Code Scanning
Resources
- Code Scan Pipeline: https://dev.azure.com/eFileCabinet/Utopia/_apps/hub/ms.vss-ciworkflow.build-ci-hub?_a=edit-build-definition&id=132&view=Tab_Tasks
- Migrating from packages.config: https://learn.microsoft.com/en-us/nuget/consume-packages/migrate-packages-config-to-package-reference#migration-steps
Background
We wanted to do a code scan of the Revver Desktop App, but after some research and some trial and error, we found that this was going to be more difficult than anticipated.
In order to be able to used ADO advanced security to code scan, we needed to build the app in and ADO pipeline. There are two issues with this. 1) you can't build a .vsproj project (Visual Studio Installer Project) in ADO pipelines (well, we probably could if we we had our own build machines), and 2) our projects store nuget packages in a packages.config file and the ADO pipelines have issues restoring nuget packages when they are configured this way.
We attempted