Skip to content

Bump the dependencies group with 13 updates#42

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/nuget/dependencies-97d8a28908
Open

Bump the dependencies group with 13 updates#42
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/nuget/dependencies-97d8a28908

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot bot commented on behalf of github Apr 7, 2026

Updated coverlet.collector from 6.0.4 to 8.0.1.

Release notes

Sourced from coverlet.collector's releases.

8.0.1

Fixed

  • Fix [BUG] TypeInitializationException when targeting .NET Framework #​1818
  • Fix [BUG] coverlet.MTP build fails with CS0400 due to developmentDependency=true #​1827

Improvements

  • Additional improvements needed for .NET Framework instrumentation type import #​1825

Diff between 8.0.0 and 8.0.1

8.0.0

Special Thanks: A huge thank you to @​Bertk for driving the majority of the work in this release! 🎉

Fixed

Improvements

  • Coverlet MTP extension feature #​1788
  • Generate SBOM for nuget packages #​1752
  • Use multi targets projects for coverlet.collector, coverlet.msbuild.tasks packages #​1742
  • Use .NET 8.0 target framework for coverlet.core and remove Newtonsoft.Json #​1733
  • Use latest System.CommandLine version #​1660
  • Upgraded minimum required .NET SDK and runtime to .NET 8.0 LTS (Long Term Support) (Breaking Change)
  • Use xunit.v3 for tests and example code

Diff between 6.0.4 and 8.0.0

Commits viewable in compare view.

Updated FluentAssertions from 8.8.0 to 8.9.0.

Release notes

Sourced from FluentAssertions's releases.

8.9.0

What's Changed

New features

Improvements

Fixes

Documentation

Others

Commits viewable in compare view.

Updated Microsoft.Build from 18.0.2 to 18.4.0.

Release notes

Sourced from Microsoft.Build's releases.

18.4.0

What's Changed

18.3.3

What's Changed

Commits viewable in compare view.

Updated Microsoft.Build.Tasks.Core from 18.0.2 to 18.4.0.

Release notes

Sourced from Microsoft.Build.Tasks.Core's releases.

18.4.0

What's Changed

18.3.3

What's Changed

Commits viewable in compare view.

Updated Microsoft.Build.Utilities.Core from 18.0.2 to 18.4.0.

Release notes

Sourced from Microsoft.Build.Utilities.Core's releases.

18.4.0

What's Changed

18.3.3

What's Changed

Commits viewable in compare view.

Updated Microsoft.Extensions.Logging from 10.0.2 to 10.0.5.

Release notes

Sourced from Microsoft.Extensions.Logging's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.Extensions.Logging.Abstractions from 10.0.2 to 10.0.5.

Release notes

Sourced from Microsoft.Extensions.Logging.Abstractions's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.NET.Test.Sdk from 18.0.1 to 18.4.0.

Release notes

Sourced from Microsoft.NET.Test.Sdk's releases.

18.4.0

What's Changed

New Contributors

Full Changelog: microsoft/vstest@v18.3.0...v18.4.0

18.3.0

What's Changed

Internal fixes and updates

New Contributors

Commits viewable in compare view.

Updated NuGet.Versioning from 7.0.1 to 7.3.0.

Release notes

Sourced from NuGet.Versioning's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Serilog from 4.3.0 to 4.3.1.

Release notes

Sourced from Serilog's releases.

4.3.1

What's Changed

New Contributors

Full Changelog: serilog/serilog@v4.3.0...v4.3.1

Commits viewable in compare view.

Updated SonarAnalyzer.CSharp from 10.19.0.132793 to 10.22.0.136894.

Release notes

Sourced from SonarAnalyzer.CSharp's releases.

10.22

Hello everyone,
This release brings 4 new rules to help developers transition to C# 14, and a bunch of false positive fixes.

New rules

  • NET-3361 - New rule S8381: "scoped" should be escaped when used as a type name in lambda parameters
  • NET-3359 - New rule S8368: "extension" identifiers should be escaped to avoid contextual keyword conflicts
  • NET-3347 - New rule S8380: Return types named "partial" should be escaped with "@"
  • NET-3345 - New rule S8367: Identifiers should not conflict with the "field" keyword in C# 14?

False Positive

  • NET-3443 - Fix S1940 FP: for floating point numbers that can be NaN "!(a <= b)" is not the same as "a > b"
  • NET-3001 - Fix S3063 FP: Concatenation with identifier
  • NET-1569 - Fix S5944 FP: AddressOf(MethodName) in Return statement
  • NET-3445 - Fix T0029 FP: Inside target-typed new
  • NET-2817 - Fix T0029 FP: Ident for collection expression members
  • NET-2024 - Fix T0029 FP: Inside array initializer
  • NET-3341 - Fix T0029 FP: After member access
  • NET-3462 - Fix T0042 FP: Inside constructors and collection initializers
  • NET-3426 - Fix T0042: Raw string in collection initializer
  • NET-2888 - Fix T0042 FP: Returned from method
  • NET-2874 - Fix T0042 FP: Raw string in ternary

Bugs

  • NET-3386 - Fix S4583 AD0001: BeginInvoke callback declared in separate file

Other

  • NET-3385 - S2612: Rule type changed from Security Hotspot to Vulnerability

10.21

### Bug

  • NET-3376 - Fix S6930 AD0001: Issue on template / code files for blazor
  • NET-3367 - Fix S4830 AD0001: CertificateValidationCheck Syntax node is not within syntax tree

Feature

  • NET-3260 - Fix broken links in S6960 RSPEC

False Positive

  • NET-2886 - Fix T0015 FP: In constructor
  • NET-1678 - Fix S4275 FP: with property overload

10.20

This release brings 9 precision improvements — 7 false positive fixes and 2 false negative fixes — across rules S1116, S1144, S1210, S1643, S1854, S2365, S3254, S3265, and S127. It also promotes S2068 and S6418 from Security Hotspot to Vulnerability, making them visible directly in the IDE, and removes S3256 from the Sonar Way quality profile.

Changes

  • NET-3227 - Remove S3256 from "Sonar Way" quality profile
  • NET-3208 - S6418: Rule type changed from Security Hotspot to Vulnerability
  • NET-3207 - S2068: Rule type changed from Security Hotspot to Vulnerability
  • NET-3206 - Remove links to rules.sonarsource.com

False Positive

  • NET-3215 - Fix FP on S127: Should only raise on stop condition variables
  • NET-3212 - Fix FP on S3254: Don't raise if the parameter isn't last
  • NET-3053 - Fix FP on S1210: Implementing comparable operators for private types
  • NET-2984 - Fix FP on S3265: BCL enums with [Flags] not recognized due to metadata resolution
  • NET-2976 - Fix FP on S1854: Default value initializations flagged despite exemptions
  • NET-2966 - Fix FP on S1144: Constructors in MEF-exported types
  • NET-2956 - Fix FP on S1116: Empty loop body with side effects in condition

False Negative

  • NET-1261 - Fix FN on S2365: Rule should report on new collection
  • NET-1259 - Fix FN on S1643: Concatenation for parameters, fields and properties are not detected

Rule specification

  • NET-3246 - Modify Rule S127: Update Description
  • NET-3218 - Modify Rule S3265: Add exception for MethodImplAttributes
  • NET-3086 - Modify Rule S1116: Add loop exception

Maintenance

  • NET-3047 - Update RSPEC before 10.20 release

Commits viewable in compare view.

Updated Spectre.Console from 0.54.0 to 0.55.0.

Release notes

Sourced from Spectre.Console's releases.

0.55.0

This release brings new features, performance improvements, bug fixes, and some important architectural changes.

[!CAUTION]
There are breaking changes in this release, so make sure you review the release notes and try things out before upgrading in production.

New Spectre.Console.Ansi Library

One of the biggest changes in this release is the introduction of
Spectre.Console.Ansi,
a new standalone library for writing ANSI escape
sequences to the terminal without taking a full dependency on Spectre.Console.

This makes it easy to add ANSI support to lightweight tools and libraries where
pulling in the full Spectre.Console package would be overkill. Spectre.Console
itself now depends on this library internally.

We've also added some nice convenience methods for the .NET Console class:

using Spectre.Console.Ansi;

Console.Markup("[yellow]Hello[/] ");
Console.MarkupLine("[blue]World[/]");
  
Console.Ansi(writer => writer
    .BeginLink("https://spectreconsole.net", linkId: 123)
    .Decoration(Decoration.Bold | Decoration.Italic)
    .Foreground(Color.Yellow)
    .Write("Spectre Console")
    .ResetStyle()
    .EndLink());

Style Is Now a Struct

Style has been converted from a class to a struct, and link/URL information
has been extracted into a separate Link type. This improves allocation
performance, especially in rendering-heavy scenarios, but is a breaking change
for code that relies on reference semantics.

Progress Improvements

The Progress widget received a lot of love in this release. It now uses
TimeProvider instead of the wall clock, making it significantly easier to
write deterministic tests. ProgressTask has a new Tag property for attaching
arbitrary metadata, and you can now override the global hide-when-completed
behavior on individual tasks. Tasks can also be removed from the progress
context entirely.

Speed calculations have been improved with configurable max sampling age and
... (truncated)

Commits viewable in compare view.

Updated Spectre.Console.Testing from 0.54.0 to 0.55.0.

Release notes

Sourced from Spectre.Console.Testing's releases.

0.55.0

This release brings new features, performance improvements, bug fixes, and some important architectural changes.

[!CAUTION]
There are breaking changes in this release, so make sure you review the release notes and try things out before upgrading in production.

New Spectre.Console.Ansi Library

One of the biggest changes in this release is the introduction of
Spectre.Console.Ansi,
a new standalone library for writing ANSI escape
sequences to the terminal without taking a full dependency on Spectre.Console.

This makes it easy to add ANSI support to lightweight tools and libraries where
pulling in the full Spectre.Console package would be overkill. Spectre.Console
itself now depends on this library internally.

We've also added some nice convenience methods for the .NET Console class:

using Spectre.Console.Ansi;

Console.Markup("[yellow]Hello[/] ");
Console.MarkupLine("[blue]World[/]");
  
Console.Ansi(writer => writer
    .BeginLink("https://spectreconsole.net", linkId: 123)
    .Decoration(Decoration.Bold | Decoration.Italic)
    .Foreground(Color.Yellow)
    .Write("Spectre Console")
    .ResetStyle()
    .EndLink());

Style Is Now a Struct

Style has been converted from a class to a struct, and link/URL information
has been extracted into a separate Link type. This improves allocation
performance, especially in rendering-heavy scenarios, but is a breaking change
for code that relies on reference semantics.

Progress Improvements

The Progress widget received a lot of love in this release. It now uses
TimeProvider instead of the wall clock, making it significantly easier to
write deterministic tests. ProgressTask has a new Tag property for attaching
arbitrary metadata, and you can now override the global hide-when-completed
behavior on individual tasks. Tasks can also be removed from the progress
context entirely.

Speed calculations have been improved with configurable max sampling age and
... (truncated)

Commits viewable in compare view.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version o...

Description has been truncated

@dependabot
Bump the dependencies group with 13 updates
48ea6c1 
Bumps coverlet.collector from 6.0.4 to 8.0.1
Bumps FluentAssertions from 8.8.0 to 8.9.0
Bumps Microsoft.Build from 18.0.2 to 18.4.0
Bumps Microsoft.Build.Tasks.Core from 18.0.2 to 18.4.0
Bumps Microsoft.Build.Utilities.Core from 18.0.2 to 18.4.0
Bumps Microsoft.Extensions.Logging from 10.0.2 to 10.0.5
Bumps Microsoft.Extensions.Logging.Abstractions from 10.0.2 to 10.0.5
Bumps Microsoft.NET.Test.Sdk from 18.0.1 to 18.4.0
Bumps NuGet.Versioning from 7.0.1 to 7.3.0
Bumps Serilog from 4.3.0 to 4.3.1
Bumps SonarAnalyzer.CSharp from 10.19.0.132793 to 10.22.0.136894
Bumps Spectre.Console from 0.54.0 to 0.55.0
Bumps Spectre.Console.Testing from 0.54.0 to 0.55.0

---
updated-dependencies:
- dependency-name: coverlet.collector
  dependency-version: 8.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: FluentAssertions
  dependency-version: 8.9.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: Microsoft.Build
  dependency-version: 18.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: Microsoft.Build.Tasks.Core
  dependency-version: 18.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: Microsoft.Build.Utilities.Core
  dependency-version: 18.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: Microsoft.Extensions.Logging
  dependency-version: 10.0.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: Microsoft.Extensions.Logging.Abstractions
  dependency-version: 10.0.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: Microsoft.NET.Test.Sdk
  dependency-version: 18.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: NuGet.Versioning
  dependency-version: 7.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: Serilog
  dependency-version: 4.3.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: SonarAnalyzer.CSharp
  dependency-version: 10.22.0.136894
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: Spectre.Console
  dependency-version: 0.55.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: Spectre.Console.Testing
  dependency-version: 0.55.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added .NET Pull requests that update .NET code dependencies Pull requests that update a dependency file labels Apr 7, 2026
This was referenced Apr 7, 2026
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file .NET Pull requests that update .NET code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants