dotnet · dotnet-policy-service · Jan 15, 2025 · Jan 14, 2025 · Jan 14, 2025 · Jan 14, 2025
diff --git a/.github/workflows/check-for-build-warnings.yml b/.github/workflows/check-for-build-warnings.yml
@@ -16,7 +16,7 @@ jobs:
         pull-requests: write
     steps:
     - name: Harden Runner
-      uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+      uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
       with:
         egress-policy: audit
 

diff --git a/.github/workflows/cleanrepo-orphaned-articles.yml b/.github/workflows/cleanrepo-orphaned-articles.yml
@@ -17,7 +17,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+        uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
         with:
           egress-policy: audit
 

diff --git a/.github/workflows/cleanrepo-orphaned-images.yml b/.github/workflows/cleanrepo-orphaned-images.yml
@@ -17,7 +17,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+        uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
         with:
           egress-policy: audit
 

diff --git a/.github/workflows/cleanrepo-orphaned-includes.yml b/.github/workflows/cleanrepo-orphaned-includes.yml
@@ -17,7 +17,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+        uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
         with:
           egress-policy: audit
 

diff --git a/.github/workflows/cleanrepo-orphaned-snippets.yml b/.github/workflows/cleanrepo-orphaned-snippets.yml
@@ -17,7 +17,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+        uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
         with:
           egress-policy: audit
 

diff --git a/.github/workflows/cleanrepo-redirect-hops.yml b/.github/workflows/cleanrepo-redirect-hops.yml
@@ -17,7 +17,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+        uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
         with:
           egress-policy: audit
 

diff --git a/.github/workflows/cleanrepo-relative-links.yml b/.github/workflows/cleanrepo-relative-links.yml
@@ -17,7 +17,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+        uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
         with:
           egress-policy: audit
 

diff --git a/.github/workflows/cleanrepo-replace-redirects.yml b/.github/workflows/cleanrepo-replace-redirects.yml
@@ -17,7 +17,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+        uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
         with:
           egress-policy: audit
 

diff --git a/.github/workflows/dependabot-bot.yml b/.github/workflows/dependabot-bot.yml
@@ -26,7 +26,7 @@ jobs:
     # Checkout the repo into the workspace within the VM
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+        uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
         with:
           egress-policy: audit
 

diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
@@ -17,7 +17,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+        uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
         with:
           egress-policy: audit
 

diff --git a/.github/workflows/do-not-merge-label-check.yml b/.github/workflows/do-not-merge-label-check.yml
@@ -22,7 +22,7 @@ jobs:
         - 'DO NOT MERGE'
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+        uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
         with:
           egress-policy: audit
 

diff --git a/.github/workflows/docs-verifier.yml b/.github/workflows/docs-verifier.yml
@@ -14,7 +14,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+        uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
         with:
           egress-policy: audit
 

diff --git a/.github/workflows/live-protection.yml b/.github/workflows/live-protection.yml
@@ -8,7 +8,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+        uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
         with:
           egress-policy: audit
 

diff --git a/.github/workflows/markdownlint.yml b/.github/workflows/markdownlint.yml
@@ -22,7 +22,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+        uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
         with:
           egress-policy: audit
 

diff --git a/.github/workflows/profanity-filter.yml b/.github/workflows/profanity-filter.yml
@@ -19,7 +19,7 @@ jobs:
 
     steps:
     - name: Harden Runner
-      uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+      uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
       with:
         egress-policy: audit
 

diff --git a/.github/workflows/quest-bulk.yml b/.github/workflows/quest-bulk.yml
@@ -26,7 +26,7 @@ jobs:
     if: ${{ github.repository_owner == 'dotnet' }}
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+        uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
         with:
           egress-policy: audit
 

diff --git a/.github/workflows/quest.yml b/.github/workflows/quest.yml
@@ -29,7 +29,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+        uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
         with:
           egress-policy: audit
 

diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
@@ -31,7 +31,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+        uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
         with:
           egress-policy: audit
 
@@ -63,7 +63,7 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: "Upload artifact"
-        uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
+        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
         with:
           name: SARIF file
           path: results.sarif

diff --git a/.github/workflows/snippets5000.yml b/.github/workflows/snippets5000.yml
@@ -31,7 +31,7 @@ jobs:
     steps:
     # Checkout the repository for the PR
     - name: Harden Runner
-      uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+      uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
       with:
         egress-policy: audit
 

diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml
@@ -16,7 +16,7 @@ jobs:
 
     steps:
     - name: Harden Runner
-      uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+      uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
       with:
         egress-policy: audit
 

diff --git a/.github/workflows/version-sweep.yml b/.github/workflows/version-sweep.yml
@@ -34,7 +34,7 @@ jobs:
             # Start the .NET version updater action
             # A composite of the .NET Version Sweeper and the .NET Upgrade Assistant
             - name: Harden Runner
-              uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+              uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
               with:
                 egress-policy: audit
 

diff --git a/.github/workflows/whats-new.yml b/.github/workflows/whats-new.yml
@@ -23,7 +23,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+        uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
         with:
           egress-policy: audit
 

diff --git a/.whatsnew.release.json b/.whatsnew.release.json
@@ -8,7 +8,7 @@
     },
     "inclusionCriteria": {
         "labels": [
-            "label:\":checkered_flag: Release: .NET 7\""
+            "label:\":checkered_flag: Release: .NET 9\""
         ],
         "maxFilesChanged": 100,
         "minAdditionsToFile": 1
@@ -22,40 +22,81 @@
     },
     "areas": [
         {
-            "names": [ "." ],
-            "heading": "Home"
+            "names": [ "standard/security" ],
+            "heading": ".NET security"
         },
         {
-            "names": [ "architecture" ],
-            "heading": "Architecture guides"
+            "names": [ "core/compatibility" ],
+            "heading": ".NET breaking changes"
         },
         {
-            "names": [ "azure" ],
-            "heading": "Azure SDK for .NET"
+            "names": [ "core", "fundamentals", "standard" ],
+            "heading": ".NET fundamentals"
+        },
+        {
+            "names": [ "core/porting" ],
+            "heading": "Migration to .NET"
         },
         {
             "names": [ "csharp" ],
             "heading": "C# language"
         },
         {
-            "names": [ "desktop-wpf" ],
-            "heading": ".NET Core desktop"
+            "names": [ "fsharp" ],
+            "heading": "F# language"
         },
         {
-            "names": [ "framework" ],
-            "heading": ".NET Framework"
+            "names": [ "visual-basic" ],
+            "heading": "Visual Basic language"
         },
         {
-            "names": [ "fsharp" ],
-            "heading": "F# language"
+            "names": [ "architecture" ],
+            "heading": "Architecture guides"
         },
         {
-            "names": [ "core/compatibility" ],
-            "heading": ".NET breaking changes"
+            "names": [ "devops",
+                       "core/testing",
+                       "core/deploying",
+                       "core/docker"
+                     ],
+            "heading": "DevOps and testing in .NET"
         },
         {
-            "names": [ "core", "fundamentals", "standard" ],
-            "heading": ".NET fundamentals"
+            "names": [ "core/tools",
+                       "core/additional-tools",
+                       "core/diagnostics",
+                       "fundamentals/code-analysis",
+                       "standard/analyzers",
+                       "fundamentals/syslib-diagnostics",
+                       "fundamentals/package-validation"
+                     ],
+            "heading": ".NET tools and diagnostics"
+        },
+        {
+            "names": [ "standard/asynchronous-programming-patterns",
+                       "standard/parallel-programming",
+                       "standard/threading",
+                       "standard/collections/thread-safe",
+                       "standard/native-interop",
+                       "standard/garbage-collection"
+                     ],
+            "heading": "Advanced .NET programming"
+        },
+        {
+            "names": [ "ai" ],
+            "heading": "AI in .NET"
+        },
+        {
+            "names": [ "azure" ],
+            "heading": "Azure SDK for .NET"
+        },
+        {
+            "names": [ "desktop-wpf" ],
+            "heading": ".NET Core desktop"
+        },
+        {
+            "names": [ "standard/linq", "standard/data" ],
+            "heading": "Data access in .NET"
         },
         {
             "names": [ "iot" ],
@@ -65,17 +106,21 @@
             "names": [ "machine-learning" ],
             "heading": "ML.NET"
         },
+        {
+            "names": [ "orleans", "dotnet-orleans" ],
+            "heading": "Microsoft Orleans"
+        },
         {
             "names": [ "spark" ],
             "heading": ".NET for Apache Spark"
         },
         {
-            "names": [ "visual-basic" ],
-            "heading": "Visual Basic language"
+            "names": [ "." ],
+            "heading": "Home"
         },
         {
-            "names": [ "orleans", "dotnet-orleans" ],
-            "heading": "Microsoft Orleans"
+            "names": [ "framework" ],
+            "heading": ".NET Framework"
         }
     ]
 }