Skip to content

deps: Bump the all-nuget group with 24 updates#98

Merged
JerrettDavis merged 1 commit into
mainfrom
dependabot/nuget/all-nuget-2b8e929edb
May 18, 2026
Merged

deps: Bump the all-nuget group with 24 updates#98
JerrettDavis merged 1 commit into
mainfrom
dependabot/nuget/all-nuget-2b8e929edb

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 18, 2026

Updated Aspire.Hosting.PostgreSQL from 13.3.0 to 13.3.3.

Release notes

Sourced from Aspire.Hosting.PostgreSQL's releases.

13.3.3

What's New in Aspire 13.3.3

Patch release for Aspire 13.3 with fixes for debug log level leaking into user resources, Keycloak HTTPS endpoint token invalidation, and endpoint materialization in HostResourceWithEndpoints.

🐛 Fixes

  • 🔇 Debug log level leaking into user resourcesLogging__LogLevel__Default=Debug set by the app host was being inherited by all user resources, silently changing their logging verbosity. The app host now uses ASPIRE_APPHOST_LOGLEVEL instead, which is scoped to Aspire processes only. (#​17071, backported via #​17078)
  • 🔑 Keycloak HTTPS primary endpoint — Fixed a regression where Keycloak tokens became invalid after an app host restart because the HTTPS endpoint port was dynamic. When developer certificates are enabled, Keycloak's primary endpoint is now upgraded to HTTPS directly, and the endpoint name is set to http to enable standard http+https:// service discovery URLs. (#​17058, backported via #​17063)
  • 🔌 Endpoint materialization in HostResourceWithEndpoints — Endpoints configured via HostResourceWithEndpoints are now correctly materialized, ensuring endpoint resolution and service discovery work as expected. (#​17091, backported via #​17092)

🏷️ Housekeeping

  • ⬆️ Bumped DCP (Microsoft.DeveloperControlPlane) from 0.23.5 → 0.23.6 — includes fixes for Kubernetes OpenAPI generator types that caused [SHOULD NOT HAPPEN] failed to update managedFields errors. (#​17070)
  • 🚀 Bumped branding to 13.3.3 (#​17088)

Full commit: a4615e7c6def6cba4703cdbd84009cd3da9a261b

13.3.2

What's New in Aspire 13.3.2

Patch release for Aspire 13.3 with a fix for container tunnel startup when tunnel-dependent containers use WaitFor().

🐛 Fixes

  • 🚇 Fix WaitFor() for tunnel-dependent containers — The container tunnel implementation that shipped in Aspire 13.3 deadlocked at startup when tunnel-using containers waited on other resources, because resource waits blocked ResourceStarting before the tunnel initialization could complete. Container and tunnel startup have been refactored to cooperate correctly, and additional tunnel-dependent containers can now be started at any point during the application lifecycle. Also improves error reporting for container tunnel failures. (#​16988, backported via #​16993)

🏷️ Housekeeping

  • 🚀 Bumped branding to 13.3.2 (#​17053)

13.3.1

Aspire 13.3.1

What's New in Aspire 13.3.1

Patch release for Aspire 13.3 with a regression fix for aspire run and a DCP bump.

🐛 Fixes

  • 🏃 aspire run compute environment validation — Skip compute environment validation in run mode so customers no longer hit Resource '<name>' is configured to publish as an Azure Container App, but there are no 'AzureContainerAppEnvironmentResource' resources. Ensure you have added one by calling 'AddAzureContainerAppEnvironment'. errors during local runs. The check is now only performed in publish mode, matching pre-13.3 behavior. (#​16945, backported via #​16952)

🏷️ Housekeeping

  • ⬆️ Bumped DCP (Microsoft.DeveloperControlPlane) from 0.23.4 → 0.23.5 (#​16944)
  • 🌐 Updated localization resources (#​16602)
  • 🚀 Bumped branding to 13.3.1 (#​16951)

Commits viewable in compare view.

Updated Aspire.Hosting.RabbitMQ from 13.3.0 to 13.3.3.

Release notes

Sourced from Aspire.Hosting.RabbitMQ's releases.

13.3.3

What's New in Aspire 13.3.3

Patch release for Aspire 13.3 with fixes for debug log level leaking into user resources, Keycloak HTTPS endpoint token invalidation, and endpoint materialization in HostResourceWithEndpoints.

🐛 Fixes

  • 🔇 Debug log level leaking into user resourcesLogging__LogLevel__Default=Debug set by the app host was being inherited by all user resources, silently changing their logging verbosity. The app host now uses ASPIRE_APPHOST_LOGLEVEL instead, which is scoped to Aspire processes only. (#​17071, backported via #​17078)
  • 🔑 Keycloak HTTPS primary endpoint — Fixed a regression where Keycloak tokens became invalid after an app host restart because the HTTPS endpoint port was dynamic. When developer certificates are enabled, Keycloak's primary endpoint is now upgraded to HTTPS directly, and the endpoint name is set to http to enable standard http+https:// service discovery URLs. (#​17058, backported via #​17063)
  • 🔌 Endpoint materialization in HostResourceWithEndpoints — Endpoints configured via HostResourceWithEndpoints are now correctly materialized, ensuring endpoint resolution and service discovery work as expected. (#​17091, backported via #​17092)

🏷️ Housekeeping

  • ⬆️ Bumped DCP (Microsoft.DeveloperControlPlane) from 0.23.5 → 0.23.6 — includes fixes for Kubernetes OpenAPI generator types that caused [SHOULD NOT HAPPEN] failed to update managedFields errors. (#​17070)
  • 🚀 Bumped branding to 13.3.3 (#​17088)

Full commit: a4615e7c6def6cba4703cdbd84009cd3da9a261b

13.3.2

What's New in Aspire 13.3.2

Patch release for Aspire 13.3 with a fix for container tunnel startup when tunnel-dependent containers use WaitFor().

🐛 Fixes

  • 🚇 Fix WaitFor() for tunnel-dependent containers — The container tunnel implementation that shipped in Aspire 13.3 deadlocked at startup when tunnel-using containers waited on other resources, because resource waits blocked ResourceStarting before the tunnel initialization could complete. Container and tunnel startup have been refactored to cooperate correctly, and additional tunnel-dependent containers can now be started at any point during the application lifecycle. Also improves error reporting for container tunnel failures. (#​16988, backported via #​16993)

🏷️ Housekeeping

  • 🚀 Bumped branding to 13.3.2 (#​17053)

13.3.1

Aspire 13.3.1

What's New in Aspire 13.3.1

Patch release for Aspire 13.3 with a regression fix for aspire run and a DCP bump.

🐛 Fixes

  • 🏃 aspire run compute environment validation — Skip compute environment validation in run mode so customers no longer hit Resource '<name>' is configured to publish as an Azure Container App, but there are no 'AzureContainerAppEnvironmentResource' resources. Ensure you have added one by calling 'AddAzureContainerAppEnvironment'. errors during local runs. The check is now only performed in publish mode, matching pre-13.3 behavior. (#​16945, backported via #​16952)

🏷️ Housekeeping

  • ⬆️ Bumped DCP (Microsoft.DeveloperControlPlane) from 0.23.4 → 0.23.5 (#​16944)
  • 🌐 Updated localization resources (#​16602)
  • 🚀 Bumped branding to 13.3.1 (#​16951)

Commits viewable in compare view.

Updated Aspire.Hosting.Redis from 13.3.0 to 13.3.3.

Release notes

Sourced from Aspire.Hosting.Redis's releases.

13.3.3

What's New in Aspire 13.3.3

Patch release for Aspire 13.3 with fixes for debug log level leaking into user resources, Keycloak HTTPS endpoint token invalidation, and endpoint materialization in HostResourceWithEndpoints.

🐛 Fixes

  • 🔇 Debug log level leaking into user resourcesLogging__LogLevel__Default=Debug set by the app host was being inherited by all user resources, silently changing their logging verbosity. The app host now uses ASPIRE_APPHOST_LOGLEVEL instead, which is scoped to Aspire processes only. (#​17071, backported via #​17078)
  • 🔑 Keycloak HTTPS primary endpoint — Fixed a regression where Keycloak tokens became invalid after an app host restart because the HTTPS endpoint port was dynamic. When developer certificates are enabled, Keycloak's primary endpoint is now upgraded to HTTPS directly, and the endpoint name is set to http to enable standard http+https:// service discovery URLs. (#​17058, backported via #​17063)
  • 🔌 Endpoint materialization in HostResourceWithEndpoints — Endpoints configured via HostResourceWithEndpoints are now correctly materialized, ensuring endpoint resolution and service discovery work as expected. (#​17091, backported via #​17092)

🏷️ Housekeeping

  • ⬆️ Bumped DCP (Microsoft.DeveloperControlPlane) from 0.23.5 → 0.23.6 — includes fixes for Kubernetes OpenAPI generator types that caused [SHOULD NOT HAPPEN] failed to update managedFields errors. (#​17070)
  • 🚀 Bumped branding to 13.3.3 (#​17088)

Full commit: a4615e7c6def6cba4703cdbd84009cd3da9a261b

13.3.2

What's New in Aspire 13.3.2

Patch release for Aspire 13.3 with a fix for container tunnel startup when tunnel-dependent containers use WaitFor().

🐛 Fixes

  • 🚇 Fix WaitFor() for tunnel-dependent containers — The container tunnel implementation that shipped in Aspire 13.3 deadlocked at startup when tunnel-using containers waited on other resources, because resource waits blocked ResourceStarting before the tunnel initialization could complete. Container and tunnel startup have been refactored to cooperate correctly, and additional tunnel-dependent containers can now be started at any point during the application lifecycle. Also improves error reporting for container tunnel failures. (#​16988, backported via #​16993)

🏷️ Housekeeping

  • 🚀 Bumped branding to 13.3.2 (#​17053)

13.3.1

Aspire 13.3.1

What's New in Aspire 13.3.1

Patch release for Aspire 13.3 with a regression fix for aspire run and a DCP bump.

🐛 Fixes

  • 🏃 aspire run compute environment validation — Skip compute environment validation in run mode so customers no longer hit Resource '<name>' is configured to publish as an Azure Container App, but there are no 'AzureContainerAppEnvironmentResource' resources. Ensure you have added one by calling 'AddAzureContainerAppEnvironment'. errors during local runs. The check is now only performed in publish mode, matching pre-13.3 behavior. (#​16945, backported via #​16952)

🏷️ Housekeeping

  • ⬆️ Bumped DCP (Microsoft.DeveloperControlPlane) from 0.23.4 → 0.23.5 (#​16944)
  • 🌐 Updated localization resources (#​16602)
  • 🚀 Bumped branding to 13.3.1 (#​16951)

Commits viewable in compare view.

Updated coverlet.collector from 10.0.0 to 10.0.1.

Release notes

Sourced from coverlet.collector's releases.

10.0.1

Improvements

Fixed

  • Fix inconsistent paths in cobertura reports #​1723
  • Fix when using "is" with "and" in pattern matching, branch coverage is lower than normal #​1313
  • Fix Coverlet flagging a branch for an async functions finally block where none exists #​1337
  • Fix Coverlet Tracker Missing CompilerGeneratedAttribute #​1828

Maintenance

  • Add architecture docs and diagrams for all integrations #​1927
  • Update NuGet packages and .NET SDK versions #​1933

Diff between 10.0.0 and 10.0.1

Commits viewable in compare view.

Updated FluentAssertions from 8.9.0 to 8.10.0.

Release notes

Sourced from FluentAssertions's releases.

8.10.0

What's Changed

Improvements

Documentation

Others

Full Changelog: fluentassertions/fluentassertions@8.9.0...8.10.0

Commits viewable in compare view.

Updated Microsoft.AspNetCore.OpenApi from 10.0.7 to 10.0.8.

Release notes

Sourced from Microsoft.AspNetCore.OpenApi's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.EntityFrameworkCore from 10.0.7 to 10.0.8.

Release notes

Sourced from Microsoft.EntityFrameworkCore's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.EntityFrameworkCore.Design from 10.0.7 to 10.0.8.

Release notes

Sourced from Microsoft.EntityFrameworkCore.Design's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.EntityFrameworkCore.Sqlite from 10.0.7 to 10.0.8.

Release notes

Sourced from Microsoft.EntityFrameworkCore.Sqlite's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.Extensions.Caching.Abstractions from 10.0.7 to 10.0.8.

Release notes

Sourced from Microsoft.Extensions.Caching.Abstractions's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.Extensions.Caching.Memory from 10.0.7 to 10.0.8.

Release notes

Sourced from Microsoft.Extensions.Caching.Memory's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.Extensions.Configuration from 10.0.7 to 10.0.8.

Release notes

Sourced from Microsoft.Extensions.Configuration's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.Extensions.Configuration.Json from 10.0.7 to 10.0.8.

Release notes

Sourced from Microsoft.Extensions.Configuration.Json's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.Extensions.DependencyInjection from 10.0.7 to 10.0.8.

Release notes

Sourced from Microsoft.Extensions.DependencyInjection's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.Extensions.DependencyInjection.Abstractions from 10.0.7 to 10.0.8.

Release notes

Sourced from Microsoft.Extensions.DependencyInjection.Abstractions's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.Extensions.Hosting from 10.0.7 to 10.0.8.

Release notes

Sourced from Microsoft.Extensions.Hosting's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.Extensions.Hosting.Abstractions from 10.0.7 to 10.0.8.

Release notes

Sourced from Microsoft.Extensions.Hosting.Abstractions's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.Extensions.Http from 10.0.7 to 10.0.8.

Release notes

Sourced from Microsoft.Extensions.Http's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.Extensions.Http.Resilience from 10.5.0 to 10.6.0.

Release notes

Sourced from Microsoft.Extensions.Http.Resilience's releases.

10.6.0

Version 10.6.0 stabilizes the response continuation token and background-response APIs in Microsoft.Extensions.AI.Abstractions. Most other AI work for May shipped in 10.5.1; this monthly release rolls those changes up alongside dependency updates and a small Resource Monitoring cleanup.

Experimental API Changes

Now Stable

  • ResponseContinuationToken and background-response APIs are now stable (previously MEAI001) #​7512

What's Changed

AI

  • Stabilize ResponseContinuationToken / background-response APIs #​7512 by @​jozkee (co-authored by @​Copilot)

Repository Infrastructure Updates

  • Update version to 10.6.0 #​7458 by @​jeffhandley
  • [main] Update dependencies from dotnet/arcade #​7451
  • Bump follow-redirects from 1.15.11 to 1.16.0 in /src/Libraries/Microsoft.Extensions.AI.Evaluation.Reporting/TypeScript/azure-devops-report/tasks/PublishAIEvaluationReport #​7469
  • Merge release/10.5 into main #​7470 by @​jeffhandley
  • Bump microsoft.visualstudio.slngen.tool from 12.0.13 to 12.0.32 #​7484
  • Bump postcss from 8.5.9 to 8.5.12 in /src/Libraries/Microsoft.Extensions.AI.Evaluation.Reporting/TypeScript #​7494
  • Bump dotnet-reportgenerator-globaltool from 5.5.7 to 5.5.9 #​7504
  • Rename release-notes skill to write-release-notes #​7511 by @​jeffhandley (co-authored by @​Copilot)

Acknowledgements

  • @​wtgodbe @​tarekgh @​peterwald @​JeremyLikness @​eiriktsarpalis @​ericstj @​evgenyfedorov2 reviewed pull requests

Full Changelog: dotnet/extensions@v10.5.2...v10.6.0

10.5.2

This patch release ships a single fix to Microsoft.Extensions.VectorData.Abstractions, correcting StorageName resolution when external serialization is enabled. Microsoft.Extensions.VectorData.ConformanceTests, Microsoft.Extensions.AI.Abstractions, Microsoft.Extensions.AI, and Microsoft.Extensions.AI.OpenAI are published alongside it for version coherency — they contain no code changes from 10.5.1.

Packages in this release

Package Version
Microsoft.Extensions.VectorData.Abstractions 10.5.2
Microsoft.Extensions.VectorData.ConformanceTests 10.5.2
Microsoft.Extensions.AI.Abstractions 10.5.2
Microsoft.Extensions.AI 10.5.2
Microsoft.Extensions.AI.OpenAI 10.5.2

What's Changed

Microsoft.Extensions.VectorData.Abstractions

  • Minor fixes to MEVD.Abstractions: correct StorageName behavior when external serialization is enabled, and disable a warning for net462. (by @​roji in #​7475)

Full Changelog: dotnet/extensions@v10.5.1...v10.5.2

10.5.1

Version 10.5.1 of the Microsoft.Extensions.AI packages stabilizes CodeInterpreter, WebSearch, and ImageGeneration tool content types. The release adds new experimental tool search and OpenAI request policy hooks. And the OpenTelemetry gen-ai semantic conventions are updated to align with v1.41.

The 'aiagent-webapi' project template in Microsoft.Agents.AI.ProjectTemplates is updated to align with v1.3.0 of Agent Framework, updating the OpenTelemetry dependencies within the template projects as well.

Packages in this release

Package Version
Microsoft.Extensions.AI 10.5.1
Microsoft.Extensions.AI.Abstractions 10.5.1
Microsoft.Extensions.AI.OpenAI 10.5.1
Microsoft.Extensions.AI.Templates 10.5.1-preview.3.26251.3
Microsoft.Agents.AI.ProjectTemplates 1.3.0-preview.1.26251.3

Experimental API Changes

Now Stable

The following types previously emitted the MEAI001 experimental diagnostic and are now stable.

  • CodeInterpreter and WebSearch tool content types are now stable #​7493
    • CodeInterpreterToolCallContent
    • CodeInterpreterToolResultContent
    • WebSearchToolCallContent
    • WebSearchToolResultContent
  • ImageGeneration tool content types and tool are now stable #​7476
    • ImageGenerationToolCallContent
    • ImageGenerationToolResultContent
    • HostedImageGenerationTool
    • ImageGenerationOptions
    • ImageGenerationResponseFormat (the Hosted enum value remains experimental)
    • IImageGenerator and the rest of the image generation infrastructure also remain experimental

New Experimental APIs

The following new APIs emit the MEAI001 experimental diagnostic.

  • New experimental API: HostedToolSearchTool with DeferredTools for tool-search-driven deferred tool loading #​7471
  • New experimental API: OpenAIRequestPolicies extension hook for appending System.ClientModel.PipelinePolicy instances to outgoing OpenAI requests #​7495

Breaking Changes to Experimental APIs

  • WebSearchToolResultContent.Results was renamed to Outputs as part of the stabilization in #​7493, aligning with CodeInterpreterToolResultContent.Outputs. The original Results property was included in version 10.4.0 and 10.5.0; this is a binary breaking change and consumers need to update to consume the updated property.

    WebSearchToolResultContent content = ...;
- IList<AIContent>? items = content.Results;
+ IList<AIContent>? items = content.Outputs;

... (truncated)

Commits viewable in compare view.

Updated Microsoft.Extensions.Logging.Abstractions from 10.0.7 to 10.0.8.

Release notes

Sourced from Microsoft.Extensions.Logging.Abstractions's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.Extensions.Logging.Console from 10.0.7 to 10.0.8.

Release notes

Sourced from Microsoft.Extensions.Logging.Console's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.Extensions.ServiceDiscovery from 10.5.0 to 10.6.0.

Release notes

Sourced from Microsoft.Extensions.ServiceDiscovery's releases.

10.6.0

Version 10.6.0 stabilizes the response continuation token and background-response APIs in Microsoft.Extensions.AI.Abstractions. Most other AI work for May shipped in 10.5.1; this monthly release rolls those changes up alongside dependency updates and a small Resource Monitoring cleanup.

Experimental API Changes

Now Stable

  • ResponseContinuationToken and background-response APIs are now stable (previously MEAI001) #​7512

What's Changed

AI

  • Stabilize ResponseContinuationToken / background-response APIs #​7512 by @​jozkee (co-authored by @​Copilot)

Repository Infrastructure Updates

  • Update version to 10.6.0 #​7458 by @​jeffhandley
  • [main] Update dependencies from dotnet/arcade #​7451
  • Bump follow-redirects from 1.15.11 to 1.16.0 in /src/Libraries/Microsoft.Extensions.AI.Evaluation.Reporting/TypeScript/azure-devops-report/tasks/PublishAIEvaluationReport #​7469
  • Merge release/10.5 into main #​7470 by @​jeffhandley
  • Bump microsoft.visualstudio.slngen.tool from 12.0.13 to 12.0.32 #​7484
  • Bump postcss from 8.5.9 to 8.5.12 in /src/Libraries/Microsoft.Extensions.AI.Evaluation.Reporting/TypeScript #​7494
  • Bump dotnet-reportgenerator-globaltool from 5.5.7 to 5.5.9 #​7504
  • Rename release-notes skill to write-release-notes #​7511 by @​jeffhandley (co-authored by @​Copilot)

Acknowledgements

  • @​wtgodbe @​tarekgh @​peterwald @​JeremyLikness @​eiriktsarpalis @​ericstj @​evgenyfedorov2 reviewed pull requests

Full Changelog: dotnet/extensions@v10.5.2...v10.6.0

10.5.2

This patch release ships a single fix to Microsoft.Extensions.VectorData.Abstractions, correcting StorageName resolution when external serialization is enabled. Microsoft.Extensions.VectorData.ConformanceTests, Microsoft.Extensions.AI.Abstractions, Microsoft.Extensions.AI, and Microsoft.Extensions.AI.OpenAI are published alongside it for version coherency — they contain no code changes from 10.5.1.

Packages in this release

Package Version
Microsoft.Extensions.VectorData.Abstractions 10.5.2
Microsoft.Extensions.VectorData.ConformanceTests 10.5.2
Microsoft.Extensions.AI.Abstractions 10.5.2
Microsoft.Extensions.AI 10.5.2
Microsoft.Extensions.AI.OpenAI 10.5.2

What's Changed

Microsoft.Extensions.VectorData.Abstractions

  • Minor fixes to MEVD.Abstractions: correct StorageName behavior when external serialization is enabled, and disable a warning for net462. (by @​roji in #​7475)

Full Changelog: dotnet/extensions@v10.5.1...v10.5.2

10.5.1

Version 10.5.1 of the Microsoft.Extensions.AI packages stabilizes CodeInterpreter, WebSearch, and ImageGeneration tool content types. The release adds new experimental tool search and OpenAI request policy hooks. And the OpenTelemetry gen-ai semantic conventions are updated to align with v1.41.

The 'aiagent-webapi' project template in Microsoft.Agents.AI.ProjectTemplates is updated to align with v1.3.0 of Agent Framework, updating the OpenTelemetry dependencies within the template projects as well.

Packages in this release

Package Version
Microsoft.Extensions.AI 10.5.1
Microsoft.Extensions.AI.Abstractions 10.5.1
Microsoft.Extensions.AI.OpenAI 10.5.1
Microsoft.Extensions.AI.Templates 10.5.1-preview.3.26251.3
Microsoft.Agents.AI.ProjectTemplates 1.3.0-preview.1.26251.3

Experimental API Changes

Now Stable

The following types previously emitted the MEAI001 experimental diagnostic and are now stable.

  • CodeInterpreter and WebSearch tool content types are now stable #​7493
    • CodeInterpreterToolCallContent
    • CodeInterpreterToolResultContent
    • WebSearchToolCallContent
    • WebSearchToolResultContent
  • ImageGeneration tool content types and tool are now stable #​7476
    • ImageGenerationToolCallContent
    • ImageGenerationToolResultContent
    • HostedImageGenerationTool
    • ImageGenerationOptions
    • ImageGenerationResponseFormat (the Hosted enum value remains experimental)
    • IImageGenerator and the rest of the image generation infrastructure also remain experimental

New Experimental APIs

The following new APIs emit the MEAI001 experimental diagnostic.

  • New experimental API: HostedToolSearchTool with DeferredTools for tool-search-driven deferred tool loading #​7471
  • New experimental API: OpenAIRequestPolicies extension hook for appending System.ClientModel.PipelinePolicy instances to outgoing OpenAI requests #​7495

Breaking Changes to Experimental APIs

  • WebSearchToolResultContent.Results was renamed to Outputs as part of the stabilization in #​7493, aligning with CodeInterpreterToolResultContent.Outputs. The original Results property was included in version 10.4.0 and 10.5.0; this is a binary breaking change and consumers need to update to consume the updated property.

    WebSearchToolResultContent content = ...;
- IList<AIContent>? items = content.Results;
+ IList<AIContent>? items = content.Outputs;

... (truncated)

Commits viewable in compare view.

Updated Microsoft.SourceLink.GitHub from 10.0.203 to 10.0.300.

Release notes

Sourced from Microsoft.SourceLink.GitHub's releases.

10.0.300

You can build .NET 10.0 from the repository by cloning the release tag v10.0.300 and following the build instructions in the main README.md.

Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.

Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023

10.0.204

You can build .NET 10.0 from the repository by cloning the release tag v10.0.204 and following the build instructions in the main README.md.

Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.

Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023

Commits viewable in compare view.

Updated Scalar.AspNetCore from 2.14.11 to 2.14.14.

Release notes

Sourced from Scalar.AspNetCore's releases.

No release notes found for this version range.

Commits viewable in compare view.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
deps: Bump the all-nuget group with 24 updates
e4e807f 
Bumps Aspire.Hosting.PostgreSQL from 13.3.0 to 13.3.3
Bumps Aspire.Hosting.RabbitMQ from 13.3.0 to 13.3.3
Bumps Aspire.Hosting.Redis from 13.3.0 to 13.3.3
Bumps coverlet.collector from 10.0.0 to 10.0.1
Bumps FluentAssertions from 8.9.0 to 8.10.0
Bumps Microsoft.AspNetCore.OpenApi from 10.0.7 to 10.0.8
Bumps Microsoft.EntityFrameworkCore from 10.0.7 to 10.0.8
Bumps Microsoft.EntityFrameworkCore.Design from 10.0.7 to 10.0.8
Bumps Microsoft.EntityFrameworkCore.Sqlite from 10.0.7 to 10.0.8
Bumps Microsoft.Extensions.Caching.Abstractions from 10.0.7 to 10.0.8
Bumps Microsoft.Extensions.Caching.Memory from 10.0.7 to 10.0.8
Bumps Microsoft.Extensions.Configuration from 10.0.7 to 10.0.8
Bumps Microsoft.Extensions.Configuration.Json from 10.0.7 to 10.0.8
Bumps Microsoft.Extensions.DependencyInjection from 10.0.7 to 10.0.8
Bumps Microsoft.Extensions.DependencyInjection.Abstractions from 10.0.7 to 10.0.8
Bumps Microsoft.Extensions.Hosting from 10.0.7 to 10.0.8
Bumps Microsoft.Extensions.Hosting.Abstractions from 10.0.7 to 10.0.8
Bumps Microsoft.Extensions.Http from 10.0.7 to 10.0.8
Bumps Microsoft.Extensions.Http.Resilience from 10.5.0 to 10.6.0
Bumps Microsoft.Extensions.Logging.Abstractions from 10.0.7 to 10.0.8
Bumps Microsoft.Extensions.Logging.Console from 10.0.7 to 10.0.8
Bumps Microsoft.Extensions.ServiceDiscovery from 10.5.0 to 10.6.0
Bumps Microsoft.SourceLink.GitHub from 10.0.203 to 10.0.300
Bumps Scalar.AspNetCore from 2.14.11 to 2.14.14

---
updated-dependencies:
- dependency-name: Aspire.Hosting.PostgreSQL
  dependency-version: 13.3.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-nuget
- dependency-name: Aspire.Hosting.RabbitMQ
  dependency-version: 13.3.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-nuget
- dependency-name: Aspire.Hosting.Redis
  dependency-version: 13.3.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-nuget
- dependency-name: coverlet.collector
  dependency-version: 10.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-nuget
- dependency-name: FluentAssertions
  dependency-version: 8.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-nuget
- dependency-name: Microsoft.AspNetCore.OpenApi
  dependency-version: 10.0.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-nuget
- dependency-name: Microsoft.EntityFrameworkCore
  dependency-version: 10.0.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-nuget
- dependency-name: Microsoft.EntityFrameworkCore.Design
  dependency-version: 10.0.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-nuget
- dependency-name: Microsoft.EntityFrameworkCore.Sqlite
  dependency-version: 10.0.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-nuget
- dependency-name: Microsoft.Extensions.Caching.Abstractions
  dependency-version: 10.0.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-nuget
- dependency-name: Microsoft.Extensions.Caching.Memory
  dependency-version: 10.0.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-nuget
- dependency-name: Microsoft.Extensions.Logging.Abstractions
  dependency-version: 10.0.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-nuget
- dependency-name: Microsoft.Extensions.Configuration
  dependency-version: 10.0.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-nuget
- dependency-name: Microsoft.Extensions.Configuration.Json
  dependency-version: 10.0.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-nuget
- dependency-name: Microsoft.Extensions.DependencyInjection
  dependency-version: 10.0.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-nuget
- dependency-name: Microsoft.Extensions.DependencyInjection.Abstractions
  dependency-version: 10.0.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-nuget
- dependency-name: Microsoft.Extensions.Hosting
  dependency-version: 10.0.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-nuget
- dependency-name: Microsoft.Extensions.Hosting.Abstractions
  dependency-version: 10.0.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-nuget
- dependency-name: Microsoft.Extensions.Http
  dependency-version: 10.0.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-nuget
- dependency-name: Microsoft.Extensions.Http.Resilience
  dependency-version: 10.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-nuget
- dependency-name: Microsoft.Extensions.Logging.Console
  dependency-version: 10.0.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-nuget
- dependency-name: Microsoft.Extensions.ServiceDiscovery
  dependency-version: 10.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-nuget
- dependency-name: Microsoft.SourceLink.GitHub
  dependency-version: 10.0.300
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-nuget
- dependency-name: Scalar.AspNetCore
  dependency-version: 2.14.14
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-nuget
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot requested a review from JerrettDavis as a code owner May 18, 2026 17:01
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 18, 2026

⚠️ Deprecation Warning: The deny-licenses option is deprecated for possible removal in the next major release. For more information, see issue 997.

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Scanned Files

None

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 18, 2026

Test Results

117 tests   117 ✅  5s ⏱️
  2 suites    0 💤
  2 files      0 ❌

Results for commit e4e807f.

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 18, 2026

🔍 PR Validation Results

Version: 0.0.0-g390a84c2e8

📦 Detected NuGet Packages (17)

  • Demo.JsonApi
  • Demo.SoapApi
  • QuickApiMapper.Application
  • QuickApiMapper.Behaviors
  • QuickApiMapper.Contracts
  • QuickApiMapper.CustomTransformers
  • QuickApiMapper.Extensions.RabbitMQ
  • QuickApiMapper.Extensions.ServiceBus
  • QuickApiMapper.Extensions.gRPC
  • QuickApiMapper.Management.Contracts
  • QuickApiMapper.MessageCapture.Abstractions
  • QuickApiMapper.MessageCapture.InMemory
  • QuickApiMapper.Persistence.Abstractions
  • QuickApiMapper.Persistence.PostgreSQL
  • QuickApiMapper.Persistence.SQLite
  • QuickApiMapper.StandardTransformers
  • QuickApiMapper.Tools.Migrator

🚀 Detected Executables (2)

  • QuickApiMapper.Host.AppHost
  • QuickApiMapper.Tools.Migrator

✅ Validation Steps

  • Build solution
  • Run unit tests
  • Run integration tests
  • Dry-run NuGet packaging
  • Dry-run executable publishing

📊 Artifacts

Dry-run artifacts have been uploaded and will be available for 7 days.

This comment was automatically generated by the PR validation workflow.

@JerrettDavis JerrettDavis merged commit 8e314f4 into main May 18, 2026
7 checks passed
@JerrettDavis JerrettDavis deleted the dependabot/nuget/all-nuget-2b8e929edb branch May 18, 2026 17:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@JerrettDavis JerrettDavis Awaiting requested review from JerrettDavis JerrettDavis is a code owner

Assignees

No one assigned

Labels

dependencies nuget size/s

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@JerrettDavis