chore(deps): update dependency polyfill to 9.3.0

[thomhurst]

This PR contains the following updates:

Package	Type	Update	Change
Polyfill	nuget	minor	9.2.0 -> 9.3.0

---

Release Notes

SimonCropp/Polyfill (Polyfill)

v9.3.0

Compare Source

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

[claude]

Claude finished @thomhurst's task —— View job

---

Pull Request Review: Polyfill Dependency Update

Reviewing this dependency update from Polyfill 9.2.0 to 9.3.0. Here's my comprehensive analysis and feedback.

Todo List

• Read the changed file to understand the exact modification
• Analyze the Polyfill package and its usage in TUnit
• Review the 9.3.0 release changes and security implications
• Check test coverage and validation requirements
• Provide comprehensive review feedback
• Follow TUnit development guidelines for dependency updates

---

📋 Review Summary

✅ Code Quality & Best Practices

• Clean Change: Single line modification following semantic versioning
• Proper Scope: Polyfill correctly configured as compile-time only dependency
• Conditional Logic: Well-implemented conditional injection for older target frameworks
• Asset Management: Proper use of PrivateAssets, IncludeAssets, and ExcludeAssets

⚠️ Critical Issue Found

Version Inconsistency Between Files:

• TUnit.Core/TUnit.Core.targets:11 → 9.3.0 ✅ (updated by this PR)
• Directory.Packages.props:62 → 9.2.0 ❌ (not updated)

Root Cause: Renovate Bot only updated the manual version reference but missed the centrally managed version.

Impact: Projects using Central Package Management (CPM) will still get 9.2.0, while non-CPM projects get 9.3.0, causing inconsistent behavior.

🔧 Required Fix

The Directory.Packages.props file needs updating:

<PackageVersion Include="Polyfill" Version="9.3.0" />

🛡️ Security & Performance Considerations

• Security: Minor version bump (9.2.0 → 9.3.0) is low-risk from security perspective
• Performance: Polyfill is compile-time only, no runtime performance impact
• Compatibility: No breaking changes expected in minor version update

🧪 Test Coverage

• Current Testing: TUnit has comprehensive test suites for both source generator and reflection modes
• Validation Needed: Since this affects build-time dependency injection, compilation tests would validate the change
• Scope: Limited impact since it's a minor version bump of a well-maintained polyfill library

📦 Package Analysis

• Purpose: SimonCropp/Polyfill provides modern .NET API backports for older frameworks
• Usage: Essential for TUnit's dual-mode implementation across multiple target frameworks
• Reliability: Actively maintained package with good track record

🎯 Recommendation

APPROVE with Required Changes:

1. Fix Version Inconsistency: Update Directory.Packages.props line 62 to version 9.3.0
2. Validation: Run build/tests to ensure no regression (standard practice for dependency updates)
3. Consider: Configuring Renovate to update both files together in future PRs

This is a safe, routine dependency update that follows TUnit's architecture well, but requires the additional file update to maintain consistency.

---

[claude]

Claude Code is working…

I'll analyze this and get back to you.

View job run

[claude]

Claude finished @thomhurst's task —— View job

---

Pull Request Review: Polyfill Dependency Update

Reviewing this dependency update from Polyfill 9.2.0 to 9.3.0. Here's my comprehensive analysis and feedback.

Todo List

• Read the changed file to understand the exact modification
• Analyze the Polyfill package and its usage in TUnit
• Review the 9.3.0 release changes and security implications
• Check for version consistency across the codebase
• Provide comprehensive review feedback
• Follow TUnit development guidelines for dependency updates

---

📋 Review Summary

✅ Code Quality & Best Practices

• Clean Change: Single line modification following semantic versioning
• Proper Scope: Polyfill correctly configured as compile-time only dependency
• Conditional Logic: Well-implemented conditional injection for older target frameworks
• Asset Management: Proper use of PrivateAssets, IncludeAssets, and ExcludeAssets

✅ Version Consistency

Both files are correctly updated and consistent:

• TUnit.Core/TUnit.Core.targets:11 → 9.3.0 ✅
• Directory.Packages.props:62 → 9.3.0 ✅

🛡️ Security & Performance Considerations

• Security: Minor version bump (9.2.0 → 9.3.0) is low-risk from security perspective
• Performance: Polyfill is compile-time only, no runtime performance impact
• Compatibility: No breaking changes expected in minor version update

📦 Package Analysis

• Purpose: SimonCropp/Polyfill provides modern .NET API backports for older frameworks
• Usage: Essential for TUnit's dual-mode implementation across multiple target frameworks
• Scope: Only injected for netstandard2.0, netstandard2.1, and .NET Framework targets
• Reliability: Actively maintained package with good track record

🏗️ TUnit Architecture Compliance

Following TUnit development guidelines from CLAUDE.md:

• Dual-Mode Support: Change affects both source-generated and reflection modes appropriately
• Performance: No hot-path impact since this is compile-time dependency
• AOT Compatibility: Polyfill specifically supports AOT scenarios

🧪 Test Coverage

• Current Testing: TUnit has comprehensive test suites for both source generator and reflection modes
• Validation Needed: Since this affects build-time dependency injection, compilation tests would validate the change
• Scope: Limited impact since it's a minor version bump of a well-maintained polyfill library

🎯 Recommendation

✅ APPROVE: This is a well-structured, safe dependency update that:

1. Maintains Version Consistency: Both reference files are properly updated
2. Follows Best Practices: Proper scoping and conditional injection logic
3. Supports TUnit Architecture: Works correctly with dual-mode implementation
4. Low Risk: Minor version bump with no breaking changes expected

This is a routine maintenance update that enhances TUnit's compatibility with older target frameworks while maintaining its modern architecture.

---

[claude]

Claude finished @thomhurst's task —— View job

---

Pull Request Review: Polyfill Dependency Update

Reviewing this dependency update from Polyfill 9.2.0 to 9.3.0. Here's my comprehensive analysis and feedback.

Todo List

• Read the changed file to understand the exact modification
• Check for version consistency across the codebase
• Analyze the Polyfill package and its usage in TUnit
• Review security and performance implications
• Provide comprehensive review feedback
• Follow TUnit development guidelines for dependency updates

---

📋 Review Summary

✅ Code Quality & Best Practices

• Clean Change: Single line modification in TUnit.Core.targets:11 following semantic versioning
• Proper Scope: Polyfill correctly configured as compile-time only dependency with comprehensive asset exclusions
• Conditional Logic: Well-implemented conditional injection for older target frameworks (netstandard2.0, netstandard2.1, .NET Framework)
• Asset Management: Proper use of PrivateAssets="all", IncludeAssets="compile; analyzers", and exclusion of runtime/native assets
• Dual Support: Handles both Central Package Management (CPM) and non-CPM projects correctly

✅ Version Consistency

Both files are correctly updated and consistent:

• TUnit.Core/TUnit.Core.targets:11 → 9.3.0 ✅
• Directory.Packages.props:62 → 9.3.0 ✅

🛡️ Security & Performance Considerations

• Security: Minor version bump (9.2.0 → 9.3.0) is low-risk from security perspective
• Performance: Polyfill is compile-time only (ExcludeAssets includes runtime), no runtime performance impact
• Compatibility: No breaking changes expected in minor version update from a stable, well-maintained library

📦 Package Analysis

• Purpose: SimonCropp/Polyfill provides modern .NET API backports for older frameworks
• Usage: Essential for TUnit's dual-mode implementation across multiple target frameworks
• Scope: Only injected for projects targeting older frameworks that lack modern APIs
• Integration: Sophisticated implementation with proper validation and helpful error messages
• Reliability: Actively maintained package with good track record in the .NET ecosystem

🏗️ TUnit Architecture Compliance

Following TUnit development guidelines from CLAUDE.md:

• Dual-Mode Support: Change affects both source-generated and reflection modes appropriately
• Performance: No hot-path impact since this is compile-time dependency
• AOT Compatibility: Polyfill specifically supports AOT scenarios, aligning with TUnit's AOT requirements
• Modern C#: Enables use of modern C# features across all supported target frameworks

🧪 Test Coverage

• Validation: TUnit has comprehensive test suites for both source generator and reflection modes
• Impact Assessment: Since this affects build-time dependency injection, existing compilation tests validate the change
• Risk Level: Very low - minor version bump of stable, well-maintained polyfill library
• Quality Assurance: Change enables better API surface consistency across target frameworks

🎯 Recommendation

✅ APPROVE: This is a well-structured, safe dependency update that:

1. Maintains Version Consistency: Both reference files are properly synchronized
2. Follows Best Practices: Proper scoping, conditional injection, and asset management
3. Supports TUnit Architecture: Works correctly with dual-mode implementation and modern .NET features
4. Low Risk Profile: Minor version bump with no breaking changes expected
5. Quality Implementation: Sophisticated package integration with proper error handling

This is a routine maintenance update that enhances TUnit's compatibility with older target frameworks while maintaining its modern architecture and performance characteristics.

---