Bump gitversion.tool from 6.4.0 to 6.7.0

[dependabot]

Updated gitversion.tool from 6.4.0 to 6.7.0.

Release notes

Sourced from gitversion.tool's releases.

6.7.0

As part of this release we had 46 commits which resulted in 3 issues being closed.

Features

• #​4369 [FEATURE]: Modernize YAML configuration serialization strategy by arturcic resolved in !4686 by copilot-swe-agent, !4688 by copilot-swe-agent, !4886 by arturcic

Improvements

• #​4880 CI/CD workflow hardening and release-process observability by arturcic resolved in !4881 by arturcic
• #​4883 Support nuget.org Trusted Publishing by arturcic resolved in !4884 by copilot-swe-agent

Contributors

2 contributors made this release possible.

SHA256 Hashes of the release artifacts

• 180fd7cf40fdfacf2c251176a4b613a444db2b40af477fd07a7c6d4d6b355dc6 - gitversion-linux-arm64-6.7.0.tar.gz
• 254d1de40ac82af4c17771f996cb6656e6f3ba0f9cd2f6e94e07d983ac79595a - gitversion-linux-musl-arm64-6.7.0.tar.gz
• d59557ebd5fcd036387cf1c7e6fb82df7fe71b5409ec1a69fd4a0ba614ccbcb7 - gitversion-linux-musl-x64-6.7.0.tar.gz
• e2012abfb3392a6f0ccf5f82738173c291b15bfdb2d5e9197777ec3f41b88f76 - gitversion-linux-x64-6.7.0.tar.gz
• 429108e0d51f98815b6fbf4ebba84cf53812a4c71eee67180456e8771e9f4320 - gitversion-osx-arm64-6.7.0.tar.gz
• 02f6b9ac0d70a18d8bc2c0e3eaf183377a2417ecadd5df452ab3150b4404182c - gitversion-osx-x64-6.7.0.tar.gz
• 873cdc294068cbbda43717e6384b849599d2d0db0db6f7c2592074c8f9386116 - gitversion-win-arm64-6.7.0.zip
• 55b43a1c1e1d174675ca1500410e64a0ad9904425f2329fe6b35b5368a31f629 - gitversion-win-x64-6.7.0.zip

6.6.2

As part of this release we had 30 commits which resulted in 2 issues being closed.

Improvements

• #​4873 [ISSUE]: Improve error message for unsupported keys in /overrideconfig command line option by denisbredikhin resolved in !4874 by denisbredikhin
• #​4877 Define CI/CD publishing policy and secure token ownership boundaries by arturcic resolved in !4876 by arturcic

Contributors

2 contributors made this release possible.

SHA256 Hashes of the release artifacts

• 4d0637a80cdf5b615b0b5426f4c8a670db3f44d696bb68c2935b3ab801698090 - gitversion-linux-arm64-6.6.2.tar.gz
• 11e0bd3daa1b40f63dc5f61192a41a9d59f76a2513ddefa28ec47ac65c34ee00 - gitversion-linux-musl-arm64-6.6.2.tar.gz
• fa526a55aa10a80e53ab6e85896144e23350c7366d6307b0f353d9d2d8353e73 - gitversion-linux-musl-x64-6.6.2.tar.gz
• 1c436efca8063f936ef9144b71350e813ae1a0d6dcd8256ef85c5254ce00714c - gitversion-linux-x64-6.6.2.tar.gz
• 3c7c331999ff6a69ca4942f4dbc84a87998b5f278df509551be0160415f9e67e - gitversion-osx-arm64-6.6.2.tar.gz
• fb4d8c16e64360e9fb7df1c507d30c5a959fc0c41e0db2bc2dbcc55808b6d24b - gitversion-osx-x64-6.6.2.tar.gz
• d0dfba1cdec96efcf5742173aa249fcd8cd866bd0cc519539976c0eaf49556f6 - gitversion-win-arm64-6.6.2.zip
• 8013cc3422d26ef014c903554be8be6a1b835514e8064f0ec6a63ca52c7f3729 - gitversion-win-x64-6.6.2.zip

6.6.1

As part of this release we had 67 commits which resulted in 2 issues being closed.

Improvements

• #​4839 [ISSUE]: Refactor help and version command handling by arturcic resolved in !4838 by arturcic

Contributors

1 contributors made this release possible.

SHA256 Hashes of the release artifacts

• abd80a77ebb3f4750255378f222076bef6884be46b07ee5bb35d84a5c2d5b6fb - gitversion-linux-arm64-6.6.1.tar.gz
• 37cf7184e9f94de20d1dfd80f5d94a20c74327cab241ba90116531559630a9df - gitversion-linux-musl-arm64-6.6.1.tar.gz
• bdd393d9ab7a37811bc04a9b92687e99de6b5c0162be416aa6db0dbb9dae51ec - gitversion-linux-musl-x64-6.6.1.tar.gz
• 613b1247794aaf541b3060d5d5d6ef53e6b7a5779b0bf446f7549ebf935a1d38 - gitversion-linux-x64-6.6.1.tar.gz
• 2c19105a672c0da445c6998429cd6034b864b707bcd830bb5d4e9862572cc3e2 - gitversion-osx-arm64-6.6.1.tar.gz
• ee07876b25cd5c53a4500ac94373dd07e207db64fca67201daaa4a78397aba20 - gitversion-osx-x64-6.6.1.tar.gz
• d333202ff9c95131644a1d093c8e75fd4e29277168d3bdd72342d95c11b9ef08 - gitversion-win-arm64-6.6.1.zip
• 9a4deffb3c8ad25276577d3a6b8a69d80c3b6a0cb8f0b9c3a933fac7a2c46bbc - gitversion-win-x64-6.6.1.zip

6.6.0

Documentation

• #​4823 Update docs to include dnx usage by arturcic resolved in !4824 by copilot-swe-agent

Features

• !4804 Expose VersionSourceSemVer as Output Variable by jakublatkowski
• #​4808 Renaming CommitsSinceVersionSource to VersionSourceDistance by arturcic resolved in !4810 by copilot-swe-agent
• #​4814 Expose the VersionSourceIncrement property in output variables by jakublatkowski resolved in !4815 by copilot-swe-agent, !4820 by jakublatkowski

Improvements

• #​4418 [ISSUE]: GitVersion sometimes takes several hours, seemingly hanging for several minutes between steps by ChristoWolf resolved in !4809 by sanelson
• !4789 Support integer formatting with specifiers D and B by BCSharp raised in #​4788 by BCSharp
• !4812 refactor(serializer): utilize source-generated JSON context for seria… by arturcic
• !4817 refactor(gitversion-variables): Standardize output variable order by arturcic

As part of this release we had 131 commits which resulted in 37 issues being closed.

Bugs

• #​4056 [ISSUE]: NotImplementedException in TrunkBased-Workflow by steven-r resolved in !4793 by HHobeck
• #​4795 [ISSUE]: "track-merge-target: false" reads tag from other branch by Ult0r resolved in !4796 by HHobeck

Dependencies

• !4766 (docs deps): Bump mdast-util-to-hast from 13.0.2 to 13.2.1 by dependabot[bot]
• !4768 (build deps): Bump jetbrains/qodana-action from 2025.2.2 to 2025.2.3 by dependabot[bot]
• !4769 (deps): Bump NUnit3TestAdapter from 5.2.0 to 6.0.0 by dependabot[bot]
• !4770 (deps): Bump NUnit3TestAdapter from 5.2.0 to 6.0.0 by dependabot[bot]
• !4771 (deps): Bump JsonSchema.Net.Generation from 5.1.1 to 6.0.0 by dependabot[bot]
• !4772 (sdk): Bump dotnet-sdk from 10.0.100 to 10.0.101 by dependabot[bot]
• !4774 (deps): Bump Microsoft.Extensions.DependencyInjection.Abstractions and 3 others by dependabot[bot]
• !4775 (build deps): Bump jetbrains/qodana-action from 2025.2.3 to 2025.2.4 by dependabot[bot]
• !4777 (deps): Bump the microsoft group with 9 updates by dependabot[bot]
• !4778 (deps): Bump Cake.Codecov from 3.0.0 to 3.0.1 by dependabot[bot]
• !4780 (build deps): Bump actions/cache from 4 to 5 in the actions group by dependabot[bot]
• !4781 (deps): Bump Cake.Codecov from 3.0.1 to 6.0.0 by dependabot[bot]
• !4783 (build deps): Bump the actions group with 2 updates by dependabot[bot]
• !4784 (deps): Bump NUnit3TestAdapter from 5.2.0 to 6.0.0 by dependabot[bot]
• !4786 (deps): Bump NUnit3TestAdapter from 5.2.0 to 6.0.0 by dependabot[bot]
• !4787 (deps): Bump JunitXml.TestLogger from 7.0.2 to 7.1.0 by dependabot[bot]
• !4790 (deps): Bump the analyzers group with 2 updates by dependabot[bot]
• !4791 (deps): Bump NUnit3TestAdapter from 5.2.0 to 6.1.0 by dependabot[bot]
• !4792 (build deps): Bump jetbrains/qodana-action from 2025.2.4 to 2025.3.1 by dependabot[bot]
• !4798 (deps): Bump the microsoft group with 1 update by dependabot[bot]
• !4799 (deps): Bump JunitXml.TestLogger from 7.1.0 to 8.0.0 by dependabot[bot]
• !4800 (sdk): Bump dotnet-sdk from 10.0.101 to 10.0.102 by dependabot[bot]
• !4801 (deps): Bump the microsoft group with 11 updates by dependabot[bot]
• !4811 (deps): Bump JsonSchema.Net.Generation from 6.0.0 to 7.0.0 by dependabot[bot]
  ... (truncated)

6.5.1

As part of this release we had 64 commits which resulted in 6 issues being closed.

Bugs

• #​4539 [ISSUE]: 6.3.0 diag flag not working by peschmae resolved in !4764 by davidjenni
• !4762 Fix diag switch by davidjenni raised in #​4763 by davidjenni
• #​4763 [ISSUE]: /diag is ignored if not last argument by davidjenni resolved in !4762 by davidjenni

Features

• !4750 Bring back support for msbuild and Visual Studio by arturcic

Improvements

• !4748 Refactor RegexPatterns to use properties instead of methods for Regex by arturcic

Contributors

3 contributors made this release possible.

SHA256 Hashes of the release artifacts

• 00db6e97688e0f9edec5015b10914580405759e4198aabbc7261ccd75161e080 - gitversion-linux-arm64-6.5.1.tar.gz
• 8d435c06d105350b3368651c467144db462bd73fd23962c5e7ae512638665333 - gitversion-linux-musl-arm64-6.5.1.tar.gz
• ee0efdbeba8f7f2c4a4d7c78d3cf45429433e3c3219464db4ad7e0c424f735ed - gitversion-linux-musl-x64-6.5.1.tar.gz
• 2c3f19d9186499efc1e97dbedd250f26ab87ba8c0a58e2c20dc29e9db4aa37cc - gitversion-linux-x64-6.5.1.tar.gz
• 463c08c23cbdbfe218e132691b0b8a5794cb2696c8dca52ba89f527e73be46f8 - gitversion-osx-arm64-6.5.1.tar.gz
• 566c3df4abde70bf594059c39803b3650e02251cf8f4d3ce476549ad3cfb9a56 - gitversion-osx-x64-6.5.1.tar.gz
• beea0ca8e69a5de35f7a1901228368e11f2b4f32ddb7fb32aa27467289bd6f23 - gitversion-win-arm64-6.5.1.zip
• 5c8f1f8e5ea6512deffe36d00bd7b57c0b64cba547779f78a892c0e73bc48b67 - gitversion-win-x64-6.5.1.zip

6.5.0

As part of this release we had 113 commits which resulted in 10 issues being closed.

Features

• #​4719 [ISSUE]: Add support for SQL SDK .sqlproj files by aidanblacklumeris resolved in !4720 by copilot-swe-agent
• !4720 Add support for SQL SDK .sqlproj files in /updateprojectfiles by Copilot raised in #​4719 by aidanblacklumeris

Improvements

• #​4409 [ISSUE]: gitversion 6.10.0 (and 6.5.0 as well) hangs for a while when calculating version by simonachmueller resolved in !4681 by pvanbuijtene
• #​4680 [ISSUE]: High memory usage by pvanbuijtene resolved in !4681 by pvanbuijtene
• !4681 Reduce memory usage by caching commits on their sha hash by pvanbuijtene raised in #​4409 by simonachmueller, #​4680 by pvanbuijtene
• !4685 Improves git object cache by arturcic

Contributors

6 contributors made this release possible.

SHA256 Hashes of the release artifacts

• 05994d42146f5dc01348576240fdff0dea75f3cdf13ebd5d3f6764fc1d7e6140 - gitversion-linux-arm64-6.5.0.tar.gz
• 63fd7d6832c6311fdf3017fc7dc277170ee9dae2790d825d8d7673d6fc1db265 - gitversion-linux-musl-arm64-6.5.0.tar.gz
• 121c8a1de4133a0c628b3cfc2100b46813fa951ce477be3378247642a06169dd - gitversion-linux-musl-x64-6.5.0.tar.gz
• 3399cc297ec83ef433763d0bae91b2f998117837397f5a63adca992b00dde2b6 - gitversion-linux-x64-6.5.0.tar.gz
• 9be6d6f617eeba12ad7786f7187d1ffb21fb14d3db082e645fda5122b2573bc7 - gitversion-osx-arm64-6.5.0.tar.gz
• e4f83a4a0162dbbf13997fdc6c43fbb155562cb14978a695c1d1218b8f8368c1 - gitversion-osx-x64-6.5.0.tar.gz
• 86c467cfe9af5cf5e0bef85bd867469aa0c4948a088b6e0e35f930acc650fdeb - gitversion-win-arm64-6.5.0.zip
• c423d828455777c065e413c585232dbdb6e44e9ec0eae530a55d32d075762e37 - gitversion-win-x64-6.5.0.zip

Commits viewable in compare view.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[clawsweeper]

Codex review: needs changes before merge. Reviewed June 1, 2026, 4:46 PM ET / 20:46 UTC.

Summary
This PR updates the local .NET tool manifest entry for gitversion.tool from 6.4.0 to 6.7.0.

Reproducibility: yes. from source inspection: the PR updates only the local tool manifest while current master still uses GitVersion.MsBuild 6.4.0 and CI GitVersion 6.4.x. I did not run build commands because this cleanup review is read-only.

Review metrics: 2 noteworthy metrics.

• Changed files: 1 manifest file changed. The patch changes only the local tool manifest while the repository has separate CI and MSBuild GitVersion pins.
• Unchanged GitVersion pins: 2 remaining pins: GitVersion.MsBuild 6.4.0 and CI 6.4.x. Those unchanged pins are the concrete source of release-version drift risk.

Merge readiness
Overall: 🧂 unranked krab
Proof: 🌊 off-meta tidepool
Patch quality: 🧂 unranked krab
Result: blocked by patch quality or review findings.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Rank-up moves:

• [P2] Align src/Directory.Build.props and .github/workflows/ci.yml with the 6.7.0 bump, or prove mixed versions are safe.
• [P2] Run the repo-required build/tests plus a focused version-output check after the alignment.

Risk before merge

• [P1] Merging unchanged would run the local version script on GitVersion 6.7.0 while product builds and CI version outputs remain on 6.4.0/6.4.x.
• [P1] Release artifact names and OpenClaw.Tray.WinUI.dll ProductVersion metadata can drift if GitVersion output changes between those entrypoints.

Maintainer options:

1. Align all GitVersion entrypoints (recommended)
   Update the local tool manifest, MSBuild package, and CI GitVersion version pin together, then prove the version script and product metadata still agree.
2. Accept manifest-only drift
   Maintainers can merge only the local tool bump if they explicitly accept mixed GitVersion versions and have external release proof that outputs remain identical.

Copy recommended automerge instruction

@clawsweeper automerge

Special instructions:
Align all GitVersion entrypoints touched by release/version automation with the gitversion.tool 6.7.0 bump, and report a focused version-output check showing scripts and product metadata agree.

Next step before merge

• [P2] A narrow mechanical repair can align the remaining GitVersion pins and validate version output without a product decision.

Security
Cleared: The diff only bumps an existing build tool version in the local .NET tool manifest and does not add new package sources, scripts, workflow permissions, or secret handling.

Review findings

• [P1] Keep all GitVersion pins aligned — .config/dotnet-tools.json:6

Review details

Best possible solution:

Align the local tool manifest, GitVersion.MsBuild, and CI GitVersion versionSpec in the same dependency update, then validate that script output and product metadata still agree.

Do we have a high-confidence way to reproduce the issue?

Yes from source inspection: the PR updates only the local tool manifest while current master still uses GitVersion.MsBuild 6.4.0 and CI GitVersion 6.4.x. I did not run build commands because this cleanup review is read-only.

Is this the best way to solve the issue?

No; a manifest-only dependency bump is not the safest solution because it leaves multiple GitVersion sources of truth. The narrow maintainable path is to align the remaining pins or provide focused proof that mixed versions produce identical outputs.

Full review comments:

• [P1] Keep all GitVersion pins aligned — .config/dotnet-tools.json:6
  This bumps only the local tool manifest to 6.7.0, but src/Directory.Build.props still pins GitVersion.MsBuild to 6.4.0 and CI still installs GitVersion 6.4.x. The repo docs say local scripts, CI, and product builds should derive the same GitVersion value, so release artifact names and assembly ProductVersion can diverge unless the remaining pins are updated or the mixed-version outputs are proven identical.
  Confidence: 0.9

Overall correctness: patch is incorrect
Overall confidence: 0.9

AGENTS.md: found and applied where relevant.

Codex review notes: model gpt-5.5, reasoning high; reviewed against 1d58d59673c9.

Label changes

Label changes:

• add rating: 🧂 unranked krab: Overall readiness is 🧂 unranked krab; proof is 🌊 off-meta tidepool and patch quality is 🧂 unranked krab.
• remove rating: 🦪 silver shellfish: Current PR rating is rating: 🧂 unranked krab, so this older rating label is no longer current.

Label justifications:

• P2: The PR affects release/build versioning infrastructure but is not an emergency runtime bug.
• merge-risk: 🚨 automation: The diff changes a build/versioning tool pin while CI and MSBuild GitVersion pins remain separate automation inputs.
• rating: 🧂 unranked krab: Overall readiness is 🧂 unranked krab; proof is 🌊 off-meta tidepool and patch quality is 🧂 unranked krab.
• status: ⏳ waiting on author: ClawSweeper has contributor-facing work open and is waiting for author action. Not applicable: This is a Dependabot bot dependency PR, so contributor real-behavior proof is not applied as a gate; focused build/version validation is still needed before merge.

Evidence reviewed

Acceptance criteria:

• [P1] pwsh ./scripts/Get-OpenClawVersion.ps1 -Variable SemVer.
• [P1] ./build.ps1.
• [P1] dotnet test ./tests/OpenClaw.Shared.Tests/OpenClaw.Shared.Tests.csproj --no-restore.
• [P1] dotnet test ./tests/OpenClaw.Tray.Tests/OpenClaw.Tray.Tests.csproj --no-restore.

What I checked:

• PR diff scope: The provided PR diff changes only .config/dotnet-tools.json, updating gitversion.tool from 6.4.0 to 6.7.0. (.config/dotnet-tools.json:6, 84d05384e723)
• MSBuild GitVersion pin: Current master still pins GitVersion.MsBuild to 6.4.0 for product builds. (src/Directory.Build.props:16, 1d58d59673c9)
• CI GitVersion pin: The CI workflow still installs GitVersion with versionSpec: '6.4.x' before computing the workflow SemVer output. (.github/workflows/ci.yml:100, 1d58d59673c9)
• CI metadata comparison: Release packaging compares the published tray assembly ProductVersion against the CI GitVersion SemVer output, so mixed GitVersion versions are automation-sensitive. (.github/workflows/ci.yml:402, 1d58d59673c9)
• Versioning contract docs: The versioning docs say the local tool manifest prints the same GitVersion value needed outside MSBuild, supporting alignment across local scripts, CI, and product builds. (docs/VERSIONING.md:51, 1d58d59673c9)
• Feature history: Git blame and show tie the current GitVersion manifest, MSBuild pin, docs, and CI metadata verification to the GitVersion metadata work in commit f8e6ac4. (.config/dotnet-tools.json:6, f8e6ac4d0995)

Likely related people:

• Scott Hanselman: Blame and log history show this person introduced the current GitVersion app metadata flow, local tool manifest, MSBuild package reference, docs, and CI metadata verification. (role: feature-history owner; confidence: high; commits: f8e6ac4d0995, 97fb8df8e034; files: .config/dotnet-tools.json, src/Directory.Build.props, scripts/Get-OpenClawVersion.ps1)
• Vincent Koc: Recent release work touched .github/workflows/ci.yml and src/Directory.Build.props, adjacent to the versioning and packaging automation affected by this bump. (role: recent release workflow contributor; confidence: medium; commits: 7485ce2af9da; files: .github/workflows/ci.yml, src/Directory.Build.props)

What the crustacean ranks mean

• 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
• 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
• 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
• 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
• 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
• 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
• 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.