This release contains a fine selection of 70 hand-picked bug fixes across ReSharper, ReSharper C++ and dotCover.
Using UTC in Applications
Using UTC dates for data is a pretty common and necessary practice but it definitely adds some complexity when managing dates as you always have to remember to properly adjust dates. For display purposes this is pretty straight forward, but for query operations there’s a bit of mental overhead to ensure your date math adds up properly.
No easy solutions, but I hope this post and some of the helpers make life a little easier for you – I know they do for me.
This update is the latest in a cumulative series of feature additions and bug fixes for Visual Studio 2012.
.NET Core 2.1.2 comprises:
- .NET Core Runtime 2.1.2 (release notes)
- .NET Core SDK 2.1.302
| | SDK Installer | SDK Binaries | Runtime Installer | Runtime Binaries | ASPNET Core Runtime |
|---|---|---|---|---|---|
| Windows | 32-bit / 64-bit | 32-bit / 64-bit | 32-bit / 64-bit | 32-bit / 64-bit | |
| macOS | 64-bit | 64-bit | 64-bit | 64-bit | |
| Linux (for glibc based OS) | See installations steps below | 64-bit | - | 64-bit | 64-bit |
| Linux ARM (for musl based OS, such as Alpine) | - | 64-bit | - | 64-bit | 64-bit |
| Linux ARM | - | 32-bit / 64-bit | - | 32-bit / 64-bit | 32-bit |
| RHEL6 | - | 64-bit | - | 64-bit | |
You’ve built a React web app and would love to bring it to iOS and Android. That means you have to learn React Native first, right? As it turns out, there’s an easier way to deploy to mobile. With Capacitor, a new native runtime for web apps, you can deploy any React-based web app as a PWA, iOS, or Android app - all from the same codebase.
IdentityServer 5 has been released This is the first major release under the new company’s banner, and here’s to many more.
The new release, even though still considered beta, is believed to be much more stable and production ready than the widely-used 3.0.3.
Security Advisory Notice for 16.6.2
CVE-2020-1108 / CVE-2020-1108.NET Core Denial of Service Vulnerability
To comprehensively address CVE-2020-1108, Microsoft has released updates for .NET Core 2.1 and .NET Core 3.1. Customers who use any of these versions of .NET Core should install the latest version of .NET Core. See the Release Notes for the latest version numbers and instructions for updating .NET Core.
CVE-2020-1202 / CVE-2020-1203 Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector or the Visual Studio Standard Collector fails to properly handle objects in memory.
CVE-2020-1293 / CVE-2020-1278 / CVE-2020-1257 Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations
Top Issues Fixed in Visual Studio 2019 version 16.6.2
- Visual Studio 2019 16.60 hang at run or build when modified not saved in C++/CLI project
- An unhandled exception of type 'System.NullReferenceException' occurred in Microsoft.VisualStudio.DesignTools.WpfTap.dll
- Recurring null reference when reopening documents
- "Create new project" dialog search does not find templates for third-party language providers
- IntelliSense shows that "tilde-slash" (~/) points to ASP .NET Core 3.1 project root instread of wwwroot subfolder after upgrading Visual Studio Enterprise 16.5.6->16.6.0
- Fixed a compiler error (error C2475: redefinition; 'constexpr' specifier mismatch) affecting std::atomic when compiled as C++/CX in C++17 mode.
- URL completion values and format was fixed in Razor views. App-relative URL format is now used again and the values in the URL completion list show files and folders rooted under app root, i.e. wwwroot.
- Fixed a crash when using snippets.
- Restore item templates that could be hidden by extensions.
A Deep Dive into the ASP.NET 5 Runtime
Go Cross-Platform with the .NET Framework
Parler relied on several external services for security; but when those services were yanked away (due to Parler hosting neo-nazi and insurrectionist content), their code took the absence of such services as a reason to approve whatever action the user was trying to take. It’s the equivalent of your house security system letting everyone in if the phone-line goes down. There’s so much more to the Parler hack, from the lack of rate-limiting to the ability for people to pull down 60-70TBs of information from Parler’s AWS hosted storage, which — to add insult to injury, results in a massive egress bill from AWS to Parler, on top of AWS no longer hosting Parler.
