chore(deps): Bump the nuget-dependencies group with 7 updates by dependabot[bot] · Pull Request #127 · JerrettDavis/PokManagerUI

NuGet: OpenTelemetry.Extensions.AWS v1.16.0
- Fix sampling behaviour to be compatible with .NET 11.
  (#4396)
- Updated OpenTelemetry core component version(s) to 1.16.0.
  (#4487)
See CHANGELOG for details.
NuGet: OpenTelemetry.Instrumentation.AWS v1.16.0
- Add instrumentation scope version and schema URL to metrics and traces.
  (#4063)
- Pass AWS attribute values to created meters as tags.
  (#4063)
- Capture SNS TopicArn as the aws.sns.topic.arn span attribute.
  (#4043)
- Add cloud.region attribute to all AWS SDK client spans.
  (#4043)
- Add messaging attributes for AWS SNS and SQS.
  (#4043)
- BREAKING: Update latest AWS Semantic Conventions to 1.40.0.
  (#4043)
- Fix suppression scope leakage when SuppressDownstreamInstrumentation is
  enabled.
  (#4304)
See CHANGELOG for details.
NuGet: OpenTelemetry.Instrumentation.AWSLambda v1.16.0
- Update System.Text.Json for netstandard2.0 to 8.0.5.
  (#4154)
- Add instrumentation scope version and schema URL to traces.
  (#4063)
See CHANGELOG for details.

1.16.0-beta.1

NuGet: OpenTelemetry.Instrumentation.ServiceFabricRemoting v1.16.0-beta.1
- Raised the minimum required version of Microsoft.ServiceFabric.Actors and
  Microsoft.ServiceFabric.Services.Remoting from 7.1.2448 to 8.4.268, as the
  7.1 Service Fabric runtime is going out of support.
  (#4510)
- Updated OpenTelemetry core component version(s) to 1.16.0.
  (#4487)
See CHANGELOG for details.

1.16.0-alpha.1

NuGet: OpenTelemetry.Instrumentation.EventCounters v1.16.0-alpha.1
- Fixed OnEventWritten processing events from EventSources that were not
  configured via AddEventSources.
  (#4031)
- Updated OpenTelemetry core component version(s) to 1.16.0.
  (#4487)
See CHANGELOG for details.

Commits viewable in compare view.

Updated OpenTelemetry.Instrumentation.Http from 1.15.1 to 1.16.0.

Release notes

Sourced from OpenTelemetry.Instrumentation.Http's releases.

1.16.0

NuGet: OpenTelemetry.Extensions.AWS v1.16.0
- Fix sampling behaviour to be compatible with .NET 11.
  (#4396)
- Updated OpenTelemetry core component version(s) to 1.16.0.
  (#4487)
See CHANGELOG for details.
NuGet: OpenTelemetry.Instrumentation.AWS v1.16.0
- Add instrumentation scope version and schema URL to metrics and traces.
  (#4063)
- Pass AWS attribute values to created meters as tags.
  (#4063)
- Capture SNS TopicArn as the aws.sns.topic.arn span attribute.
  (#4043)
- Add cloud.region attribute to all AWS SDK client spans.
  (#4043)
- Add messaging attributes for AWS SNS and SQS.
  (#4043)
- BREAKING: Update latest AWS Semantic Conventions to 1.40.0.
  (#4043)
- Fix suppression scope leakage when SuppressDownstreamInstrumentation is
  enabled.
  (#4304)
See CHANGELOG for details.
NuGet: OpenTelemetry.Instrumentation.AWSLambda v1.16.0
- Update System.Text.Json for netstandard2.0 to 8.0.5.
  (#4154)
- Add instrumentation scope version and schema URL to traces.
  (#4063)
See CHANGELOG for details.

1.16.0-beta.1

NuGet: OpenTelemetry.Instrumentation.ServiceFabricRemoting v1.16.0-beta.1
- Raised the minimum required version of Microsoft.ServiceFabric.Actors and
  Microsoft.ServiceFabric.Services.Remoting from 7.1.2448 to 8.4.268, as the
  7.1 Service Fabric runtime is going out of support.
  (#4510)
- Updated OpenTelemetry core component version(s) to 1.16.0.
  (#4487)
See CHANGELOG for details.

1.16.0-alpha.1

NuGet: OpenTelemetry.Instrumentation.EventCounters v1.16.0-alpha.1
- Fixed OnEventWritten processing events from EventSources that were not
  configured via AddEventSources.
  (#4031)
- Updated OpenTelemetry core component version(s) to 1.16.0.
  (#4487)
See CHANGELOG for details.

1.15.2

NuGet: OpenTelemetry.Exporter.Geneva v1.15.2
- Updated OpenTelemetry core component version(s) to 1.15.3.
  (#4166)
See CHANGELOG for details.

Commits viewable in compare view.

Updated TinyBDD from 0.19.26 to 0.19.27.

Release notes

Sourced from TinyBDD's releases.

0.19.27 What's Changed

chore(deps): Bump the github-actions-dependencies group with 2 updates by @dependabot[bot] in chore(deps): Bump the github-actions-dependencies group with 2 updates TinyBDD#92

Full Changelog: JerrettDavis/TinyBDD@v0.19.26...v0.19.27

Commits viewable in compare view.

Updated TinyBDD.Xunit from 0.19.26 to 0.19.27.

Release notes

Sourced from TinyBDD.Xunit's releases.

0.19.27 What's Changed

chore(deps): Bump the github-actions-dependencies group with 2 updates by @dependabot[bot] in chore(deps): Bump the github-actions-dependencies group with 2 updates TinyBDD#92

Full Changelog: JerrettDavis/TinyBDD@v0.19.26...v0.19.27

Commits viewable in compare view.

Updated YamlDotNet from 18.0.0 to 18.1.0.

Release notes

Sourced from YamlDotNet's releases.

18.1.0 What's Changed

Use NET 10 with benchmarks by @mcraiha in Use NET 10 with benchmarks aaubry/YamlDotNet#1099
Revert package upgrades by @EdwardCooke in Revert package upgrades aaubry/YamlDotNet#1104
Added default maximum recursion level of 130 (max when using defaults on Windows/.net8) by @EdwardCooke in Added default maximum recursion level of 130 (max when using defaults on Windows/.net8) aaubry/YamlDotNet#1110
Static deserializer builder needed the default maximum recursion by @EdwardCooke in Static deserializer builder needed the default maximum recursion aaubry/YamlDotNet#1111

New Contributors

@mcraiha made their first contribution in Use NET 10 with benchmarks aaubry/YamlDotNet#1099

Full Changelog: aaubry/YamlDotNet@v18.0.0...v18.1.0

Breaking

Maximum depth of yaml files is now 130 by default. If you need higher you will need to adjust the maximum yaml depth. Going above 130 runs the risk of stack overflow exceptions when any exception happens inside of the deserialization

Commits viewable in compare view.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps Microsoft.NET.Test.Sdk from 18.6.0 to 18.7.0 Bumps MudBlazor from 9.5.0 to 9.6.0 Bumps OpenTelemetry.Instrumentation.AspNetCore from 1.15.2 to 1.16.0 Bumps OpenTelemetry.Instrumentation.Http from 1.15.1 to 1.16.0 Bumps TinyBDD from 0.19.26 to 0.19.27 Bumps TinyBDD.Xunit from 0.19.26 to 0.19.27 Bumps YamlDotNet from 18.0.0 to 18.1.0 --- updated-dependencies: - dependency-name: Microsoft.NET.Test.Sdk dependency-version: 18.7.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nuget-dependencies - dependency-name: Microsoft.NET.Test.Sdk dependency-version: 18.7.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nuget-dependencies - dependency-name: Microsoft.NET.Test.Sdk dependency-version: 18.7.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nuget-dependencies - dependency-name: Microsoft.NET.Test.Sdk dependency-version: 18.7.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nuget-dependencies - dependency-name: MudBlazor dependency-version: 9.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nuget-dependencies - dependency-name: OpenTelemetry.Instrumentation.AspNetCore dependency-version: 1.16.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nuget-dependencies - dependency-name: OpenTelemetry.Instrumentation.Http dependency-version: 1.16.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nuget-dependencies - dependency-name: TinyBDD dependency-version: 0.19.27 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nuget-dependencies - dependency-name: TinyBDD dependency-version: 0.19.27 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nuget-dependencies - dependency-name: TinyBDD dependency-version: 0.19.27 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nuget-dependencies - dependency-name: TinyBDD dependency-version: 0.19.27 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nuget-dependencies - dependency-name: TinyBDD.Xunit dependency-version: 0.19.27 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nuget-dependencies - dependency-name: TinyBDD.Xunit dependency-version: 0.19.27 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nuget-dependencies - dependency-name: YamlDotNet dependency-version: 18.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nuget-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2026-06-29T11:14:59Z

Labels

The following labels could not be found: dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

github-actions · 2026-06-29T11:30:36Z

Dependency Review

The following issues were found:

✅ 0 vulnerable package(s)
✅ 0 package(s) with incompatible licenses
✅ 0 package(s) with invalid SPDX license definitions
⚠️ 15 package(s) with unknown licenses.

See the Details below.

License Issues

src/Hosting/PokManager.ServiceDefaults/PokManager.ServiceDefaults.csproj

Package	Version	License	Issue Type
OpenTelemetry.Instrumentation.AspNetCore	1.16.0	Null	Unknown License
OpenTelemetry.Instrumentation.Http	1.16.0	Null	Unknown License

src/Infrastructure/PokManager.Infrastructure.Docker/PokManager.Infrastructure.Docker.csproj

Package	Version	License	Issue Type
YamlDotNet	18.1.0	Null	Unknown License

src/Infrastructure/PokManager.Infrastructure/PokManager.Infrastructure.csproj

Package	Version	License	Issue Type
YamlDotNet	18.1.0	Null	Unknown License

src/Presentation/PokManager.Web/PokManager.Web.csproj

Package	Version	License	Issue Type
MudBlazor	9.6.0	Null	Unknown License

tests/PokManager.Application.Tests/PokManager.Application.Tests.csproj

Package	Version	License	Issue Type
Microsoft.NET.Test.Sdk	18.7.0	Null	Unknown License
TinyBDD	0.19.27	Null	Unknown License
TinyBDD.Xunit	0.19.27	Null	Unknown License

tests/PokManager.Domain.Tests/PokManager.Domain.Tests.csproj

Package	Version	License	Issue Type
Microsoft.NET.Test.Sdk	18.7.0	Null	Unknown License
TinyBDD	0.19.27	Null	Unknown License

tests/PokManager.Infrastructure.Tests/PokManager.Infrastructure.Tests.csproj

Package	Version	License	Issue Type
Microsoft.NET.Test.Sdk	18.7.0	Null	Unknown License
TinyBDD	0.19.27	Null	Unknown License
TinyBDD.Xunit	0.19.27	Null	Unknown License

tests/PokManager.Web.Tests/PokManager.Web.Tests.csproj

Package	Version	License	Issue Type
Microsoft.NET.Test.Sdk	18.7.0	Null	Unknown License
TinyBDD	0.19.27	Null	Unknown License

Allowed Licenses:
MIT, Apache-2.0, BSD-2-Clause, BSD-3-Clause, ISC, 0BSD

OpenSSF Scorecard

Scorecard details

Package

Version

Score

Details

nuget/OpenTelemetry.Instrumentation.AspNetCore

1.16.0

🟢 8.3

Details

Check	Score	Reason
Code-Review	🟢 10	all changesets reviewed
Maintained	🟢 10	30 commit(s) and 26 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Dependency-Update-Tool	🟢 10	update tool detected
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
Binary-Artifacts	🟢 10	no binaries found in the repo
CII-Best-Practices	🟢 5	badge detected: Passing
Pinned-Dependencies	🟢 9	dependency not pinned by hash detected -- score normalized to 9
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
SAST	🟢 10	SAST tool is run on all commits
Packaging	🟢 10	packaging workflow detected
License	🟢 10	license file detected
Fuzzing	⚠️ 0	project is not fuzzed
Security-Policy	🟢 10	security policy file detected
Signed-Releases	⚠️ 0	Project has not signed or included provenance with any releases.
Branch-Protection	🟢 5	branch protection is not maximal on development and all release branches
CI-Tests	🟢 10	30 out of 30 merged PRs checked by a CI test -- score normalized to 10
Contributors	🟢 10	project has 23 contributing companies or organizations

nuget/OpenTelemetry.Instrumentation.Http

1.16.0

🟢 8.3

Details

Check	Score	Reason
Code-Review	🟢 10	all changesets reviewed
Maintained	🟢 10	30 commit(s) and 26 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Dependency-Update-Tool	🟢 10	update tool detected
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
Binary-Artifacts	🟢 10	no binaries found in the repo
CII-Best-Practices	🟢 5	badge detected: Passing
Pinned-Dependencies	🟢 9	dependency not pinned by hash detected -- score normalized to 9
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
SAST	🟢 10	SAST tool is run on all commits
Packaging	🟢 10	packaging workflow detected
License	🟢 10	license file detected
Fuzzing	⚠️ 0	project is not fuzzed
Security-Policy	🟢 10	security policy file detected
Signed-Releases	⚠️ 0	Project has not signed or included provenance with any releases.
Branch-Protection	🟢 5	branch protection is not maximal on development and all release branches
CI-Tests	🟢 10	30 out of 30 merged PRs checked by a CI test -- score normalized to 10
Contributors	🟢 10	project has 23 contributing companies or organizations

nuget/YamlDotNet

18.1.0

Unknown

nuget/YamlDotNet

18.1.0

Unknown

nuget/MudBlazor

9.6.0

Unknown

nuget/Microsoft.NET.Test.Sdk

18.7.0

🟢 4.9

Details

Check	Score	Reason
Code-Review	🟢 6	Found 18/29 approved changesets -- score normalized to 6
Maintained	🟢 10	30 commit(s) and 28 issue activity found in the last 90 days -- score normalized to 10
Security-Policy	🟢 10	security policy file detected
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
License	🟢 10	license file detected
Binary-Artifacts	⚠️ 0	binaries present in source code
Signed-Releases	⚠️ -1	no releases found
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Packaging	⚠️ -1	packaging workflow not detected
Fuzzing	⚠️ 0	project is not fuzzed
Branch-Protection	⚠️ 2	branch protection is not maximal on development and all release branches
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies	🟢 9	dependency not pinned by hash detected -- score normalized to 9
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

nuget/TinyBDD

0.19.27

Unknown

nuget/TinyBDD.Xunit

0.19.27

Unknown

nuget/Microsoft.NET.Test.Sdk

18.7.0

🟢 4.9

Details

Check	Score	Reason
Code-Review	🟢 6	Found 18/29 approved changesets -- score normalized to 6
Maintained	🟢 10	30 commit(s) and 28 issue activity found in the last 90 days -- score normalized to 10
Security-Policy	🟢 10	security policy file detected
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
License	🟢 10	license file detected
Binary-Artifacts	⚠️ 0	binaries present in source code
Signed-Releases	⚠️ -1	no releases found
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Packaging	⚠️ -1	packaging workflow not detected
Fuzzing	⚠️ 0	project is not fuzzed
Branch-Protection	⚠️ 2	branch protection is not maximal on development and all release branches
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies	🟢 9	dependency not pinned by hash detected -- score normalized to 9
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

nuget/TinyBDD

0.19.27

Unknown

nuget/Microsoft.NET.Test.Sdk

18.7.0

🟢 4.9

Details

Check	Score	Reason
Code-Review	🟢 6	Found 18/29 approved changesets -- score normalized to 6
Maintained	🟢 10	30 commit(s) and 28 issue activity found in the last 90 days -- score normalized to 10
Security-Policy	🟢 10	security policy file detected
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
License	🟢 10	license file detected
Binary-Artifacts	⚠️ 0	binaries present in source code
Signed-Releases	⚠️ -1	no releases found
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Packaging	⚠️ -1	packaging workflow not detected
Fuzzing	⚠️ 0	project is not fuzzed
Branch-Protection	⚠️ 2	branch protection is not maximal on development and all release branches
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies	🟢 9	dependency not pinned by hash detected -- score normalized to 9
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

nuget/TinyBDD

0.19.27

Unknown

nuget/TinyBDD.Xunit

0.19.27

Unknown

nuget/Microsoft.NET.Test.Sdk

18.7.0

🟢 4.9

Details

Check	Score	Reason
Code-Review	🟢 6	Found 18/29 approved changesets -- score normalized to 6
Maintained	🟢 10	30 commit(s) and 28 issue activity found in the last 90 days -- score normalized to 10
Security-Policy	🟢 10	security policy file detected
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
License	🟢 10	license file detected
Binary-Artifacts	⚠️ 0	binaries present in source code
Signed-Releases	⚠️ -1	no releases found
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Packaging	⚠️ -1	packaging workflow not detected
Fuzzing	⚠️ 0	project is not fuzzed
Branch-Protection	⚠️ 2	branch protection is not maximal on development and all release branches
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies	🟢 9	dependency not pinned by hash detected -- score normalized to 9
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

nuget/TinyBDD

0.19.27

Unknown

Scanned Files

src/Hosting/PokManager.ServiceDefaults/PokManager.ServiceDefaults.csproj
src/Infrastructure/PokManager.Infrastructure.Docker/PokManager.Infrastructure.Docker.csproj
src/Infrastructure/PokManager.Infrastructure/PokManager.Infrastructure.csproj
src/Presentation/PokManager.Web/PokManager.Web.csproj
tests/PokManager.Application.Tests/PokManager.Application.Tests.csproj
tests/PokManager.Domain.Tests/PokManager.Domain.Tests.csproj
tests/PokManager.Infrastructure.Tests/PokManager.Infrastructure.Tests.csproj
tests/PokManager.Web.Tests/PokManager.Web.Tests.csproj

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): Bump the nuget-dependencies group with 7 updates#127

chore(deps): Bump the nuget-dependencies group with 7 updates#127
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/nuget/src/Hosting/PokManager.ServiceDefaults/nuget-dependencies-5c2b89bd15

dependabot Bot commented on behalf of github Jun 29, 2026

Uh oh!

dependabot Bot commented on behalf of github Jun 29, 2026

Uh oh!

github-actions Bot commented Jun 29, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github Jun 29, 2026

18.7.0

What's Changed

New Contributors

9.6.0

What's Changed

New Features

Bug Fixes

New Contributors

1.16.0

1.16.0-beta.1

1.16.0-alpha.1

1.16.0

1.16.0-beta.1

1.16.0-alpha.1

1.15.2

0.19.27

What's Changed

0.19.27

What's Changed

18.1.0

What's Changed

New Contributors

Breaking

Uh oh!

dependabot Bot commented on behalf of github Jun 29, 2026

Labels

Uh oh!

github-actions Bot commented Jun 29, 2026

Dependency Review

License Issues

src/Hosting/PokManager.ServiceDefaults/PokManager.ServiceDefaults.csproj

src/Infrastructure/PokManager.Infrastructure.Docker/PokManager.Infrastructure.Docker.csproj

src/Infrastructure/PokManager.Infrastructure/PokManager.Infrastructure.csproj

src/Presentation/PokManager.Web/PokManager.Web.csproj

tests/PokManager.Application.Tests/PokManager.Application.Tests.csproj

tests/PokManager.Domain.Tests/PokManager.Domain.Tests.csproj

tests/PokManager.Infrastructure.Tests/PokManager.Infrastructure.Tests.csproj

tests/PokManager.Web.Tests/PokManager.Web.Tests.csproj

OpenSSF Scorecard

Scanned Files

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants