chore(deps): update dependency verify.nunit to 30.18.0

[thomhurst]

This PR contains the following updates:

Package	Type	Update	Change
Verify.NUnit	nuget	minor	30.17.0 -> 30.18.0

---

Release Notes

VerifyTests/Verify (Verify.NUnit)

v30.18.0

Compare Source

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

[claude]

Claude finished @thomhurst's task —— View job

---

Code Review Complete ✅

Dependency Update Analysis: Verify.NUnit 30.17.0 → 30.18.0

Summary

This is a low-risk minor version update of the Verify.NUnit package. The change appears safe to merge but there are some considerations.

Code Quality & Best Practices ✅

• Central Package Management: Properly uses Directory.Packages.props for centralized version management
• Semantic Versioning: Minor version bump (30.17.0 → 30.18.0) suggests backward-compatible changes only
• Automated Update: Renovate Bot ensures consistent dependency management

Potential Issues ⚠️

1. Package Version Misalignment:

   • Verify.NUnit → 30.18.0 (updated)
   • Verify → 30.17.0 (unchanged)
   • Verify.TUnit → 30.17.0 (unchanged)

   Consider updating all Verify packages together for consistency.

2. Unused Dependency:

   • No direct PackageReference to Verify.NUnit found in any .csproj files
   • Project uses custom verification logic in TUnit.PublicAPI/Verify.cs:167-170
   • This package may be redundant and could be removed entirely

Performance Considerations ✅

• No performance impact expected from this minor version update
• Custom verification implementation in TUnit.PublicAPI/Verify.cs maintains control over performance-critical snapshot testing

Security Concerns ✅

• Minor version updates typically contain bug fixes and improvements
• No security implications identified for this testing utility package

Test Coverage Assessment ✅

• Snapshot Tests: According to CLAUDE.md, snapshot tests should be run when making changes
• Recommendation: Run dotnet test TUnit.PublicAPI to ensure snapshot tests pass
• Custom Verify Logic: The project's custom VerifyTUnit implementation in TUnit.PublicAPI/Verify.cs is unaffected

Recommendations

1. Immediate: This change is safe to merge as-is
2. Follow-up: Consider aligning all Verify package versions:

   - <PackageVersion Include="Verify" Version="30.17.0" />
   + <PackageVersion Include="Verify" Version="30.18.0" />
   - <PackageVersion Include="Verify.TUnit" Version="30.17.0" />
   + <PackageVersion Include="Verify.TUnit" Version="30.18.0" />

3. Optimization: Evaluate if Verify.NUnit is actually needed, as the project uses custom verification logic

Verdict: ✅ APPROVE

Low-risk dependency update with no breaking changes. Safe to merge.

[claude]

Claude finished @thomhurst's task —— View job

---

PR Review: Verify.NUnit Dependency Update ✅

Todo List:

• Read the changed file (Directory.Packages.props)
• Search for Verify.NUnit usage in the codebase
• Check other Verify package versions for consistency
• Review test files that might be affected
• Analyze potential impacts and provide feedback
• Submit comprehensive review

---

Summary

This is a minor dependency update for Verify.NUnit from 30.17.0 to 30.18.0. The change is low-risk and safe to merge, but there are some observations worth noting.

Code Quality & Best Practices ✅

• Central Package Management: Properly uses Directory.Packages.props for centralized version management - excellent practice
• Semantic Versioning: Minor version bump suggests backward-compatible changes only
• Automated Updates: Renovate Bot ensures consistent dependency management

Key Findings

🔍 Package Usage Analysis

• No Direct Usage: Verify.NUnit is not directly referenced in any .csproj files in the codebase
• NUnit Usage: Only found in /tools/speed-comparison/NUnitTimer/ for performance benchmarking
• Primary Verification: Project uses Verify.TUnit for snapshot testing in:
  • TUnit.Core.SourceGenerator.Tests/TUnit.Core.SourceGenerator.Tests.csproj:86
  • TUnit.PublicAPI/TUnit.PublicAPI.csproj:86
  • TUnit.Assertions.SourceGenerator.Tests/TUnit.Assertions.SourceGenerator.Tests.csproj:86

⚠️ Version Alignment Issue

• ✅ Verify → 30.18.0 (updated)
• ✅ Verify.NUnit → 30.18.0 (this PR)
• ❌ Verify.TUnit → 30.17.0 (misaligned)

This creates version inconsistency within the Verify package family.

Potential Impact Assessment

Performance Considerations ✅

• No Performance Impact: Since Verify.NUnit isn't actively used, no performance implications
• TUnit Performance: The actively used Verify.TUnit remains unchanged

Security Concerns ✅

• Low Risk: Minor version updates typically contain bug fixes and improvements
• No Security Implications: Testing utility packages pose minimal security risk

Test Coverage ✅

• Snapshot Tests: Based on CLAUDE.md:72-81, recommend running:

  dotnet test TUnit.Core.SourceGenerator.Tests  # Source generator snapshots
  dotnet test TUnit.PublicAPI                   # Public API snapshots

• Verify.TUnit Tests: All actual snapshot testing uses Verify.TUnit (30.17.0), which is unaffected

Recommendations

Immediate Action ✅

• Safe to Merge: This change poses no risk to the codebase

Follow-up Considerations

1. Version Alignment: Consider updating Verify.TUnit to 30.18.0 for consistency:

   - <PackageVersion Include="Verify.TUnit" Version="30.17.0" />
   + <PackageVersion Include="Verify.TUnit" Version="30.18.0" />

2. Package Cleanup: Since Verify.NUnit appears unused, consider removing it entirely:

   - <PackageVersion Include="Verify.NUnit" Version="30.18.0" />

3. Speed Comparison: The NUnit performance benchmark in /tools/speed-comparison/NUnitTimer/ doesn't use Verify.NUnit, so this dependency may be redundant

Verdict: ✅ APPROVE

• Risk Level: Very Low
• Breaking Changes: None
• Impact: Minimal (unused package)
• Recommendation: Safe to merge immediately

This dependency update maintains compatibility while keeping packages current. The version misalignment with Verify.TUnit is a minor housekeeping item for future consideration.

---