[experiment] Add MSBuild binary log detector as replacement for DotNet and NuGet detectors

[ericstj]

MSBuild logs have much more accurate project information than we can deduce from project build intermediates.

If an MSBuild log is available, we should read it and capture the project information from it, rather than try to deduce that solely from the build artifacts and project.assets.json.

This is still a work in progress.

[Copilot]

Pull request overview

Adds an experimental NuGet/.NET detector that can optionally enrich project.assets.json parsing with MSBuild .binlog-extracted project metadata (e.g., test/shipping/dev flags, SDK version), plus an experiment config and accompanying unit/integration tests.

Changes:

• Introduces MSBuildBinaryLogComponentDetector along with BinLogProcessor, MSBuildProjectInfo, and shared LockFileUtilities.
• Registers the new detector and an experiment (MSBuildBinaryLogExperiment) in Orchestrator DI.
• Adds extensive detector and binlog-processing tests; adds MSBuild.StructuredLogger dependency + version pin.

Reviewed changes

Copilot reviewed 12 out of 12 changed files in this pull request and generated 7 comments.

Show a summary per file

File	Description
test/Microsoft.ComponentDetection.Detectors.Tests/nuget/MSBuildBinaryLogComponentDetectorTests.cs	New unit tests covering fallback vs binlog-enhanced behavior and dev-dependency classification rules.
test/Microsoft.ComponentDetection.Detectors.Tests/nuget/BinLogProcessorTests.cs	New integration tests that build temp projects to generate/parse .binlog and validate extracted project info.
test/Microsoft.ComponentDetection.Detectors.Tests/Microsoft.ComponentDetection.Detectors.Tests.csproj	Adds MSBuild.StructuredLogger test dependency.
src/Microsoft.ComponentDetection.Orchestrator/Extensions/ServiceCollectionExtensions.cs	Registers the new experiment config and detector in DI.
src/Microsoft.ComponentDetection.Orchestrator/Experiments/Configs/MSBuildBinaryLogExperiment.cs	Defines control vs experiment grouping for telemetry diffing.
src/Microsoft.ComponentDetection.Detectors/nuget/MSBuildProjectInfo.cs	New model + merge logic for project metadata and captured items.
src/Microsoft.ComponentDetection.Detectors/nuget/MSBuildBinaryLogComponentDetector.cs	New experimental detector that orders binlogs first, indexes project info, then processes assets with overrides.
src/Microsoft.ComponentDetection.Detectors/nuget/LockFileUtilities.cs	New shared utilities for NuGet lockfile graph traversal + PackageDownload registration.
src/Microsoft.ComponentDetection.Detectors/nuget/IBinLogProcessor.cs	New abstraction for binlog project info extraction (testability).
src/Microsoft.ComponentDetection.Detectors/nuget/BinLogProcessor.cs	New binlog parser using StructuredLogger events to populate MSBuildProjectInfo.
src/Microsoft.ComponentDetection.Detectors/Microsoft.ComponentDetection.Detectors.csproj	Adds MSBuild.StructuredLogger runtime dependency for detector implementation.
Directory.Packages.props	Pins MSBuild.StructuredLogger version.

---

You can also share your feedback on Copilot code review. Take the survey.

[Copilot]

Pull request overview

Copilot reviewed 21 out of 21 changed files in this pull request and generated 4 comments.

---

You can also share your feedback on Copilot code review. Take the survey.

[Copilot]

Pull request overview

Copilot reviewed 21 out of 21 changed files in this pull request and generated 3 comments.

---

You can also share your feedback on Copilot code review. Take the survey.

[Copilot]

Pull request overview

Copilot reviewed 21 out of 21 changed files in this pull request and generated 3 comments.

---

You can also share your feedback on Copilot code review. Take the survey.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 0.0%. Comparing base (31c5047) to head (e90456b).

Additional details and impacted files

@@     Coverage Diff      @@
##   main   #1710   +/-   ##
============================
============================

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[Copilot]

Pull request overview

Copilot reviewed 21 out of 21 changed files in this pull request and generated 2 comments.

---

You can also share your feedback on Copilot code review. Take the survey.

[Copilot]

Pull request overview

Copilot reviewed 21 out of 21 changed files in this pull request and generated 6 comments.

---

You can also share your feedback on Copilot code review. Take the survey.

[Copilot]

Pull request overview

Copilot reviewed 24 out of 24 changed files in this pull request and generated 2 comments.

[Copilot]

The catch-all in ProcessBinlogFile will also swallow OperationCanceledException thrown from ExtractProjectInfo when the scan is cancelled, causing the detector to continue running even though cancellation was requested. Consider explicitly rethrowing OperationCanceledException (or adding a catch filter) when cancellationToken.IsCancellationRequested, and only logging other exceptions.

[Copilot]

ProcessAssetsFileAsync catches all exceptions and only logs a warning. If cancellation occurs during lockfile processing (e.g., while registering DotNet components in the fallback path), OperationCanceledException will be swallowed and the scan won’t terminate promptly. Prefer rethrowing OperationCanceledException when cancellationToken.IsCancellationRequested and only logging/handling non-cancellation failures.