Skip to content

Bump the nuget-dependencies group with 9 updates#7

Merged
Malcolmnixon merged 1 commit intomainfrom
dependabot/nuget/dot-config/nuget-dependencies-669f3b8e86
Mar 30, 2026
Merged

Bump the nuget-dependencies group with 9 updates#7
Malcolmnixon merged 1 commit intomainfrom
dependabot/nuget/dot-config/nuget-dependencies-669f3b8e86

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 30, 2026

Updated coverlet.collector from 8.0.0 to 8.0.1.

Release notes

Sourced from coverlet.collector's releases.

8.0.1

Fixed

  • Fix [BUG] TypeInitializationException when targeting .NET Framework #​1818
  • Fix [BUG] coverlet.MTP build fails with CS0400 due to developmentDependency=true #​1827

Improvements

  • Additional improvements needed for .NET Framework instrumentation type import #​1825

Diff between 8.0.0 and 8.0.1

Commits viewable in compare view.

Updated demaconsulting.buildmark from 0.4.0 to 0.4.1.

Release notes

Sourced from demaconsulting.buildmark's releases.

0.4.1

Build Report

Version Information

Field Value
Version 0.4.1
Commit Hash 56392fb3d35d1e6cb512b02c22db946f71e2b249
Previous Version 0.4.0
Previous Commit Hash c78b5026427d8efe7a1c0b9527c7a18e75d625c2

Changes

  • #​98 - Bump the nuget-dependencies group with 6 updates
  • #​99 - Align PathHelpers.SafePathCombine with TemplateDotNetTool secure implementation
  • #​100 - Align BuildMark with TemplateDotNetTool template updates
  • #​101 - Bump actions/upload-artifact from 6 to 7
  • #​102 - Bump actions/download-artifact from 7 to 8
  • #​103 - Bump the nuget-dependencies group with 2 updates
  • #​104 - chore: add github-actions grouping to dependabot config
  • #​105 - Apply relevant updates from TemplateDotNetTool template
  • #​106 - Apply TemplateDotNetTool updates: workflow comments, artifact naming, OTS self-validation, and OTS requirements
  • #​107 - Apply TemplateDotNetTool changes from PRs #​53, #​54, #​55
  • #​108 - Bump the nuget-dependencies group with 3 updates
  • #​109 - Bump the nuget-dependencies group with 1 update
  • #​110 - Add THEORY-OF-OPERATIONS.md and GITHUB_TOKEN authentication support
  • #​111 - Bump the nuget-dependencies group with 5 updates
  • #​112 - Bump the nuget-dependencies group with 1 update

Bugs Fixed

  • 113 - [Bug]: Key Collision

Commits viewable in compare view.

Updated demaconsulting.reqstream from 1.4.1 to 1.5.0.

Release notes

Sourced from demaconsulting.reqstream's releases.

1.5.0

Build Report

Version Information

Field Value
Version 1.5.0
Commit Hash 0f1ffaecc2dbdd38420510218854c77e53f9a058
Previous Version 1.4.1
Previous Commit Hash f94ccf9bb3f6a7a62642cbeb5000e74e32987d01

Changes

  • #​125 - Review and update ARCHITECTURE.md
  • #​126 - Bump the nuget-dependencies group with 1 update
  • #​127 - Bump the nuget-dependencies group with 1 update
  • #​128 - Bump the nuget-dependencies group with 6 updates
  • #​129 - Bump the nuget-dependencies group with 1 update
  • #​131 - Update to latest repo-consistency agent and improvements from template
  • #​133 - Add --lint support for requirements YAML files
  • #​134 - Fix incorrect bodyFile path in release.yaml
  • #​135 - Add software structure tree diagram, system design doc, integration tests, and review-set restructuring
  • #​136 - [WIP] Fix findings from code review of review-sets in .reviewmark.yaml
  • #​137 - Fix LINQ missed-where warnings, cognitive complexity violations, Assert.IsTrue code smells, and linter design doc

Bugs Fixed

  • N/A

1.5.0-beta.1

Build Report

Version Information

Field Value
Version 1.5.0-beta.1
Commit Hash 5d53fee9b4e45e9a1a8b5a505bdce2f48b63a111
Previous Version 1.4.1
Previous Commit Hash f94ccf9bb3f6a7a62642cbeb5000e74e32987d01

Changes

  • #​125 - Review and update ARCHITECTURE.md
  • #​126 - Bump the nuget-dependencies group with 1 update
  • #​127 - Bump the nuget-dependencies group with 1 update
  • #​128 - Bump the nuget-dependencies group with 6 updates
  • #​129 - Bump the nuget-dependencies group with 1 update
  • #​131 - Update to latest repo-consistency agent and improvements from template
  • #​133 - Add --lint support for requirements YAML files
  • #​134 - Fix incorrect bodyFile path in release.yaml

Bugs Fixed

  • N/A

Commits viewable in compare view.

Updated demaconsulting.reviewmark from 0.1.0 to 0.2.0.

Release notes

Sourced from demaconsulting.reviewmark's releases.

0.2.0

Build Report

Version Information

Field Value
Version 0.2.0
Commit Hash dada8832724e6ed7068cb6c406b1c5a1b4414fc3
Previous Version 0.1.0
Previous Commit Hash 536acd7e980cc0e552cebb3896b83e6ef65535b4

Changes

  • #​23 - Bump the nuget-dependencies group with 7 updates
  • #​24 - Bump the nuget-dependencies group with 1 update
  • #​25 - Bring in latest repo-consistency agent and apply template improvements from TemplateDotNetTool
  • 26 - [Feature]: Add --lint support
  • 28 - [Feature]: Add a 'none' evidence source

Bugs Fixed

  • N/A

Commits viewable in compare view.

Updated demaconsulting.sonarmark from 1.2.0 to 1.3.0.

Release notes

Sourced from demaconsulting.sonarmark's releases.

1.3.0

Build Report

Version Information

Field Value
Version 1.3.0
Commit Hash 55049a32d8fd00b94979dcb9e72a3fe98985c60e
Previous Version 1.2.0
Previous Commit Hash b95e0c5efab316e910aefda8ed5c8255eacf9a16

Changes

  • #​91 - Bump the nuget-dependencies group with 2 updates
  • #​92 - Sync SonarMark with TemplateDotNetTool template updates (PRs #​41, #​44, #​45, #​46)
  • #​93 - Bump actions/upload-artifact from 6 to 7
  • #​94 - Bump actions/download-artifact from 7 to 8
  • #​95 - Bump the nuget-dependencies group with 2 updates
  • #​96 - fix: add missing github-actions grouping to dependabot.yml
  • #​97 - Bump the nuget-dependencies group with 1 update
  • #​98 - Apply TemplateDotNetTool template consistency updates to SonarMark
  • #​99 - Apply TemplateDotNetTool PR #​52: staged pipelines, artifact consolidation, and OTS Software requirements
  • #​100 - Bring in recent changes from TemplateDotNetTool (PRs #​53, #​54, #​55)
  • #​101 - Bump the nuget-dependencies group with 2 updates
  • #​102 - Bump the nuget-dependencies group with 1 update
  • #​103 - Bump the nuget-dependencies group with 5 updates
  • #​104 - Bump the nuget-dependencies group with 1 update
  • #​105 - Bring in latest repo-consistency agent and template improvements from TemplateDotNetTool
  • #​106 - Split monolithic requirements.yaml, add docs/design/ folder, and align review-sets with software tree
  • #​107 - Add design document PDF build, system.md architectural overview, and SonarMark-Design review-set

Bugs Fixed

  • N/A

Commits viewable in compare view.

Updated demaconsulting.versionmark from 1.0.0 to 1.1.0.

Release notes

Sourced from demaconsulting.versionmark's releases.

1.1.0

Build Report

Version Information

Field Value
Version 1.1.0
Commit Hash ca02d60bf74b00e36a3fa8467a4009d1d2b39dab
Previous Version 1.0.0
Previous Commit Hash 9448ef56aa3d377c7f48bf619a9b7d97484edbb5

Changes

  • #​26 - Bump the nuget-dependencies group with 3 updates
  • #​27 - Sync PathHelpers.SafePathCombine null validation with TemplateDotNetTool
  • #​28 - Sync with TemplateDotNetTool template (PRs #​39–#​45)
  • #​29 - Bump the nuget-dependencies group with 1 update
  • #​30 - Apply template consistency updates from TemplateDotNetTool
  • #​31 - Bring in recent changes from the template repo
  • #​32 - Bump the nuget-dependencies group with 2 updates
  • #​33 - Bump the nuget-dependencies group with 1 update
  • #​34 - Add ReviewMark integration and file review infrastructure
  • 35 - [Feature]: Reviewable Requirements and Design Documentation
  • #​37 - fix: resolve VersionMark-CommandLine-Review, VersionMark-Utilities-Review, VersionMark-Configuration-Review, VersionMark-VersionInfo-Review, and VersionMark-Validation-Review failures
  • #​38 - Bump the nuget-dependencies group with 7 updates
  • #​39 - Bump the nuget-dependencies group with 1 update
  • #​40 - Update repo-consistency agent and apply template improvements from TemplateDotNetTool
  • 41 - [Feature]: Add lint support

Bugs Fixed

  • N/A

Commits viewable in compare view.

Updated Microsoft.Extensions.FileSystemGlobbing from 9.0.3 to 10.0.5.

Release notes

Sourced from Microsoft.Extensions.FileSystemGlobbing's releases.

10.0.0-preview.6.25358.103

You can build .NET 10.0 Preview 6 from the repository by cloning the release tag v10.0.0-preview.6.25358.103 and following the build instructions in the main README.md.

Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.

Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023

10.0.0-preview.5.25277.114

You can build .NET 10.0 Preview 5 from the repository by cloning the release tag v10.0.0-preview.5.25277.114 and following the build instructions in the main README.md.

Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.

Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023

10.0.0-preview.4.25258.110

You can build .NET 10.0 Preview 4 from the repository by cloning the release tag v10.0.0-preview.4.25258.110 and following the build instructions in the main README.md.

Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.

Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023

10.0.0-preview.3.25171.5

You can build .NET 10.0 Preview 3 from the repository by cloning the release tag v10.0.0-preview.3.25171.5 and following the build instructions in the main README.md.

Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.

Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023

10.0.0-preview.2.25163.2

You can build .NET 10.0 Preview 2 from the repository by cloning the release tag v10.0.0-preview.2.25163.2 and following the build instructions in the main README.md.

Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.

Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023

10.0.0-preview.1.25080.5

You can build .NET 10.0 Preview 1 from the repository by cloning the release tag v10.0.0-preview.1.25080.5 and following the build instructions in the main README.md.

Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.

Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023

9.0.115

You can build .NET 9.0 from the repository by cloning the release tag v9.0.115 and following the build instructions in the main README.md.

Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.

Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023

9.0.114

You can build .NET 9.0 from the repository by cloning the release tag v9.0.114 and following the build instructions in the main README.md.

Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.

Attached is the PGP signature for the GitHub generated tarball. You can find the public key at https://dot.net/release-key-2023

9.0.113

You can build .NET 9.0 from the repository by cloning the release tag v9.0.113 and following the build instructions in the main README.md.

Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.

Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023

9.0.112

You can build .NET 9.0 from the repository by cloning the release tag v9.0.112 and following the build instructions in the main README.md.

Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.

Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023

9.0.111

You can build .NET 9.0 from the repository by cloning the release tag v9.0.111 and following the build instructions in the main README.md.

Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.

Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023

9.0.110

You can build .NET 9.0 from the repository by cloning the release tag v9.0.110 and following the build instructions in the main README.md.

Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.

Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023

9.0.109

You can build .NET 9.0 from the repository by cloning the release tag v9.0.109 and following the build instructions in the main README.md.

Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.

Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023

9.0.101

You can build .NET 9.0 from the repository by cloning the release tag v9.0.101 and following the build instructions in the main README.md.

Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.

Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023

9.0.7

You can build .NET 9.0 from the repository by cloning the release tag v9.0.7 and following the build instructions in the main README.md.

Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.

Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023

9.0.6

You can build .NET 9.0 from the repository by cloning the release tag v9.0.6 and following the build instructions in the main README.md.

Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.

Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023

9.0.5

You can build .NET 9.0 from the repository by cloning the release tag v9.0.5 and following the build instructions in the main README.md.

Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.

Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023

9.0.4

You can build .NET 9.0 from the repository by cloning the release tag v9.0.4 and following the build instructions in the main README.md.

Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.

Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023

Commits viewable in compare view.

Updated Polyfill from 9.22.0 to 9.23.0.

Release notes

Sourced from Polyfill's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated SonarAnalyzer.CSharp from 10.21.0.135717 to 10.22.0.136894.

Release notes

Sourced from SonarAnalyzer.CSharp's releases.

10.22

Hello everyone,
This release brings 4 new rules to help developers transition to C# 14, and a bunch of false positive fixes.

New rules

  • NET-3361 - New rule S8381: "scoped" should be escaped when used as a type name in lambda parameters
  • NET-3359 - New rule S8368: "extension" identifiers should be escaped to avoid contextual keyword conflicts
  • NET-3347 - New rule S8380: Return types named "partial" should be escaped with "@"
  • NET-3345 - New rule S8367: Identifiers should not conflict with the "field" keyword in C# 14?

False Positive

  • NET-3443 - Fix S1940 FP: for floating point numbers that can be NaN "!(a <= b)" is not the same as "a > b"
  • NET-3001 - Fix S3063 FP: Concatenation with identifier
  • NET-1569 - Fix S5944 FP: AddressOf(MethodName) in Return statement
  • NET-3445 - Fix T0029 FP: Inside target-typed new
  • NET-2817 - Fix T0029 FP: Ident for collection expression members
  • NET-2024 - Fix T0029 FP: Inside array initializer
  • NET-3341 - Fix T0029 FP: After member access
  • NET-3462 - Fix T0042 FP: Inside constructors and collection initializers
  • NET-3426 - Fix T0042: Raw string in collection initializer
  • NET-2888 - Fix T0042 FP: Returned from method
  • NET-2874 - Fix T0042 FP: Raw string in ternary

Bugs

  • NET-3386 - Fix S4583 AD0001: BeginInvoke callback declared in separate file

Other

  • NET-3385 - S2612: Rule type changed from Security Hotspot to Vulnerability

Commits viewable in compare view.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the nuget-dependencies group with 9 updates
bfced3d 
Bumps coverlet.collector from 8.0.0 to 8.0.1
Bumps demaconsulting.buildmark from 0.4.0 to 0.4.1
Bumps demaconsulting.reqstream from 1.4.1 to 1.5.0
Bumps demaconsulting.reviewmark from 0.1.0 to 0.2.0
Bumps demaconsulting.sonarmark from 1.2.0 to 1.3.0
Bumps demaconsulting.versionmark from 1.0.0 to 1.1.0
Bumps Microsoft.Extensions.FileSystemGlobbing from 9.0.3 to 10.0.5
Bumps Polyfill from 9.22.0 to 9.23.0
Bumps SonarAnalyzer.CSharp from 10.21.0.135717 to 10.22.0.136894

---
updated-dependencies:
- dependency-name: coverlet.collector
  dependency-version: 8.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: nuget-dependencies
- dependency-name: demaconsulting.buildmark
  dependency-version: 0.4.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: nuget-dependencies
- dependency-name: demaconsulting.reqstream
  dependency-version: 1.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: nuget-dependencies
- dependency-name: demaconsulting.reviewmark
  dependency-version: 0.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: nuget-dependencies
- dependency-name: demaconsulting.sonarmark
  dependency-version: 1.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: nuget-dependencies
- dependency-name: demaconsulting.versionmark
  dependency-version: 1.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: nuget-dependencies
- dependency-name: Microsoft.Extensions.FileSystemGlobbing
  dependency-version: 10.0.5
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: nuget-dependencies
- dependency-name: Polyfill
  dependency-version: 9.23.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: nuget-dependencies
- dependency-name: SonarAnalyzer.CSharp
  dependency-version: 10.22.0.136894
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: nuget-dependencies
- dependency-name: SonarAnalyzer.CSharp
  dependency-version: 10.22.0.136894
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: nuget-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added .NET Pull requests that update .NET code dependencies Dependency updates labels Mar 30, 2026
@Malcolmnixon Malcolmnixon merged commit 383b921 into main Mar 30, 2026
15 checks passed
@Malcolmnixon Malcolmnixon deleted the dependabot/nuget/dot-config/nuget-dependencies-669f3b8e86 branch March 30, 2026 10:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Dependency updates .NET Pull requests that update .NET code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Malcolmnixon