Skip to content

[main] Bump Microsoft.Build.Framework and Microsoft.Build.Utilities.Core#9998

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/nuget/multi-7543915304
Closed

[main] Bump Microsoft.Build.Framework and Microsoft.Build.Utilities.Core#9998
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/nuget/multi-7543915304

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 16, 2026

Copy link
Copy Markdown
Contributor

Updated Microsoft.Build.Framework from 17.11.48 to 18.8.2.

Release notes

Sourced from Microsoft.Build.Framework's releases.

18.8.2

What's Changed

18.7.1

What's Changed

18.6.3

What's Changed

18.5.4

What's Changed

18.4.0

What's Changed

18.3.3

What's Changed

18.0.2

What's Changed

17.14.28

What's Changed

17.14.8

What's Changed

Full Changelog: dotnet/msbuild@v17.14.5...v17.14.8

17.14.5

What's Changed

17.14.0-preview-25177-05

Release

What's Changed

17.14.0-preview-25155-01

Release

What's Changed

Description has been truncated

Bumps Microsoft.Build.Framework from 17.11.48 to 18.8.2
Bumps Microsoft.Build.Utilities.Core from 17.11.48 to 18.8.2

---
updated-dependencies:
- dependency-name: Microsoft.Build.Framework
  dependency-version: 18.8.2
  dependency-type: direct:production
  update-type: version-update:semver-major
- dependency-name: Microsoft.Build.Utilities.Core
  dependency-version: 18.8.2
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added .NET Pull requests that update .NET code dependencies Updates to dependency manifests. labels Jul 16, 2026
Copilot AI review requested due to automatic review settings July 16, 2026 06:57

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot can't review bot-authored pull requests automatically. A user with Copilot access can request a review manually.

@dependabot dependabot Bot added dependencies Updates to dependency manifests. .NET Pull requests that update .NET code labels Jul 16, 2026
@Evangelink

Copy link
Copy Markdown
Member

Closing this one — the 18.x MSBuild bump isn't viable for us right now.

Why the build fails

Microsoft.Build.Framework / Microsoft.Build.Utilities.Core 18.8.2 is the VS18 / .NET 10 wave. Those packages dropped all pre-net10.0 runtime assemblies and now hard-error on older TFMs:

Microsoft.Build.Framework 18.8.2 doesn't support net8.0 and has not been tested with it.
Consider upgrading your TargetFramework to net10.0 or later.

We consume these packages (compile-only, PrivateAssets="All") from projects that multi-target net8.0/net9.0:

  • src/Platform/Microsoft.Testing.Platform.MSBuild
  • test/UnitTests/Microsoft.Testing.Platform.MSBuild.UnitTests

Is any 18.x usable, or a version in between?

No usable 18.x. Every 18.x release (18.0.2 → 18.8.2) ships runtime libs only for net10.0 + net472. The 17.x line still ships net8.0/net9.0 libs (17.11.48 → lib/net8.0, up to 17.14.28 → lib/net9.0), so those build — but bumping within 17.x only raises our minimum MSBuild/VS baseline with no benefit for a compile-only private reference, so we're intentionally staying pinned at 17.11.48.

Can we just set SuppressTfmSupportBuildWarnings=true?

No — tested it, it's a trap. It compiles clean (the package still ships a ref/netstandard2.0 reference assembly), but there is no net8.0/net9.0 runtime asset, so NuGet copies nothing and the generated deps.json entry has no runtime section. At runtime the test host crashes:

System.Reflection.ReflectionTypeLoadException: Unable to load one or more of the requested types.
  Could not load file or assembly 'Microsoft.Build.Framework, Version=15.1.0.0 ...'

So suppressing the warning just converts a clean build failure into a shipped-and-crashing-at-load defect.

We can revisit 18.x once Microsoft.Testing.Platform.MSBuild targets net10.0. To stop Dependabot re-proposing the major bump, we'll add a semver-major ignore for Microsoft.Build*.

@Evangelink Evangelink closed this Jul 16, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jul 16, 2026

Copy link
Copy Markdown
Contributor Author

OK, I won't notify you again about this release, but will get in touch when a new version is available. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot Bot deleted the dependabot/nuget/multi-7543915304 branch July 16, 2026 09:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Updates to dependency manifests. .NET Pull requests that update .NET code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants