Skip to content

Commit ccff3e6

Browse files
claudejoshsmithxrm
authored andcommitted
deps: update outdated packages and fix Dependabot configuration
Security updates: - Microsoft.PowerPlatform.Dataverse.Client: 1.1.* → 1.2.* (CVE-2022-26907) Test infrastructure updates: - Microsoft.NET.Test.Sdk: 17.8.0 → 18.0.1 - xunit: 2.6.4 → 2.9.3 - xunit.runner.visualstudio: 2.5.6 → 3.0.2 Dependabot improvements: - Added versioning-strategy: increase for floating version bumps - Added dependency grouping to reduce PR noise - Increased PR limit from 5 to 10 Root cause: Floating versions (e.g., 1.1.*) prevented Dependabot from suggesting minor/major version bumps. The versioning-strategy setting addresses this going forward. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
1 parent 4d72360 commit ccff3e6

File tree

6 files changed

+47
-11
lines changed

6 files changed

+47
-11
lines changed

.github/dependabot.yml

Lines changed: 22 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,12 +6,29 @@ updates:
66
schedule:
77
interval: "weekly"
88
day: "monday"
9-
open-pull-requests-limit: 5
9+
open-pull-requests-limit: 10
1010
labels:
1111
- "dependencies"
1212
- "nuget"
1313
commit-message:
1414
prefix: "deps"
15+
# Group related dependencies to reduce PR noise
16+
groups:
17+
microsoft-extensions:
18+
patterns:
19+
- "Microsoft.Extensions.*"
20+
test-infrastructure:
21+
patterns:
22+
- "Microsoft.NET.Test.Sdk"
23+
- "xunit*"
24+
- "coverlet.*"
25+
- "Moq"
26+
- "FluentAssertions"
27+
dataverse:
28+
patterns:
29+
- "Microsoft.PowerPlatform.Dataverse.*"
30+
# Widen version constraints when needed (e.g., 1.1.* -> 1.2.*)
31+
versioning-strategy: increase
1532

1633
# GitHub Actions
1734
- package-ecosystem: "github-actions"
@@ -25,3 +42,7 @@ updates:
2542
- "github-actions"
2643
commit-message:
2744
prefix: "ci"
45+
groups:
46+
github-actions:
47+
patterns:
48+
- "*"

CHANGELOG.md

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,21 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
77

88
## [Unreleased]
99

10+
### Security
11+
12+
- Updated `Microsoft.PowerPlatform.Dataverse.Client` from `1.1.*` to `1.2.*` - includes CVE-2022-26907 fix
13+
14+
### Changed
15+
16+
- Updated test infrastructure packages:
17+
- `Microsoft.NET.Test.Sdk`: 17.8.0 → 18.0.1
18+
- `xunit`: 2.6.4 → 2.9.3
19+
- `xunit.runner.visualstudio`: 2.5.6 → 3.0.2
20+
- Improved Dependabot configuration:
21+
- Added `versioning-strategy: increase` to handle floating version bumps
22+
- Added dependency grouping for reduced PR noise
23+
- Increased PR limit to 10
24+
1025
### Added
1126

1227
- **PPDS.Migration** - New library for high-performance Dataverse data migration

src/PPDS.Dataverse/PPDS.Dataverse.csproj

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -41,7 +41,7 @@
4141

4242
<ItemGroup>
4343
<PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="10.0.1" />
44-
<PackageReference Include="Microsoft.PowerPlatform.Dataverse.Client" Version="1.1.*" />
44+
<PackageReference Include="Microsoft.PowerPlatform.Dataverse.Client" Version="1.2.*" />
4545
<PackageReference Include="Microsoft.Extensions.DependencyInjection.Abstractions" Version="10.0.1" />
4646
<PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="10.0.1" />
4747
<PackageReference Include="Microsoft.Extensions.Options" Version="10.0.1" />

tests/PPDS.Dataverse.Tests/PPDS.Dataverse.Tests.csproj

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -10,9 +10,9 @@
1010
</PropertyGroup>
1111

1212
<ItemGroup>
13-
<PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.8.0" />
14-
<PackageReference Include="xunit" Version="2.6.4" />
15-
<PackageReference Include="xunit.runner.visualstudio" Version="2.5.6">
13+
<PackageReference Include="Microsoft.NET.Test.Sdk" Version="18.0.1" />
14+
<PackageReference Include="xunit" Version="2.9.3" />
15+
<PackageReference Include="xunit.runner.visualstudio" Version="3.0.2">
1616
<PrivateAssets>all</PrivateAssets>
1717
<IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
1818
</PackageReference>

tests/PPDS.Migration.Cli.Tests/PPDS.Migration.Cli.Tests.csproj

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -10,9 +10,9 @@
1010
</PropertyGroup>
1111

1212
<ItemGroup>
13-
<PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.8.0" />
14-
<PackageReference Include="xunit" Version="2.6.4" />
15-
<PackageReference Include="xunit.runner.visualstudio" Version="2.5.6">
13+
<PackageReference Include="Microsoft.NET.Test.Sdk" Version="18.0.1" />
14+
<PackageReference Include="xunit" Version="2.9.3" />
15+
<PackageReference Include="xunit.runner.visualstudio" Version="3.0.2">
1616
<PrivateAssets>all</PrivateAssets>
1717
<IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
1818
</PackageReference>

tests/PPDS.Plugins.Tests/PPDS.Plugins.Tests.csproj

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -10,9 +10,9 @@
1010
</PropertyGroup>
1111

1212
<ItemGroup>
13-
<PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.8.0" />
14-
<PackageReference Include="xunit" Version="2.6.4" />
15-
<PackageReference Include="xunit.runner.visualstudio" Version="2.5.6">
13+
<PackageReference Include="Microsoft.NET.Test.Sdk" Version="18.0.1" />
14+
<PackageReference Include="xunit" Version="2.9.3" />
15+
<PackageReference Include="xunit.runner.visualstudio" Version="3.0.2">
1616
<PrivateAssets>all</PrivateAssets>
1717
<IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
1818
</PackageReference>

0 commit comments

Comments
 (0)