The Wire · Showcase
ROSLYN FIXES USING STATIC VALIDATION BUG, ASPNETCORE PATCHES CSRF PERFORMANCE HIT
By RepoJournal · Filed · About .NET
The C# Editor & Experimental (EE) gets caught up with actual C# spec compliance, while ASP.NET Core fixes a hot-path performance regression introduced in recent CSRF middleware.
Roslyn's C# EE was rejecting `using static` on non-static named types like `System.String`, even though the language spec allows it [1]. The fix loosens the import validation check in `CompilationContext` and removes tests that were verifying incorrect behavior. Meanwhile, ASP.NET Core's `CsrfProtectionMiddleware` was unconditionally writing to `context.Items` even on the hot path where no CSRF validation applies, tanking performance when endpoints aren't wired for antiforgery checks [7]. The fix gates the dictionary write to only when necessary. Separately, the unsafe evolution work [2] refines error reporting to skip unsafe diagnostics inside `nameof` expressions, matching behavior for most members except fields. On the SDK side, a critical race condition in `UnixProcessReaper` was crashing `dotnet watch` on Ctrl+C with `ObjectDisposedException` [5]; that's now fixed. WinForms addressed dark mode rendering for checked menu items [3] and fixed a copy-paste bug in `PropertyGrid.ResetHelpForeColor` that was resetting the wrong property [4].
Action items
- → Review and test Roslyn C# EE changes if you maintain language tooling or have custom binding logic dotnet/roslyn [plan]
- → Verify ASP.NET Core CSRF middleware performance in staging if you're on a recent build dotnet/aspnetcore [monitor]
- → Update `dotnet watch` and SDK if you hit ObjectDisposedException on Ctrl+C on Linux/macOS dotnet/sdk [plan]
References
- [1] [EE] Enable `using static` for non-static classes in CSharp EE ↗ dotnet/roslyn
- [2] Unsafe evolution: avoid errors inside nameof ↗ dotnet/roslyn
- [3] Indeterminate and checked `ToolStripMenuItem` icons are now clearly visible in dark mode on `ContextMenuStrip`, `MenuStrip`, `StatusStrip` and `ToolStrip` drop-down buttons. (#14317) dotnet/winforms
- [4] Fixes PropertyGrid.ResetHelpForeColor resets the back color instead of the fore color ↗ dotnet/winforms
- [5] Fix ObjectDisposedException in UnixProcessReaper during Ctrl+C shutdown ↗ dotnet/sdk
- [6] Improve handling of null values in JSON properties mapped to primitive collections ↗ dotnet/efcore
- [7] Fix CsrfProtectionMiddleware perf degradations ↗ dotnet/aspnetcore
FAQ
- What changed in .NET on July 3, 2026?
- The C# Editor & Experimental (EE) gets caught up with actual C# spec compliance, while ASP.NET Core fixes a hot-path performance regression introduced in recent CSRF middleware.
- What should .NET teams do about it?
- Review and test Roslyn C# EE changes if you maintain language tooling or have custom binding logic • Verify ASP.NET Core CSRF middleware performance in staging if you're on a recent build • Update `dotnet watch` and SDK if you hit ObjectDisposedException on Ctrl+C on Linux/macOS
- Which .NET repositories shipped on July 3, 2026?
- dotnet/roslyn, dotnet/winforms, dotnet/sdk, dotnet/efcore, dotnet/aspnetcore