Skip to content

Promote develop to main: branch-scoped CI/CD + 3.6#350

Merged
ptr727 merged 4 commits into
mainfrom
develop
Jun 28, 2026
Merged

Promote develop to main: branch-scoped CI/CD + 3.6#350
ptr727 merged 4 commits into
mainfrom
develop

Conversation

@ptr727

@ptr727 ptr727 commented Jun 28, 2026

Copy link
Copy Markdown
Owner

Promote the branch-scoped self-publishing CI/CD migration to main, cutting the 3.6 stable release.

Carries the develop work: 5-workflow self-publishing pipeline (no codegen), WORKFLOW.md, repo-config/ (rulesets + settings as code), keyless OIDC NuGet publishing, flat Utilities.7z release packaging, reconciled docs, and the 3.6 version floor. The 3.6 prerelease published from develop verified clean (flat archive, NuGet package + symbols pushed).

Merge method is a merge commit (not squash) so main keeps a real reference to develop's commits.

🤖 Generated with Claude Code

dependabot Bot and others added 4 commits June 23, 2026 14:55
Updated [Microsoft.NET.Test.Sdk](https://github.com/microsoft/vstest)
from 18.6.0 to 18.7.0.

<details>
<summary>Release notes</summary>

_Sourced from [Microsoft.NET.Test.Sdk's
releases](https://github.com/microsoft/vstest/releases)._

## 18.7.0

## What's Changed
* Add ARM64 msdia140.dll support to test platform packages by
@​jamesmcroft in microsoft/vstest#15689
* Update System.Memory from 4.5.5 to 4.6.3 by @​nohwnd in
microsoft/vstest#15706

## New Contributors
* @​jamesmcroft made their first contribution in
microsoft/vstest#15689

**Full Changelog**:
microsoft/vstest@v18.6.0...v18.7.0

Commits viewable in [compare
view](microsoft/vstest@v18.6.0...v18.7.0).
</details>

[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=Microsoft.NET.Test.Sdk&package-manager=nuget&previous-version=18.6.0&new-version=18.7.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…ce (#344)

Re-syncs this repo's carried governance/config artifacts and CI
orchestration to the current
[ptr727/ProjectTemplate](https://github.com/ptr727/ProjectTemplate)
(template-convergence barrier), and folds in this repo's task list. Held
for maintainer end-gate review - do not auto-merge.

## What this does

- **Carried artifacts re-synced to the template** (adapting only the
sanctioned placeholders): `AGENTS.md` "PR Review Etiquette",
`.github/copilot-instructions.md`, `.markdownlint-cli2.jsonc`,
`.editorconfig`, `.gitattributes`, and `CODESTYLE.md`. The carried files
are byte-for-byte the template's except for the documented adaptations
below. Carried workflow YAML stays CRLF to match the template's
checked-in form (per `.editorconfig`).
- **`CODESTYLE.md` carried whole** (General + .NET + Python). Only the
.NET section is consumed here; the Python section is inert but kept so
re-sync stays a wholesale replace.
- **Orchestration workflows aligned with the template:**
- `build-release-task.yml` / `build-nugetlibrary-task.yml`:
`github-release` decoupled from the build job; the download collects by
`pattern: release-asset-${{ inputs.branch }}-*` + `merge-multiple: true`
with `fail_on_unmatched_files: true`; the NuGet upload is renamed to
`release-asset-<branch>-nugetlibrary` and the unused `artifact-id`
output dropped; adds the main-only prerelease-suffix backstop.
- `merge-bot-pull-request.yml`: concurrency keyed per-PR
(`github.event.pull_request.number`) so bot PRs against the same base
queue independently.
  - `publish-release.yml`: dispatch-from-default-branch guard.
- `test-pull-request.yml`: terminal `cleanup-artifacts` job (`needs:
[smoke-build]`), independent of `check-workflow-status` so housekeeping
never gates the required merge check.

## Documented adaptations (for review)

These are the only intentional deviations from the template; everything
else matches it. Sourced from `AGENTS.md` "Template Adaptations".

- **NuGet-only target set.** No Docker, executable, PyPI, or codegen
targets, so the corresponding `build-*-task.yml` / `run-codegen-*.yml`
workflows are absent and the merge-bot carries only the Dependabot path.
`publish-release.yml` keeps its repo-specific per-branch `date-badge`
matrix and omits the template's PyPI/Docker jobs.
- **Husky-driven clean-compile as the CI style gate.** The template
lints style directly in CI; this repo wires Husky.Net as a local
pre-commit gate and runs the same CSharpier + `dotnet format` checks in
CI via `dotnet husky run`, so the local gate and CI run identical
commands. Sanctioned by `CODESTYLE.md` "Clean-Compile Verification".
- **`.husky/pre-commit` LF pin.** `.editorconfig` adds a
`[.husky/pre-commit]` LF block and `.gitattributes` adds
`.husky/pre-commit text eol=lf` (the template's `[*.sh]` / `*.sh` rules
do not match the extensionless hook). Required because this repo ships
the Husky hook.
- **Brownfield analyzer relaxations.** A pre-existing set of analyzer
rules is relaxed to suggestion in `.editorconfig` (and `IL3058` via
`NoWarn`) to keep the published public API stable; each is documented
inline.

Validation: actionlint clean, markdownlint 0 errors, carried-config
diffs vs the template are EOL/adaptation-only.

---------

Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…up (#346)

Bumps the actions-deps group with 1 update:
[actions/setup-dotnet](https://github.com/actions/setup-dotnet).

Updates `actions/setup-dotnet` from 5.3.0 to 5.4.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-dotnet/releases">actions/setup-dotnet's
releases</a>.</em></p>
<blockquote>
<h2>v5.4.0</h2>
<h2>What's Changed</h2>
<h3>Enhancements</h3>
<ul>
<li>Improve global.json SDK version validation for rollForward by <a
href="https://github.com/priyagupta108"><code>@​priyagupta108</code></a>
in <a
href="https://redirect.github.com/actions/setup-dotnet/pull/742">actions/setup-dotnet#742</a></li>
<li>Pin actions to commit SHAs in workflows by <a
href="https://github.com/priya-kinthali"><code>@​priya-kinthali</code></a>
in <a
href="https://redirect.github.com/actions/setup-dotnet/pull/744">actions/setup-dotnet#744</a></li>
<li>Expand the CSC problem matcher to light up more errors on GitHub. by
<a
href="https://github.com/StephenCleary"><code>@​StephenCleary</code></a>
in <a
href="https://redirect.github.com/actions/setup-dotnet/pull/717">actions/setup-dotnet#717</a></li>
</ul>
<h3>Documentation</h3>
<ul>
<li>Docs(action): Explicitly mark all optional inputs with required:
false by <a
href="https://github.com/kranthipoturaju"><code>@​kranthipoturaju</code></a>
in <a
href="https://redirect.github.com/actions/setup-dotnet/pull/737">actions/setup-dotnet#737</a></li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li>Fix global.json creation command by <a
href="https://github.com/michal2612"><code>@​michal2612</code></a> in <a
href="https://redirect.github.com/actions/setup-dotnet/pull/694">actions/setup-dotnet#694</a></li>
</ul>
<h3>Dependency Updates</h3>
<ul>
<li>Upgrade <code>@​actions/cache</code> to 5.1.0, log cache write
denied by <a
href="https://github.com/jasongin"><code>@​jasongin</code></a> in <a
href="https://redirect.github.com/actions/setup-dotnet/pull/746">actions/setup-dotnet#746</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/jasongin"><code>@​jasongin</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-dotnet/pull/746">actions/setup-dotnet#746</a></li>
<li><a
href="https://github.com/michal2612"><code>@​michal2612</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/setup-dotnet/pull/694">actions/setup-dotnet#694</a></li>
<li><a
href="https://github.com/kranthipoturaju"><code>@​kranthipoturaju</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-dotnet/pull/737">actions/setup-dotnet#737</a></li>
<li><a
href="https://github.com/StephenCleary"><code>@​StephenCleary</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-dotnet/pull/717">actions/setup-dotnet#717</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-dotnet/compare/v5...v5.4.0">https://github.com/actions/setup-dotnet/compare/v5...v5.4.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/setup-dotnet/commit/26b0ec14cb23fa6904739307f278c14f94c95bf1"><code>26b0ec1</code></a>
Expand the CSC problem matcher to light up more errors on GitHub. (<a
href="https://redirect.github.com/actions/setup-dotnet/issues/717">#717</a>)</li>
<li><a
href="https://github.com/actions/setup-dotnet/commit/da5e5482f2d0700168cff080da45b50da8b60f0e"><code>da5e548</code></a>
docs(action): explicitly mark all optional inputs with required: false
(<a
href="https://redirect.github.com/actions/setup-dotnet/issues/737">#737</a>)</li>
<li><a
href="https://github.com/actions/setup-dotnet/commit/9bd3b44355ba7c500f3d2e029636c6d29ac5caab"><code>9bd3b44</code></a>
Improve readability of global.json creation command (<a
href="https://redirect.github.com/actions/setup-dotnet/issues/694">#694</a>)</li>
<li><a
href="https://github.com/actions/setup-dotnet/commit/4406a635cd2be9c92689ea22b2f74ea57297088c"><code>4406a63</code></a>
Bump <code>@​actions/cache</code> to 5.1.0, log cache write denied (<a
href="https://redirect.github.com/actions/setup-dotnet/issues/746">#746</a>)</li>
<li><a
href="https://github.com/actions/setup-dotnet/commit/dc3262dda80e97f1c7865b3b122e99240e30b738"><code>dc3262d</code></a>
pin actions to commit SHAs in workflows (<a
href="https://redirect.github.com/actions/setup-dotnet/issues/744">#744</a>)</li>
<li><a
href="https://github.com/actions/setup-dotnet/commit/95a3f8b067437dc9b2027a437f5dc3b4569ddd49"><code>95a3f8b</code></a>
Validate global.json SDK version before rollForward optimization (<a
href="https://redirect.github.com/actions/setup-dotnet/issues/742">#742</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/setup-dotnet/compare/9a946fdbd5fb07b82b2f5a4466058b876ab72bb2...26b0ec14cb23fa6904739307f278c14f94c95bf1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-dotnet&package-manager=github_actions&previous-version=5.3.0&new-version=5.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Ports the branch-scoped self-publishing CI/CD from
`ptr727/LanguageTags`, replacing the ProjectTemplate two-phase model.
`main` publishes stable releases and `develop` publishes prereleases;
each branch publishes itself when a shipped input changes. Utilities has
no codegen, so the generator workflows and merge-bot codegen job are
omitted.

## Workflows

- Remove `build-datebadge-task.yml`, `build-nugetlibrary-task.yml`,
`get-version-task.yml`.
- Add `validate-task.yml` (unit tests + CSharpier / `dotnet format
style` / markdownlint / cspell / actionlint).
- Rework `build-release-task.yml` (NBGV, keyless OIDC `NuGet/login`
push, flat `Utilities.7z` asset), `publish-release.yml` (push/dispatch
self-publisher with a shipped-input inclusion list),
`test-pull-request.yml` (validate + smoke-build + `Check pull request
workflow status job` aggregator), and `merge-bot-pull-request.yml`
(Dependabot auto-merge only).

## Config and docs

- Add `WORKFLOW.md` (canonical CI/CD spec, codegen sections removed) and
`repo-config/` (rulesets + settings as code, `delete_branch_on_merge`
off).
- Add `cspell.json` as the single spell-check source; reconcile
`AGENTS.md`, `CODESTYLE.md`, `.github/copilot-instructions.md`,
`.github/dependabot.yml`, `.vscode/tasks.json`, and `Utilities.slnx`.
- Bump version floor 3.5 -> 3.6; refresh `README.md` and `HISTORY.md`.

Verified locally: actionlint, markdownlint, cspell, YAML/JSON parse,
`bash -n configure.sh`, EOL per `.editorconfig`, and Husky
clean-compile.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Copilot AI review requested due to automatic review settings June 28, 2026 04:37

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Promotes the branch-scoped self-publishing CI/CD model (and related documentation/config-as-code) from develop to main, cutting the 3.6 stable release floor and aligning main with the new workflow contract.

Changes:

  • Introduce a reusable CI validation gate (validate-task.yml) and rework PR + publish workflows around branch-scoped, single-ref releases.
  • Add CI/CD specification and repo configuration-as-code (WORKFLOW.md, repo-config/) and refresh contributing/docs accordingly.
  • Bump the NBGV version floor to 3.6 and apply minor dependency/solution workspace updates.

Reviewed changes

Copilot reviewed 29 out of 29 changed files in this pull request and generated 2 comments.

Show a summary per file
File Description
WORKFLOW.md Adds the canonical CI/CD workflow contract, architecture, and verification methodology.
version.json Bumps NBGV version floor to 3.6 for the stable release line.
Utilities.slnx Updates solution items/workflow references to match the new pipeline and docs.
Utilities.code-workspace Removes embedded CSpell dictionary in favor of a dedicated cspell.json.
repo-config/settings.json Codifies repo-level settings (merge methods, auto-merge, etc.).
repo-config/ruleset-main.json Codifies the main branch ruleset (merge-commit-only, required check, signatures).
repo-config/ruleset-develop.json Codifies the develop branch ruleset (squash-only/linear history, required check, signatures).
repo-config/README.md Documents how the configuration-as-code directory is applied and audited.
repo-config/configure.sh Adds an idempotent gh api script to apply/check rulesets, settings, and required secrets.
README.md Updates distribution links, badges, and contributing guidance to reflect the new CI/CD model.
HISTORY.md Adds v3.6 release notes describing the CI/CD and publishing changes.
Directory.Packages.props Updates Microsoft.NET.Test.Sdk to 18.7.0.
cspell.json Adds a repo-wide CSpell configuration and accepted word list.
CODESTYLE.md Updates code-style documentation to reflect current tooling and CI lint behavior.
AGENTS.md Refactors agent guidance to point to WORKFLOW.md for CI/CD and clarifies review/merge gate expectations.
.vscode/tasks.json Cleans up task file commentary and clarifies clean-compile vs convenience tasks.
.markdownlint-cli2.jsonc Clarifies MD060 policy (table column style) in markdownlint configuration.
.github/workflows/validate-task.yml Adds reusable validation workflow (unit tests + lint suite).
.github/workflows/test-pull-request.yml Switches PR gating to push-based CI for head-resolved workflow self-testing + required aggregator.
.github/workflows/publish-release.yml Reworks publishing to branch-scoped self-publishing on shipped-input changes or dispatch (no schedule).
.github/workflows/merge-bot-pull-request.yml Simplifies merge-bot logic; enables auto-merge for Dependabot on both branches and disables on maintainer pushes.
.github/workflows/get-version-task.yml Removes standalone reusable version task (versioning now inlined into build-release-task).
.github/workflows/build-release-task.yml Consolidates version/build/publish/release responsibilities; adds OIDC NuGet publishing and flat Utilities.7z asset.
.github/workflows/build-nugetlibrary-task.yml Removes legacy build task superseded by build-release-task.
.github/workflows/build-datebadge-task.yml Removes decorative date-badge workflow from the pipeline.
.github/dependabot.yml Tightens and shortens rationale comments while keeping dual-target updates.
.github/copilot-instructions.md Minor wording updates in Copilot runbook and references.
.gitattributes Clarifies EOL strategy and pins LF for execution-sensitive script classes.
.editorconfig Refines per-file-type EOL rules and adds ReSharper settings; adjusts C# analyzer settings.

Comment thread .editorconfig
Comment on lines 17 to 21
[*]
charset = utf-8
end_of_line = crlf
indent_size = 4
indent_style = space
insert_final_newline = true
Comment thread CODESTYLE.md
Comment on lines 198 to 202
1. **XML documentation**
- `<GenerateDocumentationFile>true</GenerateDocumentationFile>`
- Document all public surfaces.
- Missing XML comments for public APIs are suppressed (`.editorconfig`)
- Must document all public surfaces.
- Single-line summaries, additional details in remarks, document input parameters, return values, exceptions, and add crefs
@ptr727 ptr727 merged commit 1cbe6b2 into main Jun 28, 2026
17 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants