Updated to latest versions

[mitchelsellers]

Summary by CodeRabbit

• Chores
  • Updated GitHub Actions workflows for continuous integration and release builds to use latest tools and configurations.
  • Enhanced release note automation with improved changelog categorization and filtering.
  • Updated testing framework and build dependencies to latest stable versions.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

The PR adds a GitHub release configuration file, updates CI/CD workflows to use GitVersion GitHub Actions (v6.4.0) instead of dotnet tools, adjusts SonarQube token handling to environment variables, reconfigures GitVersion from main to develop branch tracking, and updates test project dependencies.

Changes

Cohort / File(s)	Change Summary
Release Configuration .github/release.yml	New file: Defines changelog formatting for releases with categories for features, bug fixes, administrative items, and other changes; specifies excluded labels
CI/CD Workflow Updates .github/workflows/ci-build.yml, .github/workflows/release-build.yml	Replaces GitVersion dotnet tool installation/execution with GitHub Actions (v4.2.0 setup and execute); updates GitVersion to v6.4.0; adjusts SonarQube token handling from sonar.login to sonar.token using environment variables
Version Configuration GitVersion.yml	Switches primary branch configuration from main to develop with alpha label; updates pull-request regex pattern for pr detection; replaces static tag with dynamic pr{Number} label; removes prevent-increment-of-merged-branch-version setting
Test Dependencies src/AspNetCore.Utilities.FontAwesomeTagHelpers.Tests/AspNetCore.Utilities.FontAwesomeTagHelpers.Tests.csproj	Updates Microsoft.NET.Test.Sdk from 17.12.0 to 18.0.1 and xunit.runner.visualstudio from 3.0.2 to 3.1.5

Sequence Diagram

sequenceDiagram
    actor Workflow as GitHub Action
    participant OldGV as Old GitVersion<br/>(dotnet tool)
    participant NewGV as New GitVersion<br/>(Actions v4.2.0)
    participant SQ as SonarQube

    rect rgb(100, 150, 200)
    Note over Workflow: Previous Flow
    Workflow->>OldGV: Install Tool (v5.12.0)
    Workflow->>OldGV: Execute with Config
    OldGV-->>Workflow: Version Info
    Workflow->>SQ: /d:sonar.login={secret}
    end

    rect rgb(150, 180, 220)
    Note over Workflow: New Flow
    Workflow->>NewGV: Setup (v6.4.0)
    Workflow->>NewGV: Execute (no config flag)
    NewGV-->>Workflow: Version Info
    Workflow->>SQ: /d:sonar.token={env.SONAR_TOKEN}
    end

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20–25 minutes

Areas requiring extra attention:

• GitVersion.yml branch logic: Verify the develop-to-main branching strategy and pr{Number} label generation logic aligns with intended release workflow
• SonarQube token migration: Confirm environment variable substitution (SONAR_TOKEN) is properly configured in CI/CD secrets and GitHub Actions contexts
• GitVersion version upgrade: Validate compatibility between v6.4.0 and the new actions (v4.2.0) versus previous versions; check for breaking changes in configuration handling
• Dependency updates: Ensure test SDK v18.0.1 and xunit runner v3.1.5 maintain compatibility with the rest of the test infrastructure

Poem

🐰 Hop, hop, the workflows now flow,
With GitVersion actions all aglow!
From dotnet tools to GitHub's embrace,
We version our code with newfound grace—
Tests upgraded, configs refined,
Release excellence, now defined! 🎉

Pre-merge checks and finishing touches

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The title is vague and generic, using non-descriptive language that doesn't clearly convey what was updated or why.	Use a more specific title that describes the primary changes, such as 'Update GitVersion actions, SonarQube configuration, and test dependencies' or similar that reflects the main updates.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feature/build

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[sonarqubecloud]

Quality Gate failed

Failed conditions
7 Security Hotspots

See analysis details on SonarQube Cloud

[coderabbitai]

Actionable comments posted: 2

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 6664cec and 30e33fd.

📒 Files selected for processing (5)

• .github/release.yml (1 hunks)
• .github/workflows/ci-build.yml (2 hunks)
• .github/workflows/release-build.yml (1 hunks)
• GitVersion.yml (1 hunks)
• src/AspNetCore.Utilities.FontAwesomeTagHelpers.Tests/AspNetCore.Utilities.FontAwesomeTagHelpers.Tests.csproj (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Analyze Code Quality

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

Script executed:

#!/bin/bash
# Read the workflow file to see full context around the SonarQube scanner usage
head -110 .github/workflows/ci-build.yml | tail -40

Repository: IowaComputerGurus/aspnetcore.utilities.fontawesometaghelpers

---

<shell_result>
Repository: IowaComputerGurus/aspnetcore.utilities.fontawesometaghelpers
Exit code: 0

stdout:

        with:
          path: ~\sonar\cache
          key: ${{ runner.os }}-sonar
          restore-keys: ${{ runner.os }}-sonar

      - name: Cache SonarCloud scanner
        id: cache-sonar-scanner
        uses: actions/cache@v4.3.0
        with:
          path: .\.sonar\scanner
          key: ${{ runner.os }}-sonar-scanner
          restore-keys: ${{ runner.os }}-sonar-scanner

      - name: Install SonarCloud scanner
        if: steps.cache-sonar-scanner.outputs.cache-hit != 'true'
        shell: powershell
        run: |
          New-Item -Path .\.sonar\scanner -ItemType Directory
          dotnet tool update dotnet-sonarscanner --tool-path .\.sonar\scanner
          
      - name: Install GitVersion
        uses: gittools/actions/gitversion/setup@v4.2.0
        with:
          versionSpec: '6.4.0'

      - name: Determine Version
        id: gitversion
        uses: gittools/actions/gitversion/execute@v4.2.0

      - name: Build and analyze
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
        shell: powershell
        run: |
          .\.sonar\scanner\dotnet-sonarscanner begin /k:"IowaComputerGurus_aspnetcore.utilities.fontawesometaghelpers" /o:"iowacomputergurus-github" /d:sonar.token="${{ env.SONAR_TOKEN }}" /n:"AspNetCore Utilities Font Awesome Tag Helpers"
          dotnet restore "${{ env.solution-path }}"
          dotnet build "${{ env.solution-path }}" --no-restore --configuration Release -p:version=${{ steps.gitversion.outputs.majorMinorPatch }}
          dotnet test "${{ env.solution-path }}" --no-build --configuration Release --collect "XPlat Code Coverage" -- DataCollectionRunSettings.DataCollectors.DataCollector.Configuration.Format=opencover --logger "trx;LogFileName=unittests.trx"
          .\.sonar\scanner\dotnet-sonarscanner end /d:sonar.login="${{ env.SONAR_TOKEN }}"

</shell_result>

---

Script executed:

#!/bin/bash
# Check if there's any documentation or configuration files in the repo
fd -e md -e txt -e json | xargs rg -l "sonar" 2>/dev/null | head -10

Repository: IowaComputerGurus/aspnetcore.utilities.fontawesometaghelpers

---

<shell_result>
Repository: IowaComputerGurus/aspnetcore.utilities.fontawesometaghelpers
Exit code: 0

stdout:

README.md

</shell_result>

---

Script executed:

#!/bin/bash
# Check README for any SonarQube configuration details
cat README.md | grep -A 10 -B 10 -i sonar

Repository: IowaComputerGurus/aspnetcore.utilities.fontawesometaghelpers

---

<shell_result>
Repository: IowaComputerGurus/aspnetcore.utilities.fontawesometaghelpers
Exit code: 0

stdout:

# AspNetCore Font Awesome Tag Helpers ![](https://img.shields.io/github/license/iowacomputergurus/aspnetcore.utilities.fontawesometaghelpers.svg)

A collection of TagHelpers for ASP.NET Core that make utilizing the FontAwesome library easier to use for developers

![Build Status](https://github.com/IowaComputerGurus/aspnetcore.utilities.fontawesometaghelpers/actions/workflows/ci-build.yml/badge.svg)

![](https://img.shields.io/nuget/v/icg.aspnetcore.utilities.fontawesometaghelpers.svg) ![](https://img.shields.io/nuget/dt/icg.aspnetcore.utilities.fontawesometaghelpers.svg)

## SonarCloud Analysis

[![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=IowaComputerGurus_aspnetcore.utilities.fontawesometaghelpers&metric=alert_status)](https://sonarcloud.io/dashboard?id=IowaComputerGurus_aspnetcore.utilities.fontawesometaghelpers)
[![Coverage](https://sonarcloud.io/api/project_badges/measure?project=IowaComputerGurus_aspnetcore.utilities.fontawesometaghelpers&metric=coverage)](https://sonarcloud.io/dashboard?id=IowaComputerGurus_aspnetcore.utilities.fontawesometaghelpers)
[![Security Rating](https://sonarcloud.io/api/project_badges/measure?project=IowaComputerGurus_aspnetcore.utilities.fontawesometaghelpers&metric=security_rating)](https://sonarcloud.io/dashboard?id=IowaComputerGurus_aspnetcore.utilities.fontawesometaghelpers)
[![Technical Debt](https://sonarcloud.io/api/project_badges/measure?project=IowaComputerGurus_aspnetcore.utilities.fontawesometaghelpers&metric=sqale_index)](https://sonarcloud.io/dashboard?id=IowaComputerGurus_aspnetcore.utilities.fontawesometaghelpers)

## Usage Expecations

These tag helpers are only for markup display, your web project must properly include references to FontAwesome and must abide by all license and other requirements of FontAwesome for the functionality to be utilized here.  For more on how to include FontAwesome within your project please reference their documentation.


## Setup - Registering TagHelpers

You must modify your `_viewimports.cshtml` file by adding

</shell_result>

---

Fix inconsistent SonarQube scanner parameters: use sonar.token in both begin and end steps.

The workflow uses /d:sonar.token in the begin step (line 101) but /d:sonar.login in the end step (line 105). The sonar.login parameter is deprecated; use /d:sonar.login="${{ env.SONAR_TOKEN }}" should be /d:sonar.token="${{ env.SONAR_TOKEN }}" to match the begin step and align with modern SonarQube/SonarCloud authentication standards.

🤖 Prompt for AI Agents

.github/workflows/ci-build.yml around lines 95 to 105: the SonarQube scanner end
step uses the deprecated /d:sonar.login parameter while the begin step uses
/d:sonar.token; update the end step to use /d:sonar.token="${{ env.SONAR_TOKEN
}}" so both begin and end use the same modern sonar.token parameter for
authentication.

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

Script executed:

#!/bin/bash
# Find GitVersion configuration files in the repository
echo "=== Searching for GitVersion configuration files ==="
fd -e yml -e yaml | grep -iE 'gitversion|version' | head -20

Repository: IowaComputerGurus/aspnetcore.utilities.fontawesometaghelpers

---

<shell_result>
Repository: IowaComputerGurus/aspnetcore.utilities.fontawesometaghelpers
Exit code: 0

stdout:

=== Searching for GitVersion configuration files ===
GitVersion.yml

</shell_result>

---

Script executed:

#!/bin/bash
# Check the content of GitVersion.yml
echo "=== GitVersion.yml content ==="
cat -n GitVersion.yml

Repository: IowaComputerGurus/aspnetcore.utilities.fontawesometaghelpers

---

<shell_result>
Repository: IowaComputerGurus/aspnetcore.utilities.fontawesometaghelpers
Exit code: 0

stdout:

=== GitVersion.yml content ===
     1	mode: ContinuousDeployment
     2	next-version: 1.0.0
     3	branches: 
     4	  develop:
     5	    regex: develop
     6	    label: 'alpha'
     7	    increment: Patch
     8	    prevent-increment:
     9	      when-current-commit-tagged: true
    10	    source-branches: []
    11	  pull-request:
    12	    regex: ^(pull-requests|pull|pr)[\/-](?<Number>\d+)
    13	    label: 'pr{Number}'
    14	    increment: Patch
    15	    is-release-branch: false
    16	    source-branches: []
    17	ignore:
    18	  sha: []
    19	merge-message-formats: {}

</shell_result>

---

gittools/actions/gitversion execute v4.2.0 useConfigFile documentation

---

<web_search_result>
Summary: The GitTools GitVersion "execute" GitHub Action (v4.2.0) accepts a useConfigFile boolean input. Set useConfigFile: true to tell the action to load a GitVersion configuration file (default name GitVersion.yml) and useConfigFile: false (or omit) to run with GitVersion defaults. If true you can also specify configFilePath to point to a non‑standard location. Example usage:

• uses: gittools/actions/gitversion/execute@v4.2.0
  with:
  useConfigFile: true
  configFilePath: GitVersion.yml

Documentation / examples: GitTools actions examples for the execute step and the GitHub Actions example showing useConfigFile/configFilePath. [1][2]

Sources:
[1] GitTools/actions — execute example (GitHub docs/examples). (github.com)
[2] Example GitHub Actions workflow using gittools/actions/gitversion/execute with useConfigFile and configFilePath. (gdservices.io)

Citations:

• 1: https://github.com/GitTools/actions/blob/main/docs/examples/github/gitversion/execute.md
• 2: https://gdservices.io/automatic-version-tagging-and-release-with-github-actions?utm_source=openai
  </web_search_result>

---

useConfigFile: true is required for GitVersion.yml to be recognized by the new GitHub Actions.

The web search confirms that gittools/actions/gitversion/execute@v4.2.0 requires explicit useConfigFile: true to load the GitVersion.yml configuration file. Without this parameter, the action uses GitVersion defaults and ignores your repository's configuration.

Since your repository contains a GitVersion.yml file with critical configuration (ContinuousDeployment mode, branch-specific versioning rules, alpha labels), the removal of useConfigFile: true is a breaking change. The new gittools/actions/gitversion/execute@v4.2.0 step must include:

    - name: Determine Version
      id: gitversion
      uses: gittools/actions/gitversion/execute@v4.2.0
      with:
        useConfigFile: true

Without this, custom versioning logic will be lost and the build will use default GitVersion behavior instead.

🤖 Prompt for AI Agents

.github/workflows/release-build.yml around lines 27 to 34: the GitVersion
execute action is missing useConfigFile: true so your repository GitVersion.yml
is ignored; update the "Determine Version" step to add a with section that sets
useConfigFile: true so the action loads and honors your repository's
GitVersion.yml configuration.