v7.0.1

• [FIX] Restores compatibility with .NET 8 as .NET 10 is not ubiquitously available in all common CI environments yet.

---

This change only impacts the nuget tool distribution of AzureSignTool. As the stand-alone binaries are fully self-contained, they do contain any functional changes and are still built with .NET 10.

The 7.0.1 versions of the binaries are included for consistency of availability on GitHub releases, but it is not necessary to move to 7.0.1 if 7.0.0 is working for you.

v7.0.0

What's Changed

• [CHORE] Updated all dependencies
• [BREAKING CHANGE] The NuGet packages now require .NET 10 or later.
• [BUG FIX] File system globbing introduced in AzureSignTool 6.0.0 did not correctly handle globs patterns using absolute paths, like E:\stuff\*.dll. This adds a work around so that common absolute path forms work, such as drive-prefixed paths or UNC paths.
• [CHORE] The WinGet binaries are now built with .NET 10.

New Contributors

Full Changelog: v6.0.1...v7.0.0

v6.0.1

What's Changed

There are no functional changes in this release. This release is built with .NET 8.0.12 which addresses vulnerabilities fixed in the January servicing release. It is built from the same commit as the 6.0.0 release.

v6.0.0

What's Changed

• [BREAKING CHANGE] Replaced the McMaster.Extensions.CommandLineUtils with XenoAtom.CommandLine for command line
  The command line parsing library has been replaced with a Native AOT compatible one to allow for stand alone binaries to be published. While the new command line parser is largely compatible with the previous one, there may be differences in how they are interpreted.
• [CHORE] Update all dependencies
• [FEATURE] Add support for glob patterns in signing input.
• [BREAKING CHANGE] Changed parallelism to use less concurrency to avoid throttling.
  --max-degree-of-parallelism now defaults to 4, instead of unlimited. This is to reduce the amount of signing throughput which can result in throttling from either Azure Key Vault or from a CA's timestamp infrastructure. The original behavior can be restored by explicitly setting --max-degree-of-parallelism to 0.
• [FEATURE] Azure Key Vault retry policy. RSAKeyVaultProvider has been replaced with Azure's native functionality. This allows for retries, throttling, and back off for Azure Key Vault.
• [FEATURE] --azure-key-vault-certificate-version can be used to specify a specific version of an Azure Key Vault certificate.

New Contributors

• @roelvandersteen made their first contribution in #231
• @j-laemmermann made their first contribution in #260
• @bb-froggy made their first contribution in #261
• @krachynski made their first contribution in #259
• @ConcernedCitizen made their first contribution in #268
• @Mik4sa made their first contribution in #270

Full Changelog: v5.0.0...v6.0.0

v6.0.0-beta1

This release is for AzureSignTool 6.0.0 beta1.

Please see this announcement post for information about 6.0.0 beta1. #271

What's Changed

• README updates for v5.0. by @vcsjones in #239
• Bump Azure.Identity from 1.10.4 to 1.11.0 in /src/AzureSignTool by @dependabot in #244
• Fix validation error in SignCommand.cs by @roelvandersteen in #231
• Prepare for Native AOT by @vcsjones in #246
• File system globbing support by @vcsjones in #247
• Set a default MDOP by @vcsjones in #250
• Use Azure SDK for RSA algorithm by @vcsjones in #251
• Re-enable 32bit publishing for office VBA by @j-laemmermann in #260
• Bump Azure.Identity from 1.11.2 to 1.11.4 in /src/AzureSignTool by @dependabot in #256
• Typo in README by @bb-froggy in #261
• Add the correct description by @krachynski in #259
• Adding support for optional Azure Key Vault certificate version selection by @ConcernedCitizen in #268
• Switch to central package management and bump a few packages by @vcsjones in #269
• Support Windows Server 2022 for --append-signature flag by @Mik4sa in #270

New Contributors

• @roelvandersteen made their first contribution in #231
• @j-laemmermann made their first contribution in #260
• @bb-froggy made their first contribution in #261
• @krachynski made their first contribution in #259
• @ConcernedCitizen made their first contribution in #268
• @Mik4sa made their first contribution in #270

Full Changelog: v5.0.0...v6.0.0-beta1

v5.0.0

This is the 5.0 release of AzureSignTool.

• The 5.0.0 version bumps the tool framework version to .NET 8.0.
• Appending signatures is now supported on Windows 11 or later. Thanks to @VaronisContributor for the contribution.

v4.0.1

This upgrades AzureSignTool to .NET 6.

Other minor changes and typos included.

v3.0.0

AzureSignTool 3.0.0 has been released.

Highlights:

• Moved off of .NET Core 2.1 to .NET Core 3.1. AzureSignTool will moved to .NET 6.0 LTS later this year.
• There are breaking changes in the CLI. The --azure-key-vault-tenant-id option may be required.
• Fixed miscellaneous bugs where specifying invalid input on the CLI would result in zero output.

v2.0.17

Available at https://www.nuget.org/packages/AzureSignTool/

1.0.1

• Improved signing performance by avoiding a network call to Azure Key Vault.