Skip to content

chore(deps): Bump the nuget-dependencies group with 7 updates#127

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/nuget/src/Hosting/PokManager.ServiceDefaults/nuget-dependencies-5c2b89bd15
Open

chore(deps): Bump the nuget-dependencies group with 7 updates#127
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/nuget/src/Hosting/PokManager.ServiceDefaults/nuget-dependencies-5c2b89bd15

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 29, 2026

Copy link
Copy Markdown
Contributor

Updated Microsoft.NET.Test.Sdk from 18.6.0 to 18.7.0.

Release notes

Sourced from Microsoft.NET.Test.Sdk's releases.

18.7.0

What's Changed

New Contributors

Full Changelog: microsoft/vstest@v18.6.0...v18.7.0

Commits viewable in compare view.

Updated MudBlazor from 9.5.0 to 9.6.0.

Release notes

Sourced from MudBlazor's releases.

9.6.0

What's Changed

New Features

Bug Fixes

New Contributors

Commits viewable in compare view.

Updated OpenTelemetry.Instrumentation.AspNetCore from 1.15.2 to 1.16.0.

Release notes

Sourced from OpenTelemetry.Instrumentation.AspNetCore's releases.

1.16.0

1.16.0-beta.1

1.16.0-alpha.1

Commits viewable in compare view.

Updated OpenTelemetry.Instrumentation.Http from 1.15.1 to 1.16.0.

Release notes

Sourced from OpenTelemetry.Instrumentation.Http's releases.

1.16.0

1.16.0-beta.1

1.16.0-alpha.1

1.15.2

Commits viewable in compare view.

Updated TinyBDD from 0.19.26 to 0.19.27.

Release notes

Sourced from TinyBDD's releases.

0.19.27

What's Changed

Full Changelog: JerrettDavis/TinyBDD@v0.19.26...v0.19.27

Commits viewable in compare view.

Updated TinyBDD.Xunit from 0.19.26 to 0.19.27.

Release notes

Sourced from TinyBDD.Xunit's releases.

0.19.27

What's Changed

Full Changelog: JerrettDavis/TinyBDD@v0.19.26...v0.19.27

Commits viewable in compare view.

Updated YamlDotNet from 18.0.0 to 18.1.0.

Release notes

Sourced from YamlDotNet's releases.

18.1.0

What's Changed

New Contributors

Full Changelog: aaubry/YamlDotNet@v18.0.0...v18.1.0

Breaking

  • Maximum depth of yaml files is now 130 by default. If you need higher you will need to adjust the maximum yaml depth. Going above 130 runs the risk of stack overflow exceptions when any exception happens inside of the deserialization

Commits viewable in compare view.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps Microsoft.NET.Test.Sdk from 18.6.0 to 18.7.0
Bumps MudBlazor from 9.5.0 to 9.6.0
Bumps OpenTelemetry.Instrumentation.AspNetCore from 1.15.2 to 1.16.0
Bumps OpenTelemetry.Instrumentation.Http from 1.15.1 to 1.16.0
Bumps TinyBDD from 0.19.26 to 0.19.27
Bumps TinyBDD.Xunit from 0.19.26 to 0.19.27
Bumps YamlDotNet from 18.0.0 to 18.1.0

---
updated-dependencies:
- dependency-name: Microsoft.NET.Test.Sdk
  dependency-version: 18.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: nuget-dependencies
- dependency-name: Microsoft.NET.Test.Sdk
  dependency-version: 18.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: nuget-dependencies
- dependency-name: Microsoft.NET.Test.Sdk
  dependency-version: 18.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: nuget-dependencies
- dependency-name: Microsoft.NET.Test.Sdk
  dependency-version: 18.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: nuget-dependencies
- dependency-name: MudBlazor
  dependency-version: 9.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: nuget-dependencies
- dependency-name: OpenTelemetry.Instrumentation.AspNetCore
  dependency-version: 1.16.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: nuget-dependencies
- dependency-name: OpenTelemetry.Instrumentation.Http
  dependency-version: 1.16.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: nuget-dependencies
- dependency-name: TinyBDD
  dependency-version: 0.19.27
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: nuget-dependencies
- dependency-name: TinyBDD
  dependency-version: 0.19.27
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: nuget-dependencies
- dependency-name: TinyBDD
  dependency-version: 0.19.27
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: nuget-dependencies
- dependency-name: TinyBDD
  dependency-version: 0.19.27
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: nuget-dependencies
- dependency-name: TinyBDD.Xunit
  dependency-version: 0.19.27
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: nuget-dependencies
- dependency-name: TinyBDD.Xunit
  dependency-version: 0.19.27
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: nuget-dependencies
- dependency-name: YamlDotNet
  dependency-version: 18.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: nuget-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github

dependabot Bot commented on behalf of github Jun 29, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@github-actions

Copy link
Copy Markdown

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 15 package(s) with unknown licenses.
See the Details below.

License Issues

src/Hosting/PokManager.ServiceDefaults/PokManager.ServiceDefaults.csproj

PackageVersionLicenseIssue Type
OpenTelemetry.Instrumentation.AspNetCore1.16.0NullUnknown License
OpenTelemetry.Instrumentation.Http1.16.0NullUnknown License

src/Infrastructure/PokManager.Infrastructure.Docker/PokManager.Infrastructure.Docker.csproj

PackageVersionLicenseIssue Type
YamlDotNet18.1.0NullUnknown License

src/Infrastructure/PokManager.Infrastructure/PokManager.Infrastructure.csproj

PackageVersionLicenseIssue Type
YamlDotNet18.1.0NullUnknown License

src/Presentation/PokManager.Web/PokManager.Web.csproj

PackageVersionLicenseIssue Type
MudBlazor9.6.0NullUnknown License

tests/PokManager.Application.Tests/PokManager.Application.Tests.csproj

PackageVersionLicenseIssue Type
Microsoft.NET.Test.Sdk18.7.0NullUnknown License
TinyBDD0.19.27NullUnknown License
TinyBDD.Xunit0.19.27NullUnknown License

tests/PokManager.Domain.Tests/PokManager.Domain.Tests.csproj

PackageVersionLicenseIssue Type
Microsoft.NET.Test.Sdk18.7.0NullUnknown License
TinyBDD0.19.27NullUnknown License

tests/PokManager.Infrastructure.Tests/PokManager.Infrastructure.Tests.csproj

PackageVersionLicenseIssue Type
Microsoft.NET.Test.Sdk18.7.0NullUnknown License
TinyBDD0.19.27NullUnknown License
TinyBDD.Xunit0.19.27NullUnknown License

tests/PokManager.Web.Tests/PokManager.Web.Tests.csproj

PackageVersionLicenseIssue Type
Microsoft.NET.Test.Sdk18.7.0NullUnknown License
TinyBDD0.19.27NullUnknown License
Allowed Licenses: MIT, Apache-2.0, BSD-2-Clause, BSD-3-Clause, ISC, 0BSD

OpenSSF Scorecard

Scorecard details
PackageVersionScoreDetails
nuget/OpenTelemetry.Instrumentation.AspNetCore 1.16.0 🟢 8.3
Details
CheckScoreReason
Code-Review🟢 10all changesets reviewed
Maintained🟢 1030 commit(s) and 26 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Binary-Artifacts🟢 10no binaries found in the repo
CII-Best-Practices🟢 5badge detected: Passing
Pinned-Dependencies🟢 9dependency not pinned by hash detected -- score normalized to 9
Vulnerabilities🟢 100 existing vulnerabilities detected
SAST🟢 10SAST tool is run on all commits
Packaging🟢 10packaging workflow detected
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Branch-Protection🟢 5branch protection is not maximal on development and all release branches
CI-Tests🟢 1030 out of 30 merged PRs checked by a CI test -- score normalized to 10
Contributors🟢 10project has 23 contributing companies or organizations
nuget/OpenTelemetry.Instrumentation.Http 1.16.0 🟢 8.3
Details
CheckScoreReason
Code-Review🟢 10all changesets reviewed
Maintained🟢 1030 commit(s) and 26 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Binary-Artifacts🟢 10no binaries found in the repo
CII-Best-Practices🟢 5badge detected: Passing
Pinned-Dependencies🟢 9dependency not pinned by hash detected -- score normalized to 9
Vulnerabilities🟢 100 existing vulnerabilities detected
SAST🟢 10SAST tool is run on all commits
Packaging🟢 10packaging workflow detected
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Branch-Protection🟢 5branch protection is not maximal on development and all release branches
CI-Tests🟢 1030 out of 30 merged PRs checked by a CI test -- score normalized to 10
Contributors🟢 10project has 23 contributing companies or organizations
nuget/YamlDotNet 18.1.0 UnknownUnknown
nuget/YamlDotNet 18.1.0 UnknownUnknown
nuget/MudBlazor 9.6.0 UnknownUnknown
nuget/Microsoft.NET.Test.Sdk 18.7.0 🟢 4.9
Details
CheckScoreReason
Code-Review🟢 6Found 18/29 approved changesets -- score normalized to 6
Maintained🟢 1030 commit(s) and 28 issue activity found in the last 90 days -- score normalized to 10
Security-Policy🟢 10security policy file detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Binary-Artifacts⚠️ 0binaries present in source code
Signed-Releases⚠️ -1no releases found
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Fuzzing⚠️ 0project is not fuzzed
Branch-Protection⚠️ 2branch protection is not maximal on development and all release branches
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies🟢 9dependency not pinned by hash detected -- score normalized to 9
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
nuget/TinyBDD 0.19.27 UnknownUnknown
nuget/TinyBDD.Xunit 0.19.27 UnknownUnknown
nuget/Microsoft.NET.Test.Sdk 18.7.0 🟢 4.9
Details
CheckScoreReason
Code-Review🟢 6Found 18/29 approved changesets -- score normalized to 6
Maintained🟢 1030 commit(s) and 28 issue activity found in the last 90 days -- score normalized to 10
Security-Policy🟢 10security policy file detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Binary-Artifacts⚠️ 0binaries present in source code
Signed-Releases⚠️ -1no releases found
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Fuzzing⚠️ 0project is not fuzzed
Branch-Protection⚠️ 2branch protection is not maximal on development and all release branches
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies🟢 9dependency not pinned by hash detected -- score normalized to 9
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
nuget/TinyBDD 0.19.27 UnknownUnknown
nuget/Microsoft.NET.Test.Sdk 18.7.0 🟢 4.9
Details
CheckScoreReason
Code-Review🟢 6Found 18/29 approved changesets -- score normalized to 6
Maintained🟢 1030 commit(s) and 28 issue activity found in the last 90 days -- score normalized to 10
Security-Policy🟢 10security policy file detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Binary-Artifacts⚠️ 0binaries present in source code
Signed-Releases⚠️ -1no releases found
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Fuzzing⚠️ 0project is not fuzzed
Branch-Protection⚠️ 2branch protection is not maximal on development and all release branches
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies🟢 9dependency not pinned by hash detected -- score normalized to 9
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
nuget/TinyBDD 0.19.27 UnknownUnknown
nuget/TinyBDD.Xunit 0.19.27 UnknownUnknown
nuget/Microsoft.NET.Test.Sdk 18.7.0 🟢 4.9
Details
CheckScoreReason
Code-Review🟢 6Found 18/29 approved changesets -- score normalized to 6
Maintained🟢 1030 commit(s) and 28 issue activity found in the last 90 days -- score normalized to 10
Security-Policy🟢 10security policy file detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Binary-Artifacts⚠️ 0binaries present in source code
Signed-Releases⚠️ -1no releases found
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Fuzzing⚠️ 0project is not fuzzed
Branch-Protection⚠️ 2branch protection is not maximal on development and all release branches
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies🟢 9dependency not pinned by hash detected -- score normalized to 9
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
nuget/TinyBDD 0.19.27 UnknownUnknown

Scanned Files

  • src/Hosting/PokManager.ServiceDefaults/PokManager.ServiceDefaults.csproj
  • src/Infrastructure/PokManager.Infrastructure.Docker/PokManager.Infrastructure.Docker.csproj
  • src/Infrastructure/PokManager.Infrastructure/PokManager.Infrastructure.csproj
  • src/Presentation/PokManager.Web/PokManager.Web.csproj
  • tests/PokManager.Application.Tests/PokManager.Application.Tests.csproj
  • tests/PokManager.Domain.Tests/PokManager.Domain.Tests.csproj
  • tests/PokManager.Infrastructure.Tests/PokManager.Infrastructure.Tests.csproj
  • tests/PokManager.Web.Tests/PokManager.Web.Tests.csproj

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants