Skip to content

deps: Bump Microsoft.Identity.Web from 4.9.0 to 4.10.0#277

Merged
PlagueHO merged 1 commit into
mainfrom
dependabot/nuget/libris-maleficarum-service/microsoft-packages-a2c007eb74
May 28, 2026
Merged

deps: Bump Microsoft.Identity.Web from 4.9.0 to 4.10.0#277
PlagueHO merged 1 commit into
mainfrom
dependabot/nuget/libris-maleficarum-service/microsoft-packages-a2c007eb74

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 28, 2026
edited by PlagueHO
Loading

Updated Microsoft.Identity.Web from 4.9.0 to 4.10.0.

Release notes

Sourced from Microsoft.Identity.Web's releases.

4.10.0

New features

  • Add WithExtraBodyParameters fluent API for attaching extra body parameters to token acquisition requests. See #​3819.
  • Add IConfidentialClientApplicationProvider extensibility interface and CachePartitionKey support for silent token acquisition. See #​3822.

Bug fixes

  • Redirect URI sanitization in authorization scenarios; centralize redirect URI validation in a shared helper. See #​3825.
  • Reject dSTS-shaped Authority values with a clearer exception, steering users to use Instance + TenantId instead. See #​3805.
  • Improve regex handling and adding length/timeout safeguards for SameSite User Agent. See #​3811.

Behavior changes

  • B2C OpenID Connect event handler: LRU cache for issuer address. Issuer address lookups in the B2C OIDC event handler are now cached with an LRU cache, improving performance for repeated lookups. See #​3821.

Dependencies updates

  • Update MSAL.NET to 4.84.1. See #​3822.
  • Pin Microsoft.Kiota.Abstractions to 1.22.0 for GraphServiceClient. See #​3817.
  • Bump uuid and @​azure/msal-node in SidecarAdapter TypeScript test app. See #​3826.
  • Bump qs in SidecarAdapter TypeScript test app. See #​3829.

Commits viewable in compare view.

This change is Reviewable

@dependabot dependabot Bot requested a review from PlagueHO as a code owner May 28, 2026 09:10
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 28, 2026

Labels

The following labels could not be found: .net, dependencies, nuget. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 28, 2026
edited
Loading

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Scanned Files

None

@dependabot dependabot Bot changed the title deps: Bump the microsoft-packages group with 1 update deps: Bump Microsoft.Identity.Web from 4.9.0 to 4.10.0 May 28, 2026
@dependabot dependabot Bot force-pushed the dependabot/nuget/libris-maleficarum-service/microsoft-packages-a2c007eb74 branch from d1ffd9c to 204f9de Compare May 28, 2026 09:36
PlagueHO
PlagueHO approved these changes May 28, 2026
View reviewed changes
Copy link
Copy Markdown
Owner

@PlagueHO PlagueHO left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

:lgtm:

@PlagueHO
Copy link
Copy Markdown
Owner

PlagueHO commented May 28, 2026

@dependabot rebase

@dependabot
deps: Bump Microsoft.Identity.Web from 4.9.0 to 4.10.0
33f7052 
---
updated-dependencies:
- dependency-name: Microsoft.Identity.Web
  dependency-version: 4.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: microsoft-packages
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/nuget/libris-maleficarum-service/microsoft-packages-a2c007eb74 branch from 204f9de to 33f7052 Compare May 28, 2026 10:05
@PlagueHO PlagueHO merged commit 2b0d1f8 into main May 28, 2026
16 checks passed
@PlagueHO PlagueHO deleted the dependabot/nuget/libris-maleficarum-service/microsoft-packages-a2c007eb74 branch May 28, 2026 10:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@PlagueHO PlagueHO PlagueHO approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@PlagueHO