.
|
||||
|
|
|
@ -78,6 +78,7 @@ View the current tags at the [Microsoft Artifact Registry portal](https://mcr.mi
|
|||
### CVE Update Policy
|
||||
|
||||
.NET container images are regularly monitored for the presence of CVEs. A given image will be rebuilt to pick up fixes for a CVE when:
|
||||
|
||||
* We detect the image contains a CVE with a [CVSS](https://nvd.nist.gov/vuln-metrics/cvss) score of "Critical"
|
||||
* **AND** the CVE is in a package that is added in our Dockerfile layers (meaning the CVE is in a package we explicitly install or any transitive dependencies of those packages)
|
||||
* **AND** there is a CVE fix for the package available in the affected base image's package repository.
|
||||
|
|
|
@ -41,9 +41,9 @@ The dashboard shows:
|
|||
|
||||
The dashboard must be configured when it is started. The configuration is done via environment variables. The following environment variables are supported:
|
||||
|
||||
- `ASPNETCORE_URLS` specifies one or more HTTP endpoints through which the dashboard frontend is served. The frontend endpoint is used to view the dashboard in a browser. Defaults to http://localhost:18888.
|
||||
- `DOTNET_DASHBOARD_OTLP_ENDPOINT_URL` specifies the [OTLP/gRPC](https://opentelemetry.io/docs/specs/otlp/#otlpgrpc) endpoint. This endpoint hosts an OTLP service and receives telemetry using gRPC. When the dashboard is launched by the .NET Aspire app host this address is secured with HTTPS. Securing the dashboard with HTTPS is recommended. Defaults to http://localhost:18889.
|
||||
- `DOTNET_DASHBOARD_OTLP_HTTP_ENDPOINT_URL` specifies the [OTLP/HTTP](https://opentelemetry.io/docs/specs/otlp/#otlphttp) endpoint. This endpoint hosts an OTLP service and receives telemetry using Protobuf over HTTP. Defaults to http://localhost:18890.
|
||||
- `ASPNETCORE_URLS` specifies one or more HTTP endpoints through which the dashboard frontend is served. The frontend endpoint is used to view the dashboard in a browser. Defaults to `http://localhost:18888`.
|
||||
- `DOTNET_DASHBOARD_OTLP_ENDPOINT_URL` specifies the [OTLP/gRPC](https://opentelemetry.io/docs/specs/otlp/#otlpgrpc) endpoint. This endpoint hosts an OTLP service and receives telemetry using gRPC. When the dashboard is launched by the .NET Aspire app host this address is secured with HTTPS. Securing the dashboard with HTTPS is recommended. Defaults to `http://localhost:18889`.
|
||||
- `DOTNET_DASHBOARD_OTLP_HTTP_ENDPOINT_URL` specifies the [OTLP/HTTP](https://opentelemetry.io/docs/specs/otlp/#otlphttp) endpoint. This endpoint hosts an OTLP service and receives telemetry using Protobuf over HTTP. Defaults to `http://localhost:18890`.
|
||||
- `DOTNET_DASHBOARD_UNSECURED_ALLOW_ANONYMOUS` specifies the dashboard doesn't use authentication and accepts anonymous access. This setting is a shortcut to configuring `Dashboard:Frontend:AuthMode` and `Dashboard:Otlp:AuthMode` to `Unsecured`.
|
||||
- `DOTNET_DASHBOARD_CONFIG_FILE_PATH` specifies the path for an optional JSON configuration file.
|
||||
|
||||
|
@ -122,6 +122,7 @@ Limits are per-resource. For example, a `MaxLogCount` value of 10,000 configures
|
|||
#### CVE Update Policy
|
||||
|
||||
.NET container images are regularly monitored for the presence of CVEs. A given image will be rebuilt to pick up fixes for a CVE when:
|
||||
|
||||
* We detect the image contains a CVE with a [CVSS](https://nvd.nist.gov/vuln-metrics/cvss) score of "Critical"
|
||||
* **AND** the CVE is in a package that is added in our Dockerfile layers (meaning the CVE is in a package we explicitly install or any transitive dependencies of those packages)
|
||||
* **AND** there is a CVE fix for the package available in the affected base image's package repository.
|
||||
|
|
|
@ -83,6 +83,7 @@ The [Image Variants documentation](https://github.com/dotnet/dotnet-docker/blob/
|
|||
#### CVE Update Policy
|
||||
|
||||
.NET container images are regularly monitored for the presence of CVEs. A given image will be rebuilt to pick up fixes for a CVE when:
|
||||
|
||||
* We detect the image contains a CVE with a [CVSS](https://nvd.nist.gov/vuln-metrics/cvss) score of "Critical"
|
||||
* **AND** the CVE is in a package that is added in our Dockerfile layers (meaning the CVE is in a package we explicitly install or any transitive dependencies of those packages)
|
||||
* **AND** there is a CVE fix for the package available in the affected base image's package repository.
|
||||
|
|
|
@ -65,6 +65,7 @@ The following Dockerfiles demonstrate how you can use this base image to build a
|
|||
#### CVE Update Policy
|
||||
|
||||
.NET container images are regularly monitored for the presence of CVEs. A given image will be rebuilt to pick up fixes for a CVE when:
|
||||
|
||||
* We detect the image contains a CVE with a [CVSS](https://nvd.nist.gov/vuln-metrics/cvss) score of "Critical"
|
||||
* **AND** the CVE is in a package that is added in our Dockerfile layers (meaning the CVE is in a package we explicitly install or any transitive dependencies of those packages)
|
||||
* **AND** there is a CVE fix for the package available in the affected base image's package repository.
|
||||
|
|
|
@ -66,6 +66,7 @@ See the [documentation](https://go.microsoft.com/fwlink/?linkid=2158052) for how
|
|||
#### CVE Update Policy
|
||||
|
||||
.NET container images are regularly monitored for the presence of CVEs. A given image will be rebuilt to pick up fixes for a CVE when:
|
||||
|
||||
* We detect the image contains a CVE with a [CVSS](https://nvd.nist.gov/vuln-metrics/cvss) score of "Critical"
|
||||
* **AND** the CVE is in a package that is added in our Dockerfile layers (meaning the CVE is in a package we explicitly install or any transitive dependencies of those packages)
|
||||
* **AND** there is a CVE fix for the package available in the affected base image's package repository.
|
||||
|
|
|
@ -64,6 +64,7 @@ The [Image Variants documentation](https://github.com/dotnet/dotnet-docker/blob/
|
|||
#### CVE Update Policy
|
||||
|
||||
.NET container images are regularly monitored for the presence of CVEs. A given image will be rebuilt to pick up fixes for a CVE when:
|
||||
|
||||
* We detect the image contains a CVE with a [CVSS](https://nvd.nist.gov/vuln-metrics/cvss) score of "Critical"
|
||||
* **AND** the CVE is in a package that is added in our Dockerfile layers (meaning the CVE is in a package we explicitly install or any transitive dependencies of those packages)
|
||||
* **AND** there is a CVE fix for the package available in the affected base image's package repository.
|
||||
|
|
|
@ -72,6 +72,7 @@ The [Image Variants documentation](https://github.com/dotnet/dotnet-docker/blob/
|
|||
#### CVE Update Policy
|
||||
|
||||
.NET container images are regularly monitored for the presence of CVEs. A given image will be rebuilt to pick up fixes for a CVE when:
|
||||
|
||||
* We detect the image contains a CVE with a [CVSS](https://nvd.nist.gov/vuln-metrics/cvss) score of "Critical"
|
||||
* **AND** the CVE is in a package that is added in our Dockerfile layers (meaning the CVE is in a package we explicitly install or any transitive dependencies of those packages)
|
||||
* **AND** there is a CVE fix for the package available in the affected base image's package repository.
|
||||
|
|
|
@ -91,6 +91,7 @@ These sample images are not intended for production use and may be subject to br
|
|||
#### CVE Update Policy
|
||||
|
||||
.NET container images are regularly monitored for the presence of CVEs. A given image will be rebuilt to pick up fixes for a CVE when:
|
||||
|
||||
* We detect the image contains a CVE with a [CVSS](https://nvd.nist.gov/vuln-metrics/cvss) score of "Critical"
|
||||
* **AND** the CVE is in a package that is added in our Dockerfile layers (meaning the CVE is in a package we explicitly install or any transitive dependencies of those packages)
|
||||
* **AND** there is a CVE fix for the package available in the affected base image's package repository.
|
||||
|
|
|
@ -74,6 +74,7 @@ The [Image Variants documentation](https://github.com/dotnet/dotnet-docker/blob/
|
|||
#### CVE Update Policy
|
||||
|
||||
.NET container images are regularly monitored for the presence of CVEs. A given image will be rebuilt to pick up fixes for a CVE when:
|
||||
|
||||
* We detect the image contains a CVE with a [CVSS](https://nvd.nist.gov/vuln-metrics/cvss) score of "Critical"
|
||||
* **AND** the CVE is in a package that is added in our Dockerfile layers (meaning the CVE is in a package we explicitly install or any transitive dependencies of those packages)
|
||||
* **AND** there is a CVE fix for the package available in the affected base image's package repository.
|
||||
|
|
|
@ -12,7 +12,7 @@ Please keep in mind that the GitHub issue tracker is intended for reporting **no
|
|||
|
||||
If you're reporting the presence of a disclosed security vulnerability, such as a CVE reported in one of our container images, please follow our documented [guidance on vulnerability reporting](https://github.com/dotnet/dotnet-docker/blob/main/documentation/vulnerability-reporting.md).
|
||||
|
||||
If you believe you have an issue that affects the security of .NET, please do NOT create an issue and instead email your issue details to secure@microsoft.com.
|
||||
If you believe you have an issue that affects the security of .NET, please do NOT create an issue and instead email your issue details to <secure@microsoft.com>.
|
||||
Your report may be eligible for our [bug bounty](https://www.microsoft.com/en-us/msrc/bounty-dot-net-core), but ONLY if it is reported through email.
|
||||
|
||||
## Bugs and Feature Requests
|
||||
|
@ -27,7 +27,7 @@ We triage issues and decide which issues to prioritize on a weekly basis, so if
|
|||
|
||||
## How to Submit a PR
|
||||
|
||||
### Before you write code...
|
||||
### Before you write code
|
||||
|
||||
Please consider opening a feature request.
|
||||
We are happy to accept community contributions - however, until we discuss your specifc ideas and features as a team, we can't guarantee that we will accept all community PRs.
|
||||
|
|
|
@ -23,9 +23,9 @@ The dashboard shows:
|
|||
|
||||
The dashboard must be configured when it is started. The configuration is done via environment variables. The following environment variables are supported:
|
||||
|
||||
- `ASPNETCORE_URLS` specifies one or more HTTP endpoints through which the dashboard frontend is served. The frontend endpoint is used to view the dashboard in a browser. Defaults to http://localhost:18888.
|
||||
- `DOTNET_DASHBOARD_OTLP_ENDPOINT_URL` specifies the [OTLP/gRPC](https://opentelemetry.io/docs/specs/otlp/#otlpgrpc) endpoint. This endpoint hosts an OTLP service and receives telemetry using gRPC. When the dashboard is launched by the .NET Aspire app host this address is secured with HTTPS. Securing the dashboard with HTTPS is recommended. Defaults to http://localhost:18889.
|
||||
- `DOTNET_DASHBOARD_OTLP_HTTP_ENDPOINT_URL` specifies the [OTLP/HTTP](https://opentelemetry.io/docs/specs/otlp/#otlphttp) endpoint. This endpoint hosts an OTLP service and receives telemetry using Protobuf over HTTP. Defaults to http://localhost:18890.
|
||||
- `ASPNETCORE_URLS` specifies one or more HTTP endpoints through which the dashboard frontend is served. The frontend endpoint is used to view the dashboard in a browser. Defaults to `http://localhost:18888`.
|
||||
- `DOTNET_DASHBOARD_OTLP_ENDPOINT_URL` specifies the [OTLP/gRPC](https://opentelemetry.io/docs/specs/otlp/#otlpgrpc) endpoint. This endpoint hosts an OTLP service and receives telemetry using gRPC. When the dashboard is launched by the .NET Aspire app host this address is secured with HTTPS. Securing the dashboard with HTTPS is recommended. Defaults to `http://localhost:18889`.
|
||||
- `DOTNET_DASHBOARD_OTLP_HTTP_ENDPOINT_URL` specifies the [OTLP/HTTP](https://opentelemetry.io/docs/specs/otlp/#otlphttp) endpoint. This endpoint hosts an OTLP service and receives telemetry using Protobuf over HTTP. Defaults to `http://localhost:18890`.
|
||||
- `DOTNET_DASHBOARD_UNSECURED_ALLOW_ANONYMOUS` specifies the dashboard doesn't use authentication and accepts anonymous access. This setting is a shortcut to configuring `Dashboard:Frontend:AuthMode` and `Dashboard:Otlp:AuthMode` to `Unsecured`.
|
||||
- `DOTNET_DASHBOARD_CONFIG_FILE_PATH` specifies the path for an optional JSON configuration file.
|
||||
|
||||
|
@ -139,6 +139,7 @@ You can retrieve a list of all available tags for dotnet/aspire-dashboard at htt
|
|||
### CVE Update Policy
|
||||
|
||||
.NET container images are regularly monitored for the presence of CVEs. A given image will be rebuilt to pick up fixes for a CVE when:
|
||||
|
||||
* We detect the image contains a CVE with a [CVSS](https://nvd.nist.gov/vuln-metrics/cvss) score of "Critical"
|
||||
* **AND** the CVE is in a package that is added in our Dockerfile layers (meaning the CVE is in a package we explicitly install or any transitive dependencies of those packages)
|
||||
* **AND** there is a CVE fix for the package available in the affected base image's package repository.
|
||||
|
|
|
@ -272,6 +272,7 @@ For tags contained in the old dotnet/core/aspnet repository, you can retrieve a
|
|||
### CVE Update Policy
|
||||
|
||||
.NET container images are regularly monitored for the presence of CVEs. A given image will be rebuilt to pick up fixes for a CVE when:
|
||||
|
||||
* We detect the image contains a CVE with a [CVSS](https://nvd.nist.gov/vuln-metrics/cvss) score of "Critical"
|
||||
* **AND** the CVE is in a package that is added in our Dockerfile layers (meaning the CVE is in a package we explicitly install or any transitive dependencies of those packages)
|
||||
* **AND** there is a CVE fix for the package available in the affected base image's package repository.
|
||||
|
|
|
@ -16,8 +16,8 @@
|
|||
|
||||
You can use C# or F# to write .NET apps.
|
||||
|
||||
- [C#](https://docs.microsoft.com/dotnet/csharp/) is powerful, type-safe, and object-oriented while retaining the expressiveness and elegance of C-style languages. Anyone familiar with C and similar languages will find it straightforward to write in C#.
|
||||
- [F#](https://docs.microsoft.com/dotnet/fsharp/) is a cross-platform, open-source, functional programming language for .NET. It also includes object-oriented and imperative programming.
|
||||
* [C#](https://docs.microsoft.com/dotnet/csharp/) is powerful, type-safe, and object-oriented while retaining the expressiveness and elegance of C-style languages. Anyone familiar with C and similar languages will find it straightforward to write in C#.
|
||||
* [F#](https://docs.microsoft.com/dotnet/fsharp/) is a cross-platform, open-source, functional programming language for .NET. It also includes object-oriented and imperative programming.
|
||||
|
||||
[.NET](https://github.com/dotnet/core) is open source (MIT and Apache 2 licenses) and was contributed to the [.NET Foundation](http://dotnetfoundation.org) by Microsoft in 2014. It can be freely adopted by individuals and companies, including for personal, academic or commercial purposes. Multiple companies use .NET as part of apps, tools, new platforms and hosting services.
|
||||
|
||||
|
@ -102,6 +102,7 @@ The [Image Variants documentation](https://github.com/dotnet/dotnet-docker/blob/
|
|||
### CVE Update Policy
|
||||
|
||||
.NET container images are regularly monitored for the presence of CVEs. A given image will be rebuilt to pick up fixes for a CVE when:
|
||||
|
||||
* We detect the image contains a CVE with a [CVSS](https://nvd.nist.gov/vuln-metrics/cvss) score of "Critical"
|
||||
* **AND** the CVE is in a package that is added in our Dockerfile layers (meaning the CVE is in a package we explicitly install or any transitive dependencies of those packages)
|
||||
* **AND** there is a CVE fix for the package available in the affected base image's package repository.
|
||||
|
|
|
@ -94,6 +94,7 @@ You can retrieve a list of all available tags for dotnet/monitor/base at https:/
|
|||
### CVE Update Policy
|
||||
|
||||
.NET container images are regularly monitored for the presence of CVEs. A given image will be rebuilt to pick up fixes for a CVE when:
|
||||
|
||||
* We detect the image contains a CVE with a [CVSS](https://nvd.nist.gov/vuln-metrics/cvss) score of "Critical"
|
||||
* **AND** the CVE is in a package that is added in our Dockerfile layers (meaning the CVE is in a package we explicitly install or any transitive dependencies of those packages)
|
||||
* **AND** there is a CVE fix for the package available in the affected base image's package repository.
|
||||
|
|
|
@ -103,6 +103,7 @@ You can retrieve a list of all available tags for dotnet/monitor at https://mcr.
|
|||
### CVE Update Policy
|
||||
|
||||
.NET container images are regularly monitored for the presence of CVEs. A given image will be rebuilt to pick up fixes for a CVE when:
|
||||
|
||||
* We detect the image contains a CVE with a [CVSS](https://nvd.nist.gov/vuln-metrics/cvss) score of "Critical"
|
||||
* **AND** the CVE is in a package that is added in our Dockerfile layers (meaning the CVE is in a package we explicitly install or any transitive dependencies of those packages)
|
||||
* **AND** there is a CVE fix for the package available in the affected base image's package repository.
|
||||
|
|
|
@ -185,6 +185,7 @@ For tags contained in the old dotnet/core/runtime-deps repository, you can retri
|
|||
### CVE Update Policy
|
||||
|
||||
.NET container images are regularly monitored for the presence of CVEs. A given image will be rebuilt to pick up fixes for a CVE when:
|
||||
|
||||
* We detect the image contains a CVE with a [CVSS](https://nvd.nist.gov/vuln-metrics/cvss) score of "Critical"
|
||||
* **AND** the CVE is in a package that is added in our Dockerfile layers (meaning the CVE is in a package we explicitly install or any transitive dependencies of those packages)
|
||||
* **AND** there is a CVE fix for the package available in the affected base image's package repository.
|
||||
|
|
|
@ -228,6 +228,7 @@ For tags contained in the old dotnet/core/runtime repository, you can retrieve a
|
|||
### CVE Update Policy
|
||||
|
||||
.NET container images are regularly monitored for the presence of CVEs. A given image will be rebuilt to pick up fixes for a CVE when:
|
||||
|
||||
* We detect the image contains a CVE with a [CVSS](https://nvd.nist.gov/vuln-metrics/cvss) score of "Critical"
|
||||
* **AND** the CVE is in a package that is added in our Dockerfile layers (meaning the CVE is in a package we explicitly install or any transitive dependencies of those packages)
|
||||
* **AND** there is a CVE fix for the package available in the affected base image's package repository.
|
||||
|
|
|
@ -136,6 +136,7 @@ These sample images are not intended for production use and may be subject to br
|
|||
### CVE Update Policy
|
||||
|
||||
.NET container images are regularly monitored for the presence of CVEs. A given image will be rebuilt to pick up fixes for a CVE when:
|
||||
|
||||
* We detect the image contains a CVE with a [CVSS](https://nvd.nist.gov/vuln-metrics/cvss) score of "Critical"
|
||||
* **AND** the CVE is in a package that is added in our Dockerfile layers (meaning the CVE is in a package we explicitly install or any transitive dependencies of those packages)
|
||||
* **AND** there is a CVE fix for the package available in the affected base image's package repository.
|
||||
|
|
|
@ -198,6 +198,7 @@ For tags contained in the old dotnet/core/sdk repository, you can retrieve a lis
|
|||
### CVE Update Policy
|
||||
|
||||
.NET container images are regularly monitored for the presence of CVEs. A given image will be rebuilt to pick up fixes for a CVE when:
|
||||
|
||||
* We detect the image contains a CVE with a [CVSS](https://nvd.nist.gov/vuln-metrics/cvss) score of "Critical"
|
||||
* **AND** the CVE is in a package that is added in our Dockerfile layers (meaning the CVE is in a package we explicitly install or any transitive dependencies of those packages)
|
||||
* **AND** there is a CVE fix for the package available in the affected base image's package repository.
|
||||
|
|
|
@ -15,4 +15,3 @@ Reports via MSRC may qualify for the .NET Core Bug Bounty. Details of the .NET C
|
|||
Please do not open issues for anything you think might have a security implication.
|
||||
|
||||
If you're reporting the presence of a disclosed security vulnerability, such as a CVE reported in one of our container images, please follow the documented guidance on vulnerability reporting in [vulnerability-reporting.md](https://github.com/dotnet/dotnet-docker/blob/main/documentation/vulnerability-reporting.md).
|
||||
|
||||
|
|
|
@ -18,20 +18,20 @@ General distroless .NET containers documentation is available [here](./distroles
|
|||
|
||||
Azure Linux distroless .NET images are available for all supported .NET versions in the following image repos:
|
||||
|
||||
- [`mcr.microsoft.com/dotnet/runtime`](../README.runtime.md)
|
||||
- [`mcr.microsoft.com/dotnet/aspnet`](../README.aspnet.md)
|
||||
- [`mcr.microsoft.com/dotnet/runtime-deps`](../README.runtime-deps.md) (for self-contained or AOT apps)
|
||||
* [`mcr.microsoft.com/dotnet/runtime`](../README.runtime.md)
|
||||
* [`mcr.microsoft.com/dotnet/aspnet`](../README.aspnet.md)
|
||||
* [`mcr.microsoft.com/dotnet/runtime-deps`](../README.runtime-deps.md) (for self-contained or AOT apps)
|
||||
|
||||
You can use the following image tags:
|
||||
|
||||
- `8.0-cbl-mariner2.0-distroless`
|
||||
- `6.0-cbl-mariner2.0-distroless`
|
||||
* `8.0-cbl-mariner2.0-distroless`
|
||||
* `6.0-cbl-mariner2.0-distroless`
|
||||
|
||||
### Installing Additional Packages
|
||||
|
||||
If your app requires additional packages besides `icu` and `tzdata`, you can follow the same pattern that .NET uses to install the .NET runtime dependencies.
|
||||
|
||||
#### Azure Linux 3.0 (Preview):
|
||||
#### Azure Linux 3.0 (Preview)
|
||||
|
||||
```Dockerfile
|
||||
FROM mcr.microsoft.com/dotnet/nightly/aspnet:8.0-azurelinux3.0-distroless AS base
|
||||
|
@ -82,7 +82,7 @@ FROM base
|
|||
COPY --from=installer /staging2/ /
|
||||
```
|
||||
|
||||
#### Azure Linux 2.0:
|
||||
#### Azure Linux 2.0
|
||||
|
||||
```Dockerfile
|
||||
FROM mcr.microsoft.com/dotnet/aspnet:6.0-cbl-mariner2.0-distroless AS base
|
||||
|
@ -153,6 +153,7 @@ flowchart TD
|
|||
Here's an example configuration based off of a simple ASP.NET Core app:
|
||||
|
||||
**.csproj**
|
||||
|
||||
```diff
|
||||
<PropertyGroup>
|
||||
...
|
||||
|
@ -162,6 +163,7 @@ Here's an example configuration based off of a simple ASP.NET Core app:
|
|||
```
|
||||
|
||||
**Dockerfile**
|
||||
|
||||
```diff
|
||||
# Learn about building .NET container images:
|
||||
# https://github.com/dotnet/dotnet-docker/blob/main/samples/README.md
|
||||
|
|
|
@ -12,6 +12,7 @@ They contain the following features:
|
|||
We offer distroless .NET images for two operating systems: [Ubuntu Chiseled](./ubuntu-chiseled.md) and [Azure Linux](./azurelinux.md).
|
||||
|
||||
.NET distroless images are available for the following image repos:
|
||||
|
||||
- [`mcr.microsoft.com/dotnet/runtime`](../README.runtime.md)
|
||||
- [`mcr.microsoft.com/dotnet/aspnet`](../README.aspnet.md)
|
||||
- [`mcr.microsoft.com/dotnet/runtime-deps`](../README.runtime-deps.md) (for self-contained or AOT apps)
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
As of .NET 8, we also guarantee these images include time zone information (e.g. `tzdata` in Linux).
|
||||
These images are intended to satisfy the most common use cases of .NET developers.
|
||||
|
||||
Alpine and [Ubuntu Chiseled](#ubuntu-chiseled-net-60) .NET images are focused on size.
|
||||
Alpine and [Ubuntu Chiseled](./ubuntu-chiseled.md) .NET images are focused on size.
|
||||
By default, these images do not include `icu` or `tzdata`, meaning that these images only work with apps that are configured for [globalization-invariant mode](https://learn.microsoft.com/dotnet/core/runtime-config/globalization).
|
||||
Apps that require globalization support can use the `extra` image variant of the [dotnet/runtime-deps](https://hub.docker.com/_/microsoft-dotnet-runtime-deps/) images. Because this is only available with `runtime-deps` images, it requires a [self-contained deployment](https://learn.microsoft.com/dotnet/core/deploying/#publish-self-contained) of the application.
|
||||
Alpine, Azure Linux, and Ubuntu Chiseled images also come in `extra`, `composite`, and `aot` variants (see below).
|
||||
|
|
|
@ -55,6 +55,7 @@ They include:
|
|||
**Note:** Since .NET 8, these multi-platform tags **specifically exclude all Windows versions** due to `containerd`'s platform matching algorithm for Windows hosts.
|
||||
Please see [#4492 (Switch multi-platform tags to Linux only)](https://github.com/dotnet/dotnet-docker/issues/4492) for more context.
|
||||
If you are using Windows, you will need to explicitly specify an OS Version with a single-platform tag like so:
|
||||
|
||||
```Dockerfile
|
||||
FROM mcr.microsoft.com/dotnet/sdk:8.0-nanoserver-ltsc2022
|
||||
FROM mcr.microsoft.com/dotnet/sdk:8.0-nanoserver-1809
|
||||
|
|
|
@ -24,6 +24,7 @@ If you have a compelling use case for a distroless SDK image, please leave a com
|
|||
## How do I use Ubuntu Chiseled .NET images?
|
||||
|
||||
Please see our sample Dockerfiles for examples on how to use Ubuntu Chiseled .NET images:
|
||||
|
||||
- [aspnetapp](../samples/aspnetapp/Dockerfile.chiseled)
|
||||
- [dotnetapp](../samples/dotnetapp/Dockerfile.chiseled)
|
||||
- [releasesapi](../samples/releasesapi/Dockerfile.ubuntu-chiseled) (and [icu version](../samples/releasesapi/Dockerfile.ubuntu-chiseled-icu))
|
||||
|
|
|
@ -4,8 +4,8 @@
|
|||
|
||||
You can use C# or F# to write .NET apps.
|
||||
|
||||
- [C#](https://docs.microsoft.com/dotnet/csharp/) is powerful, type-safe, and object-oriented while retaining the expressiveness and elegance of C-style languages. Anyone familiar with C and similar languages will find it straightforward to write in C#.
|
||||
- [F#](https://docs.microsoft.com/dotnet/fsharp/) is a cross-platform, open-source, functional programming language for .NET. It also includes object-oriented and imperative programming.
|
||||
* [C#](https://docs.microsoft.com/dotnet/csharp/) is powerful, type-safe, and object-oriented while retaining the expressiveness and elegance of C-style languages. Anyone familiar with C and similar languages will find it straightforward to write in C#.
|
||||
* [F#](https://docs.microsoft.com/dotnet/fsharp/) is a cross-platform, open-source, functional programming language for .NET. It also includes object-oriented and imperative programming.
|
||||
|
||||
[.NET](https://github.com/dotnet/core) is open source (MIT and Apache 2 licenses) and was contributed to the [.NET Foundation](http://dotnetfoundation.org) by Microsoft in 2014. It can be freely adopted by individuals and companies, including for personal, academic or commercial purposes. Multiple companies use .NET as part of apps, tools, new platforms and hosting services.
|
||||
|
||||
|
|
|
@ -26,6 +26,7 @@
|
|||
{{ARGS["top-header"]}}## CVE Update Policy
|
||||
|
||||
.NET container images are regularly monitored for the presence of CVEs. A given image will be rebuilt to pick up fixes for a CVE when:
|
||||
|
||||
* We detect the image contains a CVE with a [CVSS](https://nvd.nist.gov/vuln-metrics/cvss) score of "Critical"
|
||||
* **AND** the CVE is in a package that is added in our Dockerfile layers (meaning the CVE is in a package we explicitly install or any transitive dependencies of those packages)
|
||||
* **AND** there is a CVE fix for the package available in the affected base image's package repository.
|
||||
|
|
|
@ -14,9 +14,9 @@ The dashboard shows:
|
|||
|
||||
The dashboard must be configured when it is started. The configuration is done via environment variables. The following environment variables are supported:
|
||||
|
||||
- `ASPNETCORE_URLS` specifies one or more HTTP endpoints through which the dashboard frontend is served. The frontend endpoint is used to view the dashboard in a browser. Defaults to http://localhost:18888.
|
||||
- `DOTNET_DASHBOARD_OTLP_ENDPOINT_URL` specifies the [OTLP/gRPC](https://opentelemetry.io/docs/specs/otlp/#otlpgrpc) endpoint. This endpoint hosts an OTLP service and receives telemetry using gRPC. When the dashboard is launched by the .NET Aspire app host this address is secured with HTTPS. Securing the dashboard with HTTPS is recommended. Defaults to http://localhost:18889.
|
||||
- `DOTNET_DASHBOARD_OTLP_HTTP_ENDPOINT_URL` specifies the [OTLP/HTTP](https://opentelemetry.io/docs/specs/otlp/#otlphttp) endpoint. This endpoint hosts an OTLP service and receives telemetry using Protobuf over HTTP. Defaults to http://localhost:18890.
|
||||
- `ASPNETCORE_URLS` specifies one or more HTTP endpoints through which the dashboard frontend is served. The frontend endpoint is used to view the dashboard in a browser. Defaults to `http://localhost:18888`.
|
||||
- `DOTNET_DASHBOARD_OTLP_ENDPOINT_URL` specifies the [OTLP/gRPC](https://opentelemetry.io/docs/specs/otlp/#otlpgrpc) endpoint. This endpoint hosts an OTLP service and receives telemetry using gRPC. When the dashboard is launched by the .NET Aspire app host this address is secured with HTTPS. Securing the dashboard with HTTPS is recommended. Defaults to `http://localhost:18889`.
|
||||
- `DOTNET_DASHBOARD_OTLP_HTTP_ENDPOINT_URL` specifies the [OTLP/HTTP](https://opentelemetry.io/docs/specs/otlp/#otlphttp) endpoint. This endpoint hosts an OTLP service and receives telemetry using Protobuf over HTTP. Defaults to `http://localhost:18890`.
|
||||
- `DOTNET_DASHBOARD_UNSECURED_ALLOW_ANONYMOUS` specifies the dashboard doesn't use authentication and accepts anonymous access. This setting is a shortcut to configuring `Dashboard:Frontend:AuthMode` and `Dashboard:Otlp:AuthMode` to `Unsecured`.
|
||||
- `DOTNET_DASHBOARD_CONFIG_FILE_PATH` specifies the path for an optional JSON configuration file.
|
||||
|
||||
|
|
|
@ -41,8 +41,8 @@ You can see the built binaries with the following command:
|
|||
|
||||
```console
|
||||
% ls out
|
||||
dotnetapp dotnetapp.pdb
|
||||
dotnetapp.deps.json dotnetapp.runtimeconfig.json
|
||||
dotnetapp dotnetapp.pdb
|
||||
dotnetapp.deps.json dotnetapp.runtimeconfig.json
|
||||
dotnetapp.dll
|
||||
```
|
||||
|
||||
|
@ -114,8 +114,8 @@ You can see the built binaries with the following command:
|
|||
|
||||
```console
|
||||
> ls ~/dotnetapp
|
||||
dotnetapp dotnetapp.pdb
|
||||
dotnetapp.deps.json dotnetapp.runtimeconfig.json
|
||||
dotnetapp dotnetapp.pdb
|
||||
dotnetapp.deps.json dotnetapp.runtimeconfig.json
|
||||
dotnetapp.dll
|
||||
```
|
||||
|
||||
|
|
|
@ -220,4 +220,3 @@ docker run --rm -it -p 8001:8001 -e ASPNETCORE_HTTPS_PORTS=8001 -e ASPNETCORE_EN
|
|||
After the application starts, navigate to `https://localhost:8001` in your web browser.
|
||||
|
||||
> In the case of using https, be sure to check the certificate you're using is trusted on the host. You can start with navigating to https://localhost:8001 in the browser. If you're looking to test https with a domain name (e.g. https://contoso.com:8001), the certificate would also need the appropiate Subject Alternative Name included, and the DNS settings on the host would need to be updated. In the case of using the generated dev certificate, the trusted certificate will be issued from localhost and will not have the SAN added.
|
||||
|
||||
|
|
Загрузка…
Ссылка в новой задаче