Version 2.x (WIP...)

[StefH]

Version 2.x only supports:

• .NET Framework 4.8
• .NET 8.0

[codecov]

Codecov Report

❌ Patch coverage is 73.66864% with 89 lines in your changes missing coverage. Please review.
✅ Project coverage is 34.61%. Comparing base (702e156) to head (93ee945).

Files with missing lines	Patch %	Lines
...rc/WireMock.Net.Minimal/Owin/WireMockMiddleware.cs	83.25%	38 Missing ⚠️
...Mock.Net.Minimal/Owin/GlobalExceptionMiddleware.cs	46.42%	15 Missing ⚠️
...ock.Net.Minimal/Owin/Mappers/OwinResponseMapper.cs	35.29%	11 Missing ⚠️
...Net.Minimal/Owin/AspNetCoreSelfHost.NETStandard.cs	45.45%	6 Missing ⚠️
...Mock.Net.Minimal/Owin/Mappers/OwinRequestMapper.cs	73.33%	4 Missing ⚠️
src/WireMock.Net.Minimal/Owin/HostUrlOptions.cs	0.00%	3 Missing ⚠️
src/WireMock.Net.Minimal/Http/HttpClientBuilder.cs	0.00%	2 Missing ⚠️
...Mock.Net.Minimal/Owin/WireMockMiddlewareOptions.cs	71.42%	2 Missing ⚠️
...ireMock.Net.Minimal/Serialization/MatcherMapper.cs	0.00%	2 Missing ⚠️
src/WireMock.Net.Shared/Util/TypeLoader.cs	0.00%	2 Missing ⚠️
... and 4 more

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #1359      +/-   ##
==========================================
+ Coverage   34.56%   34.61%   +0.05%     
==========================================
  Files         155      156       +1     
  Lines       35228    35397     +169     
==========================================
+ Hits        12176    12254      +78     
- Misses      22764    22832      +68     
- Partials      288      311      +23     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[Kielek]

@StefH, some feedback:

1. It will be great to still have support for .NET Framework 4.6.2. It has normal support until Jan 12, 2027. The downside - there is no possibility to update to XUnit.v3. This package is used under OpenTelemetry Contrib repository. And various vendors still needs to offer support for ancient frameworks.
2. I have executed build locally, there is a lot of NU1902, NU1903, NU1904 warnings. All of them are related to different levels o security vulnerabilities. Part of them affects production dependencies.

[StefH]

Thanks for your response.

About 1: WireMock.Net is mostly used in unit tests. So how many % of those unit tests project are going to use an older framework like the one you mentioned? I think that supporting older frameworks in a main project and testing this in a unit test project is related but not always 1 to 1....

I will think on this and maybe support that one instead of 4.8

About 2: the question is how critical any security issue is because WireMock is used for testing, not for production code.

[Kielek]

Thanks for your response.

About 1: WireMock.Net is mostly used in unit tests. So how many % of those unit tests project are going to use an older framework like the one you mentioned? I think that supporting older frameworks in a main project and testing this in a unit test project is related but not always 1 to 1....

I will think on this and maybe support that one instead of 4.8

It will be great. I have had similar discussions about other, testing only library - Verify. After 1,5 year author bringed back support for this old framework. I think that the requestor was .NET team.

About 2: the question is how critical any security issue is because WireMock is used for testing, not for production code.

I think that here are 2 aspects to consider:

.NET SDK 9 for first release switchted settings to (then it was rollbacked, but some project kept it in place). I am not sure what is the current state:

  <PropertyGroup>
    <NuGetAudit>true</NuGetAudit>
    <NuGetAuditMode>all</NuGetAuditMode>
    <NuGetAuditLevel>low</NuGetAuditLevel>
  </PropertyGroup>

With this + treat warnings as errors, which is pretty common, at least in my buble, it leads to the breaking compilation. Usually, there is a possibility to fix such changes basicaly by bumping transitive packages, but it is just inconvinient. IMO it is better to fix such cases centrally,

The second aspect are security scans. I will consider OpenTelemetry as an example. Some end-users/companies making additional source code scans, not only shipped libraries. If we have any known vulnerable dependencies, there are at least yellow flags and we need to explain that the production code is not affected. With this, this project has strict rules to fix all such warnings.

Thanks for maintaining this library, I know that it takes more time than people usually thinks.

[StefH]

@Kielek
I checked your idead about 4.6.2, however that brings back again some if-defs and other classes which I would like to get rid of. So I'll stick with Framework 4.8 and .NET 8

[Kielek]

That's fine, I think that I will need to create some simplified version of this package tailored to our usecase.

[StefH]

@petrroll
This V2 branch only support .NET 48 and .NET 8 , so the OpenTelemetry integration is much easier. Can you take a look at this PR for the OpenTelemetry code?

[Copilot]

Pull request overview

This pull request updates WireMock.Net to version 2.x, which only supports .NET Framework 4.8 and .NET 8.0. The changes involve:

Changes:

• Reduced target framework support to only .NET Framework 4.8 and .NET 8.0
• Removed ConfigureAwait(false) calls throughout the codebase
• Commented out conditional compilation directives for feature flags (MIMEKIT, GRAPHQL, PROTOBUF, etc.)
• Updated package dependencies to newer versions
• Removed OWIN-based hosting in favor of ASP.NET Core only
• Migrated from Check.ThatAsyncCode to Check.ThatCode in tests

Reviewed changes

Copilot reviewed 161 out of 182 changed files in this pull request and generated 90 comments.

Show a summary per file

File	Description
test/**/*.cs	Removed ConfigureAwait(false) from async calls, updated assertion methods
test/**/*.csproj	Updated target frameworks to net48;net8.0, updated package versions
src/**/*.csproj	Updated target frameworks to net48;net8.0, removed conditional compilation
src/**/WireMock.Net.Minimal/Owin/OwinSelfHost.cs	Deleted - removed OWIN hosting support
src/**/Owin/*.cs	Migrated to ASP.NET Core exclusively
src/**/*.cs	Commented out conditional compilation directives, updated code accordingly

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Disposable 'HttpClient' is created but not disposed.

[Copilot]

Disposable 'HttpClient' is created but not disposed.

[Copilot]

Disposable 'StringContent' is created but not disposed.

[Copilot]

Disposable 'HttpClient' is created but not disposed.

[Copilot]

Disposable 'StringContent' is created but not disposed.

[Copilot]

Disposable 'StringContent' is created but not disposed.

[Copilot]

Disposable 'HttpClient' is created but not disposed.

[Copilot]

Disposable 'StringContent' is created but not disposed.

[Copilot]

Disposable 'HttpClient' is created but not disposed.

[Copilot]

This variable is manually disposed in a finally block - consider a C# using statement as a preferable resource management technique.

[petrroll]

@StefH I have briefly tried to take a look at it seems you haven't changed many places, just collapsed two settings into one which is great/fine.

It is however quite a humongous PR so I can't promise I didn't miss anything 😅

Should be fairly easy to test via the test app tho / with producing test docker container and then trying the aspire integration

[petrroll]

Both codex 52 and Claude Opus 4.5 agree (thank you my employer for those tokens), so I think we're golden (I know I know, it's not great practice, but skimming it myself + validating with two separate models gives some signal)