From c75a8f293899ceb6d8b334623d9a30c340b58370 Mon Sep 17 00:00:00 2001
From: kellyyangsong <69649063+kellyyangsong@users.noreply.github.com>
Date: Fri, 20 Dec 2024 10:03:28 -0800
Subject: [PATCH 1/5] =?UTF-8?q?Add=20Warning=20Quality=20Check=20Build=20T?=
 =?UTF-8?q?ask=20=F0=9F=94=A8=20(#3067)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* add warning policy

* fix indenting
---
 build/template-Build-run-tests-sign.yml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/build/template-Build-run-tests-sign.yml b/build/template-Build-run-tests-sign.yml
index f9e0b1d5e1..5679908a29 100644
--- a/build/template-Build-run-tests-sign.yml
+++ b/build/template-Build-run-tests-sign.yml
@@ -212,6 +212,13 @@ steps:
     PathtoPublish: '$(Build.SourcesDirectory)\artifacts'
     ArtifactName: '$(Build.BuildNumber)-nuget-package'
 
+ - task: BuildQualityChecks@9
+  displayName: 'Check Warnings'
+  inputs:
+    checkWarnings: true
+    warningFailOption: 'build'
+    showStatistics: true
+
 - task: mspremier.PostBuildCleanup.PostBuildCleanup-task.PostBuildCleanup@3
   displayName: 'Clean Agent Directories'
   condition: and(succeeded(), eq(variables['PipelineType'], 'legacy'))

From e725d0e0c5f08c1e9fd7e3e76cdbae2feebf74e0 Mon Sep 17 00:00:00 2001
From: Xiao Zhang <85274586+ciaozhang@users.noreply.github.com>
Date: Mon, 30 Dec 2024 17:26:30 -0800
Subject: [PATCH 2/5] Update template-Build-run-tests-sign.yml (#3069)

---
 build/template-Build-run-tests-sign.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/build/template-Build-run-tests-sign.yml b/build/template-Build-run-tests-sign.yml
index 5679908a29..f8d7047729 100644
--- a/build/template-Build-run-tests-sign.yml
+++ b/build/template-Build-run-tests-sign.yml
@@ -212,7 +212,7 @@ steps:
     PathtoPublish: '$(Build.SourcesDirectory)\artifacts'
     ArtifactName: '$(Build.BuildNumber)-nuget-package'
 
- - task: BuildQualityChecks@9
+- task: BuildQualityChecks@9
   displayName: 'Check Warnings'
   inputs:
     checkWarnings: true

From e6d316eccb67972e24deae30a7aeca6ed195a21e Mon Sep 17 00:00:00 2001
From: Keegan <Keegan.Caruso@microsoft.com>
Date: Fri, 3 Jan 2025 13:03:14 -0800
Subject: [PATCH 3/5] Removed unused property on JsonWebToken (#3072)

---
 .../JsonWebToken.cs                           | 58 -------------------
 1 file changed, 58 deletions(-)

diff --git a/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebToken.cs b/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebToken.cs
index 48af759d86..985836f1c4 100644
--- a/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebToken.cs
+++ b/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebToken.cs
@@ -19,9 +19,6 @@ public partial class JsonWebToken : SecurityToken
     {
         internal const string ClassName = "Microsoft.IdentityModel.JsonWebTokens.JsonWebToken";
 
-        private ClaimsIdentity _claimsIdentity;
-        private bool _wasClaimsIdentitySet;
-
         private string _act;
         private string _authenticationTag;
         private string _ciphertext;
@@ -629,61 +626,6 @@ public Claim GetClaim(string key)
         /// </summary>
         internal IReadOnlyCollection<string> PayloadClaimNames => Payload._jsonClaims.Keys;
 
-        internal ClaimsIdentity ClaimsIdentity
-        {
-            get
-            {
-                if (!_wasClaimsIdentitySet)
-                {
-                    _wasClaimsIdentitySet = true;
-                    string actualIssuer = ActualIssuer ?? Issuer;
-
-                    foreach (Claim claim in Claims)
-                    {
-                        string claimType = claim.Type;
-                        if (claimType == ClaimTypes.Actor)
-                        {
-                            if (_claimsIdentity.Actor != null)
-                                throw LogHelper.LogExceptionMessage(new InvalidOperationException(LogHelper.FormatInvariant(LogMessages.IDX14112, LogHelper.MarkAsNonPII(JwtRegisteredClaimNames.Actort), claim.Value)));
-
-#pragma warning disable CA1031 // Do not catch general exception types
-                            try
-                            {
-                                JsonWebToken actorToken = new JsonWebToken(claim.Value);
-                                _claimsIdentity.Actor = ActorClaimsIdentity;
-                            }
-                            catch
-                            {
-
-                            }
-#pragma warning restore CA1031 // Do not catch general exception types
-                        }
-
-                        if (claim.Properties.Count == 0)
-                        {
-                            _claimsIdentity.AddClaim(new Claim(claimType, claim.Value, claim.ValueType, actualIssuer, actualIssuer, _claimsIdentity));
-                        }
-                        else
-                        {
-                            Claim newClaim = new Claim(claimType, claim.Value, claim.ValueType, actualIssuer, actualIssuer, _claimsIdentity);
-
-                            foreach (var kv in claim.Properties)
-                                newClaim.Properties[kv.Key] = kv.Value;
-
-                            _claimsIdentity.AddClaim(newClaim);
-                        }
-                    }
-                }
-
-                return _claimsIdentity;
-            }
-
-            set
-            {
-                _claimsIdentity = value;
-            }
-        }
-
         /// <summary>
         /// Try to get a <see cref="Claim"/> representing the { key, 'value' } pair corresponding to the provided <paramref name="key"/>.
         /// The value is obtained from the Payload.

From f70de659ab8ba6eb927e83f84ced2d5ff96a3593 Mon Sep 17 00:00:00 2001
From: Keegan <Keegan.Caruso@microsoft.com>
Date: Sat, 4 Jan 2025 14:23:01 -0800
Subject: [PATCH 4/5] Update setup dotnet actions (#3074)

* Needed for .net cdn change

see https://github.com/dotnet/core/issues/9671

and: https://github.com/AzureAD/microsoft-identity-web/pull/3175

* Update codeql action to setup .NET 9
---
 .github/workflows/aot-check.yml       | 2 +-
 .github/workflows/codeql-analysis.yml | 5 +++++
 .github/workflows/dotnetcore.yml      | 2 +-
 3 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/aot-check.yml b/.github/workflows/aot-check.yml
index 911da7f712..a9d20a0eba 100644
--- a/.github/workflows/aot-check.yml
+++ b/.github/workflows/aot-check.yml
@@ -23,7 +23,7 @@ jobs:
         fetch-depth: 1
 
     - name: Setup .NET 9.0.x
-      uses: actions/setup-dotnet@v4.1.0
+      uses: actions/setup-dotnet@v4
       with:
         dotnet-version: 9.0.x
 
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 85b9755976..345bf87488 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -26,6 +26,11 @@ jobs:
       with:
         fetch-depth: 2
 
+    - name: Setup .NET
+      uses: actions/setup-dotnet@v4
+      with:
+        dotnet-version: 9.0.x        
+
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
       uses: github/codeql-action/init@v3
diff --git a/.github/workflows/dotnetcore.yml b/.github/workflows/dotnetcore.yml
index 16328cc5d0..cffc3d5bba 100644
--- a/.github/workflows/dotnetcore.yml
+++ b/.github/workflows/dotnetcore.yml
@@ -35,7 +35,7 @@ jobs:
       uses: actions/checkout@v4.1.1
         
     - name: Setup .NET 9.x
-      uses: actions/setup-dotnet@v4.1.0
+      uses: actions/setup-dotnet@v4
       with:
         dotnet-version: 9.x
 

From fd9be465dbaa6a863e5e4132951095132cb53328 Mon Sep 17 00:00:00 2001
From: jennyf19 <jeferrie@microsoft.com>
Date: Sun, 5 Jan 2025 11:00:32 -0800
Subject: [PATCH 5/5] fixed #2983 and re-add code coverage comments to PRs
 (#3076)

---
 .github/workflows/dotnetcore.yml | 31 +++++++++++++++----------------
 1 file changed, 15 insertions(+), 16 deletions(-)

diff --git a/.github/workflows/dotnetcore.yml b/.github/workflows/dotnetcore.yml
index cffc3d5bba..8807853e1c 100644
--- a/.github/workflows/dotnetcore.yml
+++ b/.github/workflows/dotnetcore.yml
@@ -49,28 +49,27 @@ jobs:
     - name: Create code coverage report
       run: |
         dotnet tool install -g dotnet-reportgenerator-globaltool --version 5.4.1
-        reportgenerator -reports:./**/coverage.cobertura.xml -targetdir:CodeCoverage -reporttypes:'MarkdownSummaryGithub;Cobertura'
+        reportgenerator -reports:./**/coverage.cobertura.xml -targetdir:CodeCoverage -reporttypes:'MarkdownSummaryGithub;Cobertura' -filefilters:'+src/**/*.cs'
 
     - name: Write coverage to job summary
       shell: bash
       run: |
         cat CodeCoverage/SummaryGithub.md >> $GITHUB_STEP_SUMMARY
-    # Temporarily disable commenting the coverage report
-    #     echo "COMMENT_CONTENT_ENV_VAR<<EOF" >> $GITHUB_ENV
-    #     echo $(cat CodeCoverage/SummaryGithub.md) >> $GITHUB_ENV
-    #     echo "EOF" >> $GITHUB_ENV
+        echo "COMMENT_CONTENT_ENV_VAR<<EOF" >> $GITHUB_ENV
+        echo $(cat CodeCoverage/SummaryGithub.md) >> $GITHUB_ENV
+        echo "EOF" >> $GITHUB_ENV
 
-    # - name: Comment coverage in PR
-    #   uses: actions/github-script@v7
-    #   id: comment
-    #   with:
-    #     script: |
-    #       github.rest.issues.createComment({
-    #         issue_number: context.issue.number,
-    #         owner: context.repo.owner,
-    #         repo: context.repo.repo,
-    #         body: process.env.COMMENT_CONTENT_ENV_VAR
-    #       })
+    - name: Comment coverage in PR
+      uses: actions/github-script@v7
+      id: comment
+      with:
+        script: |
+          github.rest.issues.createComment({
+            issue_number: context.issue.number,
+            owner: context.repo.owner,
+            repo: context.repo.repo,
+            body: process.env.COMMENT_CONTENT_ENV_VAR
+          })
 
     # Run baseline package validation
     - name: Pack