[automated] Merge branch 'release/9.0.1xx' => 'release/9.0.3xx'#54750
Open
github-actions[bot] wants to merge 43 commits into
Open
[automated] Merge branch 'release/9.0.1xx' => 'release/9.0.3xx'#54750github-actions[bot] wants to merge 43 commits into
github-actions[bot] wants to merge 43 commits into
Conversation
backport of https://dev.azure.com/dnceng/internal/_git/dotnet-sdk/pullrequest/60602?path=%2Fsrc%2FCli%2Fdotnet%2FInstaller%2FWindows%2FWindowsUtils.cs file paths are slightly different but code changes should remain identical.
Restrict Workloads Pipe Access backport of https://dev.azure.com/dnceng/internal/_git/dotnet-sdk/pullrequest/60602?path=%2Fsrc%2FCli%2Fdotnet%2FInstaller%2FWindows%2FWindowsUtils.cs file paths are slightly different but code changes should remain identical. ---- #### AI description (iteration 1) #### PR Classification Security enhancement to restrict Named Pipe access in the .NET SDK workload installer for Windows, preventing unauthorized IPC connections. #### PR Summary This PR strengthens security for the Windows workload installer by restricting Named Pipe access to only the invoking user, preventing privilege escalation and path traversal attacks. The changes validate all file paths and implement stricter access controls for inter-process communication. - `WindowsUtils.cs`: Added methods to restrict pipe access to parent process user SID instead of all authenticated users, and implemented path validation utilities to prevent directory traversal attacks - `NetSdkMsiInstallerServer.cs`: Updated pipe security to use parent process user SID via `GetPipeClientIdentifier()` instead of granting access to all authenticated users - `MsiPackageCache.cs`: Added validation for package ID, version, and manifest paths to prevent path traversal exploits when caching MSI packages - `WindowsInstallerTests.cs`: Added comprehensive security tests validating pipe access controls, path traversal prevention, and component validation - `WindowsUtils.cs`: Added `ValidateLogFilePath()`, `ValidatePackagePath()`, and `ValidatePathComponent()` methods to canonicalize and validate file paths against allowed directories <!-- GitOpsUserAgent=GitOps.Apps.Server.pullrequestcopilot -->
Replace expired PAT `$(dn-bot-dnceng-build-rw-code-rw)` with the federated access token `$(AzdoToken)` already minted by the `VmrSyncPipeline` service connection earlier in the pipeline.\n\nSame fix as PR #61246 for internal/release/9.0.3xx.\n\nFixes: AB#10724 ---- #### AI description (iteration 1) #### PR Classification Configuration update to replace a static personal access token with a workload identity federation (WIF) federated token for authenticating VMR push operations to the internal repository. #### PR Summary This pull request updates the authentication mechanism for pushing changes to the internal dotnet-dotnet VMR repository by switching from a static PAT to a dynamically generated federated token. - `/eng/pipelines/templates/jobs/vmr-synchronization.yml`: Changed the `--azdev-pat` parameter from `$(dn-bot-dnceng-build-rw-code-rw)` to `$(AzdoToken)` to use WIF-based authentication instead of a static token <!-- GitOpsUserAgent=GitOps.Apps.Server.pullrequestcopilot --> Related work items: #10724
…udit in tests The unofficial CI pipeline (1472) does not have the AzureDevOps-Artifact-Feeds-Pats variable group linked, causing $(dn-bot-dnceng-artifact-feeds-rw) to resolve to a literal string instead of a PAT. This results in 401 Unauthorized errors when Helix test machines try to access internal NuGet feeds. Use $(System.AccessToken) instead, which is always available in any AzDO pipeline. The build service identity already has read access to the internal feeds. Additionally, disable NuGet audit (NuGetAudit=false) in two tests that intentionally reference old vulnerable packages (System.Net.Http 4.3.0, System.Text.RegularExpressions 4.3.0, Microsoft.NETCore.App 2.1.0) for conflict resolution testing. The NU1903 vulnerability warnings were causing assertion failures. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…dnceng/internal/dotnet-aspnetcore This pull request updates the following dependencies [marker]: <> (Begin:7c429c14-b12b-40f6-ae9e-395f98f369df) ## From https://dev.azure.com/dnceng/internal/_git/dotnet-aspnetcore - **Subscription**: [7c429c14-b12b-40f6-ae9e-395f98f369df](https://maestro.dot.net/subscriptions?search=7c429c14-b12b-40f6-ae9e-395f98f369df) - **Build**: [20260518.2](https://dev.azure.com/dnceng/internal/_build/results?buildId=2977959) ([314847](https://maestro.dot.net/channel/5128/azdo:dnceng:internal:dotnet-aspnetcore/build/314847)) - **Date Produced**: May 18, 2026 7:20:43 PM UTC - **Commit**: [5d6e3342e5d3b1d82f5ac41a027c00ae56f31ea2](https://dev.azure.com/dnceng/internal/_git/dotnet-aspnetcore?_a=history&version=GC5d6e3342e5d3b1d82f5ac41a027c00ae56f31ea2) - **Branch**: [refs/heads/internal/release/9.0](https://dev.azure.com/dnceng/internal/_git/dotnet-aspnetcore?version=GBrefs/heads/internal/release/9.0) [DependencyUpdate]: <> (Begin) - **Dependency Updates**: - From [9.0.16-servicing.26230.9 to 9.0.17-servicing.26268.2][1] - dotnet-dev-certs - dotnet-user-jwts - dotnet-user-secrets - Microsoft.AspNetCore.Analyzers - Microsoft.AspNetCore.App.Ref.Internal - Microsoft.AspNetCore.Components.SdkAnalyzers - Microsoft.AspNetCore.DeveloperCertificates.XPlat - Microsoft.AspNetCore.Mvc.Analyzers - Microsoft.AspNetCore.Mvc.Api.Analyzers - VS.Redist.Common.AspNetCore.SharedFramework.x64.9.0 - Microsoft.SourceBuild.Intermediate.aspnetcore - From [9.0.16 to 9.0.17][1] - Microsoft.AspNetCore.App.Ref - Microsoft.AspNetCore.App.Runtime.win-x64 - Microsoft.AspNetCore.Authorization - Microsoft.AspNetCore.Components.Web - Microsoft.AspNetCore.TestHost - Microsoft.Extensions.FileProviders.Embedded - Microsoft.Extensions.ObjectPool - Microsoft.JSInterop [1]: https://dev.azure.com/dnceng/internal/_git/dotnet-aspnetcore/branches?baseVersion=GC4d825aeb5e5023588c036709c7914008b625b0eb&targetVersion=GC5d6e3342e5d3b1d82f5ac41a027c00ae56f31ea2&_a=files [DependencyUpdate]: <> (End) [marker]: <> (End:7c429c14-b12b-40f6-ae9e-395f98f369df)
…dnceng/internal/dotnet-windowsdesktop This pull request updates the following dependencies [marker]: <> (Begin:Coherency Updates) ## Coherency Updates The following updates ensure that dependencies with a *CoherentParentDependency* attribute were produced in a build used as input to the parent dependency's build. See [Dependency Description Format](https://github.com/dotnet/arcade/blob/master/Documentation/DependencyDescriptionFormat.md#dependency-description-overview) [DependencyUpdate]: <> (Begin) - **Coherency Updates**: - **Microsoft.NET.Sdk.WindowsDesktop**: from 9.0.16-rtm.26230.4 to 9.0.17-rtm.26264.8 (parent: Microsoft.WindowsDesktop.App.Ref) - **Microsoft.Dotnet.WinForms.ProjectTemplates**: from 9.0.16-servicing.26230.2 to 9.0.17-servicing.26264.2 (parent: Microsoft.WindowsDesktop.App.Runtime.win-x64) - **Microsoft.DotNet.Wpf.ProjectTemplates**: from 9.0.16-rtm.26230.4 to 9.0.17-rtm.26264.8 (parent: Microsoft.WindowsDesktop.App.Runtime.win-x64) [DependencyUpdate]: <> (End) [marker]: <> (End:Coherency Updates) [marker]: <> (Begin:87db4525-6885-42da-8dd0-7ce296d7fd1a) ## From https://dev.azure.com/dnceng/internal/_git/dotnet-windowsdesktop - **Subscription**: [87db4525-6885-42da-8dd0-7ce296d7fd1a](https://maestro.dot.net/subscriptions?search=87db4525-6885-42da-8dd0-7ce296d7fd1a) - **Build**: [20260514.1](https://dev.azure.com/dnceng/internal/_build/results?buildId=2975597) ([314473](https://maestro.dot.net/channel/5128/azdo:dnceng:internal:dotnet-windowsdesktop/build/314473)) - **Date Produced**: May 15, 2026 6:29:00 AM UTC - **Commit**: [9d53c54d7228c41da31238e1e2442d67c486cb39](https://dev.azure.com/dnceng/internal/_git/dotnet-windowsdesktop?_a=history&version=GC9d53c54d7228c41da31238e1e2442d67c486cb39) - **Branch**: [refs/heads/internal/release/9.0](https://dev.azure.com/dnceng/internal/_git/dotnet-windowsdesktop?version=GBrefs/heads/internal/release/9.0) [DependencyUpdate]: <> (Begin) - **Dependency Updates**: - From [9.0.16 to 9.0.17][1] - Microsoft.WindowsDesktop.App.Ref - Microsoft.WindowsDesktop.App.Runtime.win-x64 - From [9.0.16-servicing.26230.2 to 9.0.17-servicing.26264.1][1] - VS.Redist.Common.WindowsDesktop.SharedFramework.x64.9.0 - VS.Redist.Common.WindowsDesktop.TargetingPack.x64.9.0 [1]: https://dev.azure.com/dnceng/internal/_git/dotnet-windowsdesktop/branches?baseVersion=GC7bad09c6a7b024bc98987a9fe2c66a79332bf8c5&targetVersion=GC9d53c54d7228c41da31238e1e2442d67c486cb39&_a=files [DependencyUpdate]: <> (End) [marker]: <> (End:87db4525-6885-42da-8dd0-7ce296d7fd1a)
…dnceng/internal/dotnet-runtime This pull request updates the following dependencies [marker]: <> (Begin:Coherency Updates) ## Coherency Updates The following updates ensure that dependencies with a *CoherentParentDependency* attribute were produced in a build used as input to the parent dependency's build. See [Dependency Description Format](https://github.com/dotnet/arcade/blob/master/Documentation/DependencyDescriptionFormat.md#dependency-description-overview) [DependencyUpdate]: <> (Begin) - **Coherency Updates**: - **Microsoft.NET.Workload.Emscripten.Current.Manifest-9.0.100.Transport**: from 9.0.16-servicing.26221.3 to 9.0.17-servicing.26258.3 (parent: Microsoft.NETCore.App.Runtime.win-x64) - **Microsoft.NET.Workload.Emscripten.Current.Manifest-9.0.100**: from 9.0.16 to 9.0.17 (parent: Microsoft.NETCore.App.Runtime.win-x64) - **Microsoft.SourceBuild.Intermediate.emsdk**: from 9.0.16-servicing.26221.3 to 9.0.17-servicing.26258.3 (parent: Microsoft.NETCore.App.Runtime.win-x64) [DependencyUpdate]: <> (End) [marker]: <> (End:Coherency Updates) [marker]: <> (Begin:57bb26e6-6f64-40cf-a4ea-5b973f41bc22) ## From https://dev.azure.com/dnceng/internal/_git/dotnet-runtime - **Subscription**: [57bb26e6-6f64-40cf-a4ea-5b973f41bc22](https://maestro.dot.net/subscriptions?search=57bb26e6-6f64-40cf-a4ea-5b973f41bc22) - **Build**: [20260514.16](https://dev.azure.com/dnceng/internal/_build/results?buildId=2975171) ([314446](https://maestro.dot.net/channel/5128/azdo:dnceng:internal:dotnet-runtime/build/314446)) - **Date Produced**: May 15, 2026 12:09:10 AM UTC - **Commit**: [f2c8152eed158e72950025393fde498c90a57a6b](https://dev.azure.com/dnceng/internal/_git/dotnet-runtime?_a=history&version=GCf2c8152eed158e72950025393fde498c90a57a6b) - **Branch**: [refs/heads/internal/release/9.0](https://dev.azure.com/dnceng/internal/_git/dotnet-runtime?version=GBrefs/heads/internal/release/9.0) [DependencyUpdate]: <> (Begin) - **Dependency Updates**: - From [9.0.16 to 9.0.17][1] - Microsoft.Bcl.AsyncInterfaces - Microsoft.Extensions.DependencyModel - Microsoft.Extensions.FileProviders.Abstractions - Microsoft.Extensions.FileSystemGlobbing - Microsoft.Extensions.Logging - Microsoft.Extensions.Logging.Abstractions - Microsoft.Extensions.Logging.Console - Microsoft.NET.ILLink.Tasks - Microsoft.NETCore.App.Host.win-x64 - Microsoft.NETCore.App.Ref - Microsoft.NETCore.App.Runtime.win-x64 - Microsoft.Win32.SystemEvents - System.CodeDom - System.Composition.AttributedModel - System.Composition.Convention - System.Composition.Hosting - System.Composition.Runtime - System.Composition.TypedParts - System.Configuration.ConfigurationManager - System.Formats.Asn1 - System.Reflection.MetadataLoadContext - System.Resources.Extensions - System.Security.Cryptography.Pkcs - System.Security.Cryptography.ProtectedData - System.Security.Cryptography.Xml - System.Security.Permi...
…dnceng/internal/dotnet-windowsdesktop This pull request updates the following dependencies [marker]: <> (Begin:Coherency Updates) ## Coherency Updates The following updates ensure that dependencies with a *CoherentParentDependency* attribute were produced in a build used as input to the parent dependency's build. See [Dependency Description Format](https://github.com/dotnet/arcade/blob/master/Documentation/DependencyDescriptionFormat.md#dependency-description-overview) [DependencyUpdate]: <> (Begin) - **Coherency Updates**: - **Microsoft.NET.Sdk.WindowsDesktop**: from 9.0.17-rtm.26264.8 to 9.0.17-rtm.26267.1 (parent: Microsoft.WindowsDesktop.App.Ref) - **Microsoft.Dotnet.WinForms.ProjectTemplates**: from 9.0.17-servicing.26264.2 to 9.0.17-servicing.26265.1 (parent: Microsoft.WindowsDesktop.App.Runtime.win-x64) - **Microsoft.DotNet.Wpf.ProjectTemplates**: from 9.0.17-rtm.26264.8 to 9.0.17-rtm.26267.1 (parent: Microsoft.WindowsDesktop.App.Runtime.win-x64) [DependencyUpdate]: <> (End) [marker]: <> (End:Coherency Updates) [marker]: <> (Begin:87db4525-6885-42da-8dd0-7ce296d7fd1a) ## From https://dev.azure.com/dnceng/internal/_git/dotnet-windowsdesktop - **Subscription**: [87db4525-6885-42da-8dd0-7ce296d7fd1a](https://maestro.dot.net/subscriptions?search=87db4525-6885-42da-8dd0-7ce296d7fd1a) - **Build**: [20260518.1](https://dev.azure.com/dnceng/internal/_build/results?buildId=2978264) ([314888](https://maestro.dot.net/channel/5128/azdo:dnceng:internal:dotnet-windowsdesktop/build/314888)) - **Date Produced**: May 18, 2026 11:19:48 PM UTC - **Commit**: [9c74c8784a90d64bcc5c5c552d5420eafb60fa4f](https://dev.azure.com/dnceng/internal/_git/dotnet-windowsdesktop?_a=history&version=GC9c74c8784a90d64bcc5c5c552d5420eafb60fa4f) - **Branch**: [refs/heads/internal/release/9.0](https://dev.azure.com/dnceng/internal/_git/dotnet-windowsdesktop?version=GBrefs/heads/internal/release/9.0) [DependencyUpdate]: <> (Begin) - **Dependency Updates**: - From [9.0.17 to 9.0.17][1] - Microsoft.WindowsDesktop.App.Ref - Microsoft.WindowsDesktop.App.Runtime.win-x64 - From [9.0.17-servicing.26264.1 to 9.0.17-servicing.26268.1][1] - VS.Redist.Common.WindowsDesktop.SharedFramework.x64.9.0 - VS.Redist.Common.WindowsDesktop.TargetingPack.x64.9.0 [1]: https://dev.azure.com/dnceng/internal/_git/dotnet-windowsdesktop/branches?baseVersion=GC9d53c54d7228c41da31238e1e2442d67c486cb39&targetVersion=GC9c74c8784a90d64bcc5c5c552d5420eafb60fa4f&_a=files [DependencyUpdate]: <> (End) [marker]: <> (End:87db4525-6885-42da-8dd0-7ce296d7fd1a)
…udit in tests The unofficial CI pipeline (1472) does not have the AzureDevOps-Artifact-Feeds-Pats variable group linked, causing $(dn-bot-dnceng-artifact-feeds-rw) to resolve to a literal string instead of a PAT. This results in 401 Unauthorized errors when Helix test machines try to access internal NuGet feeds. Use $(System.AccessToken) instead, which is always available in any AzDO pipeline. The build service identity already has read access to the internal feeds. Additionally, disable NuGet audit (NuGetAudit=false) in two tests that intentionally reference old vulnerable packages (System.Net.Http 4.3.0, System.Text.RegularExpressions 4.3.0, Microsoft.NETCore.App 2.1.0) for conflict resolution testing. The NU1903 vulnerability warnings were causing assertion failures. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Reset patterns: - global.json - NuGet.config - eng/Version.Details.xml - eng/Versions.props - eng/common/*
…dnceng/internal/dotnet-aspnetcore This pull request updates the following dependencies [marker]: <> (Begin:7c429c14-b12b-40f6-ae9e-395f98f369df) ## From https://dev.azure.com/dnceng/internal/_git/dotnet-aspnetcore - **Subscription**: [7c429c14-b12b-40f6-ae9e-395f98f369df](https://maestro.dot.net/subscriptions?search=7c429c14-b12b-40f6-ae9e-395f98f369df) - **Build**: [20260519.7](https://dev.azure.com/dnceng/internal/_build/results?buildId=2979108) ([315055](https://maestro.dot.net/channel/5128/azdo:dnceng:internal:dotnet-aspnetcore/build/315055)) - **Date Produced**: May 19, 2026 9:31:40 PM UTC - **Commit**: [5edf41b9c09952f18e404ad38e25670991c1b513](https://dev.azure.com/dnceng/internal/_git/dotnet-aspnetcore?_a=history&version=GC5edf41b9c09952f18e404ad38e25670991c1b513) - **Branch**: [refs/heads/internal/release/9.0](https://dev.azure.com/dnceng/internal/_git/dotnet-aspnetcore?version=GBrefs/heads/internal/release/9.0) [DependencyUpdate]: <> (Begin) - **Dependency Updates**: - From [9.0.17-servicing.26268.2 to 9.0.17-servicing.26269.7][1] - dotnet-dev-certs - dotnet-user-jwts - dotnet-user-secrets - Microsoft.AspNetCore.Analyzers - Microsoft.AspNetCore.App.Ref.Internal - Microsoft.AspNetCore.Components.SdkAnalyzers - Microsoft.AspNetCore.DeveloperCertificates.XPlat - Microsoft.AspNetCore.Mvc.Analyzers - Microsoft.AspNetCore.Mvc.Api.Analyzers - VS.Redist.Common.AspNetCore.SharedFramework.x64.9.0 - Microsoft.SourceBuild.Intermediate.aspnetcore - From [9.0.17 to 9.0.17][1] - Microsoft.AspNetCore.App.Ref - Microsoft.AspNetCore.App.Runtime.win-x64 - Microsoft.AspNetCore.Authorization - Microsoft.AspNetCore.Components.Web - Microsoft.AspNetCore.TestHost - Microsoft.Extensions.FileProviders.Embedded - Microsoft.Extensions.ObjectPool - Microsoft.JSInterop [1]: https://dev.azure.com/dnceng/internal/_git/dotnet-aspnetcore/branches?baseVersion=GC5d6e3342e5d3b1d82f5ac41a027c00ae56f31ea2&targetVersion=GC5edf41b9c09952f18e404ad38e25670991c1b513&_a=files [DependencyUpdate]: <> (End) [marker]: <> (End:7c429c14-b12b-40f6-ae9e-395f98f369df)
…merge/release/8.0.4xx-to-release/9.0.1xx
…build 20260521.2 On relative base path root Microsoft.SourceBuild.Intermediate.source-build-assets From Version 9.0.0-alpha.1.26262.4 -> To Version 9.0.0-alpha.1.26271.2
…ld 20260527.1 On relative base path root Microsoft.SourceBuild.Intermediate.scenario-tests , Microsoft.DotNet.ScenarioTests.SdkTemplateTests From Version 9.0.0-preview.26263.1 -> To Version 9.0.0-preview.26277.1
…ld 20260601.3 On relative base path root Microsoft.SourceBuild.Intermediate.scenario-tests , Microsoft.DotNet.ScenarioTests.SdkTemplateTests From Version 9.0.0-preview.26263.1 -> To Version 9.0.0-preview.26301.3
…build 20260601.3 On relative base path root Microsoft.SourceBuild.Intermediate.source-build-assets From Version 9.0.0-alpha.1.26262.4 -> To Version 9.0.0-alpha.1.26301.3
…ld 20260602.1 On relative base path root Microsoft.SourceBuild.Intermediate.scenario-tests , Microsoft.DotNet.ScenarioTests.SdkTemplateTests From Version 9.0.0-preview.26263.1 -> To Version 9.0.0-preview.26302.1
…0260602.5 On relative base path root Microsoft.SourceBuild.Intermediate.templating , Microsoft.TemplateEngine.Mocks From Version 9.0.118-servicing.26267.4 -> To Version 9.0.119-servicing.26302.5 Microsoft.TemplateEngine.Abstractions From Version 9.0.118 -> To Version 9.0.119
…0260602.8 On relative base path root Microsoft.SourceBuild.Intermediate.templating , Microsoft.TemplateEngine.Mocks From Version 9.0.118-servicing.26267.4 -> To Version 9.0.119-servicing.26302.8 Microsoft.TemplateEngine.Abstractions From Version 9.0.118 -> To Version 9.0.119
…c-49cc-9ffa-5e22f010ad9b
…1-45ab-87da-f91b238d960a
…1-482c-9328-c72c04e8f373
…-merge-9.0.1xx-2026-06-09-1503
Co-authored-by: Ella Hathaway <67609881+ellahathaway@users.noreply.github.com> Co-authored-by: Ella Hathaway <ellahathaway@microsoft.com> Co-authored-by: dotnet-maestro[bot] <dotnet-maestro[bot]@users.noreply.github.com>
Reset patterns: - global.json - NuGet.config - eng/Version.Details.xml - eng/Versions.props - eng/common/*
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
7 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
I detected changes in the release/9.0.1xx branch which have not been merged yet to release/9.0.3xx. I'm a robot and am configured to help you automatically keep release/9.0.3xx up to date, so I've opened this PR.
This PR merges commits made on release/9.0.1xx by the following committers:
Instructions for merging from UI
This PR will not be auto-merged. When pull request checks pass, complete this PR by creating a merge commit, not a squash or rebase commit.
If this repo does not allow creating merge commits from the GitHub UI, use command line instructions.
Instructions for merging via command line
Run these commands to merge this pull request from the command line.
or if you are using SSH
After PR checks are complete push the branch
Instructions for resolving conflicts
Instructions for updating this pull request
Contributors to this repo have permission update this pull request by pushing to the branch 'merge/release/9.0.1xx-to-release/9.0.3xx'. This can be done to resolve conflicts or make other changes to this pull request before it is merged.
The provided examples assume that the remote is named 'origin'. If you have a different remote name, please replace 'origin' with the name of your remote.
or if you are using SSH
Contact .NET Core Engineering (dotnet/dnceng) if you have questions or issues.
Also, if this PR was generated incorrectly, help us fix it. See https://github.com/dotnet/arcade/blob/main/.github/workflows/scripts/inter-branch-merge.ps1.