Skip to content

Bump the patch-updates group with 4 updates#240

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/nuget/src/EprPrnIntegration.Api.UnitTests/patch-updates-7cfa0d5478
Open

Bump the patch-updates group with 4 updates#240
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/nuget/src/EprPrnIntegration.Api.UnitTests/patch-updates-7cfa0d5478

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 10, 2026

Copy link
Copy Markdown

Updated Microsoft.AspNetCore.Http.Abstractions from 2.3.9 to 2.3.11.

Release notes

Sourced from Microsoft.AspNetCore.Http.Abstractions's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.Extensions.Features from 8.0.26 to 8.0.28.

Release notes

Sourced from Microsoft.Extensions.Features's releases.

8.0.28

Release

What's Changed

Full Changelog: dotnet/aspnetcore@v8.0.27...v8.0.28

8.0.27

Release

What's Changed

Full Changelog: dotnet/aspnetcore@v8.0.26...v8.0.27

Commits viewable in compare view.

Updated Microsoft.Extensions.Http.Polly from 8.0.26 to 8.0.28.

Release notes

Sourced from Microsoft.Extensions.Http.Polly's releases.

8.0.28

Release

What's Changed

Full Changelog: dotnet/aspnetcore@v8.0.27...v8.0.28

8.0.27

Release

What's Changed

Full Changelog: dotnet/aspnetcore@v8.0.26...v8.0.27

Commits viewable in compare view.

Updated Microsoft.Identity.Client from 4.84.0 to 4.84.2.

Release notes

Sourced from Microsoft.Identity.Client's releases.

4.84.2

New Features

  • Added ManagedIdentityApplication.GetManagedIdentityCapabilitiesAsync(CancellationToken) returning a ManagedIdentityCapabilities object that reports the detected managed identity Source, the host's MaxSupportedBindingStrength (new MtlsBindingStrength enum: None, Software, KeyGuard), and a derived IsMtlsPopSupportedByHost. Replaces GetManagedIdentitySourceAsync()/ManagedIdentitySourceResult. The public ManagedIdentitySource.ImdsV2 value is folded into Imds (v1/v2 routing remains internal). #​6049
  • Added OID-based user identification to the User Federated Identity Credential (user_fic) flow via AcquireTokenByUserFederatedIdentityCredential(scopes, Guid userObjectId, assertion). #​6050
  • Added WithClaimsFromClient(claimsJson) to forward client-originated claims across managed identity and confidential client flows. #​5999
  • Added mTLS PoP support for WithCertificate(() => x509) (dynamic certificate credential). #​5957
  • Added opt-in token-acquisition metrics covering both successful and failed attempts. #​6004

Changes

  • Extended mTLS bearer transport (CertificateOptions.SendCertificateOverMtls) to the OBO, refresh-token, and authorization-code flows. #​6009
  • General Availability of the Microsoft.Identity.Client.KeyAttestation package. #​6038
  • Managed identity now probes IMDSv2 first and the preview latch was removed. #​6041
  • Updated NativeInterop baseline and corrected devapp version ranges. #​6045
  • Simplified GetTenantedAuthority in CiamAuthority and DstsAuthority. #​6001

Bug Fixes

  • Fixed WithExtraQueryParameters on ManagedIdentityApplicationBuilder bypassing token caching. #​6035
  • Guarded HTTP status codes on discovery endpoints in KnownInstanceMetadataIsUpToDateAsync. #​6048
  • Detect orphaned KeyGuard certificates via public-key modulus comparison. #​6020

4.84.1

What's Changed

New Features

  • Added WithReservedScopes and WithCachePartitionKey public API extensions in #​6014
  • Added IAuthenticationOperation3 interface for CDT + mTLS PoP composition in #​5996
  • Added MsalRemainingTokenLifetime histogram metric for token expiry tracking in #​5920

Changes

  • Removed [Obsolete] attribute from WithExtraBodyParameters extension method in #​6006
  • Replaced ConcurrentHashSet with ConcurrentDictionary<T, byte> in #​5975

Bug Fixes

  • Fixed WithTenantId not honoring MSA tenant GUID when specified at request level in #​5958
  • Fixed OBO cache returning multiple_matching_tokens_detected when attributed tokens share a partition in #​5993

Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@6ff7075...main (AzureAD/microsoft-authentication-library-for-dotnet@6ff7075...main)

Commits viewable in compare view.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the patch-updates group with 4 updates
dee1360 
Bumps Microsoft.AspNetCore.Http.Abstractions from 2.3.9 to 2.3.11
Bumps Microsoft.Extensions.Features from 8.0.26 to 8.0.28
Bumps Microsoft.Extensions.Http.Polly from 8.0.26 to 8.0.28
Bumps Microsoft.Identity.Client from 4.84.0 to 4.84.2

---
updated-dependencies:
- dependency-name: Microsoft.AspNetCore.Http.Abstractions
  dependency-version: 2.3.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-updates
- dependency-name: Microsoft.Extensions.Features
  dependency-version: 8.0.28
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-updates
- dependency-name: Microsoft.Extensions.Http.Polly
  dependency-version: 8.0.28
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-updates
- dependency-name: Microsoft.Identity.Client
  dependency-version: 4.84.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added .NET Pull requests that update .NET code dependencies Pull requests that update a dependency file labels Jun 10, 2026
@dependabot dependabot Bot requested a review from a team as a code owner June 10, 2026 09:37
@dependabot dependabot Bot mentioned this pull request Jun 10, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file .NET Pull requests that update .NET code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants