V10.5.3/request services fix

[gimlichael]

This pull request updates the release notes for multiple NuGet packages in the Cuemon library, primarily to document dependency upgrades and a single bug fix. The main focus is on upgrading dependencies across all supported target frameworks to their latest compatible versions, with one notable bug fix in the Cuemon.AspNetCore package.

Dependency upgrades:

• Updated dependencies to the latest compatible versions for all supported target frameworks in the following packages:
  • Cuemon.AspNetCore.App (.NET 10 and .NET 9)
  • Cuemon.AspNetCore.Authentication (.NET 10 and .NET 9)
  • Cuemon.AspNetCore.Mvc (.NET 10 and .NET 9)
  • Cuemon.AspNetCore.Razor.TagHelpers (.NET 10 and .NET 9)
  • Cuemon.Core.App (.NET 10, .NET 9, .NET Standard 2.0)
  • Cuemon.Core (.NET 10, .NET 9, .NET Standard 2.0)
  • Cuemon.Data.Integrity (.NET 10, .NET 9, .NET Standard 2.0)
  • Cuemon.Data (.NET 10, .NET 9, .NET Standard 2.0)
  • Cuemon.Data.SqlClient (.NET 10, .NET 9, .NET Standard 2.0)
  • Cuemon.Diagnostics (.NET 10, .NET 9, .NET Standard 2.0)
  • Cuemon.Extensions.AspNetCore.Authentication (.NET 10 and .NET 9)
  • Cuemon.Extensions.AspNetCore.Mvc.Formatters.Text.Json (.NET 10 and .NET 9)
  • Cuemon.Extensions.AspNetCore.Mvc.Formatters.Xml (.NET 10 and .NET 9)
  • Cuemon.Extensions.AspNetCore.Mvc.RazorPages (.NET 10 and .NET 9)
  • Cuemon.Extensions.AspNetCore.Mvc (.NET 10 and .NET 9)
  • Cuemon.Extensions.AspNetCore.Text.Json (.NET 10 and .NET 9)
  • Cuemon.Extensions.AspNetCore.Xml (.NET 10 and .NET 9)
  • Cuemon.Extensions.AspNetCore (.NET 10 and .NET 9)
  • Cuemon.Extensions.Collections.Generic (.NET 10, .NET 9, .NET Standard 2.0)

Bug fix:

• Fixed the UseFaultDescriptorExceptionHandler() middleware in Cuemon.AspNetCore to ensure correct operation when request services are wrapped by external decorators or proxies.

[greptile-apps]

Greptile Summary

This patch release fixes GetServiceDescriptors to traverse chains of wrapped IServiceProvider instances (e.g. Asp.Versioning's InjectApiVersion) instead of only recognising ServiceProviderEngineScope, and extends UseFaultDescriptorExceptionHandler to work correctly when HttpContext.RequestServices is replaced mid-pipeline.

• ServiceProviderExtensions.cs — refactored to a while loop that walks the provider chain via field reflection, with an explicit cycle-detection guard using a visited-provider list; TryLocateEmbeddedServiceProvider now resolves any single-field IServiceProvider wrapper generically.
• Tests — new ServiceProviderExtensionsTest unit tests cover delegating, ambiguous, and cyclic provider graphs; a new functional test in ApplicationBuilderExtensionsTest verifies the end-to-end exception handling path with a wrapped request-services provider.
• CI — adds an optional macOS matrix and a test_qualitygate aggregator job; downstream analysis and deploy jobs are now gated through the aggregator rather than listed per-test-job.

Confidence Score: 5/5

Safe to merge; the traversal logic is sound, cycle detection is correct, and the new tests exercise the critical paths.

The while-loop traversal correctly replaces the single-case implementation, cycle detection using reference-equality visited-list is reliable, and TryLocateEmbeddedServiceProvider's generic field search handles the single-provider-field pattern correctly. Existing concerns about the internal stub not verifying the real Asp.Versioning type were raised in a prior review thread and are a known trade-off. No new structural defects were found.

No files require special attention beyond what was discussed in prior review threads.

Important Files Changed

Filename	Overview
src/Cuemon.Extensions.DependencyInjection/ServiceProviderExtensions.cs	Core bug fix: refactored GetServiceDescriptors to traverse chains of wrapped IServiceProvider instances via a while loop with cycle detection; TryLocateEmbeddedServiceProvider now inspects all IServiceProvider-typed fields generically rather than only handling ServiceProviderEngineScope.
test/Cuemon.Extensions.DependencyInjection.Tests/ServiceProviderExtensionsTest.cs	New test file covering delegating, ambiguous multi-provider, and cyclic graph scenarios for GetServiceDescriptors; defines an internal stub of Asp.Versioning.Builder.EndpointBuilderFinalizer.InjectApiVersion for isolation.
test/Cuemon.AspNetCore.FunctionalTests/Diagnostics/ApplicationBuilderExtensionsTest.cs	Adds functional test verifying UseFaultDescriptorExceptionHandler works when RequestServices is replaced mid-pipeline with a wrapped provider; also defines the same InjectApiVersion stub as the unit test file.
.github/workflows/ci-pipeline.yml	Adds optional macOS test matrix (X64 + ARM64), introduces a test_qualitygate aggregator job that centralises pass/fail logic, and wires downstream jobs through the gate rather than directly to individual test jobs.
CHANGELOG.md	Adds [10.5.3] release entry documenting the service provider traversal fix, new unit/functional tests, and the comparison link; entries are accurate.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[GetServiceDescriptors called] --> B[Add provider to visitedProviders]
    B --> C{Has CallSiteFactory property?}
    C -- Yes --> D[Read Descriptors from CallSiteFactory
return IEnumerable<ServiceDescriptor>]
    C -- No --> E{TryLocateEmbeddedServiceProvider}
    E -- Not found --> F[throw NotSupportedException
'This method does not support ...']
    E -- Found --> G{Already in visitedProviders?}
    G -- Yes --> H[throw NotSupportedException
'Cyclic IServiceProvider graph detected']
    G -- No --> I[provider = embeddedProvider
Add to visitedProviders]
    I --> C

    subgraph TryLocateEmbeddedServiceProvider
        J[Gather all IServiceProvider-typed fields
excluding self-references] --> K{originatingType ==
ServiceProviderEngineScope?}
        K -- Yes --> L[Try RootProvider property
Then field name match
Then single-field fallback]
        L --> M{rootProvider found?}
        M -- Yes --> N[return rootProvider]
        K -- No --> O{Exactly 1 distinct
nested provider?}
        M -- No --> O
        O -- Yes --> P[return that provider]
        O -- No --> Q[return false]
    end

Loading

_{Reviews (4): Last reviewed commit: "⬆️ update download-artifact action to v8..." | Re-trigger Greptile}

[codecov]

Codecov Report

❌ Patch coverage is 96.96970% with 1 line in your changes missing coverage. Please review.
✅ Project coverage is 82.82%. Comparing base (36e50ca) to head (6fcaa41).

Files with missing lines	Patch %	Lines
...s.DependencyInjection/ServiceProviderExtensions.cs	96.96%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #161      +/-   ##
==========================================
+ Coverage   82.80%   82.82%   +0.02%     
==========================================
  Files         602      602              
  Lines       19157    19181      +24     
  Branches     2001     2009       +8     
==========================================
+ Hits        15863    15887      +24     
  Misses       3216     3216              
  Partials       78       78              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.