I suggest you ...

Debugger should support authentication with SourceLink

The C# compiler and the debugger currently support a '/SourceLink' which is a technology where the compiler can emit a JSON file telling the debugger how to locate source files. See https://github.com/dotnet/core/blob/master/Documentation/diagnostics/source_link.md for documentation.

This works great for public projects on GitHub, or other sites that don't require authentication. But the debugger doesn't yet support hosts that require authentication.

562 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Gregg Miskelly shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    I’m excited to let everybody know that the VS Debugger now supports Authenticated Source Link for VSTS and GitHub starting in 15.7 Preview 3: https://blogs.msdn.microsoft.com/visualstudio/2018/04/09/visual-studio-2017-version-15-7-preview-3/

    From the blog post:
    Source Link Authentication: The debugger now supports authenticated Source Link requests for Visual Studio Team Services and private GitHub repositories. When debugging code that was built on another computer, such as a library in a NuGet package, Source Link enables the debugger to show correctly matching source code by downloading it from the internet. To build your own code with Source Link enabled see https://aka.ms/SourceLinkSpec.
    For VSTS repositories, authentication is provided by signing into Visual Studio. For GitHub, we leverage credentials from the GitHub Extension for Visual Studio and the Git Credential Manager for Windows. If Source Link fails due to an authentication error a new “Source Link Authentication Failed” page is shown to explain the issue. This page allows the user to login to VSTS or GitHub and retry the Source Link request.

    Thanks!
    Chuck Ries

    16 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      Submitting...
      • Morten Nielsen commented  ·   ·  Flag as inappropriate

        I'm using 15.8.2 on GitHub Enterprise which has Windows Authentication enabled. I'm getting this error:
        Source Link errors:
        This request was sent without authentication. If the server requires authentication, this may be the reason why the request fails.
        ERROR: The request returned an unexpected mime type (text/html).

      • Shrike commented  ·   ·  Flag as inappropriate

        Hi, guys. It's nice that you implemented Github and VSTS support but.. it's not what people asked for! Why do you impose such restrictions for two particular services buried somewhere deep inside VS debugger extension's registry setting?
        I mean this:
        [$RootKey$\Debugger\GitCredentialManager\Authorities]
        "raw.githubusercontent.com"="https://github.com"
        I can't see any reason why to restrict url from downloading source at all (as it's not commands as it can be used before with sourceserver but just text files). But even if you did this - add a normal easy way to extend allowed source servers.
        Very dissapointed. We have been waiting so long and this is a half-backed feature :(

      • Tim Van Holder commented  ·   ·  Flag as inappropriate

        Shame that it doesn’t seem to do normal https authentication too, so that others VCSes (like Subversion) would work.

      • Sergei Ryabkov commented  ·   ·  Flag as inappropriate

        @Chuck Ries, @Gregg Miskelly Thank you! Is adding support for GitLab planned? If yes, are there any preliminary timelines you can share?

      • Chuck Ries commented  ·   ·  Flag as inappropriate

        I'm excited to let everybody know that the VS Debugger now supports Authenticated Source Link for VSTS and GitHub starting in 15.7 Preview 3: https://blogs.msdn.microsoft.com/visualstudio/2018/04/09/visual-studio-2017-version-15-7-preview-3/

        From the blog post:
        Source Link Authentication: The debugger now supports authenticated Source Link requests for Visual Studio Team Services and private GitHub repositories. When debugging code that was built on another computer, such as a library in a NuGet package, Source Link enables the debugger to show correctly matching source code by downloading it from the internet. To build your own code with Source Link enabled see https://aka.ms/SourceLinkSpec.

        For VSTS repositories, authentication is provided by signing into Visual Studio. For GitHub, we leverage credentials from the GitHub Extension for Visual Studio and the Git Credential Manager for Windows. If Source Link fails due to an authentication error a new “Source Link Authentication Failed” page is shown to explain the issue. This page allows the user to login to VSTS or GitHub and retry the Source Link request.

        Thanks!
        Chuck Ries

      • Gregg Miskelly commented  ·   ·  Flag as inappropriate

        I want to give an update to the community for anyone interested. We are actively working on bringing this feature to Visual Studio, and we expect to ship our first cut of support for this feature in an upcoming update. However, note that this is a complex feature and it may turn out that support for different source control providers (ex: GitHub Private, Visual Studio Online, etc) may come online at different times. We will update this issue once the feature has shipped in a Visual Studio preview.

        Thanks,
        Gregg Miskelly

      • Samo Prelog commented  ·   ·  Flag as inappropriate

        IIRC SRCSRV worked if you authenticated on the private host in the VS web browser, before the debugger requested the source file.

      • Cameron Taggart commented  ·   ·  Flag as inappropriate

        Authentication support isn't yet documented there, but the "tentative plan was to handle <not found | unauthorized | forbidden | etc> status codes and allow the user to authenticate and/or use a credential store where the user can somehow associate credentials with a URL."

        It is now pretty common to share nupkg within a company. This will make it much easier to troubleshoot those assemblies. This is one of the main reasons I made SourceLink. Please add support. I'm tracking this at https://github.com/ctaggart/SourceLink/issues/204

      Feedback and Knowledge Base