Chris-Wolfgang · Chris-Wolfgang · Jun 20, 2026 · May 22, 2026 · May 22, 2026 · May 22, 2026
@@ -9,15 +9,19 @@
 *.fsx text eol=lf
 
 # Scripts
-# PowerShell scripts: LF line endings in the index. Required for the
-# `#!/usr/bin/env pwsh` shebang to work on Linux/macOS — the kernel
-# parses CR as part of the interpreter name (looking for `pwsh\r`).
-# BOM avoidance is enforced separately via `.editorconfig`
-# (charset = utf-8 in the global [*] section); git attributes can
-# only normalize line endings, not byte-order marks.
-# Modern PowerShell 7+ handles LF on Windows transparently; Git's
-# autocrlf still gives Windows users CRLF in their working tree if
-# desired without forcing CRLF into the index.
+# PowerShell scripts: enforce LF line endings in both the index AND
+# the working tree (the explicit `eol=lf` overrides any user-level
+# `core.autocrlf=true` setting that would otherwise convert to CRLF
+# on checkout). BOM-free UTF-8 encoding is enforced separately by
+# .editorconfig's global `charset = utf-8` — `.gitattributes` can
+# normalize line endings (and control text/binary, diff, and merge
+# behavior) but has no attribute for byte-order marks.
+#
+# LF is required for the `#!/usr/bin/env pwsh` shebang to work on
+# Linux/macOS — the kernel parses CR as part of the interpreter name
+# (looking for `pwsh\r`), and a UTF-8 BOM before `#!` would prevent
+# shebang recognition entirely. Modern PowerShell 7+ handles LF on
+# Windows transparently.
 *.ps1 text eol=lf
 
 

@@ -0,0 +1,76 @@
+name: "✨ Maintenance task"
+description: "Track an actionable improvement under the Maintenance framework (security, performance, testing, cleanup, docs, API, or CI/CD)."
+title: "[Maintenance] <category>: <short description>"
+labels: [maintenance-task]
+assignees: []
+body:
+  - type: markdown
+    attributes:
+      value: |
+        ## Maintenance framework sub-issue
+
+        This template creates a **`maintenance-task`** sub-issue under this repo's parent `Maintenance: <repo>` issue. The new issue will auto-appear in the cross-repo Maintenance project board (URL listed in the parent `Maintenance: <repo>` issue body).
+
+        - Pick exactly **one** category in the dropdown below. The corresponding `maintenance - <category>` label will need to be added manually after creation (issue forms don't yet support dynamic label addition).
+        - Fill in **Scope** (what's done & why), **Acceptance** (when do we close this?), and **Links** (PRs, scan output, related issues).
+        - If you're closing this issue via a PR, include `Fixes #<this-issue-number>` in the PR body so the auto-add workflow marks the project item as Done.
+
+  - type: dropdown
+    id: category
+    attributes:
+      label: Category
+      description: "Pick exactly one. After creation, also add the corresponding `maintenance - <category>` label."
+      options:
+        - "security — scans, finding fixes, dependency vulnerability audit"
+        - "performance — profile, benchmark, optimize, validate gains"
+        - "testing — coverage, integration/smoke/mutation tests, fixtures"
+        - "cleanup — refactor for reuse / quality / efficiency"
+        - "docs — XML doc coverage, README, CHANGELOG, samples"
+        - "API — public/internal surface audit, breaking-change vigilance"
+        - "CI/CD — Docker, CI workflow, build/publish pipeline"
+    validations:
+      required: true
+
+  - type: textarea
+    id: scope
+    attributes:
+      label: Scope
+      description: "What needs to be done? What's the motivation?"
+      placeholder: |
+        e.g.
+        - Profile the hot path in `Extractor.ExtractAsync` and identify the dominant allocations.
+        - Goal: reduce per-record allocations to enable streaming larger inputs.
+    validations:
+      required: true
+
+  - type: textarea
+    id: acceptance
+    attributes:
+      label: Acceptance criteria
+      description: "When do we close this issue? Concrete observable outcomes."
+      placeholder: |
+        e.g.
+        - Benchmark X shows <50% of current allocations.
+        - No regression in existing benchmark suite (>5%).
+        - Updated benchmark numbers committed.
+    validations:
+      required: true
+
+  - type: textarea
+    id: links
+    attributes:
+      label: Links
+      description: "Related PRs, scan output, prior issues, external references."
+      placeholder: |
+        - Related PR: #...
+        - Scan output: ...
+        - Related issue: #...
+    validations:
+      required: false
+
+  - type: markdown
+    attributes:
+      value: |
+        ---
+
+        💡 **Tip for agents (Copilot etc.):** When opening a maintenance-task sub-issue, use this template and pick the matching category. After creation, add the `maintenance - <category>` label manually. See `.github/copilot-instructions.md` for the full Maintenance framework convention.
@@ -4,6 +4,18 @@
 
 Fixes/Complete # (issue)
 
+<!--
+If this PR addresses a Maintenance framework sub-issue, link it explicitly so the
+project board auto-marks the item as Done on merge:
+
+  Fixes #<maintenance-task-issue-number>
+
+The Maintenance framework tracks ongoing improvement work (security, performance,
+testing, cleanup, docs, API, CI/CD) — see the parent `Maintenance: <repo>` issue
+for details.
+-->
+
+
 ## Type of change
 
 Please delete options that are not relevant.

@@ -0,0 +1,99 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [Unreleased]
+
+### Added
+
+### Changed
+
+### Deprecated
+
+### Removed
+
+### Fixed
+
+### Security
+
+## [0.13.1] - 2026-06-19
+
+Canonical maintenance round + binding-stability fix. No public API or
+runtime behavior change vs v0.13.0. This release is the prerequisite
+the downstream ETL family (`ETL-Test-Kit`, `ETL-Xml`, `ETL-Json`,
+`ETL-FixedWidth`, `Etl-DbClient`, the in-development
+`ETL-Csv`/`ETL-SqlBulkCopy`/`ETL-Transformers`) consumes by NuGet
+reference — bumping it first lets each downstream pilot inherit the
+canonical fixes cleanly rather than each fighting mixed-state
+dependencies.
+
+### Added
+
+- **D8** — `verify-docs-build` job in `release.yaml` runs DocFX during
+  the release pipeline before the NuGet push, so a docs build failure
+  now blocks the package from shipping.
+- **D8** — docs site version picker assets
+  (`docfx_project/public/version-picker.js`,
+  `docfx_project/versions.json`,
+  `docs/DOCFX-VERSION-PICKER.md`).
+- **A1** — `PublicApiAnalyzers` scaffolding (analyzers activate when
+  `PublicAPI.Shipped.txt` / `PublicAPI.Unshipped.txt` are present
+  alongside the csproj).
+- **CI3** — canonical NuGet package metadata: `Authors`, `Copyright`,
+  `RepositoryType`, SourceLink, snupkg symbol packages, deterministic
+  CI build flag, and `EmbedUntrackedSources` hoisted to
+  `Directory.Build.props`.
+- **T3** — Stryker mutation-testing workflow (`stryker.yaml`).
+- **T1** — coverage report published to docs site.
+- **S1** — CodeQL `security-extended` query pack.
+- **D6** — versions.json preservation guard on the docs deploy.
+
+### Changed
+
+- **C1** — fleet-wide template-drift sync: workflow files (`pr.yaml`,
+  `release.yaml`, `docfx.yaml`, `codeql.yaml`,
+  `build-all-versions.yaml`, `stryker.yaml`), `.editorconfig`,
+  `BannedSymbols.txt`, `Directory.Build.props`, and per-context
+  `tests/Directory.Build.props` consolidated to the canonical baseline.
+- **Nullable** — `<Nullable>enable</Nullable>` consolidated into
+  `Directory.Build.props` (was per-csproj); per-project opt-out via
+  override still supported.
+- **CI2** — Dependabot `github-actions` ecosystem added.
+- **D3** — repo scripts hardened (`Setup-Labels.ps1`,
+  `Fix-BranchRuleset.ps1`).
+- `github/codeql-action/init` and `analyze` bumped v3 → v4 (Node.js
+  20 → 24 deprecation).
+- **Docs** — README accuracy pass: corrected the Target Frameworks
+  table (dropped the untargeted .NET 4.7.0 / 4.7.1 rows, added the
+  missing .NET Standard 2.0 row), analyzer count 7 → 8
+  (`Microsoft.CodeAnalysis.PublicApiAnalyzers`), and the build
+  prerequisite (.NET 8.0 → .NET 10.0 SDK). `CONTRIBUTING.md` analyzer
+  list updated to match.
+
+### Removed
+
+- `REPO-INSTRUCTIONS.md` — the repo-template post-setup bootstrap
+  checklist ("once you have completed the checklist below you can
+  delete this file"); setup is long complete.
+
+### Fixed
+
+- **Docs** — corrected stale XML-doc `<example>` references found in a
+  code-review pass: `LoaderBase` / `TransformerBase` examples referenced
+  a non-existent `MaxItemCount` (corrected to `MaximumItemCount`), and
+  `SystemProgressTimer` pointed at a non-existent `ManualProgressTimer`
+  type (corrected to a resolvable `IProgressTimer` reference).
+- **C4** — restored explicit `<AssemblyVersion>1.0.0.0</AssemblyVersion>`
+  and added a prerelease-safe `<FileVersion>` (regex-strip property
+  function) to the src csproj. The original C4 fanout had dropped
+  these on the rationale that the hardcoded values were "stale"
+  relative to released package versions — but that staleness was the
+  correct binding-stability behaviour for libraries that ship a
+  `net462` TFM. Without an explicit pin, SDK-derived `AssemblyVersion`
+  would change on every minor/patch release, breaking .NET Framework
+  consumers without a binding redirect. (See DateTime-Extensions v1.3.1
+  for the post-mortem on what happens when this regression reaches a
+  release.)
@@ -49,7 +49,7 @@ You can contribute in several ways:
 
 This project maintains **extremely high code quality standards** through multiple layers of static analysis and automated enforcement.
 
-### The 7 Analyzers
+### The 8 Analyzers
 
 All code is analyzed by these tools during build:
 
@@ -62,9 +62,11 @@ All code is analyzed by these tools during build:
    - Advanced C# pattern detection
 
 3. **AsyncFixer**
-   - Detects async/await anti-patterns
-   - Ensures proper `ConfigureAwait()` usage
-   - Prevents fire-and-forget async calls
+   - Detects common async/await anti-patterns (AsyncFixer01–05)
+   - Flags missing or incorrect cancellation-token propagation
+   - Prevents fire-and-forget async calls (`async void` outside event handlers)
+   - NOTE: `ConfigureAwait()` enforcement is handled by Meziantou's
+     MA0004 / SonarAnalyzer S3216 / CA2007, not by AsyncFixer.
 
 4. **Microsoft.VisualStudio.Threading.Analyzers**
    - Thread safety enforcement
@@ -85,6 +87,10 @@ All code is analyzed by these tools during build:
    - Security vulnerability detection
    - Code smell identification
 
+8. **Microsoft.CodeAnalysis.PublicApiAnalyzers**
+   - Tracks the declared public API surface (`PublicAPI.Shipped.txt` / `PublicAPI.Unshipped.txt`)
+   - Flags unintended additions, removals, or signature changes as breaking-change risks
+
 ### Async-First Enforcement
 
 This library **prohibits synchronous blocking calls** via `BannedSymbols.txt`. The following APIs are **banned**:
@@ -145,7 +151,7 @@ var now = DateTimeOffset.UtcNow;
 ## Build and Test Instructions
 
 ### Prerequisites
-- .NET 8.0 SDK or later
+- .NET 10.0 SDK or later (required for the repo's net10.0 target; older SDKs cannot load the csproj)
 - PowerShell Core (optional, for formatting scripts)
 
 ### Build the Project
@@ -185,7 +191,7 @@ dotnet format --verify-no-changes
 pwsh ./scripts/format.ps1
 ```
 
-See [README-FORMATTING.md](docs/README-FORMATTING.md) for detailed formatting rules.
+See [docs/README-FORMATTING.md](docs/README-FORMATTING.md) for detailed formatting rules.
 
 ---
 
@@ -237,4 +243,3 @@ Please be respectful and considerate in all interactions. See [CODE_OF_CONDUCT.m
 ---
 
 Thank you for contributing! 🎉
-
@@ -106,7 +106,7 @@ is no new runtime behavior, no buffering, and no additional allocations per item
 | Fluent Pipeline | `Pipeline.Extract(...).Transform(...).Load(...).RunAsync()` with compile-time stage typing |
 | Progress Reporting | Built-in `IProgress<T>` support with configurable reporting intervals |
 | Cancellation | Full `CancellationToken` support across all operations |
-| Multi-TFM | Targets .NET Framework 4.6.2+, .NET Standard 2.0+, and .NET 5.0–10.0 |
+| Multi-TFM | Targets .NET Framework 4.6.2–4.8.1, .NET Standard 2.0, and .NET 5.0–10.0 |
 | Skip & Limit | `SkipItemCount` and `MaximumItemCount` for partial extraction/loading |
 | Thread Safety | `Interlocked`-based counters for safe concurrent progress tracking |
 
@@ -116,15 +116,15 @@ is no new runtime behavior, no buffering, and no additional allocations per item
 
 | Framework | Versions |
 |-----------|----------|
-| .Net Framework | .net 4.6.2, .net 4.7.0, .net 4.7.1, .net 4.7.2, .net 4.8, .net 4.8.1 | 
-| .Net Core | |
-| .Net | .net 5.0, .net 6.0, .net 7.0, .net 8.0, .net 9.0, .net 10.0 |
+| .NET Framework | 4.6.2, 4.7.2, 4.8, 4.8.1 |
+| .NET Standard | 2.0 |
+| .NET | 5.0, 6.0, 7.0, 8.0, 9.0, 10.0 |
 
 ---
 
 ## 🔍 Code Quality & Static Analysis
 
-This project enforces **strict code quality standards** through **7 specialized analyzers** and custom async-first rules:
+This project enforces **strict code quality standards** through **8 specialized analyzers** and custom async-first rules:
 
 ### Analyzers in Use
 
@@ -135,6 +135,7 @@ This project enforces **strict code quality standards** through **7 specialized
 5. **Microsoft.CodeAnalysis.BannedApiAnalyzers** - Prevents usage of banned synchronous APIs
 6. **Meziantou.Analyzer** - Comprehensive code quality rules
 7. **SonarAnalyzer.CSharp** - Industry-standard code analysis
+8. **Microsoft.CodeAnalysis.PublicApiAnalyzers** - Tracks the public API surface to catch unintended breaking changes
 
 ### Async-First Enforcement
 
@@ -155,7 +156,7 @@ This library uses **`BannedSymbols.txt`** to prohibit synchronous APIs and enfor
 ## 🛠️ Building from Source
 
 ### Prerequisites
-- [.NET 8.0 SDK](https://dotnet.microsoft.com/download) or later
+- [.NET 10.0 SDK](https://dotnet.microsoft.com/download) or later (required to build all target frameworks)
 - Optional: [PowerShell Core](https://github.com/PowerShell/PowerShell) for formatting scripts
 
 ### Build Steps