Skip to content

Bump Microsoft.NET.Test.Sdk from 17.11.0 to 18.7.0#336

Merged
guibranco merged 1 commit into
mainfrom
dependabot/nuget/Tests/BancosBrasileiros.MergeTool.Tests/Microsoft.NET.Test.Sdk-18.7.0
Jun 30, 2026
Merged

Bump Microsoft.NET.Test.Sdk from 17.11.0 to 18.7.0#336
guibranco merged 1 commit into
mainfrom
dependabot/nuget/Tests/BancosBrasileiros.MergeTool.Tests/Microsoft.NET.Test.Sdk-18.7.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 29, 2026

Copy link
Copy Markdown
Contributor

Updated Microsoft.NET.Test.Sdk from 17.11.0 to 18.7.0.

Release notes

Sourced from Microsoft.NET.Test.Sdk's releases.

18.7.0

What's Changed

New Contributors

Full Changelog: microsoft/vstest@v18.6.0...v18.7.0

18.6.0

What's Changed

Changes to tests and infra

18.5.1

What's Changed

Full Changelog: microsoft/vstest@v18.5.0...v18.5.1

18.5.0

⚠️ Unlisted on Nuget, because of #​15718

What's Changed

Full Changelog: microsoft/vstest@v18.4.0...v18.5.0

18.4.0

What's Changed

New Contributors

Full Changelog: microsoft/vstest@v18.3.0...v18.4.0

18.3.0

What's Changed

Internal fixes and updates

New Contributors

18.0.1

What's Changed

Fixing an issue with loading covrun64.dll on systems that have .NET 10 SDK installed: https://learn.microsoft.com/en-us/dotnet/core/compatibility/sdk/10.0/code-coverage-dynamic-native-instrumentation

Internal changes

Full Changelog: microsoft/vstest@v18.0.0...v18.0.1

18.0.0

What's Changed

Internal fixes and updates

17.14.1

What's Changed

Full Changelog: microsoft/vstest@v17.14.0...v17.14.1

17.14.0

What's Changed

.NET versions updated

This version of VS Test upgraded .NET to net8 and net9. All projects targeting net6.0 (or other end-of-life .NET target frameworks) should pin their version of Microsoft.NET.Test.SDK to 17.13.0, or update the projects to net8 or newer. We remain backwards compatible with previous versions of Microsoft.NET.Test.SDK. This change does NOT prevent you from:

  • Updating to the latest VS, and running tests from net6.0 test projects.
  • Updating to the latest .NET SDK, and running tests from net6.0 test projects.

It also has no impact on .NET Framework projects, where we continue targeting .NET Framework 4.6.2.

Changes

Internal version updates and fixes

New Contributors

17.14.0-preview-25107-01

What's Changed

.NET versions updated

This version of VS Test upgraded .NET to net8 and net9. All projects targeting net6.0 (or other end-of-life .NET target frameworks) should pin their version of Microsoft.NET.Test.SDK to 17.13.0, or update the projects to net8 or newer. We remain backwards compatible with previous versions of Microsoft.NET.Test.SDK. This change does NOT prevent you from:

  • Updating to the latest VS, and running tests from net6.0 test projects.
  • Updating to the latest .NET SDK, and running tests from net6.0 test projects.

It also has no impact on .NET Framework projects, where we continue targeting .NET Framework 4.6.2.

Changes

Internal version updates and fixes

Will probably revert before release:

New Contributors

Full Changelog: microsoft/vstest@v17.13.0...v17.14.0-preview-25107-01

17.13.0

What's Changed

New Contributors

Full Changelog: microsoft/vstest@v17.12.0...v17.13.0

17.12.0

What's Changed

Internal and infrastructure fixes:

Full Changelog: microsoft/vstest@v17.11.1...v17.12.0

17.11.1

What's Changed

Full Changelog: microsoft/vstest@v17.11.0...v17.11.1

Commits viewable in compare view.

@dependabot dependabot Bot added .NET dependencies Pull requests that update a dependency file labels Jun 29, 2026
@github-actions github-actions Bot added the size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. label Jun 29, 2026
@socket-security

socket-security Bot commented Jun 29, 2026

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security
Vulnerability Quality Maintenance License
Updatedmicrosoft.net.test.sdk@​17.11.0 ⏵ 18.7.010010090100100

View full report

@socket-security

socket-security Bot commented Jun 29, 2026

Copy link
Copy Markdown

Caution

Review the following alerts detected in dependencies.

According to your organization's Security Policy, you must resolve all "Block" alerts before proceeding. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Block High
Obfuscated code: nuget system.reflection.metadata is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: Tests/BancosBrasileiros.MergeTool.Tests/BancosBrasileiros.MergeTool.Tests.csprojnuget/microsoft.net.test.sdk@18.7.0nuget/system.reflection.metadata@8.0.0

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore nuget/system.reflection.metadata@8.0.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Block Medium
Dynamic code execution: nuget system.collections.immutable

Location: Package overview

From: Tests/BancosBrasileiros.MergeTool.Tests/BancosBrasileiros.MergeTool.Tests.csprojnuget/microsoft.net.test.sdk@18.7.0nuget/system.collections.immutable@8.0.0

ℹ Read more on: This package | This alert | What is dynamic code execution?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Avoid packages that use dynamic code execution like eval(), since this could potentially execute any code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore nuget/system.collections.immutable@8.0.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Block Low
License exception: nuget system.collections.immutable with Classpath-exception-2.0

Exception: Classpath-exception-2.0

Comments:

From: Tests/BancosBrasileiros.MergeTool.Tests/BancosBrasileiros.MergeTool.Tests.csprojnuget/microsoft.net.test.sdk@18.7.0nuget/system.collections.immutable@8.0.0

ℹ Read more on: This package | This alert | What is a license exception?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: License exceptions should be carefully reviewed.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore nuget/system.collections.immutable@8.0.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Block Low
License exception: nuget system.reflection.metadata with Classpath-exception-2.0

Exception: Classpath-exception-2.0

Comments:

From: Tests/BancosBrasileiros.MergeTool.Tests/BancosBrasileiros.MergeTool.Tests.csprojnuget/microsoft.net.test.sdk@18.7.0nuget/system.reflection.metadata@8.0.0

ℹ Read more on: This package | This alert | What is a license exception?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: License exceptions should be carefully reviewed.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore nuget/system.reflection.metadata@8.0.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

@codacy-production

Copy link
Copy Markdown

Up to standards ✅

🟢 Issues 0 issues

Results:
0 new issues

View in Codacy

NEW Get contextual insights on your PRs based on Codacy's metrics, along with PR and Jira context, without leaving GitHub. Enable AI reviewer
TIP This summary will be updated as you push new changes.

@guibranco guibranco enabled auto-merge (squash) June 29, 2026 23:49
@gstraccini gstraccini Bot added the ☑️ auto-merge Automatic merging of pull requests (gstraccini-bot) label Jun 29, 2026
@gstraccini gstraccini Bot added the 🤖 bot Automated processes or integrations label Jun 29, 2026

@guibranco guibranco left a comment

Copy link
Copy Markdown
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Automatically approved by gstraccini[bot]

@dependabot dependabot Bot force-pushed the dependabot/nuget/Tests/BancosBrasileiros.MergeTool.Tests/Microsoft.NET.Test.Sdk-18.7.0 branch 5 times, most recently from e7134b3 to 63b0a96 Compare June 30, 2026 00:23
---
updated-dependencies:
- dependency-name: Microsoft.NET.Test.Sdk
  dependency-version: 18.7.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/nuget/Tests/BancosBrasileiros.MergeTool.Tests/Microsoft.NET.Test.Sdk-18.7.0 branch from 63b0a96 to 4fab402 Compare June 30, 2026 00:31
@guibranco guibranco merged commit 891a7cc into main Jun 30, 2026
17 of 18 checks passed
@guibranco guibranco deleted the dependabot/nuget/Tests/BancosBrasileiros.MergeTool.Tests/Microsoft.NET.Test.Sdk-18.7.0 branch June 30, 2026 00:35
@sonarqubecloud

Copy link
Copy Markdown

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

☑️ auto-merge Automatic merging of pull requests (gstraccini-bot) 🤖 bot Automated processes or integrations dependencies Pull requests that update a dependency file .NET size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant