Skip to content

Bump Aspire.Hosting.AppHost and 4 others#19

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/nuget/nuget-241a3d2dc6
Open

Bump Aspire.Hosting.AppHost and 4 others#19
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/nuget/nuget-241a3d2dc6

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 26, 2026

Copy link
Copy Markdown
Contributor

Updated Aspire.Hosting.AppHost from 13.4.5 to 13.4.6.

Release notes

Sourced from Aspire.Hosting.AppHost's releases.

13.4.6

What's New in Aspire 13.4.6

Patch release for Aspire 13.4 fixing polyglot AppHost code generation binding when CLI and SDK versions diverge, resource service port collision in --isolated mode, and a MongoDB.Driver dependency update.

🐛 Fixes

  • 🔗 Polyglot AppHost code generation silently failed when CLI and SDK versions divergedAspire.TypeSystem used a floating strong-name AssemblyVersion that changed with every build. When the installed Aspire CLI was built at a different version than the AppHost's SDK, the CLR couldn't satisfy the strong-name bind and every code generator (TypeScript, Python, Java, Go, Rust) was silently dropped, surfacing as No code generator found for language: <lang>. The AssemblyVersion is now frozen at a stable constant so any compatible CLI/SDK pair on 13.4 binds successfully. Relates to #​18110 and #​17910. (#​18160, @​sebastienros)

  • 🔌 Multiple AppHosts started with --isolated collided on the resource service port — Both instances tried to bind to the same fixed port from ASPIRE_RESOURCE_SERVICE_ENDPOINT_URL, causing an "address already in use" error on the second instance. DashboardServiceHost now binds to port 0 on loopback when RandomizePorts is true (set by --isolated), letting the OS assign a unique port per instance. (#​18341, @​JamesNK)

  • 🍃 MongoDB.Driver updated to 3.9.0 — Removes a wrongly pinned SharpCompress transitive dependency and uses the corrected Snappier transitive. Fixes #​17981. (#​18279, @​Falco20019)

🏷️ Housekeeping


Full Changelog: v13.4.5...v13.4.6

Full commit: 87fe259e4fc244c599019a7b1304c85a1488f248

Generated by Generate release notes for a new stable Aspire release · 131 AIC · ⌖ 13.5 AIC · ⊞ 37.4K

Commits viewable in compare view.

Updated Aspire.Hosting.PostgreSQL from 13.4.5 to 13.4.6.

Release notes

Sourced from Aspire.Hosting.PostgreSQL's releases.

13.4.6

What's New in Aspire 13.4.6

Patch release for Aspire 13.4 fixing polyglot AppHost code generation binding when CLI and SDK versions diverge, resource service port collision in --isolated mode, and a MongoDB.Driver dependency update.

🐛 Fixes

  • 🔗 Polyglot AppHost code generation silently failed when CLI and SDK versions divergedAspire.TypeSystem used a floating strong-name AssemblyVersion that changed with every build. When the installed Aspire CLI was built at a different version than the AppHost's SDK, the CLR couldn't satisfy the strong-name bind and every code generator (TypeScript, Python, Java, Go, Rust) was silently dropped, surfacing as No code generator found for language: <lang>. The AssemblyVersion is now frozen at a stable constant so any compatible CLI/SDK pair on 13.4 binds successfully. Relates to #​18110 and #​17910. (#​18160, @​sebastienros)

  • 🔌 Multiple AppHosts started with --isolated collided on the resource service port — Both instances tried to bind to the same fixed port from ASPIRE_RESOURCE_SERVICE_ENDPOINT_URL, causing an "address already in use" error on the second instance. DashboardServiceHost now binds to port 0 on loopback when RandomizePorts is true (set by --isolated), letting the OS assign a unique port per instance. (#​18341, @​JamesNK)

  • 🍃 MongoDB.Driver updated to 3.9.0 — Removes a wrongly pinned SharpCompress transitive dependency and uses the corrected Snappier transitive. Fixes #​17981. (#​18279, @​Falco20019)

🏷️ Housekeeping


Full Changelog: v13.4.5...v13.4.6

Full commit: 87fe259e4fc244c599019a7b1304c85a1488f248

Generated by Generate release notes for a new stable Aspire release · 131 AIC · ⌖ 13.5 AIC · ⊞ 37.4K

Commits viewable in compare view.

Updated MessagePack from 2.5.302 to 3.1.7.

Release notes

Sourced from MessagePack's releases.

3.1.7

What's Changed

Security release details

This release fixes 3 high severity and 9 moderate severity security vulnerabilities.

High severity advisory fixes

Moderage severity advisory fixes

Fixes with no security advisory

  • fb0fe9f0 Honor TypeFormatter options hooks for CWE-470
  • c1c06a6f Fix WriteRawX methods to advance by written length
  • 46c6a0fe Fix CWE-190 map header length overflow

Full Changelog: MessagePack-CSharp/MessagePack-CSharp@v3.1.6...v3.1.7

3.1.6

What's Changed

Full Changelog: MessagePack-CSharp/MessagePack-CSharp@v3.1.5...v3.1.6

3.1.5

What's Changed

New Contributors

Full Changelog: MessagePack-CSharp/MessagePack-CSharp@v3.1.4...v3.1.5

3.1.4

What's Changed

New Contributors

Full Changelog: MessagePack-CSharp/MessagePack-CSharp@v3.1.3...v3.1.4

3.1.3

What's Changed

Full Changelog: MessagePack-CSharp/MessagePack-CSharp@v3.1.2...v3.1.3

3.1.2

What's Changed

New Contributors

Full Changelog: MessagePack-CSharp/MessagePack-CSharp@v3.1.1...v3.1.2

3.1.1

What's Changed

New Contributors

Full Changelog: MessagePack-CSharp/MessagePack-CSharp@v3.1.0...v3.1.1

3.1.0

What's Changed

Full Changelog: MessagePack-CSharp/MessagePack-CSharp@v3.0.301...v3.1.0

3.0.301

Note

Tag and Unity's version is 3.0.301 but published NuGet version is 3.0.308.
The version mismatch due to release process inconsistencies will be fixed in the next release.

What's Changed

Full Changelog: MessagePack-CSharp/MessagePack-CSharp@v3.0.300...v3.0.301

3.0.300

Fixed version, release notes see v3.0.3.

3.0.238-rc.1

What's Changed

Full Changelog: MessagePack-CSharp/MessagePack-CSharp@v3.0.233-rc.1...v3.0.238-rc.1

3.0.233-rc.1

Changes

Enhancements

  • #​2013: Secure by default

Fixes

  • #​2031: Use generic type argument used for custom formatters
  • #​2029: Apply scoped in more places
  • #​2030: Support nesting formatters within generic data types
  • #​2024: Source code generation fails for generic type with private member serialization
  • #​2028: Avoid collecting fields with custom formatter recusively
  • #​2023: Suppress MsgPack004 on private base members when only public is interesting
  • #​2022: Ignore abstract implementations of IMessagePackFormatter<T>
  • #​2012: MsgPack004 Analyzer triggering on not attributed private property on base class eventhough source generator shouldn't include private properties
  • #​2017: MsgPack013 should not report diagnostics on abstract classes
  • #​2021: Add scoped modifier to in parameters of ref struct
  • #​2016: Avoid collecting members when it doesn't have [Key]
  • #​2005: custom formatters code source generator error

Others

  • #​2032: Use simpler C# syntax for nullable value types

3.0.214-rc.1

Changes:

  • #​2015: Use a collision-resistant hash algorithm for untrusted data to address GHSA-4qm4-8hg2-g2xm
  • #​2009: Build nuget package with semver v2

This list of changes was auto generated.

3.0.208-rc.1

Breaking changes

Enhancements

Fixes

Other changes

New Contributors

3.0.134-beta

What's Changed

Full Changelog: MessagePack-CSharp/MessagePack-CSharp@v3.0.129-beta...v3.0.134-beta

3.0.129-beta

What's Changed

Full Changelog: MessagePack-CSharp/MessagePack-CSharp@v3.0.111-alpha...v3.0.129-beta

3.0.111-alpha

What's Changed

New Contributors

Full Changelog: MessagePack-CSharp/MessagePack-CSharp@v3.0.54-alpha...v3.0.111-alpha

3.0.54-alpha

What's Changed

High level

  • mpc tool is gone. We use roslyn source generators now.
  • Source generation is enabled by default. At runtime MessagePack v3 will look for these source generated formatters and avoid generating them dynamically if found.

Pull requests

New Contributors

... (truncated)

3.0.3

See our migration guide.
Details blog article

What's new

  • AOT source generation of formatters by default using roslyn source generators. mpc is no longer available. Dynamic formatters still exist (for runtimes that support them), but code that compiles against v3 are unlikely to need them, resulting in better startup performance and improved debugging experience.
  • AOT source generation is hugely improved.
    • Support most or all of the data types that DynamicObjectResolver supported.
    • Support for serializing private members.
  • [MessagePackObject] types can serialize private members without the application having to switch to DynamicObjectResolverAllowPrivate.
  • Analyzers are on by default, with many new ones to help ensure your code is correct and ready for AOT source generated formatters.
  • Custom formatters are automatically used for the data types they format when defined in the same assembly, by default. No need to attribute your data types to point to the custom formatter. Opt out by attributing the formatter with [ExcludeFormatterFromSourceGeneratedResolverAttribute].
  • New CompositeResolverAttribute offers a faster runtime alternative to the CompositeResolver class.

Unity

  • Consume through NuGetForUnity and UPM instead of through .unitypackage

What's Changed

2.6.100-alpha

What's Changed

New Contributors

Full Changelog: MessagePack-CSharp/MessagePack-CSharp@v2.6.95-alpha...v2.6.100-alpha

2.6.95-alpha

What's Changed

New Contributors

Full Changelog: MessagePack-CSharp/MessagePack-CSharp@v2.5.108...v2.6.95-alpha

Commits viewable in compare view.

Updated Microsoft.NET.Test.Sdk from 18.6.0 to 18.7.0.

Release notes

Sourced from Microsoft.NET.Test.Sdk's releases.

18.7.0

What's Changed

New Contributors

Full Changelog: microsoft/vstest@v18.6.0...v18.7.0

Commits viewable in compare view.

Updated SonarAnalyzer.CSharp from 10.6.0.109712 to 10.27.0.140913.

Release notes

Sourced from SonarAnalyzer.CSharp's releases.

10.27.0.140913

Release notes - .NET Analyzers - 10.27

Feature

NET-1285 S2629: Add custom message for Log4Net and Castle.Core
NET-3666 Deprecate S5042 and move it from HotSpots to Code Smell
NET-3783 Update RSPEC before 10.27 release

False Positive

NET-2696 Fix S4260 FP: Extension Properties always raise

False Negative

NET-230 Fix S4056 FN: SpecifyIFormatProviderOrCultureInfo for C#​13 compatibility
NET-2692 Fix S2190 FN: Recursive extension properties
NET-2705 Fix S3343 FN: Partial Constructor with attribute in definition
NET-2732 Fix S1172 FN: Extension blocks
NET-2745 Fix S4144 FN: Extension Members
NET-2829 Fix S3241 FN: Extension methods and extension blocks
NET-3541 Fix S1117 FN: add CatchDeclaration coverage and adopt LocalDeclarationKinds

10.26.0.140279

Release notes - .NET Analyzers - 10.26

Feature

NET-3694 Update RSPEC before 10.26 release

False Positive

NET-2346 Fix S1854 FP: Variable used after another assignment in finally
NET-2347 Fix S1168 FP: Do not report on value types
NET-3698 Fix S1210 FP: file-scoped types should be exempt

False Negative

NET-1265 Fix S2930 FN: raise issues on non-disposed RegistryKeys
NET-2685 Fix S3604 FN: Field Keyword, Partial Constructors, NullConditional Assignment
NET-2812 Fix S4275 FN: Field Keyword
NET-2999 Fix S6672 FN: Mismatch in primary constructor is not recognized

10.25

?

Feature

  • NET-3613 - Support Cobertura coverage file format
    • Cobertura report paths can be passed via the sonar.cs.cobertura.reportsPaths parameter
  • NET-3665 - Update RSPEC before 10.25 release

False Positive

  • NET-3640 - Fix S3400 FP: Don't report function with conditional compilation body

10.24

 This release brings a batch of false negative fixes and analyzer crash fixes.

Bug Fixes

  • NET-3596 - Fix S1144 AD0001: Index out of range exception with type named Nullable
  • NET-3522 - Fix S1215 AD0001: ArgumentOutOfRangeException
  • NET-3521 - Fix S2053 AD0001: NRE
  • NET-3520 - Fix S3267 AD0001: NRE

False Positives

  • NET-2276 - Fix S1192 FP: EF migration classes

False Negatives

  • NET-3569 - Fix T0008 and T0009 FN: Support extension blocks
  • NET-2875 - Fix S2092 FN: Null Conditional Assignment
  • NET-2857 - Fix S3330 FN: Null Conditional Assignment
  • NET-2719 - Fix S4136 FN: Extension methods
  • NET-2688 - Fix S4433 FN: Null-conditional assignment in tracker
  • NET-2675 - Fix S6418 FN: Field keyword
  • NET-2667 - Fix S2934 FN: Null-conditional assignment and field keyword
  • NET-2658 - Fix S127 FN: BitShiftCompound

10.23

This release brings a bunch of fixes! Enjoy.

Bug Fixes

  • NET-3557 - Fix SE AD0001 when SyntaxTreeOptionsProvider is null
  • NET-3519 - Fix AD0001: NRE in PropertiesAccessCorrectField

False Positives

  • NET-3532 - Fix S2583 FP: Any called two times
  • NET-3468 - Fix S1144 FP: Erroneously flagged Add() method used in Collection Initializer
  • NET-3454 - Fix S3267 FP: ref struct in foreach body cannot be captured in LINQ lambda
  • NET-3164 - Fix S125 FP: Improve semicolon heuristic
  • NET-2559 - Fix S5944 FP: When method name is also a class name of generic argument
  • NET-2438 - Fix S1067 FP: Do not raise an issue inside Equals() implementation
  • NET-1565 - Fix S1192 FP: Shouldn't raise on Dapper parameters
  • NET-1168 - Fix S1172 FP: When parameter conditionally used in local function
  • NET-52 - Fix S4017 FP: Do not raise when implementing abstract class/interface

False Negatives

  • NET-1642 - Fix S3415, S2701, S2699, S2187 FN: Support NUnit 4.0
  • NET-348 - Fix S4144 FN: Methods with generic return types

10.22

Hello everyone,
This release brings 4 new rules to help developers transition to C# 14, and a bunch of false positive fixes.

New rules

  • NET-3361 - New rule S8381: "scoped" should be escaped when used as a type name in lambda parameters
  • NET-3359 - New rule S8368: "extension" identifiers should be escaped to avoid contextual keyword conflicts
  • NET-3347 - New rule S8380: Return types named "partial" should be escaped with "@"
  • NET-3345 - New rule S8367: Identifiers should not conflict with the "field" keyword in C# 14?

False Positive

  • NET-3443 - Fix S1940 FP: for floating point numbers that can be NaN "!(a <= b)" is not the same as "a > b"
  • NET-3001 - Fix S3063 FP: Concatenation with identifier
  • NET-1569 - Fix S5944 FP: AddressOf(MethodName) in Return statement
  • NET-3445 - Fix T0029 FP: Inside target-typed new
  • NET-2817 - Fix T0029 FP: Ident for collection expression members
  • NET-2024 - Fix T0029 FP: Inside array initializer
  • NET-3341 - Fix T0029 FP: After member access
  • NET-3462 - Fix T0042 FP: Inside constructors and collection initializers
  • NET-3426 - Fix T0042: Raw string in collection initializer
  • NET-2888 - Fix T0042 FP: Returned from method
  • NET-2874 - Fix T0042 FP: Raw string in ternary

Bugs

  • NET-3386 - Fix S4583 AD0001: BeginInvoke callback declared in separate file

Other

  • NET-3385 - S2612: Rule type changed from Security Hotspot to Vulnerability

10.21

### Bug

  • NET-3376 - Fix S6930 AD0001: Issue on template / code files for blazor
  • NET-3367 - Fix S4830 AD0001: CertificateValidationCheck Syntax node is not within syntax tree

Feature

  • NET-3260 - Fix broken links in S6960 RSPEC

False Positive

  • NET-2886 - Fix T0015 FP: In constructor
  • NET-1678 - Fix S4275 FP: with property overload

10.20

This release brings 9 precision improvements — 7 false positive fixes and 2 false negative fixes — across rules S1116, S1144, S1210, S1643, S1854, S2365, S3254, S3265, and S127. It also promotes S2068 and S6418 from Security Hotspot to Vulnerability, making them visible directly in the IDE, and removes S3256 from the Sonar Way quality profile.

Changes

  • NET-3227 - Remove S3256 from "Sonar Way" quality profile
  • NET-3208 - S6418: Rule type changed from Security Hotspot to Vulnerability
  • NET-3207 - S2068: Rule type changed from Security Hotspot to Vulnerability
  • NET-3206 - Remove links to rules.sonarsource.com

False Positive

  • NET-3215 - Fix FP on S127: Should only raise on stop condition variables
  • NET-3212 - Fix FP on S3254: Don't raise if the parameter isn't last
  • NET-3053 - Fix FP on S1210: Implementing comparable operators for private types
  • NET-2984 - Fix FP on S3265: BCL enums with [Flags] not recognized due to metadata resolution
  • NET-2976 - Fix FP on S1854: Default value initializations flagged despite exemptions
  • NET-2966 - Fix FP on S1144: Constructors in MEF-exported types
  • NET-2956 - Fix FP on S1116: Empty loop body with side effects in condition

False Negative

  • NET-1261 - Fix FN on S2365: Rule should report on new collection
  • NET-1259 - Fix FN on S1643: Concatenation for parameters, fields and properties are not detected

Rule specification

  • NET-3246 - Modify Rule S127: Update Description
  • NET-3218 - Modify Rule S3265: Add exception for MethodImplAttributes
  • NET-3086 - Modify Rule S1116: Add loop exception

Maintenance

  • NET-3047 - Update RSPEC before 10.20 release

10.19



Documentation

  • NET-3012 - Modify Rule S3903: Update description for C#​10

False Positive

  • NET-3004 - Fix S2696 FP: New extension method format triggers FP when accessing static fields

False Negative

  • NET-3011 - Fix S4790 FN: Support Using statement

Task

  • NET-2948 - Update RSPEC before 10.19 release

Bug

  • NET-1866 - Support future VS versions in NuGet package

10.18

This releases focuses on fixing the false-positives that are raised on code making use of the new features in C# 14.

Improvement

  • NET-2921 - Fix passthrough calculation in ModelBuilder
  • NET-2903 - Remove manual extension methods
  • NET-2895 - Cleanup handling of ParameterList of primary constructors

Task

  • NET-2917 - Update RSPEC before 10.18 release

False Positive

  • NET-2898 - Fix S2583/S2589 FP: Extension Members
  • NET-2877 - Fix S2225 FP: Extension member
  • NET-2832 - Fix S3063 FP: NullConditionalOperator
  • NET-2825 - Fix S1144 FP: Partial events
  • NET-2821 - Fix S3264 FP: Partial events
  • NET-2805 - Fix S1144 FP: S1144 Is confused by Debugger Display attribute
  • NET-2748 - Fix S3459 FP: NullConditional Assignment
  • NET-2716 - Fix S2325 FP: Field Keyword
  • NET-2712 - Fix S2953 FP: Extension block member
  • NET-2707 - Fix S3877 FP: Equals method without IEquatable
  • NET-2684 - Fix S7039 FP/FN: Null-conditional assignment
  • NET-2672 - Fix S3928 FP: Extension block
  • NET-2671 - Fix S2970 FP: Null Conditional Assignment
  • NET-2668 - Fix S3398 FP: On private methods in C#​14 extensions classes
  • NET-2644 - Fix S1144 FP: Always raises on private methods in extension block
  • NET-2621 - Fix S2325 FP: Incorrectly reports on C# 14 extensions
  • NET-2620 - Fix S4545 FP: Extension Methods
  • NET-2391 - Fix S1121 FP: Extract (null-forgiving) assignment from expression
  • NET-1914 - Fix S3264 FP: when using +=

False Negative

10.17



False Negative

  • NET-2840 - Improve S2077: Support more methods

Task

  • NET-2839 - Update RSPEC before 10.17 release

New Feature

  • NET-2820 - ShimLayer: Implement Factory
  • NET-2789 - ShimLayer Generator: Enums
  • NET-2728 - ShimLayer Generator: SyntaxNodes

Bug

  • NET-2816 - Fix S3603 AD0001: NRE when LocalFunction inside Record constructor in C#​7

Improvement

10.16.2

Rotations of binary signing keys

10.16.1

Rotations of binary signing keys

10.16

False Positive

  • NET-1729 - Fix S2114 FP: list.AddRange(list) and list.Concat(list) are sensible

False Negative

  • NET-399 - Fix S4790 FN: Support CryptographicOperations data methods

Bug

  • NET-2686 - Fix S3604 AD0001: NRE with partial constructor

10.15

False Positive

  • NET-2198 - Fix S1905 FP: Cast of default! expression is required
  • NET-2197 - Fix S1905 FP: stackalloc and Span conversions
  • NET-1641 - Fix S1905 FP: casting IEnumerable<string?> to IEnumerable<string>
  • NET-2157 - Fix S2589 FP: Don't raise an issue after a delegate is invoked
  • NET-2073 - Fix S2699 FP: Add support for FsCheck property tests
  • NET-1537 - Fix S6964 FP: Don't raise on properties annotated with the BindRequiredAttribute

Improvement

  • NET-2112 - Consider ExplodedNodes relevant if a successor would be relevant
  • NET-2183 - SE: Set constraint on operation when learning from IsPattern

False Negative

  • NET-429 - Fix S4275 FN: Support partial properties

Task

  • NET-2208 - Update RSpec before release

10.14

Hey everyone,

This release mostly focuses on mitigating (NET-2196) a performance regression that was introduced in 10.13.

Improvement

  • NET-2196 - Fix path algorithm for execution flows to mitigate performance regression
  • NET-2177 - Improve how the Symbolic Execution engine handles exception paths
  • NET-2135 - Support xUnit V3
  • NET-2163 - Provide Interface for other plugins to add rules to VB.NET SonarWay profile

False Negative

  • NET-235 - Fix S2053: Adjust required salt length to be 32 bytes

Task

  • NET-2170 - Update RSPEC before 10.14 release

10.13

Hello everyone,

In this release, we've focused on:

  • False positive fixes
  • Enhancing S2259's secondary locations to provide clearer, step-by-step explanations of null pointer dereferences issues.

False Positives

  • NET-2099 - Fix S3885 FP: Do not raise in ResolutionEventHandler
  • NET-2023 - Fix S3257 FP: Array with target-typed new
  • NET-1646 - Fix S3267 FP: Loops should be simplified with LINQ expressions
  • NET-1588 - Fix S1066 FP: Combination of dynamic and out should not raise
  • NET-882 - Fix S3257 FP: Don't raise for C# 10 and later when there's explicit delegate creation

Improvements

  • NET-2095 - Improve incremental PR analysis path detection
  • SE: S2259 - Improve secondary locations

10.12

This release brings the VB version of S6418 and a few FP and FN fixes.

New Rule

  • NET-1379 - New Rule: Implement S6418 Hard-coded secrets are security-sensitive for VB.NET

False Positive

  • NET-1526 - Fix S3267 FP: Only raise on IEnumerable

False Negative

  • NET-1260 - Fix S1215 FN: GC.GetTotalMemory(forceFullCollection: true) should not be called
  • NET-1258 - Fix S6678 FN: Lowercase placeholders in interpolated string
  • NET-1255 - Fix S3267 FN: Logical operators are not supported

Task

  • NET-2060 - Update RSPEC before 11.12 release

10.11

Hello everyone!
In this release we fixed a bunch of false positives and false negatives.
Additionally this version adds support for telemetry in order to gather information on feature usage. Telemetry, requires scanner 10.2.0 or greater.

False Positive

  • NET-1522 - Fix S2068 FP: Do not raise on password:secret
  • NET-1149 - Fix S3626 FP: Add exception when return statement is preceding local functions

False Negative

  • NET-1263 - Fix S1871 FN: Nested if .. else if chain
  • NET-1256 - S2068: Remove word boundary(\b) from regex
  • NET-1254 - Fix S3878 FN: When params are passed as array through an attribute
  • NET-1252 - FN S1168: Support IndexerDeclaration and ConversionOperatorDeclaration
  • NET-459 - Fix S1168 FN: Add support for partial indexers

10.10.1

Bugfix release to fix combability with SonarQube Cloud + a simplification to the ProfileRegistrar

Task

  • NET-1463 - Update RSPEC before 10.10.1 release
  • NET-1461 - Make CSharpSonarWayProfile be compatible and simplify ProfileRegistrar

10.10

Hey everyone, this release mostly focuses on internal and technical things.

General

  • NET-1444 - Move ProfileRegistrar to org.sonar.plugins.csharpenterprise.api
  • NET-1326 - Update RSPEC before 10.10 release

Internal Styling Rules

  • NET-1378 - New Rule T0045: Use var
  • NET-1359 - New Rule T0043: Avoid primary constructors on normal classes and structs
  • NET-1358 - New Rule T0042: Indent raw string literal +4
  • NET-1357 - New Rule T0041: Use raw string literals for multiline strings
  • NET-1356 - New Rule T0040: Use minimum necessary interpolation characters
  • NET-1355 - New Rule T0039: Protected field should start with lower case letter
  • NET-1354 - New Rule T0038: Use fields instead of auto-implemented private or protected properties
  • NET-1347 - New Rule T0000: Don't use Get prefixes
  • NET-1346 - New Rule T0037: Use .Test suffix namespace
  • NET-1345 - New rule T0046: Move extension method to dedicated class
  • NET-1344 - New Rule T0035: Do not use var for this deconstruction
  • NET-1343 - New Rule T0034: Do not embed var into this condition
  • NET-1342 - New Rule T0033: Swap the logic to use p...

Description has been truncated

@dependabot dependabot Bot added .NET Pull requests that update .NET code dependencies Pull requests that update a dependency file labels Jun 26, 2026
Bumps Aspire.Hosting.AppHost from 13.4.5 to 13.4.6
Bumps Aspire.Hosting.PostgreSQL from 13.4.5 to 13.4.6
Bumps MessagePack from 2.5.302 to 3.1.7
Bumps Microsoft.NET.Test.Sdk from 18.6.0 to 18.7.0
Bumps SonarAnalyzer.CSharp from 10.6.0.109712 to 10.27.0.140913

---
updated-dependencies:
- dependency-name: Aspire.Hosting.AppHost
  dependency-version: 13.4.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: nuget
- dependency-name: Aspire.Hosting.PostgreSQL
  dependency-version: 13.4.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: nuget
- dependency-name: MessagePack
  dependency-version: 3.1.7
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: nuget
- dependency-name: Microsoft.NET.Test.Sdk
  dependency-version: 18.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: nuget
- dependency-name: Microsoft.NET.Test.Sdk
  dependency-version: 18.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: nuget
- dependency-name: Microsoft.NET.Test.Sdk
  dependency-version: 18.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: nuget
- dependency-name: Microsoft.NET.Test.Sdk
  dependency-version: 18.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: nuget
- dependency-name: SonarAnalyzer.CSharp
  dependency-version: 10.27.0.140913
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: nuget
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title Bump the nuget group with 5 updates Bump Aspire.Hosting.AppHost and 4 others Jun 30, 2026
@dependabot dependabot Bot force-pushed the dependabot/nuget/nuget-241a3d2dc6 branch from b8e6bc0 to bb35a74 Compare June 30, 2026 05:59
@sonarqubecloud

Copy link
Copy Markdown

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file .NET Pull requests that update .NET code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants