Merge branch 'main' into browser_all

Author: pavelsavara

.config/CredScanSuppressions.json

@@ -7,19 +7,12 @@
                 "src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/DSA/DSAKeyPemTests.cs",
                 "src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/EC/ECKeyPemTests.cs",
                 "src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/RSAKeyPemTests.cs",
-                "src/libraries/Common/tests/System/Security/Cryptography/X509Certificates/TestData.cs",
-                "src/tests/FunctionalTests/Android/Device_Emulator/gRPC/grpc-dotnet/testassets/Certs/InteropTests/server1.key"
+                "src/libraries/Common/tests/System/Security/Cryptography/X509Certificates/TestData.cs"
             ],
             "placeholder": [
                 "-----BEGIN PRIVATE KEY-----",
                 "-----BEGIN * PRIVATE KEY-----"
             ]
-        },
-        {
-            "_justification": "Suppression approved. Private key for testing purpose.",
-            "file": [
-                "src/tests/FunctionalTests/Android/Device_Emulator/gRPC/grpc-dotnet/testassets/Certs/InteropTests/server1.pfx"
-            ]
         }
     ]
 }

.github/workflows/breaking-change-doc.yml

@@ -0,0 +1,73 @@
+# This workflow generates breaking change documentation for merged pull requests.
+# It runs automatically when a PR with the 'needs-breaking-change-doc-created' label is merged,
+# or when that label is added to an already merged PR.
+# It can be manually triggered to generate documentation for any specific PR.
+# 
+# The workflow uses GitHub Models AI to analyze the PR changes and create appropriate
+# breaking change documentation that gets posted as a PR comment as a clickable link
+# to open an issue in the dotnet/docs repository.
+name: Breaking Change Documentation
+
+on:
+  pull_request_target:
+    types: [closed, labeled]
+  workflow_dispatch:
+    inputs:
+      pr_number:
+        description: "Pull Request Number"
+        required: true
+        type: number
+
+permissions:
+  contents: read
+  pull-requests: write
+  models: read
+
+jobs:
+  generate-breaking-change-doc:
+    if: |
+      github.repository_owner == 'dotnet' && (
+        (github.event_name == 'pull_request_target' && github.event.action == 'closed' && github.event.pull_request.merged == true && contains(github.event.pull_request.labels.*.name, 'needs-breaking-change-doc-created')) ||
+        (github.event_name == 'pull_request_target' && github.event.action == 'labeled' && github.event.pull_request.merged == true && github.event.label.name == 'needs-breaking-change-doc-created') ||
+        github.event_name == 'workflow_dispatch'
+      )
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+      with:
+        fetch-depth: 0  # Need full history for version detection
+
+    - name: Verify PowerShell
+      run: |
+        pwsh --version
+
+    - name: Verify GitHub CLI
+      run: |
+        gh --version
+
+    - name: Install GitHub Models extension
+      run: |
+        gh extension install github/gh-models --force
+      env:
+        GH_TOKEN: ${{ github.token }}
+
+    - name: Fetch latest tags
+      run: |
+        git fetch --tags --force
+
+    - name: Run breaking change documentation script
+      shell: pwsh
+      working-directory: eng/breakingChanges
+      run: ./breaking-change-doc.ps1 -PrNumber ${{ inputs.pr_number || github.event.pull_request.number }} -Comment
+      env:
+        GH_TOKEN: ${{ github.token }}
+        GITHUB_MODELS_API_KEY: ${{ secrets.MODELS_TOKEN }}
+
+    - name: Upload artifacts
+      uses: actions/upload-artifact@v4
+      with:
+        name: breaking-change-doc-artifacts-${{ inputs.pr_number || github.event.pull_request.number }}
+        path: artifacts/docs/breakingChanges/
+        retention-days: 7

SECURITY.md

@@ -2,14 +2,17 @@
 
 ## Supported Versions
 
-The .NET Core and ASP.NET Core support policy, including supported versions can be found at the [.NET Core Support Policy Page](https://dotnet.microsoft.com/platform/support/policy/dotnet-core).
+The .NET, .NET Core and ASP.NET Core support policy, including supported versions can be found at the [.NET and .NET Core Support Policy Page](https://dotnet.microsoft.com/platform/support/policy/dotnet-core).
 
 ## Reporting a Vulnerability
 
+**Please do not open issues on GitHub for anything you think might have a security implication.**
+
 Security issues and bugs should be reported privately to the Microsoft Security Response Center (MSRC), via the [MSRC Researcher Portal](https://msrc.microsoft.com/report/vulnerability/new).
-You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your
-original message. Further information can be found in the [MSRC Report an Issue FAQ](https://www.microsoft.com/en-us/msrc/faqs-report-an-issue).
 
-Reports via MSRC may qualify for the .NET Core Bug Bounty. Details of the .NET Core Bug Bounty including terms and conditions are at [https://aka.ms/corebounty](https://aka.ms/corebounty).
+You should receive a response within 24 hours. If for some reason you do not, please follow up via the [MSRC Researcher Portal](https://msrc.microsoft.com/report/vulnerability/), using the Message functionality found at the bottom of the Activity tab on your vulnerability report.
+
+Further information can be found in the MSRC [Report an issue and submission guidelines](https://www.microsoft.com/en-us/msrc/faqs-report-an-issue).
+
+Reports via MSRC may qualify for the Microsoft .NET Bug Bounty. Details of the Microsoft .NET Bounty Program including terms and conditions are at [https://aka.ms/corebounty](https://aka.ms/corebounty).
 
-Please do not open issues for anything you think might have a security implication.