Bump Scriban from 6.5.2 to 7.0.0

[dependabot]

Updated Scriban from 6.5.2 to 7.0.0.

Release notes

Sourced from Scriban's releases.

7.0.0

Changes

✨ New Features

• Add security tests for untested protection paths (570466a4)
• Add AOT/trimming compatibility (#​656) (a58550f1)
• Add nullable support (e5f6950f)
• Add public comments to generated visitor code (035db9a3)

🐛 Bug Fixes

• Fix TemplateLoader doc reference (73271543)
• Fix delegate optional defaults (a12cd0ba)
• Fix null-conditional indexers (e4693e77)
• Fix AsyncCodeGen solution lookup (d56dc4e1)
• Fix pipe argument docs (4cb135ab)
• Fix generator execution after nullable support (de47d8ad)
• Fix Scriban.props and ci (ebfc4054)
• Fix NU5129 as no-warning (25d148a1)

🧰 Maintenance

• Update ci (bafc1b5b)

🧰 Misc

• Remove changelog.md (8939dde5)
• Harden string padding width limits (4227fdee)
• Bound object.to_json recursion and cycles (760dc212)
• Enforce parser depth for array initializers (f55280a0)
• Clear include cache on TemplateContext.Reset (099cb049)
• Reset typed accessor cache with MemberFilter changes (8180fb6c)
• Enforce cumulative output size limits (98563216)
• Harden expression evaluation resource bounds (2d01bd15)
• Apply LoopLimit to internal iteration paths (dde661d3)
• Sync builtin overload docs with DocGen (b6c65c79)
• Disable STJ for source-embedded builds (9abb65bb)
• Enforce LimitToString in string Append, Prepend, Replace, ReplaceFirst (d3841086)
• Await async model members (ecca082b)
• Update follow-up plan (2f99ca64)
• Make array.sort stable (b3571666)
• Support dotted array.sort paths (1df80f77)
• Finalize follow-up plan (3ec006c9)
• Remove completed issue plan (8557aadf)
• Update deps (3f080790)
• Change LexerOptions / ParserOptions to record (0c229175)
• Remove Nustache (f2ea38fa)
• Update readme (b3f915e5)

Full Changelog: 6.6.0...7.0.0
... (truncated)

6.6.0

Changes

✨ New Features

• Add missing async generated code (8d23abb0)
• Add limits for default safety (b5ac4bf3) by @​skdishansachin

🐛 Bug Fixes

• Fix JsonElement support for netstandard (88943520)

🧰 Misc

• Merge commit from fork (a6fe6074) by @​skdishansachin

Full Changelog: 6.5.8...6.6.0

_{Published with dotnet-releaser}

6.5.8

Changes

🚀 Enhancements

• Evaluate named arg. values in caller context (PR #​652) by @​meld-cp

🧰 Misc

• Cleanup Include remove magic checks (PR #​651) by @​Benkei

Full Changelog: 6.5.7...6.5.8

_{Published with dotnet-releaser}

6.5.7

Changes

🚀 Enhancements

• Refactor Include using PushLocal and PopLocal Part 2 (PR #​650) by @​Benkei

Full Changelog: 6.5.6...6.5.7

_{Published with dotnet-releaser}

6.5.6

Changes

🐛 Bug Fixes

• Refactor Include using PushLocal and PopLocal (PR #​649) by @​Benkei
• Fixes documentation (#​647) (6513395f)

🧰 Misc

• Feature/#​645 broken link (PR #​646) by @​mikeclayton

Full Changelog: 6.5.5...6.5.6

_{Published with dotnet-releaser}

6.5.5

Changes

🐛 Bug Fixes

• Fix Include named arg values being lost for nested includes (PR #​643) by @​meld-cp

Full Changelog: 6.5.4...6.5.5

_{Published with dotnet-releaser}

6.5.4

Changes

✨ New Features

• Add instructions (6ccb65f3)
• Add site (f9afab3e)
• Add Scriban.AppService playground backend (b1072d73)
• Add social banner (11cbacaf)
• Add ScriptArray.From() static factory method (4b3f0417)

🐛 Bug Fixes

• fix date.parse test with 'Z' not working if local timezone > UTC+03:00 (PR #​642) by @​meld-cp

📚 Documentation

• Add doc for runtime by splitting existing doc (ce0a2b60)

🧰 Misc

• include template - Named array args don't stay as arrays in the template (PR #​641) by @​meld-cp
• Redirect Try out links to site playground, support URL parameters (0592e64c)
• Update readme for the online demo (5b9f5113)
• Use dark theme (18331e9a)

Full Changelog: 6.5.3...6.5.4

_{Published with dotnet-releaser}

6.5.3

Changes

🐛 Bug Fixes

• Fix setting variable in a scope while it is also declared in an outer scope (577e2d47)

📦 Dependencies

• Bump Scriban to net8.0 (fc29ec64)

🧰 Misc

• Update date.now in tests for 2026 (f00a6bbf)

Full Changelog: 6.5.2...6.5.3

_{Published with dotnet-releaser}

Commits viewable in compare view.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}