Skip to content

Bump actions/setup-dotnet from 4 to 5#3

Closed
dependabot[bot] wants to merge 27 commits intodevelopfrom
dependabot/github_actions/actions/setup-dotnet-5
Closed

Bump actions/setup-dotnet from 4 to 5#3
dependabot[bot] wants to merge 27 commits intodevelopfrom
dependabot/github_actions/actions/setup-dotnet-5

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 2, 2026

Bumps actions/setup-dotnet from 4 to 5.

Release notes

Sourced from actions/setup-dotnet's releases.

v5.0.0

What's Changed

Breaking Changes

Make sure your runner is updated to this version or newer to use this release. v2.327.1 Release Notes

Dependency Updates

Bug Fixes

New Contributors

Full Changelog: actions/setup-dotnet@v4...v5.0.0

v4.3.1

What's Changed

Full Changelog: actions/setup-dotnet@v4...v4.3.1

v4.3.0

What's Changed

New Contributors

... (truncated)

Commits
  • baa11fb Bump test dependencies to resolve System.Net.Http vulnerability, update workf...
  • 24ec4f2 Upgrade to latest actions packages (#687)
  • 4c100cb Fix icons (#604)
  • 25328d8 Bump actions/checkout from 5 to 6 (#684)
  • 937b8dd Update README with note on setting DOTNET_INSTALL_DIR for Linux permission is...
  • 2016bd2 Bump actions/publish-action from 0.3.0 to 0.4.0 and update macos-13 to macos-...
  • 21e81f6 Bump eslint-plugin-jest from 27.9.0 to 29.0.1 (#648)
  • 7403103 Bump typescript from 5.4.2 to 5.9.2 (#624)
  • d4c9434 Update to Node.js 24 and modernize async usage (#654)
  • 5c125af Bump actions/checkout from 4 to 5 (#662)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

peters and others added 27 commits March 2, 2026 11:10
@peters
Initial implementation of Surge C++20 application update framework
cf547b9 
Surge is a full C++20 rewrite of Snapx that drops NuGet packaging in favor
of direct cloud storage (S3, Azure Blob, GCS, filesystem), produces native
binaries with zero runtime dependency, and provides a thin .NET NuGet wrapper
via P/Invoke for updating .NET applications.

Components:
- libsurge: Core shared library with C API (surge_api.h)
- surge CLI: pack, push, promote, demote, list, restore, lock, migrate, init
- surge-supervisor: Process supervisor with auto-restart
- Surge.NET: Zero-dependency .NET wrapper (netstandard2.0 + net8.0 AOT)

Key features:
- YAML manifest format (simplified from snapx)
- Cloud storage backends: S3 (SigV4), Azure Blob (SharedKey), GCS (OAuth2/HMAC), filesystem
- tar.zst archives via libarchive (replaces nupkg)
- Binary delta updates via vendored bsdiff
- 6-phase weighted progress reporting
- Resource budget planner for constrained devices
- Distributed locking via snapx.dev API
- snapx migration command (surge migrate --from-snapx)
@peters
Simplify CI to .NET job for initial validation
8e17b8c
@peters
Restore C++ CI jobs with manual vcpkg bootstrap
4e1d9ec
@peters
CI: Use runner-provided vcpkg and separate jobs
dd89007
@peters
Add missing libdivsufsort pkgconfig directory
513d71d
@peters
Fix header/implementation mismatches and add dependabot config
9291203 
Align all 16 .cpp files with their corresponding .hpp headers:
- archive: Fix method signatures, return types (void with exceptions)
- storage: Restructure all 4 backends to match header class declarations
- releases: Fix struct field names, function signatures
- update/pack/lock: Align constructors and method signatures with headers
- supervisor: Match class-based API from headers
- diff: Rename functions to match header declarations

Also add dependabot.yml for NuGet and GitHub Actions updates.
@peters
Fix yaml-cpp const iterator binding in release_manifest
14061ea
@peters
Fix undeclared SURGE_OK/SURGE_ERROR in supervisor.cpp
ae08bf9
@peters
Fix test compilation: missing includes, span conversion, SHA-256 vector
db6930c
@peters
Add convenience put_object overload to MockStorageBackend
eb7259c
@peters
Add code quality tooling: clang-format, clang-tidy, warnings-as-errors
ba96fe6 
- .clang-format: Google-based style with 4-space indent, 120 col limit
- .clang-tidy: Comprehensive checks with bugprone/performance as errors
- CMake: -Wall -Wextra -Wpedantic -Werror (GCC/Clang), /W4 /WX (MSVC)
- CMake: Optional SURGE_ENABLE_CLANG_TIDY integration
- .NET: TreatWarningsAsErrors + EnforceCodeStyleInBuild via Directory.Build.props
- CI: dotnet format --verify-no-changes, clang-format check on PRs
- CLAUDE.md: Agent instructions for development conventions
- Fix all .NET analyzer warnings (CA1310, CA1806, CA1513, IL3000, CA2101)
@peters
Disable warnings-as-errors for vendored bsdiff/bzip2/libdivsufsort
9c827bf
@peters
Fix unused function warnings in surge_api.cpp and download_manager.cpp
9a01d3c
@peters
CI: Add vcpkg binary cache for faster C++ builds
5028416
@peters
Restore const overload of to_info in surge_api.cpp
fd32f3f
@peters
Remove unused non-const to_info overload
892d19c
@peters
Fix bsdiff C struct zero-init and unused format_size warning
12f25d3
@peters
Fix remaining unused variable/function warnings
23e9baf
@peters
Fix missing field initializer in test_archive PackerOptions
1a8a8d3
@peters
Fix remaining PackerOptions missing field initializers in tests
059627e
@peters
Fix linker errors: move CLI commands to surge exe, fix test warnings
745636f
@peters
Remove global hidden visibility to fix CLI linking against surge_core
e2598b3
@peters
Fix all 23 failing tests: archive zstd filter, bsdiff use-after-free,…
6d25e2a 
… manifest camelCase

- archive/packer: Accept ARCHIVE_WARN from zstd filter, use NULL filter name for options
- diff/bsdiff_wrapper: Rewrite cleanup to match snapx pattern - read buffer before
  closing packer to prevent use-after-free segfaults, never double-close patchfile
- config/manifest: Support both camelCase and snake_case YAML field names
  (supervisorId/supervisor_id, installDirectory/install_directory, persistentAssets)
- api/surge_api: Add null check for working_dir in surge_supervisor_start
- tests/test_archive: Fix progress callback assertions for unknown total
@peters
Fix last 3 test failures: supervisor exe check, manifest validation, …
2a23e86 
…simplify anchor test
@peters
Fix last test failure, suppress all vendor warnings
fd09afe 
- Fix ParseInvalidYaml test: use plain string (not a YAML mapping) which
  triggers our root-node-is-not-a-map validation
- Suppress ALL warnings (-w) for vendored bsdiff/bzip2/libdivsufsort code
  to keep build output clean
@peters
Apply clang-format to all C++ source files, add Windows + macOS CI
0eca773
@dependabot
Bump actions/setup-dotnet from 4 to 5
610d872 
Bumps [actions/setup-dotnet](https://github.com/actions/setup-dotnet) from 4 to 5.
- [Release notes](https://github.com/actions/setup-dotnet/releases)
- [Commits](actions/setup-dotnet@v4...v5)

---
updated-dependencies:
- dependency-name: actions/setup-dotnet
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Mar 2, 2026
@peters peters closed this Mar 2, 2026
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Mar 2, 2026

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot bot deleted the dependabot/github_actions/actions/setup-dotnet-5 branch March 2, 2026 15:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@peters