Remove duplicate Empty/empty template parameters causing wrong .NET version selection#34876
Draft
Remove duplicate Empty/empty template parameters causing wrong .NET version selection#34876
Conversation
…ersion selection The maui-blazor and maui-blazor-solution templates defined both `Empty` and `empty` as separate JSON keys. The .NET 11 SDK (preview.3+) has stricter case-insensitive duplicate key handling, which caused the template engine to not match the .NET 11 template when `--Empty` was used, falling back to the .NET 10 template. Fixes #34873 Agent-Logs-Url: https://github.com/dotnet/maui/sessions/889ee180-333b-4280-8a09-50e09ab2d591 Co-authored-by: jfversluis <939291+jfversluis@users.noreply.github.com>
Copilot
AI
changed the title
[WIP] Fix MAUI Blazor sample app default .NET SDK version
Remove duplicate Empty/empty template parameters causing wrong .NET version selection
Apr 8, 2026
Member
|
@copilot can you determine where the duplicate empty parameter originates from? Why was it introduced? |
Contributor
Author
The duplicate Context: In .NET 9, the CLI option was The PR description even noted: "hopefully in .NET 11 we can start removing the duplicates since they are hidden." Unfortunately, .NET 11 Preview 3's template engine (via dotnet/templating#10049) introduced stricter case-insensitive duplicate key handling, which means these two keys ( |
PureWeen
added a commit
that referenced
this pull request
Apr 15, 2026
…, security hardening (#34678) ## Description Overhauls the `copilot-evaluate-tests` gh-aw workflow — switches to on-demand triggers only (`/evaluate-tests` slash command + manual `workflow_dispatch`), adds security hardening, and improves error handling. No auto-runs on PR create/update. ### What Changed **Triggers (on-demand only — no auto-runs)** - Add `slash_command: evaluate-tests` — comment `/evaluate-tests` on a PR to trigger - Keep `workflow_dispatch` — manual trigger from Actions tab with PR number input - Disable `pull_request_target` — no auto-evaluation on PR create/update - Add `bots: ["copilot-swe-agent[bot]"]` — Copilot-authored PRs can be evaluated - Add `labels: ["pr-review", "testing"]` — workflow runs are labeled **Gate step (fast-fail for invalid requests)** - Check PR is OPEN before evaluating (rejects closed/merged PRs with clear message) - Check for test source files in diff before spinning up agent - Fall back to REST API for PRs with 300+ files (where `gh pr diff` returns HTTP 406) - All API errors surfaced with clear messages — no silent masking - `exit 1` stops the workflow immediately — no wasted agent compute **Access gating (`Checkout-GhAwPr.ps1`)** - Reject fork PRs (`isCrossRepository` check) - Verify PR author has write access (admin/write/maintain roles) - Fix `ConvertFrom-Json` ordering — check exit code before JSON parsing - Make infrastructure restore fatal on failure (was soft warning) - Remove pre-delete pattern — `git checkout` overwrites in-place **Workflow improvements** - `hide-older-comments: true` — previous evaluations auto-collapse - `report-as-issue: false` for noop — no issue created when nothing to evaluate - Timeout bumped 15 → 20 minutes - Dry-run mode via `suppress_output` input (workflow_dispatch only) - `Gather-TestContext.ps1` now receives `-PrNumber` parameter **Security documentation (`gh-aw-workflows.instructions.md`)** - Add "Before You Build" anti-patterns table — prefer built-in gh-aw features - Add Security Boundaries section with defense layers table - Add Rules for gh-aw Workflow Authors (DO/DON'T list) - Document `COPILOT_TOKEN` exposure and mitigations - Add `slash_command` to fork behavior table - Update `Checkout-GhAwPr.ps1` description to match current behavior ### Trigger Behavior | Trigger | When it fires | Who can trigger | |---------|---------------|-----------------| | `/evaluate-tests` comment | Comment on a PR | Write-access collaborators + copilot-swe-agent[bot] | | `workflow_dispatch` | Actions tab → "Run workflow" → enter PR number | Write-access collaborators | | ~~`pull_request_target`~~ | ~~Auto on PR create/update~~ | ~~Disabled~~ | ### Security Model Based on [GitHub Security Lab guidance](https://securitylab.github.com/resources/github-actions-preventing-pwn-requests/): - PR contents treated as **passive data** (read/analyze, never built or executed) - Agent runs in **sandboxed container** with `GITHUB_TOKEN` and `gh` CLI scrubbed - Write operations in **separate `safe_outputs` job** (not the agent) - Agent output limited to `max: 1` comment via safe-outputs - `Checkout-GhAwPr.ps1` rejects fork PRs and verifies write access before checkout - Infrastructure restore is fatal on failure — prevents running with untrusted infra ### Validation | Test | PR | Result | |------|-----|--------| | Open PR with tests | #34983 | ✅ Full success (gate → checkout → agent → comment) | | No-test PR | #34876 | ✅ Gate fast-fail ("no test source files") | | Merged PR | #34932 | ✅ Gate fast-fail ("MERGED — skipping") | ### Known Limitations - Fork PRs via `/evaluate-tests` can supply modified `.github/skills/` — accepted residual risk (agent sandboxed, output bounded). Tracked as [gh-aw#18481](github/gh-aw#18481) - `exit 1` in gate step shows ❌ in GitHub checks for no-test/closed PRs — intentional (no built-in "skip" mechanism in gh-aw steps) - `pull_request_target` commented out — can be re-enabled later for auto-evaluation --------- Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Note
Are you waiting for the changes in this PR to be merged?
It would be very helpful if you could test the resulting artifacts from this PR and let us know in a comment if this change resolves your issue. Thank you!
dotnet new maui-blazor --Emptyon .NET 11 Preview 3 generates a project targeting net10 instead of net11.--empty(lowercase) works correctly. Root cause: the template engine in .NET 11 SDK has stricter case-insensitive duplicate key handling, and both templates define"Empty"and"empty"as separate JSON keys.When the duplicate keys cause the .NET 11 template to fail matching, the engine falls back to the .NET 10 template.
Changes
maui-blazor/.template.config/template.json— Remove duplicate"empty"parameter; simplifySampleContentcomputed value to reference onlyEmptymaui-blazor-solution/.template.config/template.json— Same fixThe template engine already matches CLI parameters case-insensitively, so a single
Emptyparameter handles both--Emptyand--empty.