WebLog

Server-side, client-side, code snippets, scripts, automation, best practices, proven approaches, tips & tricks...

Using dotnet nuget package vulnerability scan in Azure DevOps build

Listing nuget vulnerabilities and controlling build in Azure DevOps
 
0
Since December 2021 when Log4Shell vulnerabilty caused by popular package for logging in Log4j for Java was discovered here is raised certain level of awareness of using OpenSource packages in application. Because of these cases it is critical that you have indicator whether you are using a dependency with reported vulnerability before you make your application available for wide audience, practically before you do the production release...read more

Protecting static files in ASP.NET Core using custom middleware

Restricting access to specific static content with middleware in ASP.NET Core
 
0
The most common scenario for static files is just to serve them as they are without any additional hassle or access rules.To serve static content which are often just images, css, javascript or other common static web content, you just need to involve static content middleware in your ASP.NET core application pipeline. Adding static content in ASP.NET Core applications is as simple as adding wwwroot folder to root of your web application and adding StaticFiles middleware to your pipeline. By default these files will become publicly available, but in the further text we'll deal with how restrict access to these static files you have in your application. ...read more

Supporting multiple authentication schemes in asp.net core webapi

Using more than one authentication schemes in webapi projects
 
0
Is is not so often than you have to use more than one authentication schemes in your project, but there are some corner cases when you have to do so. One of it is a scenario where you are supporting some weaker authentication schema like basic http authentication where credentials are supplied pretty much on every request. This kind of loosen security schema is to some limited extend suitable for internal APIs meaning that no other than users or most likely application within your organization network will access...read more

Controlling the flow of migrations in EF Core

Altering EF Core migrations execution order
 
0
EF Core has migrations as a way of restoring the database structure inherited from Entity Framework and for the most of the cases all you have to do to setup your database structure changes when deploying your new application version is to call the Migrate method from your DbContext.Database property. It is not a perfect solution but as I mention, it works great for majority of the cases and takes of the complexity of sorting out order for execution of pending changes so you can focus on business logic of your application. ...read more

Unit of work pattern with Dapper

Implementing unit of work pattern with Dapper in .NET 5
 
0
People often try to compare Dapper and Entity Framework. Although they both have same goal and that is reading and modifying the data against the database, they take completely different approach in doing so and therefore this comparison is not really valid. Entity framework is more robust as the name says framework, while Dapper is simple object mapper which is down the line set of extension methods on top of the ADO classes which allow easier manipulation with data in the database...read more

Adding centralized secrets service to Azure Service Fabric cluster

Adding secrets store and using store secrets in Azure Service Fabric
0
Azure Service Fabric is a great platform to host services for your distributed solution. It allows you to easily deploy and scale your applications and services. Apart from these out of the box functionalities which it is essentially build for, it also comes with secrets service which allows you to store and retrieve secret values for your application...read more

C# scripting with .NET Core global tool

Using .NET Core global tool to run C# script files
0
I assume since you are reading this article you are involved in development of applications using C# and .NET platform. Microsoft .NET and C# have been around for quite a while but there is not much talk on haw you can use C# for writing code apart from creating your projects in your IDE of choice and compiling them to executables. This is typical approach for writing robust applications and that is fine, but from time to time, this whole ceremony of creating a project, adding packages and libraries just to run for example a simple scheduled task that cleans up old logs from IIS seems like and overkill...read more

Customizing PowerShell terminal with oh-my-posh v3

Setting up oh-my-posh v3 custom theme for PowerShell
 
0
Last year I wrote an article on how to Customizing WSL2 on Windows with screenfetch and oh-my-zsh as I was spending a lot of time in WSL2 doing some heavy development for Linux platform using .NET Core. However recently I found myself working a lot in PowerShell prompt mainly with Git and really missed the customization I did for WSL, so I decided to customize my PowerShell console as well...read more

Using interceptors with dependency injection in Entity Framework Core

EF Core interceptors via dependency injection in ASP.NET 5
 
0
I while ago I wrote an article on how to Access multiple databases from the same DbContext in EF Core which relies on interceptors to mutate the SQL query diring execution. This code works just fine and it updates the command prior to it's execution, but it lacks in option to inject registered services to it's constructor as i used new keyword to initialize class instances. Adding interceptor without dependency injection ...read more

Implementing soft delete in EF Core using triggers

Entity soft delete implementation in EF Core
 
0
Implementation approach for soft delete is more-less straight forward thing. Instead of deleting data record, you introduce a flag which will mark the record as deleted and you can simply filter out on it and not show the data with the flag set. This way you do not loose data, but you restrict the end user to see it. This way of "deleting" data records, or better said marking them as deleted applies for certain types of applications, but sometime this requirement may come later as a new feature while the actual delete is in place...read more

Setting Azure DevOps pipeline variable from PowerShell script

Output value from PowerShell script to Azure DevOps builds and releases
 
0
When using Azure DevOps Pipelines or Releases, it is pretty easy to move informations from the pipeline/release into the target artifact package or folder on the target environment. What can be tricky if you need to dictate your pipeline/release based on the value from your code base or maybe the environment to which you are deploying to. As a simple example I set the version attribute in in my .csproj file which I will use to tell UseDotNet task in my build pipeline which SDK to use to perform .NET Core project build. ...read more

JavaScript

read more

Umbraco CMS

read more

.NET

read more

SQL/T-SQL

read more