Author | Lightnews

Andrew Lock "Sock" @andrewlock.bsky.social · 7h

Blogged: Adding metadata to fallback endpoints in ASP.NET Core

andrewlock.net/adding-metad...

In this post I discuss fallback endpoints and show how adding metadata to MVC or Razor Page fallback endpoints has some quirks to be aware of

#dotnet #aspnetcore

Adding metadata to fallback endpoints in ASP.NET Core

In this post I discuss fallback endpoints and show how adding metadata to MVC or Razor Page fallback endpoints has some quirks to be aware of

andrewlock.net

1

Andrew Lock "Sock" @andrewlock.bsky.social · 12h

a cartoon of homer simpson standing in a grassy area

ALT: a cartoon of homer simpson standing in a grassy area

media.tenor.com

3

Reposted by Andrew Lock "Sock"

Kevin Gosse @kevingosse.net · 1d

I just published a new article: Using profiler function hooks in .NET with Silhouette.
In the process, we also learn how to use static linking with NativeAOT.

minidump.net/using-functi...

Using profiler function hooks in .NET with Silhouette

In this article, we see what are function hooks, and how to use them in .NET with Silhouette. We also learn how to statically link a library with NativeAOT.

minidump.net

5 5

Andrew Lock "Sock" @andrewlock.bsky.social · 16d

What I don't really understand is if you're redirecting to somewhere on the same origin, then it should be covered by the CSP and not be violating as far as I can tell... But if your Auth is such that you redirect externally, then I'd expect you to hit the issue?

1

Andrew Lock "Sock" @andrewlock.bsky.social · 16d

You can see someone having a similar issue with redirects here: community.auth0.com/t/applicatio...

Application Security - Strict CSP form-action for login with Auth0 connections

I’m trying to increase the security of our application’s CSP and I have run into issues during the login process. Specifically around the use of form-action on the login call. The same issue applies f...

community.auth0.com

1 1

Andrew Lock "Sock" @andrewlock.bsky.social · 16d

Ah, intriguing! It looks like if you have a redirect from a form submission, you need to have the final location in the CSP too 🤔

github.com/w3c/webappse...

Or put another way, form-action is basically broken in a bunch of scenarios, including PRG pattern🙄

CSP: form-action and redirects · Issue #8 · w3c/webappsec-csp

From @ptoomey3 on September 23, 2015 0:12 I just wanted to open an issue to get your thoughts on form-action with respect to redirects. We have been working on deploying form-action and have run in...

github.com

1

Andrew Lock "Sock" @andrewlock.bsky.social · 19d

Interesting, I'm out of the country for a couple of weeks but happy to take a closer look when I'm back if you haven't got to the bottom of it 😬 what's the exact error you're getting? 🤔

1

Andrew Lock "Sock" @andrewlock.bsky.social · 19d

Any more details? I haven't tried it specifically, but you'll need to allow js sources at a minimum. client-side wasm needs wasm-unsafe-eval too. See learn.microsoft.com/en-us/aspnet... and also the section on frame-ancestors

1

Andrew Lock "Sock" @andrewlock.bsky.social · 22d

Blogged: Publishing NuGet packages from GitHub actions the easy way with Trusted Publishing

andrewlock.net/easily-publi...

In this post I describe how you can use nuget's new Trusted Publishing feature to publish NuGet packages from a GitHub Actions workflow

#dotnet #NuGet #GitHubActions

Publishing NuGet packages from GitHub actions the easy way with Trusted Publishing

In this post I describe how you can use nuget.org's new Trusted Publishing feature to publish NuGet packages from a GitHub Actions workflow

andrewlock.net

1 7

Andrew Lock "Sock" @andrewlock.bsky.social · 27d

Tbh, it's not my area, so you'll probably be better of raising a ticket with support 🙂 Not trying to fob you off, just might be quicker for you! 😄

1

Andrew Lock "Sock" @andrewlock.bsky.social · 27d

I think the main thing your missing is setting the resources like service.name, deployment.environment.name and service.version using the resource builder, though I can't find any good guidance for your to follow unfortunately

1

Andrew Lock "Sock" @andrewlock.bsky.social · 27d

Nothing stands out tbh, RE the metrics, this is the docs logs for the metrics OTLP endpoint, (we're missing a .NET atm) docs.datadoghq.com/opentelemetr...

but the agentless page also says this:

> The Datadog OTLP intake endpoint is in Preview. To request access, contact your account representative

Datadog OTLP Metrics Intake Endpoint

Datadog, the leading service for cloud-scale monitoring.

docs.datadoghq.com

2

Andrew Lock "Sock" @andrewlock.bsky.social · 28d

I'm still not quite sure if you want to use the .NET Datadog auto-instrumentation or Datadog.Trace package, or if you want to use pure OTel? This sample shows using the standard `AddOpenTelemetry()` APIs with auto-instrumentation, sending to a Datadog agent: github.com/DataDog/dd-t...

github.com

3

Andrew Lock "Sock" @andrewlock.bsky.social · 29d

Blogged: sleep-pc: a .NET Native AOT tool to make Windows sleep after a timeout

andrewlock.net/sleep-pc-a-d...

In this post I describe a small native AOT .NET tool that I built to force a Windows PC to go to sleep after a timer expires

#dotnet

sleep-pc: a .NET Native AOT tool to make Windows sleep after a timeout

In this post I describe a small native AOT .NET tool that I built to force a Windows PC to go to sleep after a timer expires

andrewlock.net

3 12

Andrew Lock "Sock" @andrewlock.bsky.social · Sep 22

Hey, I don't have any articles about it, but just to check - how are you configuring "native OTEL"? If it's just using the "standard" Otel packages (i.e. nothing Datadog specific, no Datadog.Trace etc) then you should just be able to point the exporter at the Datadog OTEL collector endpoint

1

Reposted by Andrew Lock "Sock"

Kevin Gosse @kevingosse.net · Sep 18

As requested, I published an article about how the UI profiler works: minidump.net/measuring-ui...
It allows me to measure the responsiveness of Visual Studio when running with ReSharper, in various conditions.

I also made the source code available on github: github.com/kevingosse/U...

1 7 15

Reposted by Andrew Lock "Sock"

Damian Edwards @damianedwards.com · Sep 16

.NET STS releases are now supported for 2 years instead of 18 months starting with .NET 9 (the current STS). STS releases now go out-of-support on the same day as the previous LTS release. Upgrading to an STS release will no longer cause you to lose support!
devblogs.microsoft.com/dotnet/dotne...

.NET STS releases supported for 24 months - .NET Blog

.NET STS releases will be supported for 24 months

devblogs.microsoft.com

8 36 79

Andrew Lock "Sock" @andrewlock.bsky.social · Sep 16

Supporting platform-specific .NET 10 tools on old .NET SDKs
Exploring the .NET 10 preview - Part 8

andrewlock.net/exploring-do...

In this post I look at the advantages, trade-offs, and implications of the new platform-specific .NET tool feature added in .NET 10 and how to support old SDKs

#dotnet

Supporting platform-specific .NET tools on old .NET SDKs: Exploring the .NET 10 preview - Part 8

In this post I look at the advantages, trade-offs, and implications of the new platform-specific .NET tool feature added in .NET 10, and how to support old SDKs

andrewlock.net

1 1

Andrew Lock "Sock" @andrewlock.bsky.social · Sep 9

Blogged: Packaging self-contained and native AOT .NET tools for NuGet - Exploring the .NET 10 preview - Part 7

andrewlock.net/exploring-do...

This post looks at the new support for platform-specific .NET tools that lets you pack tools as self-contained or Native AOT packages

#dotnet

Packaging self-contained and native AOT .NET tools for NuGet: Exploring the .NET 10 preview - Part 7

In this post we look at the new support for platform-specific .NET tools, so that you can pack your tools as self-contained or Native AOT packages

andrewlock.net

1 9

Reposted by Andrew Lock "Sock"

Dennis Doomen @dennisdoomen.com · Sep 6

If you're using github.com/VerifyTests/..., e.g. to protect your library's public API, also check out plugins.jetbrains.com/plugin/17240... created by Mathias Koch.

2 4

Reposted by Andrew Lock "Sock"

Kevin Bones @vcsjones.dev · Sep 2

Great post! Something I think missed (because it is not correctly documented😀) is `dotnet tool install --allow-roll-forward`. You can use this when installing a tool to force it to allow roll forward, even if the tool itself doesn't.

Unfortunately I can't recall which SDK introduced it.

1 2 2

Andrew Lock "Sock" @andrewlock.bsky.social · Sep 2

Agreed, I'm fairly sure that _is_ supported in general, and I've certainly used it in the past. I should have put it in the post 👍

The main 'problem' from my PoV is that this puts the onus on the consumer of the tool to _know_ that it's available, though it's also arguably 'better' 😀

1

Andrew Lock "Sock" @andrewlock.bsky.social · Sep 2

Blogged: Using and authoring .NET tools

andrewlock.net/using-and-au...

In this post I describe some of the complexities around authoring .NET tools, specifically around supporting multiple .NET runtimes and testing in CI

#dotnet

Using and authoring .NET tools

In this post I describe some of the complexities around authoring .NET tools, specifically around supporting multiple .NET runtimes and testing in CI

andrewlock.net

1 5 10

Andrew Lock "Sock" @andrewlock.bsky.social · Aug 26

Blogged: Fixing an old .NET Core native library loading issue on Alpine

andrewlock.net/fixing-an-ol...

In this post I walk through the process of solving a native library loading issue on alpine with an old .NET runtime, showing the steps we took and the solution

#dotnet

Fixing an old .NET Core native library loading issue on Alpine

In this post I walk through the process of solving a native library loading issue on alpine with an old .NET runtime, showing the steps we took and the solution

andrewlock.net

1 4 13

Andrew Lock "Sock" @andrewlock.bsky.social · Aug 20

It'll obviously become increasingly important as more libraries and Frameworks support it though, so it's nice to have a test framework that can actually support those scenarios!

2