Skip to content

Codespace cuddly meme 5wvr59j67w93vxx5#2370

Open
Pjrich1313 wants to merge 64 commits into
git-ecosystem:copilot/add-postinstall-service-user-supportfrom
Pjrich1313:codespace-cuddly-meme-5wvr59j67w93vxx5
Open

Codespace cuddly meme 5wvr59j67w93vxx5#2370
Pjrich1313 wants to merge 64 commits into
git-ecosystem:copilot/add-postinstall-service-user-supportfrom
Pjrich1313:codespace-cuddly-meme-5wvr59j67w93vxx5

Conversation

@Pjrich1313

Copy link
Copy Markdown

No description provided.

dependabot Bot and others added 30 commits March 5, 2026 20:32
Bumps [actions/setup-dotnet](https://github.com/actions/setup-dotnet) from 5.1.0 to 5.2.0.
- [Release notes](https://github.com/actions/setup-dotnet/releases)
- [Commits](actions/setup-dotnet@v5.1.0...v5.2.0)

---
updated-dependencies:
- dependency-name: actions/setup-dotnet
  dependency-version: 5.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Its arch anyway, so to branch I added to interpret cachyos same as arch
linux.
When using a custom credential UI for either GitHub or GitLab the
commands are mixing up the optional URL and user name args. This is
because the positional args of the `ExecuteAsync` methods was not the
same as the `SetHandler`.

Swap the args to fix this.

Signed-off-by: Matthew John Cheetham <mjcheetham@outlook.com>
The multi-dictionary writer normalises value lists to honor reset
semantics (empty values clear prior entries). However, when only
one normalised value remains, it writes the first element from
the original list instead of the normalised list.

If the list contains an empty reset marker followed by a single
valid value, the output will incorrectly emit the pre-reset value
(or an empty string), violating the protocol and potentially
leaking stale data that should have been cleared.

Fix the issue and extend the unit tests to cover this shape.

Signed-off-by: Matthew John Cheetham <mjcheetham@outlook.com>
If the WWW-Authenticate header from GitHub is missing a domain or
enterprise hint we'd be hitting a null-reference exception when
calculating a hash code for the `GitHubAuthChallenge`. Fix this.

Signed-off-by: Matthew John Cheetham <mjcheetham@outlook.com>
Outside of GitHub.com we should not filter accounts. The
`FilterAccounts` method was detecting and logging this, but didn't
actually stop filtering!

Signed-off-by: Matthew John Cheetham <mjcheetham@outlook.com>
The network diagnostic failed to correctly await the test HTTP requests,
and also did not return and await a `Task` (to capture exceptions).

Signed-off-by: Matthew John Cheetham <mjcheetham@outlook.com>
Add the missing die function.

Signed-off-by: Matthew John Cheetham <mjcheetham@outlook.com>
Bumps [actions/github-script](https://github.com/actions/github-script) from 8 to 9.
- [Release notes](https://github.com/actions/github-script/releases)
- [Commits](actions/github-script@v8...v9)

---
updated-dependencies:
- dependency-name: actions/github-script
  dependency-version: '9'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
---
updated-dependencies:
- dependency-name: Tmds.DBus.Protocol
  dependency-version: 0.21.3
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps [actions/github-script](https://github.com/actions/github-script)
from 8 to 9.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/github-script/releases">actions/github-script's
releases</a>.</em></p>
<blockquote>
<h2>v9.0.0</h2>
<p><strong>New features:</strong></p>
<ul>
<li><strong><code>getOctokit</code> factory function</strong> —
Available directly in the script context. Create additional
authenticated Octokit clients with different tokens for multi-token
workflows, GitHub App tokens, and cross-org access. See <a
href="https://github.com/actions/github-script#creating-additional-clients-with-getoctokit">Creating
additional clients with <code>getOctokit</code></a> for details and
examples.</li>
<li><strong>Orchestration ID in user-agent</strong> — The
<code>ACTIONS_ORCHESTRATION_ID</code> environment variable is
automatically appended to the user-agent string for request
tracing.</li>
</ul>
<p><strong>Breaking changes:</strong></p>
<ul>
<li><strong><code>require('@actions/github')</code> no longer works in
scripts.</strong> The upgrade to <code>@actions/github</code> v9
(ESM-only) means <code>require('@actions/github')</code> will fail at
runtime. If you previously used patterns like <code>const { getOctokit }
= require('@actions/github')</code> to create secondary clients, use the
new injected <code>getOctokit</code> function instead — it's available
directly in the script context with no imports needed.</li>
<li><code>getOctokit</code> is now an injected function parameter.
Scripts that declare <code>const getOctokit = ...</code> or <code>let
getOctokit = ...</code> will get a <code>SyntaxError</code> because
JavaScript does not allow <code>const</code>/<code>let</code>
redeclaration of function parameters. Use the injected
<code>getOctokit</code> directly, or use <code>var getOctokit =
...</code> if you need to redeclare it.</li>
<li>If your script accesses other <code>@actions/github</code> internals
beyond the standard <code>github</code>/<code>octokit</code> client, you
may need to update those references for v9 compatibility.</li>
</ul>
<h2>What's Changed</h2>
<ul>
<li>Add ACTIONS_ORCHESTRATION_ID to user-agent string by <a
href="https://github.com/Copilot"><code>@​Copilot</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/695">actions/github-script#695</a></li>
<li>ci: use deployment: false for integration test environments by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/712">actions/github-script#712</a></li>
<li>feat!: add getOctokit to script context, upgrade
<code>@​actions/github</code> v9, <code>@​octokit/core</code> v7, and
related packages by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/700">actions/github-script#700</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/Copilot"><code>@​Copilot</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/github-script/pull/695">actions/github-script#695</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/github-script/compare/v8.0.0...v9.0.0">https://github.com/actions/github-script/compare/v8.0.0...v9.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/github-script/commit/3a2844b7e9c422d3c10d287c895573f7108da1b3"><code>3a2844b</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/github-script/issues/700">#700</a>
from actions/salmanmkc/expose-getoctokit + prepare re...</li>
<li><a
href="https://github.com/actions/github-script/commit/ca10bbdd1a7739de09e99a200c7a59f5d73a4079"><code>ca10bbd</code></a>
fix: use <code>@​octokit/core/</code>types import for v7
compatibility</li>
<li><a
href="https://github.com/actions/github-script/commit/86e48e20ac85c970ed1f96e718fd068173948b7b"><code>86e48e2</code></a>
merge: incorporate main branch changes</li>
<li><a
href="https://github.com/actions/github-script/commit/c1084728b5b935ec4ddc1e4cee877b01797b3ff9"><code>c108472</code></a>
chore: rebuild dist for v9 upgrade and getOctokit factory</li>
<li><a
href="https://github.com/actions/github-script/commit/afff112e4f8b57c718168af75b89ce00bc8d091d"><code>afff112</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/github-script/issues/712">#712</a>
from actions/salmanmkc/deployment-false + fix user-ag...</li>
<li><a
href="https://github.com/actions/github-script/commit/ff8117e5b78c415f814f39ad6998f424fee7b817"><code>ff8117e</code></a>
ci: fix user-agent test to handle orchestration ID</li>
<li><a
href="https://github.com/actions/github-script/commit/81c6b7876079abe10ff715951c9fc7b3e1ab389d"><code>81c6b78</code></a>
ci: use deployment: false to suppress deployment noise from integration
tests</li>
<li><a
href="https://github.com/actions/github-script/commit/3953caf8858d318f37b6cc53a9f5708859b5a7b7"><code>3953caf</code></a>
docs: update README examples from <a
href="https://github.com/v8"><code>@​v8</code></a> to <a
href="https://github.com/v9"><code>@​v9</code></a>, add getOctokit docs
and v9 brea...</li>
<li><a
href="https://github.com/actions/github-script/commit/c17d55b90dcdb3d554d0027a6c180a7adc2daf78"><code>c17d55b</code></a>
ci: add getOctokit integration test job</li>
<li><a
href="https://github.com/actions/github-script/commit/a047196d9a02fe92098771cafbb98c2f1814e408"><code>a047196</code></a>
test: add getOctokit integration tests via callAsyncFunction</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/github-script/compare/v8...v9">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/github-script&package-manager=github_actions&previous-version=8&new-version=9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>
…stem#2325)

Adds `prefers-color-scheme: dark` media queries to the HTML pages shown
after OAuth authentication so they respect the browser/system light/dark
mode preference.

- [x] Add dark-mode styles to default OAuth success/failure HTML pages
in `OAuth2SystemWebBrowser.cs`
- [x] Add dark-mode styles to GitHub success/failure HTML pages in
`GitHubResources.resx`
- [x] Add dark-mode styles to Bitbucket success/failure HTML pages in
`BitbucketResources.resx`
- [x] Add `<meta name="color-scheme" content="light dark">` so
browser-painted UI follows the theme
- [x] Build all affected projects — succeeded
- [x] Run existing tests for affected projects — all pass
- [x] Address PR review: override AUI's light `#f5f5f5` background on
`#footer` / `#footer-logo` in Bitbucket dark-mode pages
Use ImportFromPemFile on modern .NET to resolve the SYSLIB0057
deprecation warning, while keeping the original Import call on
.NET Framework where the new API is not available.

Signed-off-by: Matthew John Cheetham <mjcheetham@outlook.com>
When suppressStreams is true, Git's stderr is redirected to a pipe but
then we only read stdout before waiting for exit. If Git writes lots
to stderr (for example when tracing is enabled), the stderr pipe can
fill, causing the Git process to block and GCM to hang while checking
repository state.

Signed-off-by: Matthew John Cheetham <mjcheetham@outlook.com>
If SymbolOutput is not set then there's a bug whereby we try and trim
the end '/' and '\' characters on a null value. Guard against this.

Signed-off-by: Matthew John Cheetham <mjcheetham@outlook.com>
In the OAuth device-code flow, the in-proc UI path the calling logic
creates a `CancellationTokenSource` and later calls `Cancel()` on that
CTS to close the dialog once the token is obtained (or the user
cancels).

However, `ShowDeviceCodeViaUiAsync` disregards the provided cancellation
token and passes `CancellationToken.None` into `AvaloniaUi.ShowViewAsync`.

Pass the cancellation token correctly.

Signed-off-by: Matthew John Cheetham <mjcheetham@outlook.com>
The `Thread::ManagedTheadId` always starts with the entry thread as `1`
and not `0`.

https://github.com/dotnet/runtime/blob/790e8a525a0f76b8ad755c12e95b7f8770195d67/src/coreclr/nativeaot/System.Private.CoreLib/src/System/Threading/ManagedThreadId.cs#L181

Fix this in Trace2.

Signed-off-by: Matthew John Cheetham <mjcheetham@outlook.com>
BuildTimeSpan assumes an 11-character span and adjusts padding when the
formatted elapsed time overflows. For values with 5+ digits before the
decimal (>= 10000 seconds), the size difference exceeds the available
padding budget, driving BeginPadding below zero. This causes
`new string(' ', BeginPadding)` to throw an ArgumentOutOfRangeException.

Since Trace2FileWriter does not catch exceptions, this crashes the
credential helper when TRACE2 performance output is enabled.

Fix the overflow check from `==` to `>=` so that values exceeding the
full span (data + padding) zero out all padding rather than producing a
negative value.

Signed-off-by: Matthew John Cheetham <mjcheetham@outlook.com>
We had been incorrectly looking for the `sslAutoClientCert` Git config
option under the `credential` section, rather than `http`.

Note: this is a Git for Windows only option.

Signed-off-by: Matthew John Cheetham <mjcheetham@outlook.com>
ReleaseManagedResources iterates forward by index while removing
elements from the same list. Each removal shifts remaining elements
left, but the loop increments i, causing the next element to be
skipped. As a result, only about half of the writers are disposed and
removed, leaving file handles or buffers open.

Fix by iterating in reverse so that removals do not shift any unvisited
indices, and use RemoveAt(i) to avoid a redundant linear search.

Signed-off-by: Matthew John Cheetham <mjcheetham@outlook.com>
ProcessManager.CreateProcess sets RedirectStandardError=false for all
processes to avoid TRACE2 deadlocks. However, GetRemotes and
CreateGitException unconditionally read StandardError, which throws
InvalidOperationException when stderr is not redirected.

Fix GetRemotes by explicitly redirecting stderr before starting the
process, since it needs to check for 'not a git repository' errors.
Guard CreateGitException defensively, as it is called from various
contexts where stderr may or may not be redirected.

Signed-off-by: Matthew John Cheetham <mjcheetham@outlook.com>
In f1a1ae5 (environment: manually scan $PATH on POSIX systems,
2022-05-31) the `which`-based lookup was replaced with a manual PATH
scan that only checks FileExists, without verifying execute permissions.
Unlike `which`, this means a non-executable file earlier in PATH can
shadow a valid executable, causing process creation to fail when GCM
later tries to run the located path.

Add an IsExecutable check that verifies at least one execute bit is set
on POSIX systems, matching the behaviour of `which`. On Windows, any
existing file is considered executable. Guard the POSIX-specific
File.GetUnixFileMode call with #if !NETFRAMEWORK for net472
compatibility.

https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap08.html#tag_08_03

> PATH
> [..] The list shall be searched from beginning to end, applying the
> filename to each prefix, until an executable file with the specified
> name and appropriate execution permissions is found

Signed-off-by: Matthew John Cheetham <mjcheetham@outlook.com>
The powershell.exe invocation in the Installer.Windows.csproj Exec
task uses Unicode en dash characters (U+2013) instead of ASCII hyphens
for the -NonInteractive and -ExecutionPolicy parameters. Windows
PowerShell 5.1 does not recognise en dashes as parameter prefixes, so
these flags are not applied correctly, which can cause the layout step
to fail or run with an unexpected execution policy.

Replace the en dash characters with ASCII hyphens.

Signed-off-by: Matthew John Cheetham <mjcheetham@outlook.com>
A collection of small bug fixes found with the help of an AI agent
scanning the codebase. None of these are known to be actively exploited
or causing user-reported issues, but each is a latent defect that could
cause crashes, hangs, or incorrect behaviour under the right conditions.

## Fixes

**Credential UI** — `github/gitlab: use correct param order`
- Custom credential UI commands had swapped URL and username arguments.

**Stream extensions** — `streamextensions: fix a bug in multi-var reset
handling`
- Multi-dictionary writer emitted the wrong value when a reset marker
was followed by a single entry.

**GitHub auth** — `github: handle empty domain or enterprise hints`
- Null-reference exception when WWW-Authenticate header is missing
domain/enterprise hints.

**GitHub account filtering** — `github: do not filter accounts outside
of dotcom`
- Account filtering was applied outside of GitHub.com despite detecting
it shouldn't be.

**Network diagnostics** — `diagnose: fix network diag to await HTTP
requests`
- HTTP requests in the network diagnostic were not properly awaited.

**macOS notarize script** — `macos: add die function to notarize.sh
script`
- Missing `die` function.

**Git stderr handling** — `git: drain stderr on IsInsideRepository`
- Potential hang when Git writes enough to stderr to fill the pipe
buffer.

**Windows layout script** — `windows: fix layout.ps1 if symboloutput is
not set`
- Null-reference trimming `SymbolOutput` when the variable is unset.

**OAuth device code UI** — `oauth: pass cancellation token to in-proc
device code UI`
- Cancellation token was not forwarded, so dismissing the dialog didn't
work.

**TRACE2 thread ID** — `trace2: fix main thread identification`
- Main thread ID starts at 1, not 0.

**TRACE2 perf format** — `trace2: fix crash in perf format for large
elapsed times`
- `ArgumentOutOfRangeException` crash when elapsed time exceeds 9999
seconds.

**HTTP config** — `http: use correct http.sslAutoClientCert setting
name`
- Setting was read from the wrong Git config section.

**TRACE2 writer cleanup** — `trace2: fix incomplete disposal of writers
on cleanup`
- Forward iteration with removal skipped every other writer, leaking
file handles.

**Git stderr redirect** — `git: fix crash when reading stderr from
non-redirected processes`
- `InvalidOperationException` when `GetRemotes`/`CreateGitException`
read non-redirected stderr.

**Executable lookup** — `environment: check execute permission in
TryLocateExecutable`
- PATH scan didn't verify execute bits on POSIX, unlike the `which` it
replaced.

**Installer Exec command** — `windows: fix en-dash characters in
installer Exec command`
- Unicode en-dash characters instead of ASCII hyphens broke PowerShell
5.1 parameter parsing.
…it-ecosystem#2326)

Use `ImportFromPemFile` on modern .NET to resolve the `SYSLIB0057`
deprecation warning, while keeping the original `Import` call on .NET
Framework where the new API is not available.

We know this is always a PEM file since this is a Git defined option,
and it is passed to libcurl via `CURLINFO_CAINFO` which expects PEM
format.
becm and others added 21 commits May 22, 2026 20:19
look for matching helper value after last empty guard/reset entry
reload configuration and check for empty entry in last position
use last index for multiple existing path matches
skip addition of trailing guard value for "credential.helper"
Bumps [actions/setup-dotnet](https://github.com/actions/setup-dotnet) from 5.2.0 to 5.3.0.
- [Release notes](https://github.com/actions/setup-dotnet/releases)
- [Commits](actions/setup-dotnet@v5.2.0...v5.3.0)

---
updated-dependencies:
- dependency-name: actions/setup-dotnet
  dependency-version: 5.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Better handling of multiple matching entries (last/first index
deviation).
Detect empty trailing value to skip addition of redundant guard entry.
According to actions/setup-dotnet#739, this
is required if we want to upgrade to `actions/setup-dotnet@5.3.0`.

Suggested by Marc Becker.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
…stem#2352)

Bumps [actions/setup-dotnet](https://github.com/actions/setup-dotnet)
from 5.2.0 to 5.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-dotnet/releases">actions/setup-dotnet's
releases</a>.</em></p>
<blockquote>
<h2>v5.3.0</h2>
<h2>What's Changed</h2>
<h3>Enhancements</h3>
<ul>
<li>Add dotnet-version: latest support with dotnet-channel input by <a
href="https://github.com/mahabaleshwars"><code>@​mahabaleshwars</code></a>
in <a
href="https://redirect.github.com/actions/setup-dotnet/pull/730">actions/setup-dotnet#730</a></li>
<li>Support global.json's rollForward latest* variants by <a
href="https://github.com/js6pak"><code>@​js6pak</code></a> in <a
href="https://redirect.github.com/actions/setup-dotnet/pull/538">actions/setup-dotnet#538</a></li>
<li>Improve version resolution by <a
href="https://github.com/akoeplinger"><code>@​akoeplinger</code></a> in
<a
href="https://redirect.github.com/actions/setup-dotnet/pull/560">actions/setup-dotnet#560</a></li>
</ul>
<h3>Dependency Updates</h3>
<ul>
<li>Upgrade @actions/* and fast-xml-parser dependencies by <a
href="https://github.com/Copilot"><code>@​Copilot</code></a> in <a
href="https://redirect.github.com/actions/setup-dotnet/pull/728">actions/setup-dotnet#728</a></li>
<li>Update install scripts to v2026.05.19 (preserve archive links) by <a
href="https://github.com/MichaelSimons"><code>@​MichaelSimons</code></a>
in <a
href="https://redirect.github.com/actions/setup-dotnet/pull/736">actions/setup-dotnet#736</a></li>
<li>Add rollForward note in README, improve proxy health check in e2e
tests and bump version to v5.3.0 by <a
href="https://github.com/priyagupta108"><code>@​priyagupta108</code></a>
in <a
href="https://redirect.github.com/actions/setup-dotnet/pull/738">actions/setup-dotnet#738</a></li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li>Update Test Proxy job by <a
href="https://github.com/priya-kinthali"><code>@​priya-kinthali</code></a>
in <a
href="https://redirect.github.com/actions/setup-dotnet/pull/703">actions/setup-dotnet#703</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/Copilot"><code>@​Copilot</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/setup-dotnet/pull/728">actions/setup-dotnet#728</a></li>
<li><a
href="https://github.com/akoeplinger"><code>@​akoeplinger</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-dotnet/pull/560">actions/setup-dotnet#560</a></li>
<li><a
href="https://github.com/MichaelSimons"><code>@​MichaelSimons</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-dotnet/pull/736">actions/setup-dotnet#736</a></li>
<li><a href="https://github.com/js6pak"><code>@​js6pak</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/setup-dotnet/pull/538">actions/setup-dotnet#538</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-dotnet/compare/v5...v5.3.0">https://github.com/actions/setup-dotnet/compare/v5...v5.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/setup-dotnet/commit/9a946fdbd5fb07b82b2f5a4466058b876ab72bb2"><code>9a946fd</code></a>
Add rollForward note in README, improve proxy health check in e2e tests
and b...</li>
<li><a
href="https://github.com/actions/setup-dotnet/commit/98af08bf649b02f9e94783278906d34780362f6f"><code>98af08b</code></a>
Support global.json's rollForward latest* variants (<a
href="https://redirect.github.com/actions/setup-dotnet/issues/538">#538</a>)</li>
<li><a
href="https://github.com/actions/setup-dotnet/commit/84042723628274fd730a70726fbf57ef89e586de"><code>8404272</code></a>
Update install scripts to v2026.05.19 (<a
href="https://redirect.github.com/actions/setup-dotnet/issues/736">#736</a>)</li>
<li><a
href="https://github.com/actions/setup-dotnet/commit/f1970f5ca30a3ba974274132e05c4bb012faac74"><code>f1970f5</code></a>
Don't download releases-index.json to resolve major version (<a
href="https://redirect.github.com/actions/setup-dotnet/issues/560">#560</a>)</li>
<li><a
href="https://github.com/actions/setup-dotnet/commit/af9211b1364d382bc386cd82c6386875ad2ad796"><code>af9211b</code></a>
Add dotnet-version: latest support with dotnet-channel input (<a
href="https://redirect.github.com/actions/setup-dotnet/issues/730">#730</a>)</li>
<li><a
href="https://github.com/actions/setup-dotnet/commit/df991aeaf2a76aae144b0b70ce23e455c66f061e"><code>df991ae</code></a>
chore: bump @actions/* and fast-xml-parser dependencies (<a
href="https://redirect.github.com/actions/setup-dotnet/issues/728">#728</a>)</li>
<li><a
href="https://github.com/actions/setup-dotnet/commit/a66eefa2bf2572fc311ea6ff65a7b6ecc4df96a6"><code>a66eefa</code></a>
CI: remove manual PowerShell install from test-proxy job (e2e-tests.yml)
(<a
href="https://redirect.github.com/actions/setup-dotnet/issues/703">#703</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/setup-dotnet/compare/v5.2.0...v5.3.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-dotnet&package-manager=github_actions&previous-version=5.2.0&new-version=5.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>
Bumps [actions/checkout](https://github.com/actions/checkout) from 6 to 7.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v6...v7)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps [actions/checkout](https://github.com/actions/checkout) from 6 to
7.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/releases">actions/checkout's
releases</a>.</em></p>
<blockquote>
<h2>v7.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>block checking out fork pr for pull_request_target and workflow_run
by <a href="https://github.com/aiqiaoy"><code>@​aiqiaoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2454">actions/checkout#2454</a></li>
<li>Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 in the
minor-actions-dependencies group across 1 directory by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/checkout/pull/2458">actions/checkout#2458</a></li>
<li>Bump flatted from 3.3.1 to 3.4.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/checkout/pull/2460">actions/checkout#2460</a></li>
<li>Bump js-yaml from 4.1.0 to 4.2.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/checkout/pull/2461">actions/checkout#2461</a></li>
<li>Bump <code>@​actions/core</code> and
<code>@​actions/tool-cache</code> and Remove uuid by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/checkout/pull/2459">actions/checkout#2459</a></li>
<li>upgrade module to esm and update dependencies by <a
href="https://github.com/aiqiaoy"><code>@​aiqiaoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2463">actions/checkout#2463</a></li>
<li>Bump the minor-npm-dependencies group across 1 directory with 3
updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/checkout/pull/2462">actions/checkout#2462</a></li>
<li>getting ready for checkout v7 release by <a
href="https://github.com/aiqiaoy"><code>@​aiqiaoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2464">actions/checkout#2464</a></li>
<li>update error wording by <a
href="https://github.com/aiqiaoy"><code>@​aiqiaoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2467">actions/checkout#2467</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/aiqiaoy"><code>@​aiqiaoy</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/2454">actions/checkout#2454</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v6.0.3...v7.0.0">https://github.com/actions/checkout/compare/v6.0.3...v7.0.0</a></p>
<h2>v6.0.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Update changelog by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2357">actions/checkout#2357</a></li>
<li>fix: expand merge commit SHA regex and add SHA-256 test cases by <a
href="https://github.com/yaananth"><code>@​yaananth</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2414">actions/checkout#2414</a></li>
<li>Fix checkout init for SHA-256 repositories by <a
href="https://github.com/yaananth"><code>@​yaananth</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2439">actions/checkout#2439</a></li>
<li>Update changelog for v6.0.3 by <a
href="https://github.com/yaananth"><code>@​yaananth</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2446">actions/checkout#2446</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/yaananth"><code>@​yaananth</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/2414">actions/checkout#2414</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v6...v6.0.3">https://github.com/actions/checkout/compare/v6...v6.0.3</a></p>
<h2>v6.0.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID
is set by <a
href="https://github.com/TingluoHuang"><code>@​TingluoHuang</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2355">actions/checkout#2355</a></li>
<li>Fix tag handling: preserve annotations and explicit fetch-tags by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2356">actions/checkout#2356</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v6.0.1...v6.0.2">https://github.com/actions/checkout/compare/v6.0.1...v6.0.2</a></p>
<h2>v6.0.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Update all references from v5 and v4 to v6 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2314">actions/checkout#2314</a></li>
<li>Add worktree support for persist-credentials includeIf by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2327">actions/checkout#2327</a></li>
<li>Clarify v6 README by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2328">actions/checkout#2328</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v6...v6.0.1">https://github.com/actions/checkout/compare/v6...v6.0.1</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>v7.0.0</h2>
<ul>
<li>Block checking out fork PR for pull_request_target and workflow_run
by <a href="https://github.com/aiqiaoy"><code>@​aiqiaoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2454">actions/checkout#2454</a></li>
<li>Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 in the
minor-actions-dependencies group across 1 directory by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/checkout/pull/2458">actions/checkout#2458</a></li>
<li>Bump flatted from 3.3.1 to 3.4.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/checkout/pull/2460">actions/checkout#2460</a></li>
<li>Bump js-yaml from 4.1.0 to 4.2.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/checkout/pull/2461">actions/checkout#2461</a></li>
<li>Bump <code>@​actions/core</code> and
<code>@​actions/tool-cache</code> and Remove uuid by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/checkout/pull/2459">actions/checkout#2459</a></li>
<li>upgrade module to esm and update dependencies by <a
href="https://github.com/aiqiaoy"><code>@​aiqiaoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2463">actions/checkout#2463</a></li>
<li>Bump the minor-npm-dependencies group across 1 directory with 3
updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/checkout/pull/2462">actions/checkout#2462</a></li>
</ul>
<h2>v6.0.3</h2>
<ul>
<li>Fix checkout init for SHA-256 repositories by <a
href="https://github.com/yaananth"><code>@​yaananth</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2439">actions/checkout#2439</a></li>
<li>fix: expand merge commit SHA regex and add SHA-256 test cases by <a
href="https://github.com/yaananth"><code>@​yaananth</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2414">actions/checkout#2414</a></li>
</ul>
<h2>v6.0.2</h2>
<ul>
<li>Fix tag handling: preserve annotations and explicit fetch-tags by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2356">actions/checkout#2356</a></li>
</ul>
<h2>v6.0.1</h2>
<ul>
<li>Add worktree support for persist-credentials includeIf by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2327">actions/checkout#2327</a></li>
</ul>
<h2>v6.0.0</h2>
<ul>
<li>Persist creds to a separate file by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2286">actions/checkout#2286</a></li>
<li>Update README to include Node.js 24 support details and requirements
by <a href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2248">actions/checkout#2248</a></li>
</ul>
<h2>v5.0.1</h2>
<ul>
<li>Port v6 cleanup to v5 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2301">actions/checkout#2301</a></li>
</ul>
<h2>v5.0.0</h2>
<ul>
<li>Update actions checkout to use node 24 by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li>
</ul>
<h2>v4.3.1</h2>
<ul>
<li>Port v6 cleanup to v4 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2305">actions/checkout#2305</a></li>
</ul>
<h2>v4.3.0</h2>
<ul>
<li>docs: update README.md by <a
href="https://github.com/motss"><code>@​motss</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li>
<li>Add internal repos for checking out multiple repositories by <a
href="https://github.com/mouismail"><code>@​mouismail</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li>
<li>Documentation update - add recommended permissions to Readme by <a
href="https://github.com/benwells"><code>@​benwells</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li>
<li>Adjust positioning of user email note and permissions heading by <a
href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li>
<li>Update README.md by <a
href="https://github.com/nebuk89"><code>@​nebuk89</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li>
<li>Update CODEOWNERS for actions by <a
href="https://github.com/TingluoHuang"><code>@​TingluoHuang</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li>
<li>Update package dependencies by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li>
</ul>
<h2>v4.2.2</h2>
<ul>
<li><code>url-helper.ts</code> now leverages well-known environment
variables by <a href="https://github.com/jww3"><code>@​jww3</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li>
<li>Expand unit test coverage for <code>isGhes</code> by <a
href="https://github.com/jww3"><code>@​jww3</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li>
</ul>
<h2>v4.2.1</h2>
<ul>
<li>Check out other refs/* by commit if provided, fall back to ref by <a
href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/checkout/commit/9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0"><code>9c091bb</code></a>
update error wording (<a
href="https://redirect.github.com/actions/checkout/issues/2467">#2467</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/1044a6dea927916f2c38ba5aeffbc0a847b1221a"><code>1044a6d</code></a>
getting ready for checkout v7 release (<a
href="https://redirect.github.com/actions/checkout/issues/2464">#2464</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/f0282184c7ce73ab54c7e4ab5a617122602e575f"><code>f028218</code></a>
Bump the minor-npm-dependencies group across 1 directory with 3 updates
(<a
href="https://redirect.github.com/actions/checkout/issues/2462">#2462</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/d914b262ffc244530a203ab40decab34c3abf34d"><code>d914b26</code></a>
upgrade module to esm and update dependencies (<a
href="https://redirect.github.com/actions/checkout/issues/2463">#2463</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/537c7ef99cef6e5ddb5e7ff5d16d14510503801d"><code>537c7ef</code></a>
Bump <code>@​actions/core</code> and <code>@​actions/tool-cache</code>
and Remove uuid (<a
href="https://redirect.github.com/actions/checkout/issues/2459">#2459</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/130a169078a413d3a5246a393625e8e742f387f6"><code>130a169</code></a>
Bump js-yaml from 4.1.0 to 4.2.0 (<a
href="https://redirect.github.com/actions/checkout/issues/2461">#2461</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/7d09575332117a40b46e5e020664df234cd416f3"><code>7d09575</code></a>
Bump flatted from 3.3.1 to 3.4.2 (<a
href="https://redirect.github.com/actions/checkout/issues/2460">#2460</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/0f9f3aa320cb53abeb534aeb54048075d9697a0e"><code>0f9f3aa</code></a>
Bump actions/publish-immutable-action (<a
href="https://redirect.github.com/actions/checkout/issues/2458">#2458</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/f9e715a95fcd1f9253f77dd28f11e88d2d6460c7"><code>f9e715a</code></a>
block checking out fork pr for pull_request_target and workflow_run (<a
href="https://redirect.github.com/actions/checkout/issues/2454">#2454</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/checkout/compare/v6...v7">compare
view</a></li>
</ul>
</details>
<br />
Bumps [actions/setup-dotnet](https://github.com/actions/setup-dotnet) from 5.3.0 to 5.4.0.
- [Release notes](https://github.com/actions/setup-dotnet/releases)
- [Commits](actions/setup-dotnet@v5.3.0...v5.4.0)

---
updated-dependencies:
- dependency-name: actions/setup-dotnet
  dependency-version: 5.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
…stem#2361)

Bumps [actions/setup-dotnet](https://github.com/actions/setup-dotnet)
from 5.3.0 to 5.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-dotnet/releases">actions/setup-dotnet's
releases</a>.</em></p>
<blockquote>
<h2>v5.4.0</h2>
<h2>What's Changed</h2>
<h3>Enhancements</h3>
<ul>
<li>Improve global.json SDK version validation for rollForward by <a
href="https://github.com/priyagupta108"><code>@​priyagupta108</code></a>
in <a
href="https://redirect.github.com/actions/setup-dotnet/pull/742">actions/setup-dotnet#742</a></li>
<li>Pin actions to commit SHAs in workflows by <a
href="https://github.com/priya-kinthali"><code>@​priya-kinthali</code></a>
in <a
href="https://redirect.github.com/actions/setup-dotnet/pull/744">actions/setup-dotnet#744</a></li>
<li>Expand the CSC problem matcher to light up more errors on GitHub. by
<a
href="https://github.com/StephenCleary"><code>@​StephenCleary</code></a>
in <a
href="https://redirect.github.com/actions/setup-dotnet/pull/717">actions/setup-dotnet#717</a></li>
</ul>
<h3>Documentation</h3>
<ul>
<li>Docs(action): Explicitly mark all optional inputs with required:
false by <a
href="https://github.com/kranthipoturaju"><code>@​kranthipoturaju</code></a>
in <a
href="https://redirect.github.com/actions/setup-dotnet/pull/737">actions/setup-dotnet#737</a></li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li>Fix global.json creation command by <a
href="https://github.com/michal2612"><code>@​michal2612</code></a> in <a
href="https://redirect.github.com/actions/setup-dotnet/pull/694">actions/setup-dotnet#694</a></li>
</ul>
<h3>Dependency Updates</h3>
<ul>
<li>Upgrade <code>@​actions/cache</code> to 5.1.0, log cache write
denied by <a
href="https://github.com/jasongin"><code>@​jasongin</code></a> in <a
href="https://redirect.github.com/actions/setup-dotnet/pull/746">actions/setup-dotnet#746</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/jasongin"><code>@​jasongin</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-dotnet/pull/746">actions/setup-dotnet#746</a></li>
<li><a
href="https://github.com/michal2612"><code>@​michal2612</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/setup-dotnet/pull/694">actions/setup-dotnet#694</a></li>
<li><a
href="https://github.com/kranthipoturaju"><code>@​kranthipoturaju</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-dotnet/pull/737">actions/setup-dotnet#737</a></li>
<li><a
href="https://github.com/StephenCleary"><code>@​StephenCleary</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-dotnet/pull/717">actions/setup-dotnet#717</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-dotnet/compare/v5...v5.4.0">https://github.com/actions/setup-dotnet/compare/v5...v5.4.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/setup-dotnet/commit/26b0ec14cb23fa6904739307f278c14f94c95bf1"><code>26b0ec1</code></a>
Expand the CSC problem matcher to light up more errors on GitHub. (<a
href="https://redirect.github.com/actions/setup-dotnet/issues/717">#717</a>)</li>
<li><a
href="https://github.com/actions/setup-dotnet/commit/da5e5482f2d0700168cff080da45b50da8b60f0e"><code>da5e548</code></a>
docs(action): explicitly mark all optional inputs with required: false
(<a
href="https://redirect.github.com/actions/setup-dotnet/issues/737">#737</a>)</li>
<li><a
href="https://github.com/actions/setup-dotnet/commit/9bd3b44355ba7c500f3d2e029636c6d29ac5caab"><code>9bd3b44</code></a>
Improve readability of global.json creation command (<a
href="https://redirect.github.com/actions/setup-dotnet/issues/694">#694</a>)</li>
<li><a
href="https://github.com/actions/setup-dotnet/commit/4406a635cd2be9c92689ea22b2f74ea57297088c"><code>4406a63</code></a>
Bump <code>@​actions/cache</code> to 5.1.0, log cache write denied (<a
href="https://redirect.github.com/actions/setup-dotnet/issues/746">#746</a>)</li>
<li><a
href="https://github.com/actions/setup-dotnet/commit/dc3262dda80e97f1c7865b3b122e99240e30b738"><code>dc3262d</code></a>
pin actions to commit SHAs in workflows (<a
href="https://redirect.github.com/actions/setup-dotnet/issues/744">#744</a>)</li>
<li><a
href="https://github.com/actions/setup-dotnet/commit/95a3f8b067437dc9b2027a437f5dc3b4569ddd49"><code>95a3f8b</code></a>
Validate global.json SDK version before rollForward optimization (<a
href="https://redirect.github.com/actions/setup-dotnet/issues/742">#742</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/setup-dotnet/compare/v5.3.0...v5.4.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-dotnet&package-manager=github_actions&previous-version=5.3.0&new-version=5.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>
The link to the Windows Credential Manager docs was broken - it used to
point at:

https://support.microsoft.com/en-us/windows/accessing-credential-manager-1b5c916a-6a16-889f-8581-fc16e8165ac0

..but this now resolves instead to:

https://support.microsoft.com/en-US/Windows/Security/credential-manager-in-windows

..so let's use that URL directly.

Signed-off-by: Matthew John Cheetham <mjcheetham@outlook.com>
Copilot AI review requested due to automatic review settings July 2, 2026 00:51
@Pjrich1313 Pjrich1313 requested a review from a team as a code owner July 2, 2026 00:51

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds a new GitHub Actions workflow to validate that Git Credential Manager can be installed and uninstalled via the Homebrew cask on macOS runners.

Changes:

  • Introduces validate-install-homebrew workflow triggered on workflow_dispatch, push (main), and pull_request (main).
  • Installs git-credential-manager via Homebrew cask, verifies it runs, uninstalls it, and verifies removal.
  • Runs the job on a small macOS runner matrix.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment on lines +19 to +23
include:
- os: macos-latest
arch: arm64
- os: macos-14
arch: arm64
Comment on lines +25 to +28
steps:
- uses: actions/checkout@v7

- name: Install via Homebrew
Comment on lines +3 to +10
on:
workflow_dispatch:
push:
branches:
- main
pull_request:
branches:
- main
Comment on lines +31 to +32
- name: Verify installation
run: git-credential-manager --version || exit 1
@Pjrich1313 Pjrich1313 changed the base branch from main to copilot/add-postinstall-service-user-support July 2, 2026 04:02
@Pjrich1313 Pjrich1313 requested a review from a team as a code owner July 2, 2026 04:02
@dscho

dscho commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

@Pjrich1313 is this a genuine attempt at contributing to the project? If so, you'll have to polish this a lot, e.g. by changing the title appropriately, by providing a description that motivates the changes, by targeting the correct branch, and by seriously cleaning up the commit history (e.g. via git rebase -i).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.