build: Bump the analyzers group with 4 updates by dependabot[bot] · Pull Request #165 · mcj-coder-org/claude-auto-resume

#849 - Fixed incorrect Moq1203 flagging after upgrading to v0.4.0. The analyzer now correctly resolves delegate-overload resolution for ReturnsAsync, Callback, and similar chained methods. (#886, #919)
#887 - Fixed Moq1203 false positive when the Setup call is wrapped in parentheses. (#895)

Parenthesized Expression Handling

#896 - Fixed parenthesized expressions breaking syntax chain walking in Moq1100 and Moq1206 analyzers. (#907)

Assembly Loading

#850 - Resolved CS8032 warning caused by System.Collections.Immutable assembly version mismatch. (#888)

🤝 Contributors

Thank you to everyone who reported bugs, provided reproduction cases, and engaged in issue discussions to help make this release possible:

@AgustinSabalza - Reported #849
@lkurzyniec - Reported #850
@DamienCassou - Feedback and upvote on #849
@Thijs153 - Feedback on #849
@basvanharten - Feedback on #849
@bkaidbb - Feedback and upvote on #849
@pavkam - Feedback on #849
@abatishchev - Feedback on #850
@bt-chaz-christie - Feedback on #850
@Philipp1806 - Upvote on #849
@philipmat - Upvote on #849

🔗 Resources

Full Changelog: rjmurillo/moq.analyzers@v0.4.0...v0.4.1
Documentation: https://github.com/rjmurillo/moq.analyzers/tree/main/docs/rules
Issue Tracker: https://github.com/rjmurillo/moq.analyzers/issues

💬 Feedback

If you encounter any issues or have suggestions:

Report bugs: https://github.com/rjmurillo/moq.analyzers/issues/new
Request features: https://github.com/rjmurillo/moq.analyzers/discussions
Ask questions: https://github.com/rjmurillo/moq.analyzers/discussions/categories/q-a

Thank you for using Moq.Analyzers!

0.4.1-alpha

v0.4.1-alpha

Prerelease containing 3 bug fixes since v0.4.0 to rebuild confidence with users.

Bug Fixes

fix: Moq1203 false positives for ReturnsAsync and Callback chaining (#886)
fix: resolve CS8032 assembly version mismatch (#850) (#888)
fix: Moq1203 false positive when Setup call is wrapped in parentheses (#895)

Critical: CS8032 Fix

v0.4.0 shipped DLLs that referenced System.Collections.Immutable versions incompatible with .NET 8 SDK hosts, causing CS8032 warnings on every build. This release downgrades the transitive dependency pins and adds CI load tests to prevent recurrence.

Commits viewable in compare view.

Updated SonarAnalyzer.CSharp from 10.18.0.131500 to 10.20.0.135146.

Release notes

Sourced from SonarAnalyzer.CSharp's releases.

10.20

This release brings 9 precision improvements — 7 false positive fixes and 2 false negative fixes — across rules S1116, S1144, S1210, S1643, S1854, S2365, S3254, S3265, and S127. It also promotes S2068 and S6418 from Security Hotspot to Vulnerability, making them visible directly in the IDE, and removes S3256 from the Sonar Way quality profile.

Changes

NET-3227 - Remove S3256 from "Sonar Way" quality profile
NET-3208 - S6418: Rule type changed from Security Hotspot to Vulnerability
NET-3207 - S2068: Rule type changed from Security Hotspot to Vulnerability
NET-3206 - Remove links to rules.sonarsource.com

False Positive

NET-3215 - Fix FP on S127: Should only raise on stop condition variables
NET-3212 - Fix FP on S3254: Don't raise if the parameter isn't last
NET-3053 - Fix FP on S1210: Implementing comparable operators for private types
NET-2984 - Fix FP on S3265: BCL enums with [Flags] not recognized due to metadata resolution
NET-2976 - Fix FP on S1854: Default value initializations flagged despite exemptions
NET-2966 - Fix FP on S1144: Constructors in MEF-exported types
NET-2956 - Fix FP on S1116: Empty loop body with side effects in condition

False Negative

NET-1261 - Fix FN on S2365: Rule should report on new collection
NET-1259 - Fix FN on S1643: Concatenation for parameters, fields and properties are not detected

Rule specification

NET-3246 - Modify Rule S127: Update Description
NET-3218 - Modify Rule S3265: Add exception for MethodImplAttributes
NET-3086 - Modify Rule S1116: Add loop exception

Maintenance

NET-3047 - Update RSPEC before 10.20 release

10.19

Documentation

NET-3012 - Modify Rule S3903: Update description for C#10

False Positive

NET-3004 - Fix S2696 FP: New extension method format triggers FP when accessing static fields

False Negative

NET-3011 - Fix S4790 FN: Support Using statement

Task

NET-2948 - Update RSPEC before 10.19 release

Bug

NET-1866 - Support future VS versions in NuGet package

Commits viewable in compare view.

Updated xunit.analyzers from 1.26.0 to 1.27.0.

Release notes

Sourced from xunit.analyzers's releases.

No release notes found for this version range.

Commits viewable in compare view.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps Meziantou.Analyzer from 2.0.276 to 3.0.18 Bumps Moq.Analyzers from 0.4.0 to 0.4.1 Bumps SonarAnalyzer.CSharp from 10.18.0.131500 to 10.20.0.135146 Bumps xunit.analyzers from 1.26.0 to 1.27.0 --- updated-dependencies: - dependency-name: Meziantou.Analyzer dependency-version: 3.0.18 dependency-type: direct:production update-type: version-update:semver-major dependency-group: analyzers - dependency-name: Moq.Analyzers dependency-version: 0.4.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: analyzers - dependency-name: SonarAnalyzer.CSharp dependency-version: 10.20.0.135146 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: analyzers - dependency-name: xunit.analyzers dependency-version: 1.27.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: analyzers ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2026-03-02T06:32:30Z

Labels

The following labels could not be found: dependencies, nuget. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

github-actions · 2026-03-02T06:32:41Z

This Dependabot PR contains a version-update:semver-major update and requires manual review before merging.

github-actions · 2026-03-02T06:32:48Z

	Fails
🚫	PR must have a Summary or Description section.
🚫	PR must have auto-merge enabled. Enable via PR settings → "Enable auto-merge". This ensures PRs are merged automatically once all checks pass.
🚫	PR title subject should start with lowercase. Current: "build: Bump the analyzers group with 4 updates" The subject after the colon should start with a lowercase letter.
🚫	PR body must contain an issue reference. Add one of the following to your PR description: Refs: docs: add dependency injection coding standards and ADR #123 Closes docs: add dependency injection coding standards and ADR #123 Fixes docs: add dependency injection coding standards and ADR #123 This ensures traceability between commits and issues.

Generated by 🚫 dangerJS against 765e502

dependabot bot requested a review from mcj-coder as a code owner March 2, 2026 06:32

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build: Bump the analyzers group with 4 updates#165

build: Bump the analyzers group with 4 updates#165
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/nuget/analyzers-21bae0018c

dependabot bot commented on behalf of github Mar 2, 2026

Uh oh!

dependabot bot commented on behalf of github Mar 2, 2026

Uh oh!

github-actions bot commented Mar 2, 2026

Uh oh!

github-actions bot commented Mar 2, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot bot commented on behalf of github Mar 2, 2026

3.0.18

What's Changed

3.0.17

What's Changed

3.0.16

What's Changed

3.0.15

What's Changed

3.0.14

What's Changed

3.0.13

What's Changed

3.0.12

What's Changed

3.0.11

What's Changed

3.0.10

What's Changed

3.0.9

What's Changed

3.0.8

What's Changed

3.0.7

What's Changed

3.0.6

What's Changed

3.0.5

What's Changed

3.0.4

What's Changed

3.0.3

What's Changed

3.0.2

What's Changed

3.0.1

What's Changed

2.0.302

2.0.301

What's Changed

New Contributors

2.0.300

What's Changed

2.0.299

What's Changed

2.0.298

What's Changed

2.0.297

What's Changed

2.0.296

What's Changed

2.0.295

What's Changed

2.0.294

2.0.293

What's Changed

2.0.292

What's Changed

2.0.291

What's Changed

2.0.290

What's Changed

2.0.289

What's Changed

2.0.288

What's Changed

2.0.287

What's Changed

2.0.286

2.0.285

What's Changed

2.0.284

What's Changed

2.0.283

What's Changed

2.0.282

2.0.281

2.0.280

2.0.279