Skip to content

Bump AutoMapper from 12.0.1 to 16.2.0#57

Closed
dependabot[bot] wants to merge 40 commits into
mainfrom
dependabot/nuget/src/SignalRMapRealtime/AutoMapper-16.2.0
Closed

Bump AutoMapper from 12.0.1 to 16.2.0#57
dependabot[bot] wants to merge 40 commits into
mainfrom
dependabot/nuget/src/SignalRMapRealtime/AutoMapper-16.2.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 6, 2026

Copy link
Copy Markdown

Updated AutoMapper from 12.0.1 to 16.2.0.

Release notes

Sourced from AutoMapper's releases.

16.2.0

What's Changed

New Contributors

Full Changelog: LuckyPennySoftware/AutoMapper@v15.1.1...v16.2.0

16.1.1

What's Changed

Security

Fixed an issue where certain cyclic or self-referential object graphs could trigger uncontrolled recursion during mapping, potentially resulting in stack exhaustion and denial of service.

Applications that process untrusted or attacker-controlled object graphs through affected mapping paths may be impacted.

Users should upgrade to this release.

Security advisory: GHSA-rvv3-g6hj-g44x

Thanks to @​skdishansachin for responsibly disclosing this issue.

Full Changelog: LuckyPennySoftware/AutoMapper@v16.1.0...v16.1.1

16.1.0

What's Changed

New Contributors

Full Changelog: LuckyPennySoftware/AutoMapper@v16.0.0...v16.1.0

16.0.0

What's Changed

Full Changelog: LuckyPennySoftware/AutoMapper@v15.1.0...v16.0.0

16.0.0-beta-1

What's Changed

Full Changelog: LuckyPennySoftware/AutoMapper@v15.1.0...v16.0.0-beta-1

This release is a beta release that introduces .NET 10 support and package signing. Signed packages means going forward packages can be validated against trusted authorities that the package has been published by Lucky Penny Software and not tampered with.

15.1.3

What's Changed

Security

Fixed an issue where certain cyclic or self-referential object graphs could trigger uncontrolled recursion during mapping, potentially resulting in stack exhaustion and denial of service.

Applications that process untrusted or attacker-controlled object graphs through affected mapping paths may be impacted.

Users should upgrade to this release.

Security advisory: GHSA-rvv3-g6hj-g44x

Thanks to @​skdishansachin for responsibly disclosing this issue.

Full Changelog: LuckyPennySoftware/AutoMapper@v15.1.0...v15.1.3

15.1.2

What's Changed

Security

Fixed an issue where certain cyclic or self-referential object graphs could trigger uncontrolled recursion during mapping, potentially resulting in stack exhaustion and denial of service.

Applications that process untrusted or attacker-controlled object graphs through affected mapping paths may be impacted.

Users should upgrade to this release.

Security advisory: GHSA-rvv3-g6hj-g44x

Thanks to @​skdishansachin for responsibly disclosing this issue.

Full Changelog: LuckyPennySoftware/AutoMapper@v16.1.1...v15.1.2

15.1.1

What's Changed

Security

Fixed an issue where certain cyclic or self-referential object graphs could trigger uncontrolled recursion during mapping, potentially resulting in stack exhaustion and denial of service.

Applications that process untrusted or attacker-controlled object graphs through affected mapping paths may be impacted.

Users should upgrade to this release.

Security advisory: GHSA-rvv3-g6hj-g44x

Thanks to @​skdishansachin for responsibly disclosing this issue.

Full Changelog: LuckyPennySoftware/AutoMapper@v16.1.1...v15.1.1

15.1.0

What's Changed

New Contributors

Full Changelog: LuckyPennySoftware/AutoMapper@v15.0.1...v15.1.0

15.0.1

What's Changed

Full Changelog: LuckyPennySoftware/AutoMapper@v15.0.0...v15.0.1

This release supersedes the 15.0.0 release, reverting behavior and overloads so that the AddAutoMapper overloads separate the "scanning for maps" from the "scanning for dependencies". Unfortunately it's not really possible to combine these two together.

This also fixes a critical bug in #​4545 that does not work with .NET 4.x applications (as intended).

Because of this, the 15.0.0 will be delisted because of the breaking changes there.

15.0.0

Full Changelog: LuckyPennySoftware/AutoMapper@v14.0.0...v15.0.0

  • Added support for .NET Standard 2.0
  • Requiring license key
  • Moving from MIT license to dual commercial/OSS license

To set your license key:

services.AddAutoMapper(cfg => {
    cfg.LicenseKey = "<License key here>";
});

This also introduced a breaking change with MapperConfiguration requiring an ILoggerFactory for logging purposes:

public MapperConfiguration(MapperConfigurationExpression configurationExpression, ILoggerFactory loggerFactory)

Registering AutoMapper with services.AddAutoMapper will automatically supply this parameter. Otherwise you'll need to supply the logger factory.

You can obtain your license key at AutoMapper.io

14.0.0

What's Changed

New Contributors

Full Changelog: LuckyPennySoftware/AutoMapper@v13.0.1...v14.0.0

13.0.1

What's Changed

New Contributors

Full Changelog: LuckyPennySoftware/AutoMapper@v13.0.0...v13.0.1

13.0.0

What's Changed

New Contributors

Full Changelog: LuckyPennySoftware/AutoMapper@v12.0.1...v13.0.0

Commits viewable in compare view.

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sarmkadan added 30 commits April 3, 2026 16:49
- Replace string interpolation in ILogger calls with structured
  logging message templates for better log aggregation and to avoid
  unnecessary string allocations when log level is disabled
- Add ConfigureAwait(false) to async calls in library/service code
  to prevent potential deadlocks in synchronous-over-async contexts

 27 files changed, 260 insertions(+), 260 deletions(-)
Refactor: structured logging and async best practices
- Add GitHub Actions build and test workflow
- Add bug report and feature request issue templates
- Add pull request template
- Add GitHub Sponsors funding configuration
- Improve .gitignore for better development experience
Add CI/CD pipeline and project configuration
Unit tests were targeting net10.0 while the main project and integration
tests both target net8.0. Align all projects on net8.0 to ensure
consistent build and test behavior.
- Implement IClusteringService and ClusteringService with grid-based geographic bucketing
- Add ClusterQueryRequest, LocationClusterDto, HeatmapPointDto, HeatmapResponseDto, ClusterResponseDto DTOs
- Add ClusteringController exposing GET /api/clustering/clusters and GET /api/clustering/heatmap
- Register AddClustering() in DependencyInjection
- Fix pre-existing compilation errors across IRepository, LocationService, VehicleController,
  RouteController, AssetController, LocationController, GeoJsonSerializer, RouteRepository,
  AssetRepository, VehicleRepository, Program.cs, and ApiKeyAuthenticationHandler
- Add 4 unit tests in ClusteringServiceTests
- Add GeofenceController exposing GET /api/geofence, POST /api/geofence,
  DELETE /api/geofence/{id}, and POST /api/geofence/check
- Expose pre-existing GeofenceService (IGeofenceService) via REST API
- Register AddGeofencing() singleton in DependencyInjection (already staged)
- Raise GeofenceEnteredEvent and GeofenceExitedEvent domain events on zone transitions
- Add 6 unit tests in GeofenceServiceTests covering registration, removal, enter/exit alerts,
  and duplicate-entry suppression
- Add PlaybackController with POST/GET/DELETE /api/playback/sessions,
  GET /api/playback/timeline/{id}, GET /api/playback/snapshot/{id},
  GET /api/playback/statistics/{id}
- Map pre-existing RoutePlaybackHub at /hubs/playback (Program.cs already staged)
- Register IRoutePlaybackService singleton and PlaybackOptions in DependencyInjection
- SignalR hub supports StartPlayback, PausePlayback, ResumePlayback, StopPlayback,
  JoinPlaybackSession, LeavePlaybackSession invocations with PlaybackTick / PlaybackCompleted events
- Add 5 unit tests in PlaybackServiceTests
- Update README with full documentation for all three new features
@dependabot dependabot Bot added .NET Pull requests that update .NET code dependencies Pull requests that update a dependency file labels Jul 6, 2026
@Sarmkadan Sarmkadan closed this Jul 11, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jul 11, 2026

Copy link
Copy Markdown
Author

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot
dependabot Bot deleted the dependabot/nuget/src/SignalRMapRealtime/AutoMapper-16.2.0 branch July 11, 2026 07:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file .NET Pull requests that update .NET code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant