Closed
Conversation
Merged
steveisok
added a commit
to kotlarmilos/skills
that referenced
this pull request
Mar 13, 2026
- Script: macOS acquisition block now shows Option A (dotnet-symbol, preferred) and Option B (.symbols NuGet, fallback). Fixed .dwarf filename doubling bug in cp command. - SKILL.md (both copies): Step 2 updated for dotnet-symbol preference, Step 4 reordered with dotnet-symbol as dotnet#2 and NuGet symbols as dotnet#3. - Reference doc: Restructured macOS Symbol Packages section with Preferred/Fallback subsections and shared .dwarf→.dSYM conversion. - Training log: Session 4 entry documenting the promotion. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
ViktorHofer
added a commit
that referenced
this pull request
Mar 18, 2026
* Add convert-to-cpm skill for NuGet Central Package Management conversion Authoring process: - Researched the Agent Skills standard at agentskills.io and reviewed repo conventions - Studied the existing csharp-scripts skill and test structure as a reference implementation - Studied Microsoft's CPM documentation at learn.microsoft.com - Authored SKILL.md with a 9-step workflow covering scope determination through validation - Created 5 test scenarios across simple, moderate, and advanced tiers - Performed dry-run evaluation against all scenarios, identifying 15 findings - Applied all 15 fixes (4 gaps, 6 ambiguities, 5 improvements) to SKILL.md - Re-evaluated: 50 OK, 0 gaps, 0 ambiguities, 1 test fixture improvement - Updated test fixture to resolve the remaining finding - Final validation: 254 lines, 0 errors, 0 warnings Skill implementation (skills/convert-to-cpm/SKILL.md): - 9-step workflow: scope, CPM check, audit, create/update props, update projects, handle properties, restore/validate, cleanup, summary - Handles single projects, solutions, and full repositories - Audits packages with per-project detail table including version conflicts and security advisories - Flags CVE/security vulnerabilities and recommends patched versions - Supports MSBuild property-based versioning with inline vs keep decisions - Covers conditional PackageReference items across target frameworks - Discovers PackageReference in imported .props/.targets via Import chain scanning - Provides cross-platform commands (Unix and Windows/PowerShell) - Documents import order requirements for property references in Directory.Packages.props - Mentions dotnet new packagesprops as preferred creation method (.NET 8+) - Includes validation checklist and common pitfalls table Test scenarios (tests/convert-to-cpm/): - simple-single-project: 1 project, 3 packages, no conflicts - simple-solution: 3 projects via .sln, 5 packages, PrivateAssets preservation - moderate-version-conflicts: 4 projects, System.Text.Json version conflicts with CVE-2024-43485 advisory, AutoMapper major version conflict with VersionOverride - moderate-msbuild-properties: 2 projects using MSBuild properties for versioning in Directory.Build.props, inline vs keep decisions, property cleanup verification - advanced-multi-complexity: 5 projects combining version conflicts, MSBuild properties, conditional TFM PackageReference, shared Common.props imports, VersionOverride, and security advisory handling Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Refactor SKILL.md with references, baseline build, and package comparison Condensed SKILL.md using progressive disclosure: - Reduced from 254 lines / ~3937 tokens to 120 lines / ~1778 tokens - Extracted detailed procedural instructions into 5 focused reference files - Main file retains workflow decision logic with links to references loaded on demand - Follows agentskills.io progressive disclosure pattern: metadata -> instructions -> resources Added baseline build verification (new Step 2): - Requires clean build (dotnet clean && dotnet build) before any changes - Captures baseline.binlog for structured build artifact - Captures baseline-packages.json via dotnet list package --format json - Blocks conversion if baseline build fails Added post-conversion baseline comparison (Steps 8 and 10): - Step 8 produces after-cpm.binlog and after-cpm-packages.json from clean build - Step 10 compares baseline vs post-conversion package lists per project - Changes table shows version bumps, VersionOverride entries, added/removed packages - Unchanged table confirms version-neutral conversion for unmodified packages - Binlog files produced as artifacts for user review in MSBuild Structured Log Viewer Reference files created: - references/audit-complexities.md: 7 complexity categories for package auditing - references/baseline-comparison.md: dotnet list package comparison procedure, binlog production, artifact guidance, table formats for changes and unchanged packages - references/directory-packages-props.md: File creation (dotnet new packagesprops), placement rules, conditional versions, VersionOverride patterns - references/msbuild-property-handling.md: Property usage search, inline vs keep decisions, import order requirements, cleanup verification - references/validation-and-errors.md: NuGet error codes (NU1008, NU1010, NU1507), clean build validation, multi-TFM guidance, common pitfalls Workflow is now 10 steps (was 9): 1. Determine scope 2. Establish baseline build (new) 3. Check for existing CPM 4. Audit package references 5. Create or update Directory.Packages.props 6. Update project files 7. Handle MSBuild version properties 8. Restore and validate (now with binlog + package list capture) 9. Clean up obsolete properties 10. Summary and baseline comparison (expanded with diff tables) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Replace third-party packages with Microsoft equivalents, add baseline/comparison steps, add .gitignore for test solutions Package replacements across all skill references and test scenarios: - Serilog.AspNetCore -> OpenTelemetry.Extensions.Hosting 1.15.0 - Serilog (standalone) -> OpenTelemetry.Extensions.Hosting 1.15.0 - Swashbuckle.AspNetCore -> Microsoft.AspNetCore.OpenApi 8.0.24 - SerilogVersion MSBuild property -> OTelVersion - DIVersion updated from 8.0.1 to 9.0.0 (DI/Abstractions alignment) - Microsoft.AspNetCore.OpenApi uses 8.0.24 (not 9.x) for net8.0 compat Test fixture improvements: - Added Step 2 (baseline build with binlog) to all 5 with-skill.md files - Added Step 10 (package comparison table + binlog artifact links) to all 5 with-skill.md files - Expanded simple-solution without-skill.md with more realistic agent behavior - Standardized security fix terminology: table markers cite CVEs, prose references CVE IDs - Removed space-padded table formatting in favor of compact markdown with emojis Test solution infrastructure: - Added tests/convert-to-cpm/.gitignore to exclude src/ build artifacts - Added generation prompt to test README for recreating buildable solutions - All 5 test solutions verified to restore and build successfully Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Address review feedback on terminology, placement, and reference accuracy - Rename Step 10 and validation checklist from 'binlog comparison' to 'package list comparison' - Rewrite baseline-comparison.md: title to 'Baseline Comparison', lead with dotnet list package as primary comparison mechanism, position binlogs as supplementary artifacts for manual review/troubleshooting - Add brief definition of binlogs before the artifacts section - Fix Directory.Packages.props placement guidance: use first common ancestor of all .NET projects instead of assuming repository root (.git), since many repos nest source under src/ or similar - Update SKILL.md scope input and Step 1 to reference directory-scoped conversion - Standardize security fix terminology: table markers cite CVEs, prose uses 'security fix for CVE-...' Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Address review findings: sort PackageVersion, add packages.config scenario, fix commands Review findings addressed: 1. Fixed BlobsVersion grep step description in advanced scenario 2. Sorted PackageVersion entries alphabetically in all Directory.Packages.props outputs 3. Consolidated baseline-comparison.md to single-table format 4. Added solution file arguments and multi-line commands in test fixtures 5. Added Directory.Packages.props placement question for single-project scenario 6. Created simple-packages-config test scenario (packages.config rejection) 7. Use dotnet new packagesprops in simple-single-project workflow 8. Fixed More Info link text to match reference file title Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Fix test scenario accuracy: sln/slnx mix, package counts, ImplicitUsings - Use mix of .sln and .slnx across scenarios (simple-solution and moderate-msbuild-properties use .sln; moderate-version-conflicts and advanced-multi-complexity use .slnx) - Fix simple-solution package count from 5 to 6 - Fix advanced user response #2 to reference Azure.Storage.Blobs version - Add ImplicitUsings to advanced Directory.Build.props in audit and cleanup - Complete the advanced unchanged table with all expected package entries Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Add skill evaluation section to test README Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Fix Inventory.sln references and make evaluation opt-in - Fix 4 occurrences of Inventory.sln to Inventory.slnx in moderate-version-conflicts/with-skill.md for consistency with the scenario README and test solution - Update test README to only run skill evaluation when the user explicitly requests it Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Condense SKILL.md with progressive disclosure - Remove duplicated bash code blocks from Steps 2 and 8, linking to baseline-comparison.md instead - Merge Steps 7 (MSBuild property decisions) and 9 (cleanup) into a single step since both reference msbuild-property-handling.md - Condense Step 10 summary to reference baseline-comparison.md for procedure details - Reduces from 120 to 97 lines (10 steps to 9 steps) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Fix Enterprise.sln references to Enterprise.slnx in with-skill.md Address code review feedback: fix 4 occurrences of Enterprise.sln to Enterprise.slnx in advanced-multi-complexity/with-skill.md for consistency with the scenario README and test solution. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Improve convert-to-cpm skill: preserve whitespace, save summary report, fix links - Instruct Step 6 to retain each file's existing indentation style and blank lines to keep diffs minimal - Instruct Step 9 to save the full summary as convert-to-cpm.md alongside binlog and JSON artifacts, suggesting its contents for a PR description - Strip en-us/ from learn.microsoft.com links in SKILL.md and validation-and-errors.md to make them culture-agnostic - Update all with-skill.md test expectations to include the convert-to-cpm.md create step and artifact mention Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Indicate that the binlog viewer is for the user; not the tool/skill * Move convert-to-cpm skill and tests to src/dotnet-msbuild layout Move skill from skills/convert-to-cpm/ to src/dotnet-msbuild/skills/convert-to-cpm/ and tests from tests/convert-to-cpm/ to src/dotnet-msbuild/tests/convert-to-cpm/ to match the repository layout established on main. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Convert tests from with/without-skill format to eval.yaml Replace manual test approach (README.md + with-skill.md + without-skill.md) with automated eval.yaml scenarios containing assertions and rubric items. Add committed test fixture files (.csproj, .sln, .slnx, .props) for each scenario with copy_test_files setup, replacing the git-ignored generated solutions. 6 scenarios converted: - simple-single-project: basic single project CPM conversion - simple-solution: multi-project solution conversion - simple-packages-config: negative test (packages.config rejection) - moderate-version-conflicts: version conflict resolution - moderate-msbuild-properties: MSBuild property version handling - advanced-multi-complexity: combined complexities (conflicts, properties, conditionals, shared props) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Consolidate eval.yaml files into single root eval.yaml Move all 6 scenario definitions from individual subdirectory eval.yaml files into a single src/dotnet-msbuild/tests/convert-to-cpm/eval.yaml file, matching the skill-validator discovery convention that expects {testsDir}/{skillname}/eval.yaml. Scenario prompts updated to reference subdirectory-prefixed paths since copy_test_files now copies all fixture subdirectories. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Reorganize convert-to-cpm into plugins/tests folders * Add post-conversion reporting rubrics to CPM eval scenarios Add rubric items for baseline-vs-result comparison reporting, binlog capture and guidance, version reconciliation, and risk/reassurance messaging across all conversion scenarios. Increase complex scenario timeout to 360s. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Improve post-conversion reporting, conflict resolution, and skill activation SKILL.md: - Surface binlog capture commands explicitly in Steps 2 and 8 - Expand Step 4 with detailed version conflict presentation and resolution workflow - Restructure Step 9 into 5-section post-conversion report template: overview, conflict resolutions, baseline comparison, risk assessment, and artifacts/next steps with binlog education - Broaden activation triggers in description and When to Use to match update/bump/upgrade/align/sync terminology from ecosystem PRs - Add activation for out-of-sync/conflicting/mismatched version scenarios audit-complexities.md: - Expand version conflict section with per-conflict presentation format, 4 resolution options with trade-offs, and risk-level guidance eval.yaml: - Pre-specify conflict resolution strategy in prompts to avoid blocking on unanswered user prompts during single-turn evaluation - Add 3 new scenarios testing CPM recommendation when user asks to update/align packages without mentioning CPM - Update rubrics to match directed resolution strategy - Increase complex scenario timeout to 360s Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Address PR feedback from kartheekp-ms - Use GitHub markdown URL for CPM docs reference (SKILL.md) - Use dotnet package list (renamed in .NET 10) with backward compat note for dotnet list package (SKILL.md, baseline-comparison.md) - Use dotnet package list --format json for auditing (SKILL.md Step 4) - Document Directory.Packages.props sub-folder support for test projects with different dependencies (directory-packages-props.md) - Remove security advisory version bumping from CPM conversion scope; instead surface advisories as follow-up items in the post-conversion report (audit-complexities.md, SKILL.md Step 9 Section 5) - Add Follow-up items section to report template covering security advisories, deprecated packages, version alignment opportunities, and test validation (SKILL.md Step 9) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Improve convert-to-cpm skill activation, artifact preservation, and eval assertions - Broaden skill description to trigger on version drift/sync scenarios and MSBuild property contexts even when CPM is not explicitly mentioned - Add explicit instructions to preserve binlog and JSON artifacts (not delete) - Make convert-to-cpm.md report a mandatory deliverable, not optional - Replace fragile output_contains assertions (ManagePackageVersionsCentrally, Directory.Packages.props) with file_contains checks on the actual generated files across 5 conversion scenarios Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Extend timeouts and add CODEOWNERS entry * Move convert-to-cpm skill into a new dotnet-nuget plugin * Fix erroneous plugin msbuild/nuget plugin split change. Add dotnet-nuget to marketplace. * Add NuGet package management skills to README * Address PR feedback: clarify CPM sub-folder semantics, remove security-fix example, require explicit conflict strategy - directory-packages-props.md: Clarify that sub-folder Directory.Packages.props files are independent and replace (not extend) the parent; require explicit MSBuild Import to chain files - baseline-comparison.md: Replace security-fix upgrade example with version conflict alignment example, consistent with audit guidance that security advisories are follow-up items - SKILL.md: Remove default 'use highest version' conflict strategy; require explicit user choice or confirmation when conflicts are detected Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Extend eval timeouts for scenarios hitting time limits - Convert single project: 180s -> 270s - Recommend CPM (version conflicts): 180s -> 270s - Recommend CPM (complex repo): 360s -> 540s - Convert complex repository: 360s -> 540s Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Add missing CODEOWNERS for dotnet-nuget plugin. Reorder convert-to-cpm evals and expand timeouts. * Remove containing skill mentions from reference files; fix ordering * Replace output_matches with deterministic file assertions in eval.yaml Convert 6 non-deterministic output_matches assertions to 8 file-based assertions (file_contains, file_not_contains) across conversion scenarios: - Scenario 5: Verify PrivateAssets preserved in Tests.csproj - Scenario 6: Verify OTelVersion/DIVersion removed from Directory.Build.props - Scenario 7: Verify System.Text.Json and Azure.Identity in Directory.Packages.props - Scenario 8: Verify System.Text.Json in Directory.Packages.props and BlobsVersion/HostingVersion removed from Directory.Build.props Recommendation-only scenarios and conversational assertions (conflict detection, conditionals, Common.props awareness) remain as output_matches. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Reorganize skill description with USE FOR / DO NOT USE FOR markers Restructure the description to improve activation reliability by adopting the USE FOR / DO NOT USE FOR pattern used by other skills in the repo (thread-abort-migration, binlog-failure-analysis). Key changes: - Front-load activation cues before capability list - Add explicit USE FOR / DO NOT USE FOR section markers - Add .sln/.slnx file extensions for solution-path matching - Move DO NOT USE exclusions into description (was only in body) - Use YAML folded scalar for multi-line readability All existing activation keywords preserved. Length reduced from 882 to 849 chars (max 1024). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Fix issues for external link references * Increase timeouts * Handle packages.config non-activation in convert-to-cpm skill Set expect_activation: false on the packages.config eval scenario so non-activation is reported as expected rather than flagged as a warning. Add a packages.config guard in Step 1 of the skill workflow so that if the skill is activated for a packages.config project, it stops early and recommends migrating to PackageReference first. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Remove leading blank lines from .sln test files Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Use imperative 'Read' instead of 'See' for reference file links Ensures the agent explicitly loads and reads reference files rather than treating them as optional 'see also' links. This aligns with the repo convention of explicitly instructing agents to load reference content. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Simplify dotnet-nuget CODEOWNERS * Simplify packages.config guard * Add minimal Program.cs entrypoints to Web/Worker test fixtures Test fixture projects using Microsoft.NET.Sdk.Web and Microsoft.NET.Sdk.Worker require a Program.cs entrypoint for dotnet build to succeed. The skill workflow instructs the agent to run dotnet restore and dotnet build for validation, so these fixtures must be buildable. Adds minimal entrypoints (with explicit using directives since ImplicitUsings is not enabled in these projects) to 6 projects: - simple-solution/Web - moderate-version-conflicts/Api, Worker - moderate-msbuild-properties/Api - advanced-multi-complexity/Api, Web Also adds Microsoft.Extensions.Hosting package reference to the Worker project, matching what the dotnet new worker template produces. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> Co-authored-by: Viktor Hofer <viktor.hofer@microsoft.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
verifying validation stage