Update all non-major dependencies

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence
AWSSDK.Extensions.NETCore.Setup	4.0.4.1 → 4.0.4.8
AWSSDK.S3	4.0.23.4 → 4.0.24.5
AWSSDK.SecurityToken	4.0.6.7 → 4.0.7.5
Aspire.AppHost.Sdk	13.3.5 → 13.4.3
Aspire.Hosting.RabbitMQ	13.3.5 → 13.4.3
Aspire.Hosting.SqlServer	13.3.5 → 13.4.3
CommunityToolkit.Aspire.Hosting.SqlDatabaseProjects	13.3.0 → 13.4.0
MessagePack	3.1.6 → 3.1.7
Microsoft.AspNetCore.Components.Web (source)	10.0.8 → 10.0.9
Microsoft.AspNetCore.DataProtection.EntityFrameworkCore (source)	10.0.8 → 10.0.9
Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore (source)	10.0.8 → 10.0.9
Microsoft.AspNetCore.Identity.EntityFrameworkCore (source)	10.0.8 → 10.0.9
Microsoft.AspNetCore.SignalR.Client (source)	10.0.8 → 10.0.9
Microsoft.EntityFrameworkCore (source)	10.0.8 → 10.0.9
Microsoft.EntityFrameworkCore.Design (source)	10.0.8 → 10.0.9
Microsoft.EntityFrameworkCore.InMemory (source)	10.0.8 → 10.0.9
Microsoft.EntityFrameworkCore.Relational (source)	10.0.8 → 10.0.9
Microsoft.EntityFrameworkCore.SqlServer (source)	10.0.8 → 10.0.9
Microsoft.EntityFrameworkCore.Tools (source)	10.0.8 → 10.0.9
Microsoft.Extensions.DependencyInjection (source)	10.0.8 → 10.0.9
Microsoft.Extensions.Hosting (source)	10.0.8 → 10.0.9
Microsoft.Extensions.Hosting.Abstractions (source)	10.0.8 → 10.0.9
Microsoft.Extensions.Http.Polly (source)	10.0.8 → 10.0.9
Microsoft.Extensions.Http.Resilience (source)	10.6.0 → 10.7.0
Microsoft.Extensions.Identity.Core (source)	10.0.8 → 10.0.9
Microsoft.Extensions.Localization.Abstractions (source)	10.0.8 → 10.0.9
Microsoft.Extensions.ServiceDiscovery (source)	10.6.0 → 10.7.0
Microsoft.NET.Test.Sdk	18.5.1 → 18.6.0
MudBlazor (source)	9.4.0 → 9.5.0
OpenTelemetry.Exporter.OpenTelemetryProtocol (source)	1.15.3 → 1.16.0
OpenTelemetry.Extensions.Hosting (source)	1.15.3 → 1.16.0
Sentry (source)	6.5.0 → 6.6.0
Sentry.AspNetCore (source)	6.5.0 → 6.6.0
Sentry.EntityFramework (source)	6.5.0 → 6.6.0
aspire.cli	13.4.2 → 13.4.4
dotnet-ef (source)	10.0.8 → 10.0.9

---

Release Notes

aws/aws-sdk-net (AWSSDK.S3)

v4.0.24

microsoft/aspire (Aspire.AppHost.Sdk)

v13.4.3: Aspire 13.4.3

What's New in Aspire 13.4.3

Patch release for Aspire 13.4 with a fix for persistent container endpoint allocation regressions introduced in 13.4.

🐛 Fixes

• 🔌 Persistent container endpoints had incorrect default behavior — Persistent containers were defaulting to proxyless endpoint behavior instead of the proxied behavior used by normal containers. This caused integrations that depend on endpoint allocation before resource startup (such as the KeyVault emulator) to fail. Persistent containers now default to proxied endpoints matching normal container behavior; opt out with isProxied: false or WithEndpointProxySupport(false). Proxyless container endpoints with only a targetPort specified now also resolve immediately to that port instead of waiting for delayed allocation. (#​17960, @danegsta)

🏷️ Housekeeping

• 🛠️ Unblocked WinGet manifest publishing on locked-down 1ES agents and updated manifest tags (#​17958)

---

Full Changelog: microsoft/aspire@v13.4.2...v13.4.3

Full commit: 4f218933552e18ff2874d1b6d5dc3fe671e3b6d9

Generated by Generate release notes for a new stable Aspire release · ● 4.7M

v13.4.2: Aspire 13.4.2

What's New in Aspire 13.4.2

Patch release for Aspire 13.4 with a fix for Redis persistent container deadlock on startup when using TLS.

🐛 Fixes

• 🔴 Redis with WithLifetime(ContainerLifetime.Persistent) could deadlock on startup — Redis TLS startup arguments used the public/allocated host ports instead of the internal target ports. When the public port differed from the target port (or was not yet allocated) the container would listen on an unexpected port and become unreachable. The TLS and non-TLS startup arguments now bind to target ports, matching what Redis expects internally. Fixes #​17822. (#​17827, backported via #​17850, @danegsta)

🏷️ Housekeeping

• 🚀 Bumped branding to 13.4.2 (#​17876)

---

Full Changelog: microsoft/aspire@v13.4.1...v13.4.2

Full commit: d7d0b6759ce4b936c76bc4775814d27db560dd6d

Generated by Generate release notes for a new stable Aspire release · ● 5M

v13.4.1: Aspire 13.4.1

What's New in Aspire 13.4.1

Patch release for Aspire 13.4 with fixes for explicit-start resource lifecycle callbacks, Redis persistent container startup, proxyless endpoint allocation, and a duplicated profiles block in the empty C# AppHost template.

🐛 Fixes

• ⏱️ Explicit-start resources triggered lifecycle callbacks too early — Session-scoped resources marked with WithExplicitStart() were having their execution configuration callbacks (environment variables, arguments, certificates) evaluated at AppHost startup instead of at manual start. This meant user-interaction callbacks such as WithEnvironment(ctx => PromptForValueAsync(...)) were called before the user triggered the resource. DCP registration is now deferred until the user manually starts the resource; persistent explicit-start resources still register immediately but patch the existing DCP record to Start = true rather than deleting and recreating it. Fixes #​17813. (#​17825, backported via #​17826, @danegsta)
• 🔴 Redis with WithLifetime(ContainerLifetime.Persistent) could deadlock on startup — Redis TLS startup arguments used the public/allocated host ports instead of the internal target ports. When the public port differed from the target port (or was not yet allocated) the container would listen on an unexpected port and become unreachable. The TLS and non-TLS startup arguments now bind to target ports, matching what Redis expects internally. Fixes #​17822. (#​17827, backported via #​17850, @danegsta)
• 🔌 Proxyless container endpoint could hang when resolved before container creation — Referencing a proxyless container endpoint in an environment variable callback (before the container port spec was finalized) could deadlock. An on-demand allocation path now commits the target port as the fallback host port in that case; once BuildContainerPorts runs, normal DCP dynamic port assignment takes over for any later resolution. (#​17851, backported via #​17859, @danegsta)
• 📄 Empty C# AppHost template emitted duplicate profiles block — aspire new aspire-empty on 13.4 produced an aspire.config.json with a profiles block that duplicated the content already present in apphost.run.json, causing redundant launch configuration. The embedded template now contains only the required appHost.path binding; profile configuration lives exclusively in apphost.run.json. Fixes #​17660. (#​17781, backported via #​17820, @mitchdenny)

🏷️ Housekeeping

• 📦 Added Aspire CLI npm package to the release pipeline so the npm distribution is published as part of stable releases. (#​17297, backported via #​17766, @adamint)
• 🚀 Bumped branding to 13.4.1 (#​17819)

---

Full Changelog: microsoft/aspire@v13.4.0...v13.4.1

Full commit: cf985fa817dd5863e7f62eb74fa1725ab5069ed2

Generated by Generate release notes for a new stable Aspire release · ● 1.0.40

Generated by Generate release notes for a new stable Aspire release · ● 3.9M

v13.4.0: Aspire 13.4.0

Aspire 13.4.0

Aspire 13.4 brings major improvements to Foundry hosted agents, the Aspire skills system, CLI reliability, and TypeScript AppHost stability — with cross-compute-environment deployment now working end-to-end and TypeScript AppHost support — Aspire's polyglot story — reaching general availability (GA).

Highlights

• 🎉 TypeScript AppHost is now GA — First introduced as a preview in an earlier version of Aspire, the TypeScript AppHost — Aspire's polyglot story — has reached the quality bar for general availability and is now officially supported for production use alongside C#. As part of GA, the experimental markers on the Azure TypeScript AppHost (ATS) APIs have been removed and the ATS surface area is stable for 13.4.
• 🤖 Foundry hosted agents — Protocol selection (responses / invocations) is now configurable from both C# and TypeScript AppHosts. Cross-compute-environment deployments (e.g., a Foundry hosted agent + an AKS consumer) now wire up correctly: endpoint resolution and the required Azure AI User RBAC role assignment on the Foundry account are generated automatically — no manual az role assignment create steps needed.
• 🛠️ Aspire skills catalog from bundle — aspire agent init now drives its installable skill catalog from the bundle manifest, surfacing all six bundled skills (previously only three were visible). An embedded snapshot means the full catalog is available even in airgapped / disconnected environments.
• 🔧 CLI reliability — Multiple CLI fixes: implicit-channel discovery restored, aspire stop no longer falsely reports failure on Unix, aspire ps no longer includes raw resource data (use aspire describe for detailed state), aspire new prefers the current CLI template version, friendly error for aspire do --list-steps without a step argument, and improved --search option description with documentation link.
• ⌨️ TypeScript AppHost — Fixed a deadlock that occurred when lazy options callbacks invoked async methods; dev-localhost resource service URLs are now accepted for local development without extra configuration.
• 📊 Dashboard — Summary log formatting improved for readability, dotnet watch dashboard auto-launch signal restored, and dynamic-port handling fixed for DistributedApplicationTestingBuilder.
• ☸️ Kubernetes — The Helm CLI minimum version (≥ 4.2.0) is now validated before a Kubernetes deploy, giving a clear error instead of a cryptic failure.
• ⚠️ Aspire.Hosting.Blazor ships as preview in 13.4 — A packaging issue with the Blazor gateway scripts means the package is intentionally marked preview for this release. Full stable support is targeted for 13.5.

⚠️ Notable changes

• aspire ps no longer includes raw resource data in its output. Use aspire describe <resource> to inspect detailed resource state.
• Foundry hosted agent builder API shape updated — see #​17545 and #​17669 for the updated C# and TypeScript signatures.
• Aspire.Hosting.Blazor is preview-versioned in 13.4 (SuppressFinalPackageVersion=true). A fix for the addBlazorGateway gateway script resolution error in TypeScript AppHosts is tracked in #​17685.

📖 Learn more

For the full details on everything in this release, check out the What's new in Aspire 13.4 documentation.

Thank you to all the community contributors who helped make Aspire 13.4 possible! 💜

---

Full Changelog: microsoft/aspire@v13.3.5...v13.4.0

Full commit: becb48e2d61099e35ae336d527d3875e928d6594

Generated by Generate release notes for a new stable Aspire release · ● 6.5M

CommunityToolkit/Aspire (CommunityToolkit.Aspire.Hosting.SqlDatabaseProjects)

v13.4.0

This release aligns CommunityToolkit/Aspire with Aspire 13.4.0 and delivers new integrations, TypeScript AppHost improvements, CI reliability work, and broad package updates.

We’re especially excited to ship this alongside Aspire 13.4, where TypeScript AppHost is now GA, resource commands gained typed arguments/process commands, and Kubernetes/AKS support continued to expand:
https://devblogs.microsoft.com/aspire/whats-new-aspire-13-4/

🔥 Highlights in this release

New integrations and capabilities

• Added DuckDB Aspire integration (hosting + client) (#​1245)
• Added bacon hosting integration (#​1302)
• Added Aspire integration analyzer (#​1370)
• Added Bun package manager support for JavaScript hosting extensions (#​1243)
• Added TypeScript AppHost skill and Ollama test (#​1378)
• Added Aspire upgrade skill support (#​1358)

Reliability, fixes, and developer experience

• Swapped deprecated flagd package (#​1272)
• Fixed NuGet restore loop with CPM for SqlDatabaseProjects (#​1291)
• Aligned Sqlite enrich behavior (#​1282)
• Used DatabaseName for Keycloak Postgres JDBC URL (#​1328)
• Fixed waitfor behavior between script and runspace (#​1352)
• Simplified Aspire name resolution (#​1382)
• Improved affected test selection for TypeScript AppHost files (#​1379)
• Added transient Docker startup failure auto-rerun in CI (#​1360)
• Handled already-running job rerun 403s in transient auto-rerun workflow (#​1374)
• Improved PR test execution efficiency (#​1355)

Versioning and dependency updates

• Updated to Aspire 13.4.0 / preview train updates (#​1359, #​1377)
• Updated workflows and tooling, including actions/setup-dotnet v5 and actions/github-script v9 (#​1363, #​1279)
• Updated key dependencies including coverlet.collector, Microsoft.EntityFrameworkCore.Design, Microsoft.Extensions.AI, DuckDB, and npm/yarn grouped updates (#​1306, #​1331, #​1368, #​1369, #​1365, #​1373)

Deprecations and obsoletions

• Deprecated CommunityToolkit Bun hosting integration in favor of core Aspire.Hosting.JavaScript (#​1376)
• Marked Golang hosting package as obsolete (#​1323)

🙌 New contributors

• @​almostchristian (#​1291)
• @​DavidGarton8 (#​1282)
• @​ekomsctr (#​1328)
• @​lqdev (#​1245)
• @​sliekens (#​1382)

Full Changelog: CommunityToolkit/Aspire@v13.3.0...v13.4.0 (or see below)

What's Changed

• Swap deprecated flagd package by @​askpt in #​1272
• [Automated] Update API Surface Area by @​github-actions[bot] in #​1160
• Bump actions/github-script from 8.0.0 to 9.0.0 by @​dependabot[bot] in #​1279
• Bump coverlet.collector from 6.0.4 to 10.0.0 by @​dependabot[bot] in #​1306
• Adding devcontainer-lock.json for more immutability by @​aaronpowell in #​1324
• Bumping to work on patch release by @​aaronpowell in #​1325
• Perl Hosting Integration - Unique Resource Installer Names by @​Omnideth in #​1286
• Fix NuGet restore loop with CPM for SqlDatabaseProjects by @​almostchristian in #​1291
• Add support for Bun package manager in JavaScript hosting extensions by @​foxminchan in #​1243
• Align Sqlite enrich behavior by @​DavidGarton8 in #​1282
• Bump danielpalme/ReportGenerator-GitHub-Action from 5.5.9 to 5.5.10 by @​dependabot[bot] in #​1316
• Bump GitHubActionsTestLogger from 3.0.0 to 3.0.4 by @​dependabot[bot] in #​1319
• Bump coverlet.collector from 10.0.0 to 10.0.1 by @​dependabot[bot] in #​1331
• Bump MartinCostello.Logging.XUnit.v3 from 0.6.0 to 0.7.1 by @​dependabot[bot] in #​1334
• Update sample to use latest SDK by @​ErikEJ in #​1335
• Updating agentic workflows to latest release by @​aaronpowell in #​1339
• Use DatabaseName for Keycloak Postgres JDBC URL by @​ekomsctr in #​1328
• Analyzing and improving PR test execution efficiency by @​Copilot in #​1355
• feat: Add DuckDB Aspire integration (hosting + client) by @​lqdev in #​1245
• feat: add bacon hosting integration by @​Odonno in #​1302
• address #​1351 - waitfor between script and runspace not respected by @​oising in #​1352
• skill to upgrade aspire by @​aaronpowell in #​1358
• Auto-rerun transient Docker startup failures in .NET CI by @​aaronpowell in #​1360
• Update Aspire version to 13.4.0-preview.1.26275.2 by @​github-actions[bot] in #​1359
• Bump actions/setup-dotnet from 4 to 5 by @​dependabot[bot] in #​1363
• Bump DuckDB.NET.Data.Full from 1.5.0 to 1.5.3 by @​dependabot[bot] in #​1365
• Bump Microsoft.EntityFrameworkCore.Design from 10.0.2 to 10.0.8 by @​dependabot[bot] in #​1368
• Bump Microsoft.Extensions.AI from 10.0.0 to 10.6.0 by @​dependabot[bot] in #​1369
• Bump the npm_and_yarn group across 3 directories with 14 updates by @​dependabot[bot] in #​1373
• Add Aspire integration analyzer by @​sebastienros in #​1370
• Handle already-running job rerun 403s in transient auto-rerun workflow by @​Copilot in #​1374
• Mark Golang hosting package as obsolete by @​DavidGarton8 in #​1323
• Improve affected test selection for TypeScript AppHost files by @​aaronpowell in #​1379
• Add TypeScript AppHost skill and Ollama test by @​aaronpowell in #​1378
• Deprecate CommunityToolkit Bun hosting integration in favor of core Aspire.Hosting.JavaScript by @​Copilot in #​1376
• Simplified Aspire name resolution by @​sliekens in #​1382
• Use Aspire 13.4.0 for TypeScript AppHosts by @​sebastienros in #​1377
• [Automated] Update API Surface Area by @​github-actions[bot] in #​1350

New Contributors

• @​almostchristian made their first contribution in #​1291
• @​DavidGarton8 made their first contribution in #​1282
• @​ekomsctr made their first contribution in #​1328
• @​lqdev made their first contribution in #​1245
• @​sliekens made their first contribution in #​1382

Full Changelog: CommunityToolkit/Aspire@v13.3.0...v13.4.0

MessagePack-CSharp/MessagePack-CSharp (MessagePack)

v3.1.7

What's Changed

• Add scoped to MessagePackWriter.Write(ReadOnlySpan<T>) methods by @​AArnott in #​2271
• Fix security issues in master by @​AArnott in #​2274

Security release details

This release fixes 3 high severity and 9 moderate severity security vulnerabilities.

High severity advisory fixes

• 26d4e74 GHSA-382j-8mxh-c7x2 Reject invalid DateTime ext lengths for CWE-789
• b9cb605 GHSA-vh6j-jc39-fggf Use iteration for skipping msgpack structures for CWE-674
• 719e690 GHSA-hv8m-jj95-wg3x Bound LZ4 input reads for CWE-125

Moderage severity advisory fixes

• 2b5a500 GHSA-v72x-2h86-7f8m Guard LZ4 decompression length for CWE-409
• f093bdc GHSA-qhmf-xw27-6rqr Reject nested typeless blocklist bypass for CWE-502
• f077798 GHSA-2f33-pr97-265q Default MVC input formatter to UntrustedData for CWE-1188
• 25a3493 GHSA-2x83-8g95-xh59 Limit untrusted ExpandoObject maps for CWE-407
• b414e6d GHSA-wfr3-xj75-pfwh Guard dynamic union depth for CWE-674
• 0555f07 GHSA-w567-gjr2-hm5j Validate Unity blit lengths for CWE-789
• 9b5783a GHSA-cxmj-83gh-fp49 Fix CWE-789 multidimensional array allocation validation
• f96fcf0 GHSA-q2h6-ghwm-5qm8 Use secure lookup comparer for CWE-407
• b3af7cf GHSA-cj9g-3mj2-g8vv Guard JSON conversion depth for CWE-674
• 66ad089 GHSA-cj9g-3mj2-g8vv Avoid JSON separator recursion for CWE-674
• 082ba7d GHSA-cj9g-3mj2-g8vv Guard typeless JSON depth for CWE-674

Fixes with no security advisory

• fb0fe9f Honor TypeFormatter options hooks for CWE-470
• c1c06a6 Fix WriteRawX methods to advance by written length
• 46c6a0f Fix CWE-190 map header length overflow

Full Changelog: MessagePack-CSharp/MessagePack-CSharp@v3.1.6...v3.1.7

dotnet/dotnet (Microsoft.AspNetCore.Components.Web)

v10.0.9

dotnet/extensions (Microsoft.Extensions.Http.Resilience)

v10.7.0

v10.7.0 graduates the Microsoft.Extensions.Diagnostics.ResourceMonitoring.Kubernetes package to stable. The package registers a Kubernetes-aware ResourceQuotaProvider that reads the pod's CPU and memory requests and limits and exposes them to Microsoft.Extensions.Diagnostics.ResourceMonitoring as baseline and maximum quotas, which then feed the request and limit dimensions of the published resource utilization metrics. The companion ResourceQuota and ResourceQuotaProvider types in Microsoft.Extensions.Diagnostics.ResourceMonitoring graduate to stable in the same change so that consumers can implement custom quota providers without taking an experimental dependency.

On the AI side, Microsoft.Extensions.AI.OpenAI moves to OpenAI 2.11.0 and fixes a deserialization bug in ToolJson.AdditionalProperties so that JSON Schema additionalProperties values shaped as sub-schema objects (for example {"type":"string"}) are preserved instead of throwing during deserialization. HostedFileContent.SizeInBytes and HostedFileContent.CreatedAt graduate to stable since both values are consistently available across hosted-file providers, while Purpose and Scope remain experimental as provider-shaped vocabulary. FunctionInvokingChatClient drops a backward-compat path that auto-marked ToolApprovalResponseContent entries with InformationalOnly: true; consumers that need to continue accepting sessions serialized before #​7468 can use the sample ApprovalHistoryNormalizingChatClient middleware added in the test project.

Experimental API Changes

Now Stable

• Microsoft.Extensions.Diagnostics.ResourceMonitoring.Kubernetes package is now stable #​7253
• Resource Monitoring ResourceQuota and ResourceQuotaProvider APIs are now stable (previously EXTEXP0008) #​7253
• HostedFileContent.SizeInBytes and HostedFileContent.CreatedAt are now stable (previously MEAI001) #​7513

What's Changed

AI

• Graduate HostedFileContent.SizeInBytes and HostedFileContent.CreatedAt #​7513 by @​jozkee (co-authored by @​Copilot)
• Remove backward-compat InformationalOnly case from FICC; suggest middleware workaround #​7538 by @​jozkee (co-authored by @​Copilot)
• Upgrade OpenAI package from 2.10.0 to 2.11.0 #​7544 by @​jozkee (co-authored by @​Copilot)
• Fix ToolJson.AdditionalProperties to accept sub-schema objects #​7546 by @​jozkee (co-authored by @​Copilot)

Diagnostics, Health Checks, and Resource Monitoring

• Move Microsoft.Extensions.Diagnostics.ResourceMonitoring.Kubernetes to stable #​7253 by @​amadeuszl (co-authored by @​Copilot)

Repository Infrastructure Updates

• [main] Update dependencies from dotnet/arcade #​7521
• Bump dotnet-reportgenerator-globaltool from 5.5.9 to 5.5.10 #​7522
• Bump dotnet-coverage from 18.6.2 to 18.7.0 #​7530
• Bump PowerShell from 7.6.1 to 7.6.2 #​7531
• Bump qs from 6.15.1 to 6.15.2 in /src/Libraries/Microsoft.Extensions.AI.Evaluation.Reporting/TypeScript #​7532
• [main] Update dependencies from dotnet/arcade #​7534
• Bump tmp from 0.2.5 to 0.2.6 in /src/Libraries/Microsoft.Extensions.AI.Evaluation.Reporting/TypeScript #​7537

Acknowledgements

• @​ericstj submitted issue #​7509 (resolved by #​7544)
• @​scottt732 submitted issue #​7540 (resolved by #​7546)
• @​DeagleGross @​wtgodbe @​dariusclay @​evgenyfedorov2 @​peterwald @​PranavSenthilnathan @​shyamnamboodiripad @​stephentoub @​tarekgh reviewed pull requests

Full Changelog: dotnet/extensions@v10.6.0...v10.7.0

microsoft/vstest (Microsoft.NET.Test.Sdk)

v18.6.0

What's Changed

• Revert removal of Video Recorder by @​nohwnd in #​15336
• Speed up blame by filtering non-.NET processes from dump collection by @​nohwnd in #​15518
• Add README.md to NuGet packages by @​nohwnd in #​15550
• Report child process info on connection timeout by @​nohwnd in #​15603

Changes to tests and infra

• Brand as 18.6 by @​nohwnd in #​15423
• Upgrading code coverage version to 18.5.1, by @​fhnaseer in #​15422
• Updating System.Collections.Immutable to 9.0.11 by @​MSLukeWest in #​15425
• Fix attachVS when used for debugging integration tests by @​nohwnd in #​15451
• Replace dotnet.config, with global.json by @​nohwnd in #​15449
• Document debugging integration tests with AttachVS by @​Copilot in #​15452
• Fix stack overflow tests by @​nohwnd in #​15461
• Make TestAssets.sln buildable locally by @​Youssef1313 in #​15466
• Try filtering out tests by @​nohwnd in #​15463
• Build just once when tfms run in parallel by @​nohwnd in #​15465
• Review simplify compatibility sources, deduplicate tests by @​nohwnd in #​15472
• Cleanup dead TRX code by @​Youssef1313 in #​15474
• Update .NET runtimes to 8.0.25, 9.0.14, and 10.0.4 by @​nohwnd in #​15481
• Compat matrix checker by @​nohwnd in #​15480
• Add trx analysis skill by @​nohwnd in #​15486
• Split integration tests to single tfm and multi tfm project by @​nohwnd in #​15484
• Update matrix by @​nohwnd in #​15477
• Break infinite restore loop in VS by @​nohwnd in #​15503
• Use global package cache for build, and local for running integration tests by @​nohwnd in #​15500
• Update contributing by @​nohwnd in #​15505
• Reduce test wall-clock time by increasing minThreads by @​drognanar in #​15502
• Indicator flakiness by @​nohwnd in #​15513
• Fix ci build by @​nohwnd in #​15515
• Fix thread safety issues by @​Evangelink in #​15512
• Optimize DotnetSDKSimulation_PostProcessing test (163s → 61s) by @​nohwnd in #​15516
• Build isolated test assets for single TFM instead of 7 by @​nohwnd in #​15517
• Remove unused dependencies from Library.IntegrationTests by @​nohwnd in #​15527
• Remove printing _attachments content to console by @​nohwnd in #​15520
• Add Linux/macOS test filtering guide to CONTRIBUTING.md by @​nohwnd in #​15521
• Change integration test parallelization from ClassLevel to MethodLevel by @​nohwnd in #​15526
• Unify target framework checks with IsNetFrameworkTarget/IsNetTarget by @​nohwnd in #​15523
• Add unattended work instructions to copilot-instructions.md by @​nohwnd

✂ Note

PR body was truncated to here.

---

Configuration

📅 Schedule: (in timezone Europe/London)

• Branch creation
  • "after 9am every weekday,before 5pm every weekday"
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.