fix: ci pr-checks failure by pinning incompatible dependency upgrades by dependabot[bot] · Pull Request #538 · JerrettDavis/JD.AI

dependabot · 2026-06-13T07:31:46Z

Description

Pins dependency versions that broke the CI / pr-checks (pull_request) build after the dependency bump.

Related Issue

N/A

Type of Change

Bug fix (non-breaking change that fixes an issue)
New feature (non-breaking change that adds functionality)
Breaking change (fix or feature that would cause existing functionality to not work as expected)
Documentation update
Dependency update

Checklist

My code follows the project's coding standards (.editorconfig)
I have added/updated XML doc comments for public APIs
I have added tests that cover my changes
All new and existing tests pass (dotnet test)
The solution builds with zero warnings (dotnet build)
I have updated the documentation if needed
For docs/README changes, I added or refreshed screenshots/GIFs where they improve clarity

Testing

Ran dotnet restore JD.AI.slnx
Ran dotnet build JD.AI.slnx --configuration Release --no-restore /p:ContinuousIntegrationBuild=true (passes)
Ran dotnet format JD.AI.slnx --severity warn --verify-no-changes (passes)
Ran filtered CI-equivalent tests:
dotnet test JD.AI.slnx --configuration Release --no-build --filter "Category!=Integration&Category!=MlModel&Category!=FlakyEnvironment&Category!=E2E"

Screenshots / Logs

Root causes identified from Actions job 81173067784:

MudBlazor upgrade to 9.5.0 caused compile-time API incompatibilities in dashboard Razor components.
SixLabors.ImageSharp upgrade to 4.0.0 triggered license enforcement error in CI build.

Fix implemented:

Pin MudBlazor to 8.5.1
Pin SixLabors.ImageSharp to 3.1.12

Bumps AWSSDK.SecretsManager from 4.0.5 to 4.0.5.3 Bumps Discord.Net from 3.19.1 to 3.20.1 Bumps JD.SemanticKernel.Connectors.ClaudeCode from 1.0.32 to 1.0.34 Bumps JD.SemanticKernel.Connectors.GitHubCopilot from 0.1.59 to 0.1.61 Bumps JD.SemanticKernel.Connectors.OpenAICodex from 0.1.28 to 0.1.30 Bumps JD.SemanticKernel.Extensions from 0.1.99 to 0.1.101 Bumps JD.SemanticKernel.Extensions.Mcp from 0.1.99 to 0.1.101 Bumps Meziantou.Analyzer from 3.0.98 to 3.0.102 Bumps Microsoft.AspNetCore.Components.WebAssembly from 10.0.8 to 10.0.9 Bumps Microsoft.AspNetCore.Components.WebAssembly.DevServer from 10.0.8 to 10.0.9 Bumps Microsoft.AspNetCore.Components.WebAssembly.Server from 10.0.8 to 10.0.9 Bumps Microsoft.AspNetCore.Mvc.Testing from 10.0.8 to 10.0.9 Bumps Microsoft.AspNetCore.OpenApi from 10.0.8 to 10.0.9 Bumps Microsoft.AspNetCore.SignalR.Client from 10.0.8 to 10.0.9 Bumps Microsoft.Data.Sqlite from 10.0.8 to 10.0.9 Bumps Microsoft.EntityFrameworkCore from 10.0.8 to 10.0.9 Bumps Microsoft.EntityFrameworkCore.Sqlite from 10.0.8 to 10.0.9 Bumps Microsoft.Extensions.DependencyInjection from 10.0.8 to 10.0.9 Bumps Microsoft.Extensions.DependencyInjection.Abstractions from 10.0.8 to 10.0.9 Bumps Microsoft.Extensions.Diagnostics.HealthChecks from 10.0.8 to 10.0.9 Bumps Microsoft.Extensions.Hosting.Abstractions from 10.0.8 to 10.0.9 Bumps Microsoft.Extensions.Hosting.Systemd from 10.0.8 to 10.0.9 Bumps Microsoft.Extensions.Hosting.WindowsServices from 10.0.8 to 10.0.9 Bumps Microsoft.Extensions.Http from 10.0.8 to 10.0.9 Bumps Microsoft.Extensions.Logging.Abstractions from 10.0.8 to 10.0.9 Bumps Microsoft.Extensions.Options from 10.0.8 to 10.0.9 Bumps MudBlazor from 8.5.1 to 9.5.0 Bumps OpenTelemetry.Exporter.Console from 1.15.3 to 1.16.0 Bumps OpenTelemetry.Exporter.OpenTelemetryProtocol from 1.15.3 to 1.16.0 Bumps OpenTelemetry.Exporter.Zipkin from 1.15.3 to 1.16.0 Bumps OpenTelemetry.Extensions.Hosting from 1.15.3 to 1.16.0 Bumps SixLabors.ImageSharp from 3.1.12 to 4.0.0 Bumps Spectre.Console from 0.55.2 to 0.56.0 Bumps System.CommandLine from 2.0.8 to 2.0.9 Bumps System.Security.Cryptography.ProtectedData from 10.0.8 to 10.0.9 Bumps TinyBDD.Xunit from 0.19.22 to 0.19.23 --- updated-dependencies: - dependency-name: AWSSDK.SecretsManager dependency-version: 4.0.5.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-dependencies - dependency-name: Discord.Net dependency-version: 3.20.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-dependencies - dependency-name: JD.SemanticKernel.Connectors.ClaudeCode dependency-version: 1.0.34 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-dependencies - dependency-name: JD.SemanticKernel.Connectors.GitHubCopilot dependency-version: 0.1.61 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-dependencies - dependency-name: JD.SemanticKernel.Connectors.OpenAICodex dependency-version: 0.1.30 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-dependencies - dependency-name: JD.SemanticKernel.Extensions dependency-version: 0.1.101 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-dependencies - dependency-name: JD.SemanticKernel.Extensions.Mcp dependency-version: 0.1.101 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-dependencies - dependency-name: Meziantou.Analyzer dependency-version: 3.0.102 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-dependencies - dependency-name: Microsoft.AspNetCore.Components.WebAssembly dependency-version: 10.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-dependencies - dependency-name: Microsoft.AspNetCore.Components.WebAssembly.DevServer dependency-version: 10.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-dependencies - dependency-name: Microsoft.AspNetCore.Components.WebAssembly.Server dependency-version: 10.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-dependencies - dependency-name: Microsoft.AspNetCore.Mvc.Testing dependency-version: 10.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-dependencies - dependency-name: Microsoft.AspNetCore.OpenApi dependency-version: 10.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-dependencies - dependency-name: Microsoft.AspNetCore.SignalR.Client dependency-version: 10.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-dependencies - dependency-name: Microsoft.Data.Sqlite dependency-version: 10.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-dependencies - dependency-name: Microsoft.EntityFrameworkCore dependency-version: 10.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-dependencies - dependency-name: Microsoft.EntityFrameworkCore.Sqlite dependency-version: 10.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-dependencies - dependency-name: Microsoft.Extensions.DependencyInjection dependency-version: 10.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-dependencies - dependency-name: Microsoft.Extensions.DependencyInjection.Abstractions dependency-version: 10.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-dependencies - dependency-name: Microsoft.Extensions.Diagnostics.HealthChecks dependency-version: 10.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-dependencies - dependency-name: Microsoft.Extensions.Hosting.Abstractions dependency-version: 10.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-dependencies - dependency-name: Microsoft.Extensions.Logging.Abstractions dependency-version: 10.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-dependencies - dependency-name: Microsoft.Extensions.Hosting.Systemd dependency-version: 10.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-dependencies - dependency-name: Microsoft.Extensions.Hosting.WindowsServices dependency-version: 10.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-dependencies - dependency-name: Microsoft.Extensions.Http dependency-version: 10.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-dependencies - dependency-name: Microsoft.Extensions.Logging.Abstractions dependency-version: 10.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-dependencies - dependency-name: Microsoft.Extensions.Options dependency-version: 10.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-dependencies - dependency-name: MudBlazor dependency-version: 9.5.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-dependencies - dependency-name: OpenTelemetry.Exporter.Console dependency-version: 1.16.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-dependencies - dependency-name: OpenTelemetry.Exporter.OpenTelemetryProtocol dependency-version: 1.16.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-dependencies - dependency-name: OpenTelemetry.Exporter.Zipkin dependency-version: 1.16.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-dependencies - dependency-name: OpenTelemetry.Extensions.Hosting dependency-version: 1.16.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-dependencies - dependency-name: SixLabors.ImageSharp dependency-version: 4.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-dependencies - dependency-name: Spectre.Console dependency-version: 0.56.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-dependencies - dependency-name: System.CommandLine dependency-version: 2.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-dependencies - dependency-name: System.Security.Cryptography.ProtectedData dependency-version: 10.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-dependencies - dependency-name: TinyBDD.Xunit dependency-version: 0.19.23 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

github-actions · 2026-06-13T07:31:58Z

⚠️ Deprecation Warning: The deny-licenses option is deprecated for possible removal in the next major release. For more information, see issue 997.

Dependency Review

The following issues were found:

✅ 0 vulnerable package(s)
✅ 0 package(s) with incompatible licenses
✅ 0 package(s) with invalid SPDX license definitions
⚠️ 3 package(s) with unknown licenses.

See the Details below.

License Issues

src/JD.AI.Plugins.SDK/JD.AI.Plugins.SDK.csproj

Package	Version	License	Issue Type
Microsoft.Extensions.DependencyInjection	>= 0	Null	Unknown License
Microsoft.Extensions.Hosting.Abstractions	>= 0	Null	Unknown License

src/JD.AI.Telemetry/JD.AI.Telemetry.csproj

Package	Version	License	Issue Type
Microsoft.Extensions.DependencyInjection	>= 0	Null	Unknown License

Denied Licenses:
GPL-2.0, GPL-3.0, AGPL-3.0

OpenSSF Scorecard

Package	Version	Score	Details
nuget/Microsoft.Extensions.DependencyInjection	>= 0	Unknown	Unknown
nuget/Microsoft.Extensions.Hosting.Abstractions	>= 0	Unknown	Unknown
nuget/Microsoft.Extensions.DependencyInjection	>= 0	Unknown	Unknown

Scanned Files

src/JD.AI.Plugins.SDK/JD.AI.Plugins.SDK.csproj
src/JD.AI.Telemetry/JD.AI.Telemetry.csproj

github-actions · 2026-06-13T07:33:04Z

Test Results

7 641 tests 7 622 ✅ 2m 20s ⏱️
7 suites 19 💤
7 files 0 ❌

Results for commit 79836a2.

♻️ This comment has been updated with latest results.

github-actions · 2026-06-13T16:16:05Z

Code Coverage

Summary
  Generated on: 06/13/2026 - 16:15:55
  Coverage date: 06/13/2026 - 16:13:43 - 06/13/2026 - 16:15:46
  Parser: MultiReport (7x Cobertura)
  Assemblies: 23
  Classes: 1067
  Files: 591
  Line coverage: 74.7%
  Covered lines: 36879
  Uncovered lines: 12433
  Coverable lines: 49312
  Total lines: 97270
  Branch coverage: 61.9% (13936 of 22510)
  Covered branches: 13936
  Total branches: 22510
  Method coverage: 86.4% (6320 of 7308)
  Full method coverage: 74.2% (5428 of 7308)
  Covered methods: 6320
  Fully covered methods: 5428
  Total methods: 7308

dependabot Bot added the dependencies label Jun 13, 2026

dependabot Bot requested a review from JerrettDavis as a code owner June 13, 2026 07:31

dependabot Bot added the dependencies label Jun 13, 2026

github-actions Bot added the size/m label Jun 13, 2026

Copilot started work on behalf of JerrettDavis June 13, 2026 15:41 View session

Pin MudBlazor and ImageSharp to restore CI compatibility

79836a2

Copilot AI changed the title ~~chore(deps): Bump the all-dependencies group with 36 updates~~ Fix CI pr-checks failure by pinning incompatible dependency upgrades Jun 13, 2026

Copilot finished work on behalf of JerrettDavis June 13, 2026 15:56

JerrettDavis changed the title ~~Fix CI pr-checks failure by pinning incompatible dependency upgrades~~ fix: cI pr-checks failure by pinning incompatible dependency upgrades Jun 13, 2026

JerrettDavis changed the title ~~fix: cI pr-checks failure by pinning incompatible dependency upgrades~~ fix: ci pr-checks failure by pinning incompatible dependency upgrades Jun 13, 2026

JerrettDavis merged commit 4186942 into main Jun 13, 2026
15 checks passed

JerrettDavis deleted the dependabot/nuget/all-dependencies-48d6570187 branch June 13, 2026 16:19

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fix: ci pr-checks failure by pinning incompatible dependency upgrades#538

fix: ci pr-checks failure by pinning incompatible dependency upgrades#538
JerrettDavis merged 2 commits into
mainfrom
dependabot/nuget/all-dependencies-48d6570187

dependabot Bot commented on behalf of github Jun 13, 2026 •

edited by Copilot AI

Loading

Uh oh!

github-actions Bot commented Jun 13, 2026 •

edited

Loading

Uh oh!

github-actions Bot commented Jun 13, 2026 •

edited

Loading

Uh oh!

github-actions Bot commented Jun 13, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

dependabot Bot commented on behalf of github Jun 13, 2026 • edited by Copilot AI Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Description

Related Issue

Type of Change

Checklist

Testing

Screenshots / Logs

Uh oh!

github-actions Bot commented Jun 13, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Dependency Review

License Issues

src/JD.AI.Plugins.SDK/JD.AI.Plugins.SDK.csproj

src/JD.AI.Telemetry/JD.AI.Telemetry.csproj

OpenSSF Scorecard

Scanned Files

Uh oh!

github-actions Bot commented Jun 13, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Test Results

Uh oh!

github-actions Bot commented Jun 13, 2026

Code Coverage

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

dependabot Bot commented on behalf of github Jun 13, 2026 •

edited by Copilot AI

Loading

github-actions Bot commented Jun 13, 2026 •

edited

Loading

github-actions Bot commented Jun 13, 2026 •

edited

Loading