1. David Ebbo
  2. WebActivator
  3. Issues
Issue #4 resolved

Assemblies Are Not Signed

Anonymous created an issue

Hi David,

It would be really useful if you signed the assemblies with a key, so that they have a strong name and so that the WebActivator NuGet package can be used by projects that are signed.

Thanks for the great project! -Joe

Comments (10)

  1. Anonymous

    Hi David - is there a strong named version of WebActivator available yet?

    I read through the thread you reference, however, there doesn't seem to be a conclusion.

    One of the packages I downloaded from NuGet (DataAnnotationExtensions) depends on WebActivator, but my project is strong named, therefore will not build because of the dependency on WebActivator. Is there a strong named version of WebActivator available yet? Or do I need to download and it build it myself, negating any value I'm getting from NuGet?

    Cheers, Brenton

  2. Anonymous

    +1 too. The more nuget packages include WebActivator as a dependency, the less i can use nuget.

    Having to download every dependency source to recompile it with a strong name is a pain in the ...

  3. Anonymous

    +1 a lot of guys in our office turned off webactivator because of this

    it would be great to have it strong named

  4. David Ebbo repo owner

    Sorry for the lack of response. I don't seem to get email notifications even thoug hI have that turned on :(

    That same codeplex thread (http://nuget.codeplex.com/discussions/247827) has picked up again. I think we really need to think about getting the auto-signing mechanism in place in NuGet. Just signing WebActivator is not the right answer as it causes more problems than it solves.

  5. brentonw

    David Ebbo - I think this is pretty simple - regardless of people's opinions on strong naming or the future features of NuGet, strong naming is a feature that's in the framework and people use it. If I'm strong naming my assemblies (which I am), any libraries that I depend on must also be strong named. Focusing on the specific case for WebActivator, not having a signed assembly makes it harder for me to use it (since I need to download/compile it myself) and impossible to use via NuGet. WebActivator should have a strong named assembly.

    For the broader case, NuGet needs to support usage by signed and non-signed projects, however that ends up being implemented (including both signed and unsigned versions in the package, auto-signing etc...).

  6. David Ebbo repo owner

    brentonw: it's best to take the discussion to http://nuget.codeplex.com/, as it is not specific to to WebActivator, and no one else will see the discussion here.

    But no, I wouldn't call it simple, given the amount of strong opinions going in opposite directions on the topic.

    Note that the auto-signing mechanism discussed in that thread would address this issue.

  7. Log in to comment