Bump the all-dependencies group with 6 updates#2544
Closed
dependabot[bot] wants to merge 1 commit into
Closed
Conversation
Bumps ICU4N from 60.1.0-alpha.439 to 60.1.0-alpha.440 Bumps Meziantou.Analyzer from 3.0.101 to 3.0.109 Bumps Microsoft.Extensions.DependencyInjection from 10.0.8 to 10.0.9 Bumps Microsoft.Extensions.TimeProvider.Testing from 10.6.0 to 10.7.0 Bumps Verify.NUnit from 31.19.0 to 31.20.0 Bumps YantraJS.Core from 1.2.405 to 1.2.406 --- updated-dependencies: - dependency-name: ICU4N dependency-version: 60.1.0-alpha.440 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-dependencies - dependency-name: Meziantou.Analyzer dependency-version: 3.0.109 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-dependencies - dependency-name: Microsoft.Extensions.DependencyInjection dependency-version: 10.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-dependencies - dependency-name: Microsoft.Extensions.TimeProvider.Testing dependency-version: 10.7.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-dependencies - dependency-name: Verify.NUnit dependency-version: 31.20.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-dependencies - dependency-name: YantraJS.Core dependency-version: 1.2.406 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>
1 task
lahma
added a commit
to lahma/jint
that referenced
this pull request
Jun 23, 2026
…dates Supersedes sebastienros#2544, which failed to build because the Meziantou.Analyzer 3.0.101 -> 3.0.109 bump promotes MA0074 (use a Contains overload with a StringComparison) and warnings are treated as errors. Add StringComparison.Ordinal to the five flagged string.Contains calls in the Intl code; this is behaviour-identical (string.Contains(string) already compares ordinally) and matches the adjacent EndsWith(..., Ordinal) calls. Bring all packages to their latest stable versions so we don't have to update again shortly (prereleases/betas intentionally skipped): - ICU4N 60.1.0-alpha.439 -> .440 - Meziantou.Analyzer 3.0.101 -> 3.0.109 - Microsoft.Extensions.DependencyInjection 10.0.8 -> 10.0.9 - Microsoft.Extensions.TimeProvider.Testing 10.6.0 -> 10.7.0 - Verify.NUnit 31.19.0 -> 31.20.0 - YantraJS.Core 1.2.405 -> 1.2.406 - BenchmarkDotNet.TestAdapter 0.13.12 -> 0.15.8 (aligns with BenchmarkDotNet) - Microsoft.NET.Test.Sdk 18.6.0 -> 18.7.0 - System.Text.Json 10.0.8 -> 10.0.9 - Spectre.Console.Cli 0.45.0 -> 0.55.0 - Zio 0.22.2 -> 0.24.0 Replace the catch-all dependabot "all-dependencies" group with logical groups (analyzers, testing, benchmark, js-engine-comparisons, acornima, microsoft) so weekly update PRs are cohesive instead of one large mixed PR. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_013iGpTz8AqQM1m6eRoF9jDr
lahma
added a commit
that referenced
this pull request
Jun 23, 2026
…dates (#2545) Supersedes #2544, which failed to build because the Meziantou.Analyzer 3.0.101 -> 3.0.109 bump promotes MA0074 (use a Contains overload with a StringComparison) and warnings are treated as errors. Add StringComparison.Ordinal to the five flagged string.Contains calls in the Intl code; this is behaviour-identical (string.Contains(string) already compares ordinally) and matches the adjacent EndsWith(..., Ordinal) calls. Bring all packages to their latest stable versions so we don't have to update again shortly (prereleases/betas intentionally skipped): - ICU4N 60.1.0-alpha.439 -> .440 - Meziantou.Analyzer 3.0.101 -> 3.0.109 - Microsoft.Extensions.DependencyInjection 10.0.8 -> 10.0.9 - Microsoft.Extensions.TimeProvider.Testing 10.6.0 -> 10.7.0 - Verify.NUnit 31.19.0 -> 31.20.0 - YantraJS.Core 1.2.405 -> 1.2.406 - BenchmarkDotNet.TestAdapter 0.13.12 -> 0.15.8 (aligns with BenchmarkDotNet) - Microsoft.NET.Test.Sdk 18.6.0 -> 18.7.0 - System.Text.Json 10.0.8 -> 10.0.9 - Spectre.Console.Cli 0.45.0 -> 0.55.0 - Zio 0.22.2 -> 0.24.0 Replace the catch-all dependabot "all-dependencies" group with logical groups (analyzers, testing, benchmark, js-engine-comparisons, acornima, microsoft) so weekly update PRs are cohesive instead of one large mixed PR. Claude-Session: https://claude.ai/code/session_013iGpTz8AqQM1m6eRoF9jDr Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Contributor
Author
|
The group that created this PR has been removed from your configuration. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Updated ICU4N from 60.1.0-alpha.439 to 60.1.0-alpha.440.
Release notes
Sourced from ICU4N's releases.
60.1.0-alpha.440
What's Changed
🎉 New Features
net10.0target + tests by @NightOwl888 in Addednet10.0target + tests NightOwl888/ICU4N#140🐞 Bug Fixes
ReorderingBufferthat corruptedNormalizer2output by @paulirwin in Fixed concurrency issue inReorderingBufferthat corruptedNormalizer2output NightOwl888/ICU4N#122UChartests due to incorrectly specified resources by @NightOwl888 in Fixed 2UChartests due to incorrectly specified resources NightOwl888/ICU4N#127NumberFormatRulesto correctly strip whitespace without the value going out of scope (fixes #129) by @NightOwl888 in FixedNumberFormatRulesto correctly strip whitespace without the value going out of scope (fixes #129) NightOwl888/ICU4N#135🏆 Improvements
RBBIMonkeyTestwithCodePointRuleMatcherby @paulirwin in RestoreRBBIMonkeyTestwithCodePointRuleMatcherNightOwl888/ICU4N#131.resxformat to the originalICUConfig.propertiesformat by @NightOwl888 in ICUConfig: Reverted from.resxformat to the originalICUConfig.propertiesformat NightOwl888/ICU4N#136Full Changelog: NightOwl888/ICU4N@v60.1.0-alpha.439...v60.1.0-alpha.440
Commits viewable in compare view.
Updated Meziantou.Analyzer from 3.0.101 to 3.0.109.
Release notes
Sourced from Meziantou.Analyzer's releases.
3.0.109
NuGet package: https://www.nuget.org/packages/Meziantou.Analyzer/3.0.109
What's Changed
Full Changelog: meziantou/Meziantou.Analyzer@3.0.108...3.0.109
3.0.108
NuGet package: https://www.nuget.org/packages/Meziantou.Analyzer/3.0.108
What's Changed
Full Changelog: meziantou/Meziantou.Analyzer@3.0.107...3.0.108
3.0.107
NuGet package: https://www.nuget.org/packages/Meziantou.Analyzer/3.0.107
What's Changed
Full Changelog: meziantou/Meziantou.Analyzer@3.0.106...3.0.107
3.0.106
NuGet package: https://www.nuget.org/packages/Meziantou.Analyzer/3.0.106
What's Changed
Full Changelog: meziantou/Meziantou.Analyzer@3.0.105...3.0.106
3.0.105
NuGet package: https://www.nuget.org/packages/Meziantou.Analyzer/3.0.105
What's Changed
<returns>tags onvoidmethods by @meziantou in Add MA0203 to flag<returns>tags onvoidmethods meziantou/Meziantou.Analyzer#1189Full Changelog: meziantou/Meziantou.Analyzer@3.0.104...3.0.105
3.0.104
NuGet package: https://www.nuget.org/packages/Meziantou.Analyzer/3.0.104
What's Changed
Full Changelog: meziantou/Meziantou.Analyzer@3.0.103...3.0.104
3.0.103
NuGet package: https://www.nuget.org/packages/Meziantou.Analyzer/3.0.103
What's Changed
Full Changelog: meziantou/Meziantou.Analyzer@3.0.102...3.0.103
3.0.102
NuGet package: https://www.nuget.org/packages/Meziantou.Analyzer/3.0.102
What's Changed
Full Changelog: meziantou/Meziantou.Analyzer@3.0.101...3.0.102
Commits viewable in compare view.
Updated Microsoft.Extensions.DependencyInjection from 10.0.8 to 10.0.9.
Release notes
Sourced from Microsoft.Extensions.DependencyInjection's releases.
No release notes found for this version range.
Commits viewable in compare view.
Updated Microsoft.Extensions.TimeProvider.Testing from 10.6.0 to 10.7.0.
Release notes
Sourced from Microsoft.Extensions.TimeProvider.Testing's releases.
10.7.0
v10.7.0 graduates the Microsoft.Extensions.Diagnostics.ResourceMonitoring.Kubernetes package to stable. The package registers a Kubernetes-aware
ResourceQuotaProviderthat reads the pod's CPU and memory requests and limits and exposes them toMicrosoft.Extensions.Diagnostics.ResourceMonitoringas baseline and maximum quotas, which then feed the request and limit dimensions of the published resource utilization metrics. The companionResourceQuotaandResourceQuotaProvidertypes inMicrosoft.Extensions.Diagnostics.ResourceMonitoringgraduate to stable in the same change so that consumers can implement custom quota providers without taking an experimental dependency.On the AI side,
Microsoft.Extensions.AI.OpenAImoves to OpenAI 2.11.0 and fixes a deserialization bug inToolJson.AdditionalPropertiesso that JSON SchemaadditionalPropertiesvalues shaped as sub-schema objects (for example{"type":"string"}) are preserved instead of throwing during deserialization.HostedFileContent.SizeInBytesandHostedFileContent.CreatedAtgraduate to stable since both values are consistently available across hosted-file providers, whilePurposeandScoperemain experimental as provider-shaped vocabulary.FunctionInvokingChatClientdrops a backward-compat path that auto-markedToolApprovalResponseContententries withInformationalOnly: true; consumers that need to continue accepting sessions serialized before #7468 can use the sampleApprovalHistoryNormalizingChatClientmiddleware added in the test project.Experimental API Changes
Now Stable
Microsoft.Extensions.Diagnostics.ResourceMonitoring.Kubernetespackage is now stable #7253ResourceQuotaandResourceQuotaProviderAPIs are now stable (previouslyEXTEXP0008) #7253HostedFileContent.SizeInBytesandHostedFileContent.CreatedAtare now stable (previouslyMEAI001) #7513What's Changed
AI
Diagnostics, Health Checks, and Resource Monitoring
Repository Infrastructure Updates
Acknowledgements
Full Changelog: dotnet/extensions@v10.6.0...v10.7.0
Commits viewable in compare view.
Updated Verify.NUnit from 31.19.0 to 31.20.0.
Release notes
Sourced from Verify.NUnit's releases.
31.20.0
31.19.1
Commits viewable in compare view.
Updated YantraJS.Core from 1.2.405 to 1.2.406.
Release notes
Sourced from YantraJS.Core's releases.
No release notes found for this version range.
Commits viewable in compare view.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions