Skip to content

Bump coverlet.collector from 6.0.2 to 10.0.1#7

Merged
bilbospocketses merged 1 commit into
masterfrom
dependabot/nuget/tests/ControlMenu.Common.Tests/multi-24e82da74b
May 18, 2026
Merged

Bump coverlet.collector from 6.0.2 to 10.0.1#7
bilbospocketses merged 1 commit into
masterfrom
dependabot/nuget/tests/ControlMenu.Common.Tests/multi-24e82da74b

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 18, 2026
edited
Loading

Updated coverlet.collector from 6.0.2 to 10.0.1.

Release notes

Sourced from coverlet.collector's releases.

10.0.1

Improvements

Fixed

  • Fix inconsistent paths in cobertura reports #​1723
  • Fix when using "is" with "and" in pattern matching, branch coverage is lower than normal #​1313
  • Fix Coverlet flagging a branch for an async functions finally block where none exists #​1337
  • Fix Coverlet Tracker Missing CompilerGeneratedAttribute #​1828

Maintenance

  • Add architecture docs and diagrams for all integrations #​1927
  • Update NuGet packages and .NET SDK versions #​1933

Diff between 10.0.0 and 10.0.1

10.0.0

Improvements

  • Unique Report Filenames (coverlet.MTP and AzDO) #​1866
  • Add --coverlet-file-prefix option for unique report files #​1869
  • Introduce .NET 10 support #​1823

Fixed

  • Fix [BUG] Wrong branch rate on IAsyncEnumerable for generic type #​1836
  • Fix [BUG] Missing Coverage after moving to MTP #​1843
  • Fix [BUG] No coverage reported when targeting .NET Framework with 8.0.1 #​1842
  • Fix [BUG] Behavior changes between MTP and Legacy (msbuild) #​1878
  • Fix [BUG] Coverlet.MTP - Unable to load coverlet.mtp.appsettings.json #​1880
  • Fix [BUG] Coverlet.Collector produces empty report when Mediator.SourceGenerator is referenced #​1718 by https://github.com/yusyd
  • Fix [BUG] Crash during instrumentation (Methods using LibraryImport/DllImport have no body) #​1762

Maintenance

  • Add comprehensive async method tests and documentation for issue #​1864
  • Replace Tmds.ExecFunction Package in coverlet.core.coverage.tests #​1833
  • Add net9.0 and net10.0 targets #​1822

Diff between 8.0.1 and 10.0.0

8.0.1

Fixed

  • Fix [BUG] TypeInitializationException when targeting .NET Framework #​1818
  • Fix [BUG] coverlet.MTP build fails with CS0400 due to developmentDependency=true #​1827

Improvements

  • Additional improvements needed for .NET Framework instrumentation type import #​1825

Diff between 8.0.0 and 8.0.1

8.0.0

Special Thanks: A huge thank you to @​Bertk for driving the majority of the work in this release! 🎉

Fixed

Improvements

  • Coverlet MTP extension feature #​1788
  • Generate SBOM for nuget packages #​1752
  • Use multi targets projects for coverlet.collector, coverlet.msbuild.tasks packages #​1742
  • Use .NET 8.0 target framework for coverlet.core and remove Newtonsoft.Json #​1733
  • Use latest System.CommandLine version #​1660
  • Upgraded minimum required .NET SDK and runtime to .NET 8.0 LTS (Long Term Support) (Breaking Change)
  • Use xunit.v3 for tests and example code

Diff between 6.0.4 and 8.0.0

6.0.4

Fixed

  • Fix empty coverage report when using include and exclude filters #​1726

Diff between 6.0.3 and 6.0.4

6.0.3

Fixed

Improvements

  • Cache the regex used in InstrumentationHelper #​1693
  • Enable dotnetTool integration tests for linux #​660

Diff between 6.0.2 and 6.0.3

Commits viewable in compare view.

@dependabot dependabot Bot added .NET Pull requests that update .NET code dependencies Pull requests that update a dependency file labels May 18, 2026
@bilbospocketses
Copy link
Copy Markdown
Owner

bilbospocketses commented May 18, 2026

@dependabot rebase

@bilbospocketses bilbospocketses enabled auto-merge (squash) May 18, 2026 23:39
@dependabot
Bump coverlet.collector from 6.0.2 to 10.0.1
41f9f24 
---
updated-dependencies:
- dependency-name: coverlet.collector
  dependency-version: 10.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
- dependency-name: coverlet.collector
  dependency-version: 10.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
- dependency-name: coverlet.collector
  dependency-version: 10.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/nuget/tests/ControlMenu.Common.Tests/multi-24e82da74b branch from f289345 to 41f9f24 Compare May 18, 2026 23:41
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 18, 2026

The base commit for this pull request has not changed.

1 similar comment
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 18, 2026

The base commit for this pull request has not changed.

@bilbospocketses bilbospocketses merged commit efad85d into master May 18, 2026
2 checks passed
@dependabot dependabot Bot deleted the dependabot/nuget/tests/ControlMenu.Common.Tests/multi-24e82da74b branch May 18, 2026 23:43
@bilbospocketses bilbospocketses mentioned this pull request May 19, 2026
Merged
5 tasks
bilbospocketses added a commit that referenced this pull request May 19, 2026
@bilbospocketses
chore(security): tighten rulesets (rebase-drop + CodeQL/Scorecard gat…
631f6ce 
…ing + tag-signing) + scorecard PR trigger (#17)

Cross-repo Tier B security parity sweep. svgedit, OAO, ws-scrcpy-web all
landed equivalent ruleset tightening in parallel sessions today; this PR
brings CM to parity plus a CM-specific Scorecard-as-required-check extra.

Ruleset changes (API-only, already applied pre-PR via gh api PUT):
- Branch ruleset 16554261:
  - pull_request.allowed_merge_methods ["merge","squash","rebase"] -> ["squash","merge"]
  - required_status_checks: added Analyze (csharp), Analyze (javascript-typescript),
    Analyze (actions) (CodeQL App, integration_id 15368) + Scorecard analysis
- Tag ruleset 16554225: added required_signatures
- Repo-level: allow_rebase_merge true -> false (UI cleanup; ruleset is the binding gate)

scorecard.yml companion changes (in this PR):
- Added `pull_request: branches: [master]` trigger so the new required check
  actually reports on PRs. Without it, every PR would block forever waiting
  for Scorecard analysis that never runs.
- Gated `publish_results: ${{ github.event_name == 'push' }}` — PR runs
  publish a branch-HEAD SHA not on master, triggering the same OpenSSF
  webapp "imposter commit" 400 we hit in PR #15 (different cause, same
  SHA-not-on-commit-graph failure mode).

Deferrals documented in CHANGELOG:
- Items #6 + #7 (secret-scanning non_provider_patterns + validity_checks)
  require GHAS license; PATCH calls silently no-op on free tier (confirmed
  empirically on svgedit). Deferred indefinitely.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file .NET Pull requests that update .NET code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@bilbospocketses