Version 2.x

[StefH]

Version 2.x supports:

• .NET Framework 4.6.2
• .NET Standard 2.0 / 2.1
• .NET 8.0

[codecov]

Codecov Report

❌ Patch coverage is 75.91716% with 407 lines in your changes missing coverage. Please review.
✅ Project coverage is 37.45%. Comparing base (d6e1953) to head (47f3ae6).
⚠️ Report is 1 commits behind head on master.

Files with missing lines	Patch %	Lines
...mal/ResponseProviders/WebSocketResponseProvider.cs	53.03%	209 Missing ⚠️
...ock.Net.Minimal/Server/WireMockServer.WebSocket.cs	55.17%	38 Missing and 1 partial ⚠️
...rc/WireMock.Net.Minimal/Owin/WireMockMiddleware.cs	84.51%	24 Missing ⚠️
...Minimal/ResponseBuilders/Response.WithWebSocket.cs	55.26%	16 Missing and 1 partial ⚠️
...eMock.Net.Minimal/Owin/WireMockMiddlewareLogger.cs	84.31%	16 Missing ⚠️
src/WireMock.Net.Minimal/Matchers/FuncMatcher.cs	80.00%	12 Missing ⚠️
src/WireMock.Net.Minimal/Owin/HostUrlOptions.cs	69.69%	9 Missing and 1 partial ⚠️
...t.Minimal/RequestBuilders/Request.WithWebSocket.cs	73.68%	10 Missing ⚠️
...rc/WireMock.Net.Minimal/Owin/AspNetCoreSelfHost.cs	86.56%	9 Missing ⚠️
...imal/ResponseProviders/WebSocketHandledResponse.cs	38.46%	8 Missing ⚠️
... and 25 more

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #1359      +/-   ##
==========================================
+ Coverage   35.22%   37.45%   +2.22%     
==========================================
  Files         149      155       +6     
  Lines       35786    36484     +698     
==========================================
+ Hits        12607    13664    +1057     
+ Misses      22883    22466     -417     
- Partials      296      354      +58     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[Kielek]

@StefH, some feedback:

1. It will be great to still have support for .NET Framework 4.6.2. It has normal support until Jan 12, 2027. The downside - there is no possibility to update to XUnit.v3. This package is used under OpenTelemetry Contrib repository. And various vendors still needs to offer support for ancient frameworks.
2. I have executed build locally, there is a lot of NU1902, NU1903, NU1904 warnings. All of them are related to different levels o security vulnerabilities. Part of them affects production dependencies.

[StefH]

Thanks for your response.

About 1: WireMock.Net is mostly used in unit tests. So how many % of those unit tests project are going to use an older framework like the one you mentioned? I think that supporting older frameworks in a main project and testing this in a unit test project is related but not always 1 to 1....

I will think on this and maybe support that one instead of 4.8

About 2: the question is how critical any security issue is because WireMock is used for testing, not for production code.

[Kielek]

Thanks for your response.

About 1: WireMock.Net is mostly used in unit tests. So how many % of those unit tests project are going to use an older framework like the one you mentioned? I think that supporting older frameworks in a main project and testing this in a unit test project is related but not always 1 to 1....

I will think on this and maybe support that one instead of 4.8

It will be great. I have had similar discussions about other, testing only library - Verify. After 1,5 year author bringed back support for this old framework. I think that the requestor was .NET team.

About 2: the question is how critical any security issue is because WireMock is used for testing, not for production code.

I think that here are 2 aspects to consider:

.NET SDK 9 for first release switchted settings to (then it was rollbacked, but some project kept it in place). I am not sure what is the current state:

  <PropertyGroup>
    <NuGetAudit>true</NuGetAudit>
    <NuGetAuditMode>all</NuGetAuditMode>
    <NuGetAuditLevel>low</NuGetAuditLevel>
  </PropertyGroup>

With this + treat warnings as errors, which is pretty common, at least in my buble, it leads to the breaking compilation. Usually, there is a possibility to fix such changes basicaly by bumping transitive packages, but it is just inconvinient. IMO it is better to fix such cases centrally,

The second aspect are security scans. I will consider OpenTelemetry as an example. Some end-users/companies making additional source code scans, not only shipped libraries. If we have any known vulnerable dependencies, there are at least yellow flags and we need to explain that the production code is not affected. With this, this project has strict rules to fix all such warnings.

Thanks for maintaining this library, I know that it takes more time than people usually thinks.

[StefH]

@Kielek
I checked your idead about 4.6.2, however that brings back again some if-defs and other classes which I would like to get rid of. So I'll stick with Framework 4.8 and .NET 8

[Kielek]

That's fine, I think that I will need to create some simplified version of this package tailored to our usecase.