Merge branch 'master' into request-meta-tests-boilerplate

Author: bkoelman

.config/dotnet-tools.json

@@ -3,7 +3,7 @@
   "isRoot": true,
   "tools": {
     "jetbrains.resharper.globaltools": {
-      "version": "2024.3.6",
+      "version": "2025.1.4",
       "commands": [
         "jb"
       ],
@@ -17,7 +17,7 @@
       "rollForward": false
     },
     "dotnet-reportgenerator-globaltool": {
-      "version": "5.4.4",
+      "version": "5.4.7",
       "commands": [
         "reportgenerator"
       ],
@@ -29,6 +29,13 @@
         "docfx"
       ],
       "rollForward": false
+    },
+    "microsoft.openapi.kiota": {
+      "version": "1.27.0",
+      "commands": [
+        "kiota"
+      ],
+      "rollForward": false
     }
   }
-}
+}

.gitattributes

@@ -0,0 +1,5 @@
+# When running OpenAPI tests, these committed files are downloaded and written to disk (so we'll know when something changes).
+# On Windows, these text files are auto-converted to crlf on git fetch, while the written downloaded files use lf line endings.
+# Therefore, running the tests on Windows creates local changes. Staging them auto-converts back to crlf, which undoes the changes.
+# To avoid this annoyance, the next line opts out of the auto-conversion and forces line endings to lf.
+**/GeneratedSwagger/**/*.json text eol=lf

.github/CONTRIBUTING.md

@@ -22,7 +22,7 @@ Bugs are tracked as [GitHub issues](https://github.com/json-api-dotnet/JsonApiDo
 Explain the problem and include additional details to help maintainers reproduce the problem:
 
 - **Use a clear and descriptive title** for the issue to identify the problem.
-- **Describe the exact steps which reproduce the problem** in as many details as possible. When listing steps, don't just say what you did, but explain how you did it. 
+- **Describe the exact steps which reproduce the problem** in as many details as possible. When listing steps, don't just say what you did, but explain how you did it.
 - **Provide specific examples to demonstrate the steps.** Include links to files or GitHub projects, or copy/pasteable snippets, which you use in those examples. If you're providing snippets in the issue, use [Markdown code blocks](https://docs.github.com/en/github/writing-on-github/creating-and-highlighting-code-blocks).
 - **Describe the behavior you observed after following the steps** and point out what exactly is the problem with that behavior. Explain which behavior you expected to see instead and why.
 - **If you're reporting a crash**, include the full exception stack trace.

.github/ISSUE_TEMPLATE/question.md

@@ -8,7 +8,7 @@ assignees: ''
 ---
 
 <!--
-Remember that no-one is getting paid to answer your question. You're basically asking other people to give up their time to help you out of the goodness of their heart – it's up to you to do all you can to make that as simple as possible, so read http://tinyurl.com/stack-checklist first.
+Remember that no-one is getting paid to answer your question. You're basically asking other people to give up their time to help you out of the goodness of their heart – it's up to you to do all you can to make that as simple as possible, so read https://tinyurl.com/stack-checklist first.
 -->
 
 #### SUMMARY

.github/workflows/build.yml

@@ -9,9 +9,9 @@
 name: Build
 
 on:
-  push:
-    branches: [ 'master', 'release/**' ]
+  workflow_dispatch:
   pull_request:
+  push:
     branches: [ 'master', 'release/**' ]
   release:
     types: [published]
@@ -45,7 +45,6 @@ jobs:
     - name: Setup .NET
       uses: actions/setup-dotnet@v4
       with:
-        # Block buggy release from February 11, 2025
         dotnet-version: |
           8.0.*
           9.0.*
@@ -58,29 +57,27 @@ jobs:
     - name: Git checkout
       uses: actions/checkout@v4
     - name: Restore tools
-      run: |
-        dotnet tool restore
+      run: dotnet tool restore
     - name: Restore packages
-      run: |
-        dotnet restore
+      run: dotnet restore
     - name: Calculate version suffix
       shell: pwsh
       run: |
         if ($env:GITHUB_REF_TYPE -eq 'tag') {
             # Get the version prefix/suffix from the git tag. For example: 'v1.0.0-preview1-final' => '1.0.0' and 'preview1-final'
-            $segments = $env:GITHUB_REF_NAME -split "-"
+            $segments = $env:GITHUB_REF_NAME -split '-'
             $versionPrefix = $segments[0].TrimStart('v')
             $versionSuffix = $segments.Length -eq 1 ? '' : $segments[1..$($segments.Length - 1)] -join '-'
 
             [xml]$xml = Get-Content Directory.Build.props
-            $configuredVersionPrefix = $xml.Project.PropertyGroup.JsonApiDotNetCoreVersionPrefix | Select-Object -First 1
+            $configuredVersionPrefix = $xml.Project.PropertyGroup.VersionPrefix | Select-Object -First 1
 
             if ($configuredVersionPrefix -ne $versionPrefix) {
                 Write-Error "Version prefix from git release tag '$versionPrefix' does not match version prefix '$configuredVersionPrefix' stored in Directory.Build.props."
                 # To recover from this:
                 # - Delete the GitHub release
                 # - Run: git push --delete origin the-invalid-tag-name
-                # - Adjust JsonApiDotNetCoreVersionPrefix in Directory.Build.props, commit and push
+                # - Adjust VersionPrefix in Directory.Build.props, commit and push
                 # - Recreate the GitHub release
             }
         }
@@ -94,9 +91,7 @@ jobs:
         Write-Output "Using version suffix: $versionSuffix"
         Write-Output "PACKAGE_VERSION_SUFFIX=$versionSuffix" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
     - name: Build
-      shell: pwsh
-      run: |
-        dotnet build --no-restore --configuration Release /p:VersionSuffix=$env:PACKAGE_VERSION_SUFFIX
+      run: dotnet build --no-restore --configuration Release /p:VersionSuffix=${{ env.PACKAGE_VERSION_SUFFIX }}
     - name: Test
       env:
         # Override log levels, to reduce logging output when running tests in ci-build.
@@ -105,30 +100,27 @@ jobs:
         Logging__LogLevel__Microsoft.Extensions.Hosting.Internal.Host: 'None'
         Logging__LogLevel__Microsoft.EntityFrameworkCore.Database.Command: 'None'
         Logging__LogLevel__JsonApiDotNetCore: 'None'
-      run: |
-        dotnet test --no-build --configuration Release --collect:"XPlat Code Coverage" --logger "GitHubActions;summary.includeSkippedTests=true"
+      run: dotnet test --no-build --configuration Release --collect:"XPlat Code Coverage" --logger "GitHubActions;summary.includeSkippedTests=true"
     - name: Upload coverage to codecov.io
-      if: matrix.os == 'ubuntu-latest'
+      if: ${{ matrix.os == 'ubuntu-latest' }}
       env:
         CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
       uses: codecov/codecov-action@v5
       with:
         fail_ci_if_error: true
         verbose: true
     - name: Generate packages
-      shell: pwsh
-      run: |
-        dotnet pack --no-build --configuration Release --output $env:GITHUB_WORKSPACE/artifacts/packages /p:VersionSuffix=$env:PACKAGE_VERSION_SUFFIX
+      run: dotnet pack --no-build --configuration Release --output ${{ github.workspace }}/artifacts/packages /p:VersionSuffix=${{ env.PACKAGE_VERSION_SUFFIX }}
     - name: Upload packages to artifacts
-      if: matrix.os == 'ubuntu-latest'
+      if: ${{ matrix.os == 'ubuntu-latest' }}
       uses: actions/upload-artifact@v4
       with:
         name: packages
         path: artifacts/packages
     - name: Generate documentation
       shell: pwsh
       env:
-        # This contains the git tag name on release; in that case we build the docs without publishing them.
+        # This contains the git tag name on release; in that case, we build the docs without publishing them.
         DOCFX_SOURCE_BRANCH_NAME: ${{ github.base_ref || github.ref_name }}
       run: |
         cd docs
@@ -143,7 +135,7 @@ jobs:
         New-Item -Force _site/styles -ItemType Directory | Out-Null
         Copy-Item -Recurse home/assets/* _site/styles/
     - name: Upload documentation to artifacts
-      if: matrix.os == 'ubuntu-latest'
+      if: ${{ matrix.os == 'ubuntu-latest' }}
       uses: actions/upload-artifact@v4
       with:
         name: documentation
@@ -164,15 +156,13 @@ jobs:
     - name: Setup .NET
       uses: actions/setup-dotnet@v4
       with:
-        # Block buggy release from February 11, 2025
         dotnet-version: |
           8.0.*
           9.0.*
     - name: Git checkout
       uses: actions/checkout@v4
     - name: Restore tools
-      run: |
-        dotnet tool restore
+      run: dotnet tool restore
     - name: InspectCode
       shell: pwsh
       run: |
@@ -201,7 +191,7 @@ jobs:
             }
 
             if ($failed) {
-                Write-Error "One or more projects failed code inspection."
+                Write-Error 'One or more projects failed code inspection.'
             }
         }
 
@@ -220,7 +210,6 @@ jobs:
     - name: Setup .NET
       uses: actions/setup-dotnet@v4
       with:
-        # Block buggy release from February 11, 2025
         dotnet-version: |
           8.0.*
           9.0.*
@@ -229,13 +218,11 @@ jobs:
       with:
         fetch-depth: 2
     - name: Restore tools
-      run: |
-        dotnet tool restore
+      run: dotnet tool restore
     - name: Restore packages
-      run: |
-        dotnet restore
+      run: dotnet restore
     - name: CleanupCode (on PR diff)
-      if: github.event_name == 'pull_request'
+      if: ${{ github.event_name == 'pull_request' }}
       shell: pwsh
       run: |
         # Not using the environment variables for SHAs, because they may be outdated. This may happen on force-push after the build is queued, but before it starts.
@@ -246,10 +233,10 @@ jobs:
         Write-Output "Running code cleanup on commit range $baseCommitHash..$headCommitHash in pull request."
         dotnet regitlint -s JsonApiDotNetCore.sln --print-command --skip-tool-check --max-runs=5 --jb --dotnetcoresdk=$(dotnet --version) --jb-profile="JADNC Full Cleanup" --jb --properties:Configuration=Release --jb --properties:RunAnalyzers=false --jb --verbosity=WARN -f commits -a $headCommitHash -b $baseCommitHash --fail-on-diff --print-diff
     - name: CleanupCode (on branch)
-      if: github.event_name == 'push' || github.event_name == 'release'
+      if: ${{ github.event_name == 'push' || github.event_name == 'release' }}
       shell: pwsh
       run: |
-        Write-Output "Running code cleanup on all files."
+        Write-Output 'Running code cleanup on all files.'
         dotnet regitlint -s JsonApiDotNetCore.sln --print-command --skip-tool-check --jb --dotnetcoresdk=$(dotnet --version) --jb-profile="JADNC Full Cleanup" --jb --properties:Configuration=Release --jb --properties:RunAnalyzers=false --jb --verbosity=WARN --fail-on-diff --print-diff
 
   publish:
@@ -266,25 +253,23 @@ jobs:
     - name: Download artifacts
       uses: actions/download-artifact@v4
     - name: Publish to GitHub Packages
-      if: github.event_name == 'push' || github.event_name == 'release'
-      env:
-        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      shell: pwsh
+      if: ${{ github.event_name == 'push' || github.event_name == 'release' }}
       run: |
-        dotnet nuget add source --username 'json-api-dotnet' --password "$env:GITHUB_TOKEN" --store-password-in-clear-text --name 'github' 'https://nuget.pkg.github.com/json-api-dotnet/index.json'
-        dotnet nuget push "$env:GITHUB_WORKSPACE/packages/*.nupkg" --api-key "$env:GITHUB_TOKEN" --source 'github'
+        dotnet nuget add source --username 'json-api-dotnet' --password '${{ secrets.GITHUB_TOKEN }}' --store-password-in-clear-text --name 'github' 'https://nuget.pkg.github.com/json-api-dotnet/index.json'
+        dotnet nuget push '${{ github.workspace }}/packages/*.nupkg' --api-key '${{ secrets.GITHUB_TOKEN }}' --source 'github'
+    - name: Publish to feedz.io
+      if: ${{ github.event_name == 'push' || github.event_name == 'release' }}
+      run: |
+        dotnet nuget add source --name 'feedz-io' 'https://f.feedz.io/json-api-dotnet/jsonapidotnetcore/nuget/index.json'
+        dotnet nuget push '${{ github.workspace }}/packages/*.nupkg' --api-key '${{ secrets.FEEDZ_IO_API_KEY }}' --source 'feedz-io'
     - name: Publish documentation
-      if: github.event_name == 'push' && github.ref == 'refs/heads/master'
+      if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/master' }}
       uses: peaceiris/actions-gh-pages@v4
       with:
         github_token: ${{ secrets.GITHUB_TOKEN }}
         publish_branch: gh-pages
         publish_dir: ./documentation
         commit_message: 'Auto-generated documentation from'
     - name: Publish to NuGet
-      if: github.event_name == 'release' && startsWith(github.ref, 'refs/tags/v')
-      env:
-        NUGET_ORG_API_KEY: ${{ secrets.NUGET_ORG_API_KEY }}
-      shell: pwsh
-      run: |
-        dotnet nuget push "$env:GITHUB_WORKSPACE/packages/*.nupkg" --api-key "$env:NUGET_ORG_API_KEY" --source 'nuget.org'
+      if: ${{ github.event_name == 'release' && startsWith(github.ref, 'refs/tags/v') }}
+      run: dotnet nuget push '${{ github.workspace }}/packages/*.nupkg' --api-key '${{ secrets.NUGET_ORG_API_KEY }}' --source 'nuget.org' --skip-duplicate

.github/workflows/codeql.yml

@@ -1,10 +1,9 @@
 name: "CodeQL"
 
 on:
-  push:
-    branches: [ 'master', 'release/**' ]
+  workflow_dispatch:
   pull_request:
-    # The branches below must be a subset of the branches above
+  push:
     branches: [ 'master', 'release/**' ]
   schedule:
     - cron: '0 0 * * 5'
@@ -26,16 +25,18 @@ jobs:
     - name: Setup .NET
       uses: actions/setup-dotnet@v4
       with:
-        # Block buggy release from February 11, 2025
         dotnet-version: |
-          8.0.309 
-          9.0.103
+          8.0.*
+          9.0.*
     - name: Git checkout
       uses: actions/checkout@v4
     - name: Initialize CodeQL
       uses: github/codeql-action/init@v3
       with:
         languages: ${{ matrix.language }}
+    - name: Restore .NET tools
+      run: |
+        dotnet tool restore
     - name: Autobuild
       uses: github/codeql-action/autobuild@v3
     - name: Perform CodeQL Analysis

.github/workflows/qodana.yml

@@ -1,13 +1,17 @@
-# https://www.jetbrains.com/help/qodana/cloud-forward-reports.html#cloud-forward-reports-github-actions
-
 name: Qodana
 on:
   workflow_dispatch:
   pull_request:
   push:
-    branches:
-      - master
-      - 'release/*'
+    branches: [ 'master', 'release/**' ]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+env:
+  DOTNET_NOLOGO: true
+  DOTNET_CLI_TELEMETRY_OPTOUT: true
 
 jobs:
   qodana:
@@ -17,17 +21,32 @@ jobs:
       pull-requests: write
       checks: write
     steps:
-    - uses: actions/checkout@v4
+    - name: Setup .NET
+      uses: actions/setup-dotnet@v4
+      with:
+        dotnet-version: |
+          8.0.*
+          9.0.*
+    - name: Git checkout
+      uses: actions/checkout@v4
       with:
         ref: ${{ github.event.pull_request.head.sha }}  # to check out the actual pull request commit, not the merge commit
         fetch-depth: 0  # a full history is required for pull request analysis
-    - name: 'Qodana Scan'
-      uses: JetBrains/qodana-action@v2024.1
+    - name: Restore tools
+      run: dotnet tool restore
+    - name: Restore packages
+      run: dotnet restore
+    - name: Build
+      run: dotnet build --no-restore --configuration Release
+    - name: Qodana scan
+      uses: JetBrains/qodana-action@v2025.1
+      with:
+        args: --ide,QDNET,--profile-name,qodana.recommended,--configuration,Release,--apply-fixes
+        push-fixes: pull-request
+        upload-result: true
       env:
         QODANA_TOKEN: ${{ secrets.QODANA_TOKEN }}
-    - name: Upload results to artifacts on failure
-      if: failure()
-      uses: actions/upload-artifact@v4
+    - name: Upload SARIF report
+      uses: github/codeql-action/upload-sarif@v3
       with:
-        name: qodana_results
-        path: ${{ runner.temp }}/qodana/results
+        sarif_file: ${{ runner.temp }}/qodana/results/qodana.sarif.json