chore(deps): bump Aspire.AppHost.Sdk 13.3.0 → 13.3.5 to unblock Dependabot PR #35

[emeraldleaf]

Summary

Unblocks PR #35 (Dependabot bump of the aspire group). CodeRabbit correctly flagged the alignment issue on #35: Directory.Packages.props bumps `Aspire.Hosting.*` to 13.3.5, but `NextAurora.AppHost.csproj` is still on `Aspire.AppHost.Sdk/13.3.0`. Dependabot can't bump the SDK because it's a `<Project Sdk="...">` attribute, not a NuGet PackageVersion — outside its visibility.

This is exactly the CLAUDE.md rule the project encoded:

"Aspire SDK and runtime packages must match — including minor versions. The Aspire.AppHost.Sdk/X.Y.Z declared in NextAurora.AppHost.csproj and the Aspire.Hosting.* package versions in Directory.Packages.props need to match exactly (or the SDK ≥ packages)."

The encoding loop working as designed — the rule lives in CLAUDE.md, CodeRabbit applies it at PR-review time.

Changes

One line:

```diff
-<Project Sdk="Aspire.AppHost.Sdk/13.3.0">
+<Project Sdk="Aspire.AppHost.Sdk/13.3.5">
```

Intermediate state after merge (before #35 rebases): SDK 13.3.5 + packages 13.3.0. The CLAUDE.md rule allows `SDK ≥ packages`, so AppHost still boots cleanly. Once #35 rebases against this, both align at 13.3.5 (exact match).

Pattern

Same shape as PR #33 (EF Core bump that unblocked PR #32's microsoft-extensions group): a small companion PR against main that lifts a floor Dependabot can't see, so the grouped bump can rebase cleanly.

Follow-up

After this merges:
```
gh pr comment 35 --body "@dependabot rebase"
```

Dependabot rebuilds against the new SDK floor and #35's CI should go green for the alignment dimension. (Other CodeRabbit findings on #35 still need to be addressed — the label-warning is one; check the latest review for the rest.)

🤖 Generated with Claude Code

Summary by CodeRabbit

• Chores
  • Updated internal SDK dependencies to the latest patch version for improved stability and security.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro Plus

Run ID: 50e838a6-6bf5-4b98-accd-bf334dc0907a

📥 Commits

Reviewing files that changed from the base of the PR and between 8226c2a and 11745fd.

📒 Files selected for processing (1)

• NextAurora.AppHost/NextAurora.AppHost.csproj

---

Walkthrough

The Aspire.AppHost.Sdk version in NextAurora.AppHost.csproj is updated from 13.3.0 to 13.3.5, a patch version increment.

Changes

Aspire AppHost SDK Version Update

Layer / File(s)	Summary
Aspire.AppHost.Sdk Version Bump NextAurora.AppHost/NextAurora.AppHost.csproj	The project SDK version is updated to 13.3.5, a patch release of Aspire.AppHost.Sdk.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and specifically describes the main change: upgrading Aspire.AppHost.Sdk from version 13.3.0 to 13.3.5, with context about unblocking a Dependabot PR.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch chore/bump-aspire-sdk-13.3.5

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!