Release preparations for v9.5.0

[Blind-Striker]

This PR prepares the repository for the v9.5.0 stable release and migrates the badge system from GitHub Gist to the new BadgeSmith REST API with HMAC-SHA256 authentication.

Key Changes:

1. Documentation Updates

   • Added comprehensive CHANGELOG entry for v9.5.0
   • Documented SQS Event Source bug fix (Invalid URL error when Lambda with SQS event source uses LocalStack endpoint in .NET Aspire #6, Fix SQS Event Source LocalStack Integration #9)
   • Documented eager service loading feature (Feature Request: Eager loading services #7, Eagerly load services #8)
   • Documented Lambda playground enhancement with analytics example
   • Removed RC warnings from README

2. BadgeSmith API Migration

   • Replaced Gist-based badge storage with RESTful BadgeSmith API
   • Implemented HMAC-SHA256 authentication for secure badge updates
   • Added branch-specific badge support (master and feature branches)
   • Updated all badge URLs to use path-based format: /badges/tests/{platform}/{owner}/{repo}/{branch}

3. CI/CD Workflow Updates

   • Refactored update-test-badge action to use BadgeSmith API
   • Removed Gist ID and token dependencies
   • Added HMAC secret support via TESTDATASECRET
   • Implemented automatic owner/repo/branch extraction from GitHub context
   • Added comprehensive error handling and debug output

Related Issue(s):

• Closes Invalid URL error when Lambda with SQS event source uses LocalStack endpoint in .NET Aspire #6 - Lambda with SQS Event Source throws "Invalid URL" error
• Closes Feature Request: Eager loading services #7 - Support for eager service loading
• Related to Eagerly load services #8 - PR implementing eager loading (credit: @slang25)
• Related to Fix SQS Event Source LocalStack Integration #9 - PR fixing SQS Event Source bug

🔄 Type of Change

• 🐛 Bug fix
• ✨ New feature
• 💥 Breaking change
• 📚 Documentation update - Comprehensive CHANGELOG, README updates
• 🧹 Code cleanup/refactoring - Badge system migration
• ⚡ Performance improvement

🎯 Aspire Compatibility

• Compatible with .NET Aspire 9.x (specifically 9.5.0)
• Supports both .NET 8.0 and .NET 9.0
• Follows Aspire.Hosting.AWS patterns
• Works with existing AWS integrations

🧪 Testing

How has this been tested?

Badge System Testing:

• Local testing of HMAC signature generation
• Verified badge URL generation for all platforms (Linux, Windows, macOS)
• Tested branch detection logic (master vs feature branches)
• Validated POST endpoint structure
• Confirmed error handling doesn't fail builds

Feature Testing:

• Unit & Integration tests pass for all existing functionality
• Manual testing with playground examples (Lambda + SQS + Analytics)
• Tested with LocalStack container 4.9.1
• Tested across .NET 8.0 and .NET 9.0

Test Environment:

• LocalStack Version: 4.9.1
• .NET Aspire Version: 9.5.0
• .NET Versions Tested: 8.0, 9.0
• Operating Systems: Ubuntu 22.04 (CI), Windows (CI), macOS (CI)

📚 Documentation

• Code is self-documenting with clear naming
• XML documentation comments added/updated (N/A - no API changes)
• README.md updated
  • Removed RC warning
  • Updated badge URLs to BadgeSmith format
  • Added Windows and macOS test badges
• Playground examples documented (Lambda analytics example)
• Breaking changes documented in CHANGELOG
• Action README updated (.github/actions/update-test-badge/README.md)
  • Complete rewrite for BadgeSmith API
  • HMAC authentication documentation
  • New usage examples
  • Updated troubleshooting section

✅ Code Quality Checklist

• Code follows project coding standards
• No new analyzer warnings introduced
• All tests pass locally (unit + integration)
• No merge conflicts
• Branch is up to date with target branch (master)
• Commit messages follow Conventional Commits

Migration Path:

1. Add TESTDATASECRET repository secret with HMAC key
2. Update badge URLs in README to use new path-based format
3. Remove GIST_SECRET repository secret (no longer needed)
4. Remove BADGE_GIST_ID environment variable (removed from workflow)

Impact:

• Existing badges will continue to work if BadgeSmith API supports legacy format
• Workflows using the old action inputs will need updates
• Custom badge implementations will need URL structure updates

Performance Impact:

Positive:

• ✅ Eager loading feature reduces cold start times for frequently used AWS services
• ✅ BadgeSmith API eliminates GitHub API rate limits
• ✅ Direct badge SVG generation (no shields.io wrapper) reduces latency
• ✅ DynamoDB backend provides fast, scalable badge retrieval

Neutral:

• HMAC signature computation adds ~10ms to workflow execution (negligible)
• Badge updates now POST directly to API instead of GitHub Gist (similar performance)

By submitting this pull request, I confirm that:

• I have read and agree to the project's Code of Conduct
• I understand that this contribution may be subject to the .NET Foundation CLA
• My contribution is licensed under the same terms as the project (MIT License)
• All required GitHub secrets (TESTDATASECRET) are in place
• BadgeSmith API is deployed and operational at api.localstackfor.net

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Scanned Files

None

[Copilot]

Pull Request Overview

This PR prepares the repository for the v9.5.0 stable release and migrates the badge system from GitHub Gist to the new BadgeSmith REST API with HMAC-SHA256 authentication.

• Updated LocalStack container version from 4.6.0 to 4.9.1
• Migrated badge system from Gist-based storage to BadgeSmith API with HMAC authentication
• Added comprehensive CHANGELOG entry documenting v9.5.0 features and fixes

Reviewed Changes

Copilot reviewed 9 out of 9 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
src/Aspire.Hosting.LocalStack/Container/LocalStackContainerImageTags.cs	Updates LocalStack container image tag to version 4.9.1
playground/lambda/.../Properties/launchSettings.json	Converts Unix-style paths to Windows-style paths for Lambda tooling
README.md	Updates badge URLs to use new BadgeSmith API format and removes RC warning
CHANGELOG.md	Adds comprehensive v9.5.0 release notes with features, fixes, and breaking changes
.github/workflows/ci-cd.yml	Refactors workflow to use BadgeSmith API instead of Gist-based badge storage
.github/actions/update-test-badge/action.yml	Complete rewrite to support BadgeSmith API with HMAC authentication
.github/actions/update-test-badge/README.md	Updates documentation for new BadgeSmith API integration

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[Copilot]

The action path is incorrect. It should reference the action directory ./.github/actions/update-test-badge, not ./.github/workflows/update-test-badge.

Suggested change

	uses: ./.github/workflows/update-test-badge
	uses: ./.github/actions/update-test-badge

[cursor]

This is the final PR Bugbot will review for you during this billing cycle

Your free Bugbot reviews will reset on November 18

Details

You are on the Bugbot Free tier. On this plan, Bugbot will review limited PRs each billing cycle.

To receive Bugbot reviews on all of your PRs, visit the Cursor dashboard to activate Pro and start your 14-day free trial.

[cursor]

Bug: CI/CD Workflow Action Path Error

The Update test badge step in the CI/CD workflow incorrectly references the custom action. It points to ./.github/workflows/update-test-badge instead of ./.github/actions/update-test-badge, which is where the action is located. This path mismatch means the action won't be found, causing the step to fail.

 

[cursor]

Bug: Cross-Platform Path Issue in Lambda Projects

The launchSettings.json files for the Lambda projects were updated to use Windows-specific paths and environment variables (%USERPROFILE%, backslashes) instead of cross-platform Unix-style paths ($(HOME), forward slashes). This breaks cross-platform compatibility, preventing these projects from launching on Linux/macOS systems.

Additional Locations (2)

• playground/lambda/LocalStack.Lambda.Analyzer/Properties/launchSettings.json#L24-L26
• playground/lambda/LocalStack.Lambda.Redirector/Properties/launchSettings.json#L24-L26