Enable BinSkim for the product repos

SDL config example: https://github.com/dotnet/runtime/blob/main/eng/sdl-tsa-vars.config
Build pipeline example: https://github.com/dotnet/windowsdesktop/blob/main/azure-pipelines.yml#L100-L103

List of product repos that have nightly validation

- [x] https://github.com/dotnet/aspnetcore - https://github.com/dotnet/aspnetcore/pull/49324
- [x] https://github.com/dotnet/efcore - https://github.com/dotnet/efcore/pull/31221
- [x] https://github.com/dotnet/runtime - https://github.com/dotnet/runtime/pull/89728
- [x] https://github.com/dotnet/msbuild - https://github.com/dotnet/msbuild/pull/8976
- [x] https://github.com/dotnet/sdk - https://github.com/dotnet/sdk/pull/33901
- [x] https://github.com/dotnet/installer - no need to scan as it's covered by the scans on other repos
- [x] https://github.com/dotnet/winforms - https://github.com/dotnet/winforms/pull/9467
- [x] https://github.com/dotnet/wpf - https://github.com/dotnet/wpf/pull/8016
- [x] https://github.com/dotnet/windowsdesktop - https://github.com/dotnet/windowsdesktop/pull/3698
- [x] https://github.com/microsoft/reverse-proxy - https://github.com/microsoft/reverse-proxy/pull/2189

Product repos that run SDL validation in-line in their builds:

- [x] https://github.com/dotnet/fsharp - https://github.com/dotnet/fsharp/pull/15640
- [x] https://github.com/dotnet/roslyn - https://github.com/dotnet/roslyn/pull/69081
- [x] https://github.com/dotnet/templating - https://github.com/dotnet/templating/pull/6872
- [x] https://github.com/dotnet/razor - https://github.com/dotnet/razor/pull/8967
- [x] https://github.com/dotnet/diagnostics - https://github.com/dotnet/diagnostics/pull/4087
- [x] https://github.com/dotnet/xdt - https://github.com/dotnet/xdt/pull/519

Additional product repos (no SDL enabled for these repos). 

We are not enabling BinSkim for these repos (based on the discussion with mmitche).

- https://github.com/dotnet/test-templates
- https://github.com/microsoft/vstest
- https://github.com/dotnet/emsdk
- https://github.com/dotnet/symreader
- https://github.com/dotnet/llvm-project
- https://github.com/dotnet/cecil
- https://github.com/dotnet/format
- https://github.com/dotnet/roslyn-analyzers
- https://github.com/dotnet/sourcelink
- https://dev.azure.com/dnceng/internal/_git/dotnet-wpf-int
- https://github.com/dotnet/xliff-tasks


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Enable BinSkim for the product repos #2661

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Enable BinSkim for the product repos #2661

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions