Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Red Hat’s wishlist for .NET for 2025 #4697

Open
omajid opened this issue Oct 23, 2024 · 2 comments
Open

Red Hat’s wishlist for .NET for 2025 #4697

omajid opened this issue Oct 23, 2024 · 2 comments
Labels
untriaged

Comments

@omajid
Copy link
Member

omajid commented Oct 23, 2024
edited
Loading

This is a collection of issues and areas that we would like to see improved in .NET in 2025.

This is a follow-up from #4005

Document .NET's behaviour running on FIPS-enabled systems

Issue: dotnet/docs#41565 (maybe more issues)

The document at https://learn.microsoft.com/en-us/dotnet/standard/security/fips-compliance describes the general behaviour of .NET in FIPS-enabled systems. We would like to have enhanced documentation that includes more details about that behaviour, including how .NET behaves when running on FIPS-enabled operating systems and known exceptions where .NET bypasses the FIPS policy explicitly.

Minimize differences between different builds of .NET 9

Issue: #4010

This includes both how the product is built, and what product is built.

We know that Microsoft also intends to move to using the VMR for releases, but there are still differences between how (and what) things are built by Microsoft vs source-build. We would like to see everyone building out of one repo/commit/tag as much as possible and minimize the differences in sources between the sources used for various builds of .NET.

There is also a difference between the contents of the generated SDK, such as which files are in the SDK (see the baseline diff) as well as contents of the files (eg, optimization levels, or the .NET TFMs they are targeting).

Finished/polished user story for sources, binaries and symbols for debugging.

Issue: #3225

We would like for users using .NET tools (like VSCode) to be able to build/debug their .NET applications using a source-build SDK, and have the same experience.

We want to make sure any customers running .NET workloads in production can use standard tools like dotnet-dump (and others suggested by Microsoft support) against .NET running on RHEL and containers.

Reproducible builds of .NET

Issue: #4963

We would like .NET's builds to be reproducible to improve .NET's security stance, increasing user trust, making an entire class of supply chain attacks much harder, and making it easier to comply with various auditing and compliance requirements.
@dotnet-issue-labeler dotnet-issue-labeler
Copy link

I couldn't figure out the best area label to add to this issue. If you have write-permissions please help me learn by adding exactly one area label.

1 similar comment
@dotnet-issue-labeler dotnet-issue-labeler
Copy link

I couldn't figure out the best area label to add to this issue. If you have write-permissions please help me learn by adding exactly one area label.

@omajid omajid mentioned this issue Oct 23, 2024
Closed
@omajid omajid changed the title 🚧 Red Hat’s wishlist for .NET for 2025 🚧 Red Hat’s wishlist for .NET for 2025 Feb 24, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
untriaged
Projects
.NET Source Build
Status: Backlog
Milestone
No milestone
Development

No branches or pull requests
1 participant
@omajid