Merge branch 'main' into merge/release/10.0.1xx-to-main

Author: SimonZhao888

.github/copilot-instructions.md

@@ -6,6 +6,13 @@ Coding Style and Changes:
 Testing:
 - Large changes should always include test changes.
 - The Skip parameter of the Fact attribute to point to the specific issue link.
+- To run tests in this repo:
+  - Use the repo-local dotnet instance: `./.dotnet/dotnet`
+  - For MSTest-style projects: `dotnet test path/to/project.csproj --filter "FullyQualifiedName~TestName"`
+  - For XUnit test assemblies: `dotnet exec artifacts/bin/redist/Debug/TestAssembly.dll -method "*TestMethodName*"`
+  - Examples:
+    - `dotnet test test/dotnet.Tests/dotnet.Tests.csproj --filter "Name~ItShowsTheAppropriateMessageToTheUser"`
+    - `dotnet exec artifacts/bin/redist/Debug/dotnet.Tests.dll -method "*ItShowsTheAppropriateMessageToTheUser*"`
 
 Output Considerations:
 - When considering how output should look, solicit advice from baronfel.

.github/workflows/copilot-setup-steps.yml

@@ -31,3 +31,18 @@ jobs:
       - name: Check dotnet version
         run: |
           dotnet --version
+
+      # For MCP servers like nuget's
+      - name: Install .NET 10.x
+        uses: actions/setup-dotnet@v4
+        with:
+          dotnet-version: |
+            10.x
+          dotnet-quality: preview
+
+      # for MCP servers
+      - name: Install .NET 8.x
+        uses: actions/setup-dotnet@v4
+        with:
+          dotnet-version: |
+            8.x

.github/workflows/pr-main-warning.yml

@@ -0,0 +1,24 @@
+name: PR Main Branch Warning
+on:
+  pull_request_target:
+    types: [opened]
+    branches:
+      - main
+
+permissions:
+  pull-requests: write
+
+jobs:
+  comment:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Add warning comment to PR targeting main
+        uses: actions/github-script@v7
+        with:
+          script: |
+            github.rest.issues.createComment({
+              issue_number: context.payload.pull_request.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              body: `This PR is targeting \`main\`, which is now for .NET 11-facing work. If you intended to target .NET 10, either retarget this PR to \`release/10.0.1xx\` or make sure you backport the change to \`release/10.0.1xx\` after merging. See https://github.com/dotnet/sdk/issues/50394 for more details.`
+            })

.github/workflows/update-man-pages.yml

@@ -14,6 +14,8 @@ jobs:
     steps:
       - name: Checkout repository code
         uses: actions/checkout@v4
+        with:
+          ref: release/10.0.1xx
 
       - name: Update man-pages
         run: |
@@ -38,7 +40,7 @@ jobs:
             git checkout -b $branch
             git commit -m "$title"
             git push -u origin $branch --force
-            gh pr create --base main --head $branch --title "$title" --body "$body"
+            gh pr create --base release/10.0.1xx --head $branch --title "$title" --body "$body"
           fi
         env:
           GH_TOKEN: ${{ github.token }}

.github/workflows/update-static-web-assets-baselines.yml

@@ -0,0 +1,111 @@
+name: Update Static Web Assets Baselines
+
+on:
+  workflow_dispatch:
+    inputs:
+      pr_number:
+        description: 'Pull Request number'
+        required: true
+        type: string
+
+jobs:
+  update-baselines:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      pull-requests: write
+    
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          fetch-depth: 0
+      
+      - name: Checkout PR branch
+        run: |
+          gh pr checkout ${{ github.event.inputs.pr_number }}
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      
+      - name: Run build script
+        id: build
+        run: |
+          chmod +x ./build.sh
+          ./build.sh -c Release
+        continue-on-error: true
+      
+      - name: Update baselines
+        id: update
+        if: steps.build.outcome == 'success'
+        run: |
+          # Set DOTNET_ROOT to the local dotnet installation
+          export DOTNET_ROOT="$(pwd)/.dotnet"
+          # Prepend DOTNET_ROOT to PATH
+          export PATH="$DOTNET_ROOT:$PATH"
+          
+          # Run the update baselines script
+          chmod +x src/RazorSdk/update-test-baselines.sh
+          src/RazorSdk/update-test-baselines.sh
+        continue-on-error: true
+      
+      - name: Check for changes
+        id: check-changes
+        if: steps.update.outcome == 'success'
+        run: |
+          # Check if there are changes to any *.json files under the test folder
+          if git diff --name-only | grep -E '^test/.*\.json$'; then
+            echo "changes=true" >> $GITHUB_OUTPUT
+          else
+            echo "changes=false" >> $GITHUB_OUTPUT
+          fi
+      
+      - name: Commit and push changes
+        id: commit
+        if: steps.update.outcome == 'success' && steps.check-changes.outputs.changes == 'true'
+        run: |
+          git config --global user.name 'github-actions[bot]'
+          git config --global user.email 'github-actions[bot]@users.noreply.github.com'
+          
+          # Create commit with formatted date
+          COMMIT_DATE=$(date -u +"%Y-%m-%d")
+          git add test/**/*.json
+          git commit -m "[Infrastructure] Update baselines $COMMIT_DATE"
+          
+          # Push to the PR branch
+          git push
+        continue-on-error: true
+      
+      - name: Comment on PR - No changes
+        if: steps.update.outcome == 'success' && steps.check-changes.outputs.changes == 'false'
+        run: |
+          gh pr comment ${{ github.event.inputs.pr_number }} \
+            --body "No baselines were updated."
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      
+      - name: Comment on PR - Changes pushed
+        if: steps.commit.outcome == 'success'
+        run: |
+          gh pr comment ${{ github.event.inputs.pr_number }} \
+            --body "Baselines updated."
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      
+      - name: Comment on PR - Failure
+        if: steps.build.outcome == 'failure' || steps.update.outcome == 'failure' || (steps.check-changes.outputs.changes == 'true' && steps.commit.outcome == 'failure')
+        run: |
+          ERROR_MSG="Update baselines failed"
+          
+          if [[ "${{ steps.build.outcome }}" == "failure" ]]; then
+            ERROR_MSG="$ERROR_MSG: Build script failed"
+          elif [[ "${{ steps.update.outcome }}" == "failure" ]]; then
+            ERROR_MSG="$ERROR_MSG: Update baselines script failed"
+          elif [[ "${{ steps.commit.outcome }}" == "failure" ]]; then
+            ERROR_MSG="$ERROR_MSG: Failed to commit or push changes"
+          fi
+          
+          gh pr comment ${{ github.event.inputs.pr_number }} \
+            --body "$ERROR_MSG"
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Directory.Build.targets

@@ -97,14 +97,15 @@
   <!-- Include SourcePackage.editorconfig in all source packages. -->
   <Target Name="_AddEditorConfigToSourcePackage">
     <ItemGroup>
-      <TfmSpecificPackageFile Include="$(MSBuildThisFileDirectory)eng\SourcePackage.editorconfig" PackagePath="contentFiles/cs/$(TargetFramework)/.editorconfig" />
+      <TfmSpecificPackageFile Include="$(MSBuildThisFileDirectory)eng\SourcePackage.editorconfig" PackagePath="contentFiles/cs/$(TargetFramework)/.editorconfig" Condition="'$(TargetFrameworkIdentifier)' != '.NETStandard'"  />
+      <TfmSpecificPackageFile Include="$(MSBuildThisFileDirectory)eng\SourcePackage.netstandard.editorconfig" PackagePath="contentFiles/cs/$(TargetFramework)/.editorconfig" Condition="'$(TargetFrameworkIdentifier)' == '.NETStandard'" />
     </ItemGroup>
   </Target>
 
   <!-- Include linked files. Arcade SDK only includes files in the project directory. -->
   <Target Name="_AddLinkedCompileItemsToSourcePackage">
     <ItemGroup>
-      <TfmSpecificPackageFile Include="@(Compile)" Condition="'%(Compile.Link)' != ''" PackagePath="contentFiles/cs/$(TargetFramework)/%(Compile.Link)" BuildAction="Compile"/>
+      <TfmSpecificPackageFile Include="@(Compile)" Condition="'%(Compile.Link)' != '' and '%(Compile.Pack)' != 'false'" PackagePath="contentFiles/cs/$(TargetFramework)/%(Compile.Link)" BuildAction="Compile"/>
     </ItemGroup>
   </Target>
 

Directory.Packages.props

@@ -22,6 +22,7 @@
     <PackageVersion Include="Microsoft.CodeAnalysis.Analyzer.Testing" Version="$(MicrosoftCodeAnalysisAnalyzerTestingVersion)" />
     <PackageVersion Include="Microsoft.CodeAnalysis.BuildClient" Version="$(MicrosoftCodeAnalysisBuildClientVersion)" />
     <PackageVersion Include="Microsoft.CodeAnalysis.Common" Version="$(MicrosoftCodeAnalysisPackageVersion)" />
+    <PackageVersion Include="Microsoft.CodeAnalysis.Contracts" Version="$(MicrosoftCodeAnalysisPackageVersion)" />
     <PackageVersion Include="Microsoft.CodeAnalysis.CSharp" Version="$(MicrosoftCodeAnalysisCSharpPackageVersion)" />
     <PackageVersion Include="Microsoft.CodeAnalysis.CSharp.CodeStyle" Version="$(MicrosoftCodeAnalysisPackageVersion)" />
     <PackageVersion Include="Microsoft.CodeAnalysis.CSharp.Features" Version="$(MicrosoftCodeAnalysisCSharpPackageVersion)" />

documentation/manpages/sdk/dotnet-nuget-locals.1

@@ -14,7 +14,7 @@
 . ftr VB CB
 . ftr VBI CBI
 .\}
-.TH "dotnet-nuget-locals" "1" "2025-06-13" "" ".NET Documentation"
+.TH "dotnet-nuget-locals" "1" "2025-08-15" "" ".NET Documentation"
 .hy
 .SH dotnet nuget locals
 .PP
@@ -42,7 +42,7 @@ The \f[V]dotnet nuget locals\f[R] command clears or lists local NuGet resources
 The cache location to list or clear.
 It accepts one of the following values:
 .IP \[bu] 2
-\f[V]all\f[R] - Indicates that the specified operation is applied to all cache types: http-request cache, global packages cache, and the temporary cache.
+\f[V]all\f[R] - Indicates that the specified operation is applied to all cache types: http-request cache, global packages cache, temporary cache, and plugins cache.
 .IP \[bu] 2
 \f[V]http-cache\f[R] - Indicates that the specified operation is applied only to the http-request cache.
 The other cache locations aren\[cq]t affected.
@@ -52,6 +52,9 @@ The other cache locations aren\[cq]t affected.
 .IP \[bu] 2
 \f[V]temp\f[R] - Indicates that the specified operation is applied only to the temporary cache.
 The other cache locations aren\[cq]t affected.
+.IP \[bu] 2
+\f[V]plugins-cache\f[R] - Indicates that the specified operation is applied only to the plugins cache.
+The other cache locations aren\[cq]t affected.
 .RE
 .SH OPTIONS
 .IP \[bu] 2
@@ -83,7 +86,7 @@ The list option is used to display the location of the specified cache type.
 .RE
 .SH EXAMPLES
 .IP \[bu] 2
-Displays the paths of all the local cache directories (http-cache directory, global-packages cache directory, and temporary cache directory):
+Displays the paths of all the local cache directories (http-cache directory, global-packages cache directory, temporary cache directory, and plugins cache directory):
 .RS 2
 .IP
 .nf
@@ -103,7 +106,17 @@ dotnet nuget locals http-cache --list
 .fi
 .RE
 .IP \[bu] 2
-Clears all files from all local cache directories (http-cache directory, global-packages cache directory, and temporary cache directory):
+Displays the path for the local plugins cache directory:
+.RS 2
+.IP
+.nf
+\f[C]
+dotnet nuget locals plugins-cache --list
+\f[R]
+.fi
+.RE
+.IP \[bu] 2
+Clears all files from all local cache directories (http-cache directory, global-packages cache directory, temporary cache directory, and plugins cache directory):
 .RS 2
 .IP
 .nf
@@ -132,6 +145,16 @@ dotnet nuget locals temp -c
 \f[R]
 .fi
 .RE
+.IP \[bu] 2
+Clears all files in local plugins cache directory:
+.RS 2
+.IP
+.nf
+\f[C]
+dotnet nuget locals plugins-cache -c
+\f[R]
+.fi
+.RE
 .SS Troubleshooting
 .PP
 For information on common problems and errors while using the \f[V]dotnet nuget locals\f[R] command, see Managing the NuGet cache.

documentation/manpages/sdk/dotnet-nuget-push.1

@@ -14,7 +14,7 @@
 . ftr VB CB
 . ftr VBI CBI
 .\}
-.TH "dotnet-nuget-push" "1" "2025-06-13" "" ".NET Documentation"
+.TH "dotnet-nuget-push" "1" "2025-08-15" "" ".NET Documentation"
 .hy
 .SH dotnet nuget push
 .PP
@@ -26,7 +26,7 @@ dotnet-nuget-push - Pushes a package to the server and publishes it.
 .IP
 .nf
 \f[C]
-dotnet nuget push [<ROOT>] [-d|--disable-buffering] [--force-english-output]
+dotnet nuget push [<ROOT>] [--allow-insecure-connections] [-d|--disable-buffering] [--force-english-output]
     [--interactive] [-k|--api-key <API_KEY>] [-n|--no-symbols]
     [--no-service-endpoint] [-s|--source <SOURCE>] [--skip-duplicate]
     [-sk|--symbol-api-key <API_KEY>] [-ss|--symbol-source <SOURCE>]
@@ -73,6 +73,12 @@ Specifies the file path to the package to be pushed.
 .RE
 .SH OPTIONS
 .IP \[bu] 2
+\f[B]\f[VB]--allow-insecure-connections\f[B]\f[R]
+.RS 2
+.PP
+Allows pushing to HTTP sources (insecure).
+.RE
+.IP \[bu] 2
 \f[B]\f[VB]-d|--disable-buffering\f[B]\f[R]
 .RS 2
 .PP

documentation/manpages/sdk/dotnet-nuget-sign.1

@@ -14,7 +14,7 @@
 . ftr VB CB
 . ftr VBI CBI
 .\}
-.TH "dotnet-nuget-sign" "1" "2025-06-13" "" ".NET Documentation"
+.TH "dotnet-nuget-sign" "1" "2025-08-15" "" ".NET Documentation"
 .hy
 .SH dotnet nuget sign
 .PP
@@ -49,8 +49,8 @@ The \f[V]dotnet nuget sign\f[R] command signs all the packages matching the firs
 The certificate with the private key can be obtained from a file or from a certificate installed in a certificate store by providing a subject name or a SHA-1 fingerprint.
 .RS
 .PP
-This command requires a certificate root store that is valid for both code signing and timestamping.
-Also, this command may not be supported on some combinations of operating system and .NET SDK.
+This command requires a certificate root store that\[cq]s valid for both code signing and timestamping.
+Also, this command might not be supported on some combinations of operating system and .NET SDK.
 For more information, see NuGet signed package verification.
 .RE
 .SH ARGUMENTS
@@ -108,9 +108,11 @@ If there are multiple matching certificates in the result, or no matching certif
 Specifies the fingerprint of the certificate used to search a local certificate store for the certificate.
 .PP
 Starting with .NET 9, this option can be used to specify the SHA-1, SHA-256, SHA-384, or SHA-512 fingerprint of the certificate.
-However, a \f[V]NU3043\f[R] warning is raised when a SHA-1 certificate fingerprint is used because it is no longer considered secure.
+However, a \f[V]NU3043\f[R] warning is raised when a SHA-1 certificate fingerprint is used because it\[cq]s no longer considered secure.
+In .NET 10 and later versions, the warning is elevated to an error.
+Only SHA-2 family fingerprints (SHA-256, SHA-384, and SHA-512) are supported.
 .PP
-All the previous versions of the .NET SDK continue to accept only SHA-1 certificate fingerprint.
+All pre-.NET 9 versions of the .NET SDK continue to accept only SHA-1 certificate fingerprint.
 .RE
 .IP \[bu] 2
 \f[B]\f[VB]--certificate-password <PASSWORD>\f[B]\f[R]
@@ -196,12 +198,12 @@ dotnet nuget sign foo.nupkg --certificate-path cert.pfx --certificate-password p
 .fi
 .RE
 .IP \[bu] 2
-Sign \f[I]foo.nupkg\f[R] with certificate (password protected) matches with the specified SHA-1 fingerprint in the default certificate store (CurrentUser):
+Sign \f[I]foo.nupkg\f[R] with certificate (password protected) matches with the specified SHA-256 fingerprint in the default certificate store (CurrentUser):
 .RS 2
 .IP
 .nf
 \f[C]
-dotnet nuget sign foo.nupkg --certificate-fingerprint 89967D1DD995010B6C66AE24FF8E66885E6E03A8 --certificate-password password
+dotnet nuget sign foo.nupkg --certificate-fingerprint B2C40F2F8775D7B7EBEB76BD5A9D3A4BC3F4B8A4D8D7C5F8A4C6B3E7A9E2D5F1 --certificate-password password
 \f[R]
 .fi
 .RE
@@ -216,12 +218,12 @@ dotnet nuget sign foo.nupkg --certificate-subject-name \[dq]Test certificate for
 .fi
 .RE
 .IP \[bu] 2
-Sign \f[I]foo.nupkg\f[R] with certificate (password protected) matches with the specified SHA-1 fingerprint in the certificate store CurrentUser:
+Sign \f[I]foo.nupkg\f[R] with certificate (password protected) matches with the specified SHA-256 fingerprint in the certificate store CurrentUser:
 .RS 2
 .IP
 .nf
 \f[C]
-dotnet nuget sign foo.nupkg --certificate-fingerprint 89967D1DD995010B6C66AE24FF8E66885E6E03A8 --certificate-password password --certificate-store-location CurrentUser --certificate-store-name Root
+dotnet nuget sign foo.nupkg --certificate-fingerprint B2C40F2F8775D7B7EBEB76BD5A9D3A4BC3F4B8A4D8D7C5F8A4C6B3E7A9E2D5F1 --certificate-password password --certificate-store-location CurrentUser --certificate-store-name Root
 \f[R]
 .fi
 .RE