Skip to content

Bump csharpier and 2 others #31

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump csharpier and 2 others #31

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 6, 2025

Updated csharpier from 0.30.3 to 1.1.1.

Release notes

Sourced from csharpier's releases.

1.1.1

What's Changed

Unhandled exception: System.ArgumentOutOfRangeException: startIndex cannot be larger than length of string. (Parameter 'startIndex') #​1673

CSharpier was throwing an exception when formating a directory contained a file without an extension.

1.1.0

What's Changed

.gitignore from parent folders impacts formatting of children #​1627

CSharpier will no longer consider .gitignore files located above the root of the current git repository.

Changes to stdin formatting #​288 #​1657

There is a new option --stdin-filepath that is used to specify the filepath CSharpier should use for resolving options and ignore files.
When no path is specified via stdin-path

  • No ignore files are considered.
  • The current directory is considered when locating options
  • The file is assumed to be c# unless the first non-whitespace character is < in which case it is assumed to be xml.

Support for C# 14 and .NET 10 #​1654 #​1646

Changes were required to support the following

  • Extension Declarations
  • File level directives in file based C# Apps

Support --ignore-path CLI option #​1585

It is now possible to specify the path to an ignore file

dotnet csharpier format . --ignore-path .config/.csharpierignore

Format xaml and slnx by default #​1628 #​1604

CSharpier now formats xaml and slnx by default without the need for configuration changes.

XML formatting is not taking into account EOL configuration on multiline comments #​1660

When formatting the following XML, CSharpier would always use the system system default for ending lines within the comment instead of the respecting the configured EOL setting.

<Element>
  <!--
  Comment with EOL
  -->
</Element>

Error when no read access to intermediate containing folder #​1656

In the case that CSharpier had access to a sub directory but not the parent of that sub directory, it was failing with an exception. That has been resolved.

Misleading message after "csharpier check" #​1645

Previously the format and check commands both used the same output message. The check command now correctly reports that it checked files and did not format them.

# 1.0.3
dotnet csharpier check .
Formatted 13226 files in 21986ms.

# 1.1.0
dotnet csharpier check .
Checked 13226 files in 21986ms.

Multiline collection expressions should not be indented #​1635

CSharpier now formats collection expressions consistently when they are in a property

// input & expected output
public class ClassName
{
    public SomeObject LongValue = new
 ... (truncated)

## 1.0.3

## What's Changed
### Switch block case with conditionals adding newlines [#​1630](https://github.com/belav/csharpier/issues/1630)
Switch blocks were breaking on conditions within patterns.
```c#
// input and expected output
switch ("")
{
    case "" or "":
        break;
}

// 1.0.2
switch ("")
{
    case ""
    or "":
        break;
}

switch expression formatting adds odd newlines #​1620

CSharpier was breaking after a discard with a when, resulting in extra new lines

// input and expected output
_ = someValue switch
{
    _ when KeepWhenWithDiscard() => "",
    _ when KeepWhenWithDiscard_________________(
            SomeObject_______________________________________________
        ) => "",
    _ when KeepWhenWithDiscard_________________(
            SomeObject_______________________________________________
        ) => "LongString_____________________________________________________________________",
};

// 1.0.2
_ = someValue switch
{
    _ when KeepWhenWithDiscard() => "",
    _
        when KeepWhenWithDiscard_________________(
            SomeObject_______________________________________________
        ) => "",
    _
        when KeepWhenWithDiscard_________________(
            SomeObject_______________________________________________
        ) => "LongString_____________________________________________________________________",
};

multi-line raw string in linq query causes a subsequent linq query to be printed on one line #​1617

... (truncated)

1.0.2

What's Changed

Performance issues when supporting .gitignore. #​1588

CSharpier was using a naive algorithm for parsing and evaluating gitignore rules that caused significant perfomance issues. @​kevinboss reworked the implementation to drastically increate performance.

Exclude bin/ and obj/ directory content from xml formatting #​1600

CSharpier now excludes all files in bin/ and obj/ by default.

Error on syntactically valid conditional with is #​1612

The following c# is valid and compiles with 9.0.300+. CSharpier was updated to properly parse it.

var x = y is y ? [] : z ?? [];

Xml formatting with comments in text element inserts extra new lines #​1607

CSharpier has some issues with formatting text that contained xml comments. That has been improved.

Input & expected output

<NoWarn>
  CA1031; <!-- Since this is not a library project, catching general exceptions is OK -->
  IDE0005; <!-- Allow unused usings -->
</NoWarn>

1.0.1

<NoWarn
    >
      CA1031;
    <!-- Since this is not a library project, catching general exceptions is OK -->

    
      IDE0005;
    <!-- Allow unused usings -->
</NoWarn>

Inconsistent formatting of single-line lambda expressions #​1594

CSharpier 1.0.0 introduced a regression that caused the following formatting. This is now working as expected.

// input & expected output
        CallMethod(() => CallAnotherMethod______________________________________________________());
        CallMethod(() =>
            CallAnotherMethod______________________________________________________1()
        );
        CallMethod(() =>
            CallAnotherMethod______________________________________________________12()
        );
        CallMethod(() =>
            CallAnotherMethod______________________________________________________123()
        );

// 1.0.0
 ... (truncated)

## 1.0.1

## What's Changed
### CSharpier's support for .gitignore is causing performance issues [#​1584](https://github.com/belav/csharpier/issues/1584)
The support for `.gitignore` has some major performance problems when there are a large number of `.gitignore` files and/or ignore rules. The feature has been disabled for now until it can be fixed.
### CSharpier.MsBuild issues [#​1586](https://github.com/belav/csharpier/issues/1586)
CSharpier.MsBuild was not properly logging errors when performing a formatting check. This would result in the build passing when files were not formatted.
Setting `CSharpier_LogLevel` was passing an invalid parameter of `--loglevel` to CSharpier, resulting in a build failure


**Full Changelog**: https://github.com/belav/csharpier/compare/1.0.0...1.0.1

## 1.0.0

## Major Changes
### Support for formatting XML [#​819](https://github.com/belav/csharpier/issues/819)
CSharpier now formats xml files by default. It will try to format ".csproj", ".props", ".targets", ".xml", ".config" as if they were xml. \
If a file is not valid xml it will be treated as a warning. \
The default indent size is `2` instead of `4`

### Performance Improvements
@​TimothyMakkison put a lot of effort into improving the performance of CSharpier. These benchmark numbers show drastic improvement for both speed and memory usage.

Baseline
Method Mean Error StdDev Median Gen0 Gen1 Gen2 Allocated
Default_CodeFormatter_Tests 233.3 ms 4.63 ms 8.23 ms 229.7 ms 11000.0000 4000.0000 1000.0000 101.41 MB
Default_CodeFormatter_Complex 433.7 ms 8.53 ms 7.56 ms 433.4 ms 20000.0000 5000.0000 1000.0000 182.44 MB 

After Improvements
Method Mean Error StdDev Gen0 Gen1 Allocated
Default_CodeFormatter_Tests 64.72 ms 0.548 ms 0.512 ms 1666.6667 1000.0000 18.33 MB
Default_CodeFormatter_Complex 137.83 ms 2.730 ms 4.708 ms 3000.0000 1000.0000 30.78 MB 
## Breaking Changes
### ConfigurationFile - rename TabWidth to IndentSize [#​1377](https://github.com/belav/csharpier/issues/1377)
In order to get consistency between an `.editorconfig` and `.csharpierconfig` the option `TabWidth` has been renamed to `IndentSize`. This is also a more accurate name considering by default indentation is done with spaces and not tabs.
### Rework the CLI to use commands and arguments. [#​1321](https://github.com/belav/csharpier/issues/1321)
The CLI has been reworked to use commands. This helps make it clear which arguments apply to which commands. The two common commands are below, see https://csharpier.com/docs/CLI for more details.

dotnet csharpier format .
dotnet csharpier check .

### Changing the tool command to csharpier. Changing the assembly/exe to CSharpier [#​1418](https://github.com/belav/csharpier/pull/1418)
Prior to `1.0.0` the tool command was `dotnet-csharpier` and assembly/exe were named `dotnet_csharpier`. 
The tool command name was changed to just `csharpier`
- Running a local tool remains the same `dotnet csharpier --version`
- Running a global tool is changed to `csharpier --version`

The assembly/exe names have changed to just `CSharpier`

### Support for ignoring files via a .gitignore [#​631](https://github.com/belav/csharpier/issues/631)
CSharpier now works as follows when determining if a file should be ignored.

- .gitignore files are considered when determining if a file will be ignored. A .gitignore file at the same level as a given file will take priority over a .gitignore file above it in the directory tree.
- If a .csharpierignore file is present at the same level or anywhere above the given file in the tree and it contains a pattern for a given file, that will take priority.
- The patterns within .csharpierignore work the same as a .gitignore, with patterns lower in the file taking priority over patterns above
- CSharpier does not currently look further up the directory tree for additional .csharpierignore files if it finds one. But it does look for .gitignore files. If there is demand this could be added later.
## What's Changed
 ... (truncated)

## 0.30.6

## What's Changed
### Trailing comma is placed on new line if last enum value is followed by a comment [#​1429](https://github.com/belav/csharpier/issues/1429)
```c#
// input
enum MyEnum
{
    First,
    Second // the second value
}

// 0.30.5
enum MyEnum
{
    First,
    Second // the second value
    ,
}

// 0.30.6
enum MyEnum
{
    First,
    Second, // the second value
}

Full Changelog: belav/csharpier@0.30.5...0.30.6

0.30.5

What's Changed

Extra blank line added to file each time csharpier runs on this file #​1426

When a file ended in a comment and that comment had multiple blank lines before it, a new blank line was being added each time it was formatted.
// input

// input
namespace MyCompany.MyNamespace;


// Comment block

// 0.30.4
namespace MyCompany.MyNamespace;



// Comment block

// 0.30.5
namespace MyCompany.MyNamespace;

// Comment block

**Full Changelog**: https://github.com/belav/csharpier/compare/0.30.4...0.30.5

## 0.30.4

# 0.30.4
## What's Changed
### Formatting deletes `unsafe` modifier [#​1416](https://github.com/belav/csharpier/issues/1416)
Formatting a using directive with an unsafe modifier resulted in the lose of the unsafe keyword
```c#
// input & expected output
using unsafe NvapiQueryInterface = delegate* unmanaged[Cdecl]<uint, nint>;

// 0.30.3
using NvapiQueryInterface = delegate* unmanaged[Cdecl]<uint, nint>;

CSharpier keeps adding a newline every time a file is formatted #​1408

In some cases if a file ended with a comment, CSharpier would add a new extra blank line above the comment each time it formatted the file

// input & expected outpet
using System;

namespace MyCompany.MyNamespace;

// Comment block

// 0.30.3
using System;

namespace MyCompany.MyNamespace;


// Comment block

Full Changelog: belav/csharpier@0.30.3...0.30.4

Commits viewable in compare view.

Updated Microsoft.NET.ILLink.Tasks from 9.0.7 to 9.0.8.

Release notes

Sourced from Microsoft.NET.ILLink.Tasks's releases.

9.0.8

Release

What's Changed

Full Changelog: dotnet/runtime@v9.0.7...v9.0.8

Commits viewable in compare view.

Updated System.IdentityModel.Tokens.Jwt from 8.3.0 to 8.13.0.

Release notes

Sourced from System.IdentityModel.Tokens.Jwt's releases.

8.13.0

8.13.0

Fundamentals

  • CaseSensitiveClaimsIdentity.SecurityToken setter is now protected internal (was internal). See PR #​3278 for details.
  • Update .NET SDK version to 9.0.108 used when building or running the code. See PR #​3274 for details.
  • Update RsaSecurityKey.cs to replace the Pkcs1 padding by Pss from HasPrivateKey check. See #​3280 for details.

What's Changed

New Contributors

Full Changelog: AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet@8.12.1...8.13.0

8.12.1

8.12.1

Fundamentals

  • Update .NET SDK version to 9.0.107 used when building or running the code. See #​3263 for details.
  • To keep our experimental code separate from production code, all files associated with experimental features have been moved to the Experimental folders. See PR #​3261 for details.
  • Experimental code leaked into TokenValidationResult from early prototypes. See PR #​3259 for details.

What's Changed

Full Changelog: AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet@8.12.0...8.12.1

8.12.0

8.12.0

New Features

  • Enhance ConfigurationManager with event handling
    Added event handling capabilities to the ConfigurationManager, enabling consumers to subscribe to configuration change events. This enhancement improves extensibility and allows more responsive applications. For details see #​3253

Bug Fixes

  • Add expected Base64UrlEncoder.Decode overload for NET6 and 8
    Introduced the expected overload of Base64UrlEncoder.Decode for .NET 6 and 8, ensuring compatibility and preventing missing method issues on these frameworks.
    For details see #​3249

Fundamentals

  • Add AI assist rules
    Incorporated AI assist rules to enhance AI agents effectiveness.
    For details see #​3255
  • Update PublicApiAnalyzers and BannedApiAnalyzers to 4.14.0
    Upgraded analyzer packages for improved diagnostics and code consistency (in particular delegates are added).
    For details see #​3256
  • Move suppression of RS006 to csproj
    Centralized suppression of RS006 warnings in project files for easier management.
    For details see #​3230

What's Changed

Full Changelog: AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet@8.11.0...8.12.0

8.11.0

8.11.0

New Features:

  • Microsoft.IdentityModel now exposes the AadIssuerValidator factory method publicly to enable caching functionality for AadIssuerValidator instances. See issue #​3245 for details.
  • Added a new public async API: JsonWebTokenHandler.DecryptTokenWithConfigurationAsync, which decrypts a JWE token using keys from either TokenValidationParameters or, if not present, from configuration (such as via a ConfigurationManager). This enhancement improves developer experience by enabling asynchronous, cancellation-aware JWE decryption scenarios, aligning with modern .NET async patterns and making integration with external key/configuration sources more robust and observable. See PR #​3243 for details.

What's Changed

Full Changelog: AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet@8.10.0...8.11.0

8.10.0

8.10.0

Bug Fixes

  • Corrected casing of the Type attribute in SubjectConfirmationData. See #​3206.
  • Removed Microsoft.Bcl.Memory dependency for pre-.NET 9.0 targets. See #​3220.
  • Aligned Microsoft.Extensions.Logging.Abstractions version to 8.0.0 for .NET 9 to match other targets. See #​3226.

Fundamentals

8.9.0

8.9.0

Bug Fixes

New Features

Fundamentals

8.8.0

8.8.0

New Features

  • Adds the ability for the metadata refresh to be done as a blocking call, as per 8.0.1 behavior. This is done through the Switch.Microsoft.IdentityModel.UpdateConfigAsBlocking switch. If set, configuration calls will be blocking when metadata is updated, otherwise, if token arrive with a new signing keys, validation errors will be returned to the caller. See PR #​3193 for details.
  • Identity.Model updates some log and error messages (IDX10214, IDX10215). If the information is needed for debugging purposes, it can be reverted via the Switch.Microsoft.IdentityModel.DoNotScrubExceptions AppContextSwitch. See PR #​3195 and https://aka.ms/identitymodel/app-context-switches for details.
  • Change all plain object locks to System.Thread.Lock objects for .NET 9 or greater. See PRs #​3185 and #​3189 for details.

8.7.0

Bug Fixes

  • Add back internal methods IsRecoverableException and IsRecoverableExceptionType whose signatures were changed in the previous version. See #​3181.

New Features

  • Make Cnf class public and move it to Microsoft.IdentityModel.Tokens package. See #​3165.

What's Changed

New Contributors

Full Changelog: AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet@8.6.1...8.7.0

8.6.1

8.6.1

Bug fix

  • Microsoft.IdentityModel now triggers a configuration refresh if token decryption fails. See issue #​3148 for details.
  • Fix a bug in JsonWebTokenHandler where JwtTokenDecryptionParameters's Alg and Enc were not set during token decryption, causing IDX10611 and IDX10619 errors to show null values in the messages. See issue #​3003 for details.

Fundamentals

  • For development, IdentityModel now has a global.json file to specify the .NET SDK version. See issue #​2995 for details.

What's Changed

New Contributors

Full Changelog: AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet@8.6.0...8.6.1

8.6.0

8.6.0

New Features

  • TokenValidationParameters has a new boolean property TryAllDecryptionKeys that let you choose whether to try all decrypt keys when no key matches the token decrypt key IDs. By default it's set to true (legacy behavior) but you can set it to false to avoid tyring all keys which is more performant. See #​3128
  • Promote KeyInfo.MatchesKey from internal to protected internal virtual to enable SAML extensibility (for CoreWcf). See #​3140

Fundamentals

  • Update dependency on Microsoft.Extensions.Logging.Abstractions from 9.0.0 to 8.0.2 to avoid package downgrade in apps on .NET 9 using a netstandard2.0 library referencing logging.abstractions. See 3143
  • Add more tests for encrypted tokens. See #​3139

What's Changed

Full Changelog: AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet@8.5.0...8.6.0

8.5.0

8.5.0

Reverting previous breaking change

  • The Configuration Manager has been reverted to version 8.3.1. The changes made in 8.4.0 assume the configuration manager is used as a singleton, which is similar to marking the type as disposable. We have since learned that adding IDisposable is a breaking change, so we are following semver guidance and reverting and releasing a minor version (8.5.0).
  • Cherry-picked Changes: Included changes from PR #​3022 and #​3104.

What's Changed

Full Changelog: AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet@8.4.0...8.5.0

8.4.0

8.4.0

New Features

  • App context switch allows blocking or non-blocking calls for configuration. See PR #​3106 for details and issue #​3082 for details. If you are not using the ConfigurationManager as a singleton and not using the blocking option, you may need to call ShutdownBackgroundTask() to stop the background task to avoid leaking Tasks.
  • IdentityModel now enables symmetric and asymmetric keys to be created publicly with JWK. See #​3094 for details.
  • IdentityModel now allows specifying the HTTP protocol version and version policy. See #​2808 for details.

Repair items

  • Add request count and duration telemetry for configuration requests. See #​3022 for details.
  • KeyID should be present in exception messages and is no longer PII. See #​3104 for details.

Fundamentals

  • Fix spelling issues in xml comments. See #​3117 for details.
  • Fix comment coverage in PR builds. See #​3079 for details.

Work related to redesign of IdentityModel's token validation logic #​2711

8.3.1

8.3.1

Bug Fixes

  • Respect TVP.RequireAudience when set to false. See #​3055
  • For net4.6.2 select RSACng for PSS support. See #​3097
  • Fix package downgrade in consuming libraries. See#​3062
  • Fix integer overflow in AuthenticationEncryptionProvider.cs. See #​3063

Fundamentals

  • Removed unused property on JsonWebToken ClaimsIdentity. See #​3071 for details.
  • Upgrade to C# 13. See #​2998
  • Use new Base64Url API. See #​22817
  • Add warning quality check. See #​3067
  • Update dotnet actions. see #​3074
  • Fix warnings. See #​3081
  • Test updates in JsonWebToken. See #​3080.

Work related to redesign of IdentityModel's token validation logic #​2711

What's Changed

New Contributors

... (truncated)

Commits viewable in compare view.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump csharpier and 2 others
b605dfa 
Bumps csharpier from 0.30.3 to 1.1.1
Bumps Microsoft.NET.ILLink.Tasks from 9.0.7 to 9.0.8
Bumps System.IdentityModel.Tokens.Jwt from 8.3.0 to 8.13.0

---
updated-dependencies:
- dependency-name: csharpier
  dependency-version: 1.1.1
  dependency-type: direct:production
  update-type: version-update:semver-major
- dependency-name: Microsoft.NET.ILLink.Tasks
  dependency-version: 9.0.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: System.IdentityModel.Tokens.Jwt
  dependency-version: 8.13.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added .NET Pull requests that update .net code dependencies Pull requests that update a dependency file labels Aug 6, 2025
@sonarqubecloud SonarQubeCloud
Copy link

sonarqubecloud bot commented Aug 6, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file .NET Pull requests that update .net code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants