chore: Bump the minor-and-patch group with 6 updates

[dependabot]

Updated Microsoft.Extensions.DependencyInjection from 10.0.2 to 10.0.3.

Release notes

Sourced from Microsoft.Extensions.DependencyInjection's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.Extensions.Hosting from 10.0.2 to 10.0.3.

Release notes

Sourced from Microsoft.Extensions.Hosting's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.Extensions.Logging.Console from 10.0.2 to 10.0.3.

Release notes

Sourced from Microsoft.Extensions.Logging.Console's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.SourceLink.GitHub from 10.0.102 to 10.0.103.

Release notes

Sourced from Microsoft.SourceLink.GitHub's releases.

10.0.103

You can build .NET 10.0 from the repository by cloning the release tag v10.0.103 and following the build instructions in the main README.md.

Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.

Attached is the PGP signature for the GitHub generated tarball. You can find the public key at https://dot.net/release-key-2023

Commits viewable in compare view.

Updated Polyfill from 9.7.5 to 9.9.0.

Release notes

Sourced from Polyfill's releases.

9.7.7

• #​461 fix TaskCompletionSource namespace

9.7.6

• #​458 Add warning for System.Memory version < 4.5.5
• #​459 Add PolyfillNoWarnIncorrectVersion msbuild property

Commits viewable in compare view.

Updated System.Text.Json from 10.0.2 to 10.0.3.

Release notes

Sourced from System.Text.Json's releases.

No release notes found for this version range.

Commits viewable in compare view.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

⚠️ Deprecation Warning: The deny-licenses option is deprecated for possible removal in the next major release. For more information, see issue 997.

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA cda9a9f.

Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

OpenSSF Scorecard

Package	Version	Score	Details
nuget/Microsoft.Extensions.Hosting	10.0.3	🟢 6.1	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Maintained 🟢 10 30 commit(s) and 26 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected License 🟢 10 license file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ -1 no releases found Branch-Protection 🟢 5 branch protection is not maximal on development and all release branches SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts ⚠️ 0 binaries present in source code Pinned-Dependencies ⚠️ 2 dependency not pinned by hash detected -- score normalized to 2 Fuzzing 🟢 10 project is fuzzed Vulnerabilities 🟢 9 1 existing vulnerabilities detected
nuget/Microsoft.SourceLink.GitHub	10.0.103	Unknown	Unknown
nuget/Polyfill	9.9.0	Unknown	Unknown
nuget/System.Text.Json	10.0.3	Unknown	Unknown
nuget/Microsoft.Extensions.DependencyInjection	10.0.3	Unknown	Unknown
nuget/Microsoft.Extensions.Logging.Console	10.0.3	Unknown	Unknown

Scanned Files

• examples/HeroCrypt.Examples/HeroCrypt.Examples.csproj
• src/HeroCrypt/HeroCrypt.csproj
• tests/HeroCrypt.Tests/HeroCrypt.Tests.csproj

[github-actions]

Test Results (ubuntu-latest - net10.0)

3 286 tests  ±0   3 277 ✅ ±0   14m 51s ⏱️ -20s
    1 suites ±0       4 💤 ±0 
    1 files   ±0       5 ❌ ±0 

For more details on these failures, see this check.

Results for commit cda9a9f. ± Comparison against base commit 58a422c.