Skip to content

chore(deps): pin FluentAssertions 6.12.0 permanently (license no-go)#468

Merged
RicherTunes merged 1 commit intomainfrom
chore/pin-fluentassertions-6-nogo
Feb 13, 2026
Merged

chore(deps): pin FluentAssertions 6.12.0 permanently (license no-go)#468
RicherTunes merged 1 commit intomainfrom
chore/pin-fluentassertions-6-nogo

Conversation

@RicherTunes
Copy link
Owner

@RicherTunes RicherTunes commented Feb 13, 2026

Summary

  • Decision: stay on FluentAssertions 6.12.0 (MIT) indefinitely
  • FA v8+ switched to Xceed commercial license ($130/dev/year for commercial use)
  • FA v7.x remains Apache 2.0 but has API renames (BeGreaterOrEqualToBeGreaterThanOrEqualTo etc.) with no functional benefit over 6.x
  • 6.12.0 is the last MIT-licensed release and the API covers everything we need

Changes:

  • Added dependabot.yml ignore rule for FA >6.12.0 (prevents recurring bump PRs)
  • Removed FA from test-dependencies group (ignored packages don't need grouping)
  • Enhanced version pin comment in Directory.Packages.props with license rationale and reference link

Closes the decision from #401 (closed without merge — dependabot can't do the API migration, and we don't want the migration anyway).

Test plan

  • Build succeeds with FA 6.12.0
  • Tests pass (SafeAsyncHelper suite verified locally)
  • CI passes (no functional code changes, only config/comments)

🤖 Generated with Claude Code

@RicherTunes @claude
chore(deps): pin FluentAssertions to 6.12.0 permanently (license no-go)
1871b2c 
FA v8+ requires Xceed commercial license ($130/dev/year). v7.x remains
Apache 2.0 but has API renames with no functional benefit. v6.12.0 is
the last MIT-licensed release and the API is stable for our test suite.

- Add dependabot ignore rule to prevent future FA bump PRs
- Remove FA from test-dependencies group (ignored packages don't group)
- Document license rationale in Directory.Packages.props comment

Closes #401 decision: stay on 6.12.0 indefinitely.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@github-actions
Copy link
Contributor

github-actions bot commented Feb 13, 2026

⚠️ Deprecation Warning: The deny-licenses option is deprecated for possible removal in the next major release. For more information, see issue 997.

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Scanned Files

None

@RicherTunes RicherTunes merged commit f2ed015 into main Feb 13, 2026
26 of 28 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@RicherTunes