At long last we've have a new release of the DotNet.ReproducibleBuilds and DotNet.ReproducibleBuilds.Isolated packages! We've dusted off the cobwebs and worked through some infrastructure and permissions issues, and now have the ability to reliably release new versions of the packages again. This is due in no small part to the help of our brand new maintainer - welcome to @MattKotsenas! He and I will be working together to develop a plan for this repo going forward, and I'm very excited to welcome him to the maintainer team.
This release has a few new features and one feature removal due to obsoletion.
Additions
Set the DisableImplicitLibraryPacks property to true to prevent using packages from the .NET SDK's built-in package sources. #21 (Thanks @cmeeren!)
Populate the RepositoryBranch property if other Repository Metadata has been requested to be made public. #27 (Thanks @kzu!)
Removals
No longer include the .NET Framework reference assembly packages, because the .NET SDK does this now. #33 (Thanks @MattKotsenas!)
Infrastructure
We have simplified the packaging of the repo to be more straightforward, using dotnet pack as expected these days.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
- `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
- `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency
- `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
Bumps the all group with 2 updates: DotNet.ReproducibleBuilds and Polly.
Updates
DotNet.ReproducibleBuildsfrom 1.1.1 to 1.2.4Release notes
Sourced from DotNet.ReproducibleBuilds's releases.
Commits
Updates
Pollyfrom 8.4.0 to 8.4.1Release notes
Sourced from Polly's releases.
Changelog
Sourced from Polly's changelog.
Commits
2b44e7aHandle nested inner exceptions (#2166)3a78be9Bump SonarAnalyzer.CSharp from 9.27.0.93347 to 9.28.0.94264 (#2167)7105558Bump cake tools7301ef3Fix retry delay going negative for large retries with exponential delays (#2164)5d81f99Bump SonarAnalyzer.CSharp from 9.26.0.92422 to 9.27.0.93347 (#2157)921c187Bump MicrosoftExtensionsTimeProviderVersion from 8.5.0 to 8.6.0 (#2151)8e04d65Bump github/codeql-action from 3.25.8 to 3.25.10 (#2156)8fdc4bcBump sign from 0.9.1-beta.24170.3 to 0.9.1-beta.24312.3 (#2152)6621e19Bump actions/checkout from 4.1.6 to 4.1.7 (#2154)aa0d862Bump rojopolis/spellcheck-github-actions from 0.37.0 to 0.38.0 (#2153)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show