Bump the nuget-minor-patch group with 14 updates#99
Merged
Conversation
Bumps AndreGoepel.Design.Blazor from 1.0.2 to 1.0.3 Bumps Marten from 9.14.1 to 9.16.0 Bumps Microsoft.AspNetCore.HeaderPropagation from 10.0.9 to 10.0.10 Bumps Microsoft.Extensions.Http.Resilience from 10.7.0 to 10.8.0 Bumps Microsoft.Extensions.ServiceDiscovery from 10.7.0 to 10.8.0 Bumps Microsoft.NET.Test.Sdk from 18.7.0 to 18.8.1 Bumps OpenTelemetry.Exporter.OpenTelemetryProtocol from 1.16.0 to 1.17.0 Bumps OpenTelemetry.Extensions.Hosting from 1.16.0 to 1.17.0 Bumps OpenTelemetry.Instrumentation.AspNetCore from 1.16.0 to 1.17.0 Bumps OpenTelemetry.Instrumentation.Http from 1.16.0 to 1.17.0 Bumps OpenTelemetry.Instrumentation.Runtime from 1.16.0 to 1.17.0 Bumps Radzen.Blazor from 11.1.3 to 11.1.5 Bumps WolverineFx.Marten from 6.17.1 to 6.20.0 Bumps WolverineFx.RuntimeCompilation from 6.17.1 to 6.20.0 --- updated-dependencies: - dependency-name: AndreGoepel.Design.Blazor dependency-version: 1.0.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nuget-minor-patch - dependency-name: Marten dependency-version: 9.16.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nuget-minor-patch - dependency-name: Microsoft.AspNetCore.HeaderPropagation dependency-version: 10.0.10 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nuget-minor-patch - dependency-name: Microsoft.Extensions.Http.Resilience dependency-version: 10.8.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nuget-minor-patch - dependency-name: Microsoft.Extensions.ServiceDiscovery dependency-version: 10.8.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nuget-minor-patch - dependency-name: Microsoft.NET.Test.Sdk dependency-version: 18.8.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nuget-minor-patch - dependency-name: OpenTelemetry.Exporter.OpenTelemetryProtocol dependency-version: 1.17.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nuget-minor-patch - dependency-name: OpenTelemetry.Extensions.Hosting dependency-version: 1.17.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nuget-minor-patch - dependency-name: OpenTelemetry.Instrumentation.AspNetCore dependency-version: 1.17.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nuget-minor-patch - dependency-name: OpenTelemetry.Instrumentation.Http dependency-version: 1.17.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nuget-minor-patch - dependency-name: OpenTelemetry.Instrumentation.Runtime dependency-version: 1.17.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nuget-minor-patch - dependency-name: Radzen.Blazor dependency-version: 11.1.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nuget-minor-patch - dependency-name: WolverineFx.Marten dependency-version: 6.20.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nuget-minor-patch - dependency-name: WolverineFx.RuntimeCompilation dependency-version: 6.20.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nuget-minor-patch ... Signed-off-by: dependabot[bot] <support@github.com>
andregoepel
added a commit
that referenced
this pull request
Jul 18, 2026
Dependabot missed this upgrade. 1.3.3 transitively requires Marten.AspNetCore >= 9.16.0, and with central transitive pinning enabled the central Marten.AspNetCore pin has to move up with it. Dependabot had missed that one too, leaving it at 9.14.1 behind Marten core (already 9.16.0 via #99); bumping it to 9.16.0 restores Marten/Marten.AspNetCore parity. Build, the 57 bUnit tests and `dotnet list package --vulnerable` are green.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Updated AndreGoepel.Design.Blazor from 1.0.2 to 1.0.3.
Release notes
Sourced from AndreGoepel.Design.Blazor's releases.
1.0.3
What's Changed
Full Changelog: andregoepel/design-blazor@v1.0.2...v1.0.3
Commits viewable in compare view.
Updated Marten from 9.14.1 to 9.16.0.
Release notes
Sourced from Marten's releases.
9.16.0
Lot of CritterWatch, couple bug fixes too
What's Changed
Full Changelog: JasperFx/marten@v9.15.4...V9.16.0
9.15.4
What's Changed
New Contributors
Full Changelog: JasperFx/marten@v9.15.3...v9.15.4
9.15.3
This addresses a potential vulnerability from SQL injection via non-string constant in a LINQ Select projection
Not a common usage, but still.
What's Changed
Full Changelog: JasperFx/marten@9.15.2...v9.15.3
9.15.2
Marten 9.15.2
A patch release. Both fixes come out of the same 512-tenant-database production deployment, reported by @erdtsieck, and both turned out to be worse than the reports described.
Bulk event insert ran a full schema apply on every batch
#4946 — fixed in #4949
The batch
BulkInsertEventsAsyncoverloads opened withStorage.ApplyAllConfiguredChangesToDatabaseAsync()on every call.That is not a cheap check. It calls
Tenancy.BuildDatabases()and runs a full schema delta — partition introspection plusinformation_schemasweeps — across every database in the store. So a sharded store paid one apply per database, per batch. On the reporting deployment, each ~1,000-event batch was triggering 512 schema applies.The measured effect: import throughput collapsed to ~17 events/s, against >3,000/s for the streaming overload. A 686k-event tenant projected to roughly 11 hours. The connection pool filled with ~370 backends whose last statement was Weasel's partition-introspection query, which fed directly into the server-wide connection pressure that deployment was already fighting.
That the streaming overload
BulkInsertEventStreamAsynchas no such call and is fine is the tell: the schema apply was never part of the contract. It was a leftover.The apply is now:
AutoCreateisNone— it is a no-op there by contract, so all that remained was the introspection cost; andIMartenDatabase.Identifier.One subtlety worth recording, because it is the kind of thing that bites later: the memoized apply deliberately does not take a caller's
CancellationToken. The first caller to arrive owns the single in-flight task that every concurrent caller for that database awaits — so binding that shared task to one caller's token would let a single cancelled batch fail sibling batches that were never cancelled. Each caller applies its own token at the await site instead. A schema apply is short and idempotent, so letting it run to completion is the cheaper trade.Under
AutoCreate.None, the event storage must already exist before import. That is the documented contract and it matches the streaming overload — but if you were previously relying on the per-call apply to create it for you under a non-Nonestore, note the change.The document bulk-insert path (
BulkInsertAsync/BulkInsertDocumentsAsync) is unaffected. It routes through the ordinary per-featureEnsureStorageExistsAsyncthat Weasel already memoizes, not a full-store delta.Tenant provisioning silently under-provisioned partitions
#4944 — fixed in #4950
AddPartitionToAllTables, and the tenant-provisioning paths built on it, walked the calling store'sStoreOptionsto decide which tables needed a list partition for a new tenant.So any tool or host that provisions tenants from a store which doesn't register every document type silently under-provisioned. Document types unknown to the caller never got their partitions — and the tenant then failed with a Postgres
23514check-constraint violation on first write to the missing partition. Nothing failed at provisioning time; the damage surfaced later, somewhere else.The workaround was "the provisioning tool must register all document types," which re-creates schema knowledge in a second place and drifts as document types are added.
The sweep is now database-driven: it enumerates tenant list-partitioned tables from the Postgres catalog, so a partially-registered store still provisions every partitioned table it finds.
Scoping is enforced inside the catalog query rather than filtered in memory afterward:
AllSchemaNames()only. Foreign partitioned tables in a shared database are never touched.tenant_id. This is the filter that matters most, and it is what keeps the sweep off Marten's own non-tenant list partitioning:UseArchivedStreamPartitioningkeysmt_eventsonis_archived, andByList()keys on its own field. Without it, a "helpful" sweep would start adding tenant partitions to tables partitioned on something else entirely.ByExternallyManagedListPartitions()are subtracted.Opt out with
SweepPartitionedTablesFromDatabase(default on). No Weasel change was required.Known limitation, and it is a real one: a document type registered into a schema the calling store has never heard of stays invisible to the schema filter — a store cannot own a schema it does not know exists. Single-schema stores (the default, and the reporting deployment's shape) are fully covered. Closing this properly would need a persisted table list alongside
mt_tenant_partitions.... (truncated)
9.15.1
Patch release for a silent data-correctness regression. If you use
ForTenant()on an identity-mapped or dirty-tracked session, upgrade.Fixed
#4947 —
ForTenant()on an identity session stopped returning tenancy-neutral documents (reported by @dervagabund, with a repro — thank you). AForTenant()view of an identity- or dirty-tracked session no longer saw global (tenancy-neutral) documents tracked by the parent session. Since a global document has exactly one row per id for the whole database,LoadAsyncthrough theForTenantview missed the identity map, went to the database, and returnednullfor a document that is there. A silent wrong answer, not an error.Affected: 9.13.0, 9.14.x, 9.15.0. Introduced by the fix for #4801, which tenant-scoped the identity map and version tracker for
ForTenantsessions. That was correct for conjoined documents — where the same id means a different document per tenant — but it was applied per session rather than per document type, so it also isolated document types that are tenancy-neutral and must be shared.Sharing is now decided per document type. A nested
ForTenantsession shares the parent's identity-map and version-tracker entry for a type only when the storage is identity-mapped, the type is notConjoined, and the nested session's database is the same instance as the parent's (under database-per-tenant, the same id in another tenant's database is a different document even for a tenancy-neutral type). The isolation introduced by #4801 is preserved exactly — theBug_4801suite still passes, and the new tests include guard rails asserting conjoined documents stay isolated.Full changelog: JasperFx/marten@9.15.0...9.15.1
9.15.0
Closed issues
findOrAssignTenantDatabaseAsyncreturned early on an existing assignment row, skippingcreatePartitionsForTenant+ per-tenant event-sequence provisioning — so a tenant whose provisioning was interrupted (assignment committed, partitions missing) failed every write with23514forever. Both early-return paths (including a second race-window hole under the advisory lock) now run the same idempotent repair the explicitAddTenantToShardAsync(tenantId, databaseId)overload always ran, guarded to once per process per tenant via the resolution cache.Also in this release
JasperFx.Events.SourceGeneratoranalyzer (JasperFx/jasperfx#505) — CS1061 compile break for no-parameterless-ctor aggregates with instanceApplyreturning the aggregate.pg_inherits) for the #4943 provisioning-tool scenario.Verified against Wolverine (full solution + CoreTests/MartenTests/distribution/Http suites, zero failures) and CritterWatch before publishing. Thanks to @erdtsieck for the dump-verified root-cause analysis.
Commits viewable in compare view.
Updated Microsoft.AspNetCore.HeaderPropagation from 10.0.9 to 10.0.10.
Release notes
Sourced from Microsoft.AspNetCore.HeaderPropagation's releases.
No release notes found for this version range.
Commits viewable in compare view.
Updated Microsoft.Extensions.Http.Resilience from 10.7.0 to 10.8.0.
Release notes
Sourced from Microsoft.Extensions.Http.Resilience's releases.
10.8.0
This release adds new experimental APIs to Microsoft.Extensions.AI.Abstractions and updates the OpenAI dependency to 2.12.0, alongside documentation, test, and repository maintenance.
Experimental API Changes
New Experimental APIs
AIFunctionNameAttributeandAIParameterNameAttribute#7610 by @jozkee (co-authored by @jeffhandley @Copilot)ToolApprovalRequestContent.RequiresConfirmation(MEAI001) #7549 by @javiercn (co-authored by @Copilot)What's Changed
AI
Vector Data
Documentation Updates
Test Improvements
Repository Infrastructure Updates
... (truncated)
Commits viewable in compare view.
Updated Microsoft.Extensions.ServiceDiscovery from 10.7.0 to 10.8.0.
Release notes
Sourced from Microsoft.Extensions.ServiceDiscovery's releases.
10.8.0
This release adds new experimental APIs to Microsoft.Extensions.AI.Abstractions and updates the OpenAI dependency to 2.12.0, alongside documentation, test, and repository maintenance.
Experimental API Changes
New Experimental APIs
AIFunctionNameAttributeandAIParameterNameAttribute#7610 by @jozkee (co-authored by @jeffhandley @Copilot)ToolApprovalRequestContent.RequiresConfirmation(MEAI001) #7549 by @javiercn (co-authored by @Copilot)What's Changed
AI
Vector Data
Documentation Updates
Test Improvements
Repository Infrastructure Updates
... (truncated)
Commits viewable in compare view.
Updated Microsoft.NET.Test.Sdk from 18.7.0 to 18.8.1.
Release notes
Sourced from Microsoft.NET.Test.Sdk's releases.
18.8.1
What's Changed
Full Changelog: microsoft/vstest@v18.8.0...v18.8.1
18.8.0
What's Changed
Full Changelog: microsoft/vstest@v18.7.0...v18.8.0
Commits viewable in compare view.
Updated OpenTelemetry.Exporter.OpenTelemetryProtocol from 1.16.0 to 1.17.0.
Release notes
Sourced from OpenTelemetry.Exporter.OpenTelemetryProtocol's releases.
1.17.0
For highlights and announcements pertaining to this release see: Release Notes > 1.17.0.
The following changes are from the previous release 1.17.0-rc.1.
NuGet: OpenTelemetry v1.17.0
No notable changes.
See CHANGELOG for details.
NuGet: OpenTelemetry.Api v1.17.0
No notable changes.
See CHANGELOG for details.
NuGet: OpenTelemetry.Api.ProviderBuilderExtensions v1.17.0
No notable changes.
See CHANGELOG for details.
NuGet: OpenTelemetry.Exporter.Console v1.17.0
No notable changes.
See CHANGELOG for details.
NuGet: OpenTelemetry.Exporter.InMemory v1.17.0
No notable changes.
See CHANGELOG for details.
NuGet: OpenTelemetry.Exporter.OpenTelemetryProtocol v1.17.0
No notable changes.
See CHANGELOG for details.
NuGet: OpenTelemetry.Exporter.Zipkin v1.17.0
No notable changes.
See CHANGELOG for details.
NuGet: OpenTelemetry.Extensions.Hosting v1.17.0
No notable changes.
... (truncated)
1.17.0-rc.1
The following changes are from the previous release 1.16.0.
NuGet: OpenTelemetry v1.17.0-rc.1
Fixed a metric point reclaim data race on CPU ARM architectures.
(#7401)
The library is now marked as trim and AOT compatible.
(#7441)
Replaced the vendored copy of
EnvironmentVariablesConfigurationProviderwith a directMicrosoft.Extensions.Configuration.EnvironmentVariablespackage dependency.Consumers gain automatic pickup of upstream bug fixes and security patches;
no public API or behavioural change.
(#7146)
Added a verbose
OpenTelemetry-Sdkself-diagnostics event that is emittedwhen an activity is dropped because its local (in-process) parent is not
recorded.
(#7427)
Added support for a Schema URL on
Resourceinstances.(#7472)
Fixed a metric storage leak that occurred when meters and instruments were
repeatedly created and disposed.
(#7466)
Added
ExcludedTagKeysproperty toMetricStreamConfigurationto supportexcluding specific tag keys from metric streams.
(#7373)
See CHANGELOG for details.
NuGet: OpenTelemetry.Api v1.17.0-rc.1
Fixed
TraceContextPropagatorto normalize emptytracestateheader valuesto
nullwhen extracting trace context.(#7407,
#7433)
The library is now marked as trim and AOT compatible.
(#7441)
Experimental (pre-release builds only): Updated
EnvironmentVariableCarrier.Getto read only the normalized environment variable name, following the updated
environment variable carrier specification.
Non-normalized carrier keys are no longer matched, even when they would
normalize to the requested key.
... (truncated)
1.17.0-beta.1
The following changes are from the previous release 1.16.0-beta.1.
NuGet: OpenTelemetry.Exporter.Prometheus.AspNetCore v1.17.0-beta.1
Added a verbose-level diagnostic event for ignored metrics.
(#7429)
The library is now marked as trim and AOT compatible.
(#7441)
Fix double unit suffixes in metric names when using OpenMetrics.
(#7454)
Fix incorrect handling of leading digits in metric names for OpenMetrics.
(#7454)
Add
PrometheusAspNetCoreOptions.ScopeInfoEnabledproperty to enable ordisable scope labels in Prometheus metrics. Defaults to
true.(#7436)
Added support for the
dotsandvaluesPrometheus UTF-8 name escapingschemes when negotiated via the
Acceptheader.(#7439)
Add
PrometheusAspNetCoreOptions.TargetInfoEnabledproperty to enable ordisable the
target_infometric in Prometheus metrics. Defaults totrue.(#7438)
Added support for the
allow-utf-8Prometheus UTF-8 name escaping schemewhen negotiated via the
Acceptheader.(#7440)
Add
PrometheusAspNetCoreOptions.ResourceConstantLabelsproperty to selectresource attributes to add to each metric as constant labels. Defaults to
null(no resource attributes are added as metric labels).(#7471)
Add
PrometheusAspNetCoreOptions.MaxScrapeResponseSizeBytesto configurethe maximum size of a scrape response. The default is now ~166 MiB.
(#7487)
A scrape whose serialized output exceeds the maximum scrape response size
limit now responds with HTTP 500.
(#7487)
Fixed the Prometheus text exposition format emitting redundant comments.
(#7491)
Made
Acceptheader content negotiation consistent with thePrometheusHttpListenerendpoint.... (truncated)
Commits viewable in compare view.
Updated OpenTelemetry.Extensions.Hosting from 1.16.0 to 1.17.0.
Release notes
Sourced from OpenTelemetry.Extensions.Hosting's releases.
1.17.0
For highlights and announcements pertaining to this release see: Release Notes > 1.17.0.
The following changes are from the previous release 1.17.0-rc.1.
NuGet: OpenTelemetry v1.17.0
No notable changes.
See CHANGELOG for details.
NuGet: OpenTelemetry.Api v1.17.0
No notable changes.
See CHANGELOG for details.
NuGet: OpenTelemetry.Api.ProviderBuilderExtensions v1.17.0
No notable changes.
See CHANGELOG for details.
NuGet: OpenTelemetry.Exporter.Console v1.17.0
No notable changes.
See CHANGELOG for details.
NuGet: OpenTelemetry.Exporter.InMemory v1.17.0
No notable changes.
See CHANGELOG for details.
NuGet: OpenTelemetry.Exporter.OpenTelemetryProtocol v1.17.0
No notable changes.
See CHANGELOG for details.
NuGet: OpenTelemetry.Exporter.Zipkin v1.17.0
No notable changes.
See CHANGELOG for details.
NuGet: OpenTelemetry.Extensions.Hosting v1.17.0
No notable changes.
... (truncated)
1.17.0-rc.1
The following changes are from the previous release 1.16.0.
NuGet: OpenTelemetry v1.17.0-rc.1
Fixed a metric point reclaim data race on CPU ARM architectures.
(#7401)
The library is now marked as trim and AOT compatible.
(#7441)
Replaced the vendored copy of
EnvironmentVariablesConfigurationProviderwith a directMicrosoft.Extensions.Configuration.EnvironmentVariablespackage dependency.Consumers gain automatic pickup of upstream bug fixes and security patches;
no public API or behavioural change.
(#7146)
Added a verbose
OpenTelemetry-Sdkself-diagnostics event that is emittedwhen an activity is dropped because its local (in-process) parent is not
recorded.
(#7427)
Added support for a Schema URL on
Resourceinstances.(#7472)
Fixed a metric storage leak that occurred when meters and instruments were
repeatedly created and disposed.
(#7466)
Added
ExcludedTagKeysproperty toMetricStreamConfigurationto supportexcluding specific tag keys from metric streams.
(#7373)
See CHANGELOG for details.
NuGet: OpenTelemetry.Api v1.17.0-rc.1
Fixed
TraceContextPropagatorto normalize emptytracestateheader valuesto
nullwhen extracting trace context.(#7407,
#7433)
The library is now marked as trim and AOT compatible.
(#7441)
Experimental (pre-release builds only): Updated
EnvironmentVariableCarrier.Getto read only the normalized environment variable name, following the updated
environment variable carrier specification.
Non-normalized carrier keys are no longer matched, even when they would
normalize to the requested key.
... (truncated)
1.17.0-beta.1
The following changes are from the previous release 1.16.0-beta.1.
NuGet: OpenTelemetry.Exporter.Prometheus.AspNetCore v1.17.0-beta.1
Added a verbose-level diagnostic event for ignored metrics.
(#7429)
The library is now marked as trim and AOT compatible.
(#7441)
Fix double unit suffixes in metric names when using OpenMetrics.
(#7454)
Fix incorrect handling of leading digits in metric names for OpenMetrics.
(#7454)
Add
PrometheusAspNetCoreOptions.ScopeInfoEnabledproperty to enable ordisable scope labels in Prometheus metrics. Defaults to
true.(#7436)
Added support for the
dotsandvaluesPrometheus UTF-8 name escapingschemes when negotiated via the
Acceptheader.(#7439)
Add
PrometheusAspNetCoreOptions.TargetInfoEnabledproperty to enable ordisable the
target_infometric in Prometheus metrics. Defaults totrue.(#7438)
Added support for the
allow-utf-8Prometheus UTF-8 name escaping schemewhen negotiated via the
Acceptheader.(#7440)
Add
PrometheusAspNetCoreOptions.ResourceConstantLabelsproperty to selectresource attributes to add to each metric as constant labels. Defaults to
null(no resource attributes are added as metric labels).(#7471)
Add
PrometheusAspNetCoreOptions.MaxScrapeResponseSizeBytesto configurethe maximum size of a scrape response. The default is now ~166 MiB.
(#7487)
A scrape whose serialized output exceeds the maximum scrape response size
limit now responds with HTTP 500.
(#7487)
Fixed the Prometheus text exposition format emitting redundant comments.
(#7491)
Made
Acceptheader content negotiation consistent with thePrometheusHttpListenerendpoint.... (truncated)
Commits viewable in compare view.
Updated OpenTelemetry.Instrumentation.AspNetCore from 1.16.0 to 1.17.0.
Release notes
Sourced from OpenTelemetry.Instrumentation.AspNetCore's releases.
1.17.0
NuGet: OpenTelemetry.Exporter.Geneva v1.17.0
Updated OpenTelemetry core component version(s) to
1.17.0.(#4773)
Updated ETW manifest and payload in
EtwDataTransportwith synthetic payload so that the runtime-generated .NET
ETW manifest matches the actual payload.
(#4729
See CHANGELOG for details.
1.17.0-rc.1
NuGet: OpenTelemetry.Instrumentation.Process v1.17.0-rc.1
1.17.0.(#4773)
See CHANGELOG for details.
1.17.0-beta.1
NuGet: OpenTelemetry.Extensions.Enrichment v1.17.0-beta.1
1.17.0.(#4773)
See CHANGELOG for details.
1.17.0-alpha.1
NuGet: OpenTelemetry.Instrumentation.EventCounters v1.17.0-alpha.1
Assemblies are now digitally signed using cosign.
(#4637)
Updated OpenTelemetry core component version(s) to
1.17.0.(#4773)
See CHANGELOG for details.
Commits viewable in compare view.
Updated OpenTelemetry.Instrumentation.Http from 1.16.0 to 1.17.0.
Release notes
Sourced from OpenTelemetry.Instrumentation.Http's releases.
1.17.0
NuGet: OpenTelemetry.Exporter.Geneva v1.17.0
Updated OpenTelemetry core component version(s) to
1.17.0.(#4773)
Updated ETW manifest and payload in
EtwDataTransportwith synthetic payload so that the runtime-generated .NET
ETW manifest matches the actual payload.
(#4729
See CHANGELOG for details.
1.17.0-rc.1
NuGet: OpenTelemetry.Instrumentation.Process v1.17.0-rc.1
1.17.0.(#4773)
See CHANGELOG for details.
1.17.0-beta.1
NuGet: OpenTelemetry.Extensions.Enrichment v1.17.0-beta.1
1.17.0.(#4773)
See CHANGELOG for details.
1.17.0-alpha.1
NuGet: OpenTelemetry.Instrumentation.EventCounters v1.17.0-alpha.1
Assemblies are now digitally signed using cosign.
(#4637)
Updated OpenTelemetry core component version(s) to
1.17.0.(#4773)
See CHANGELOG for details.
Commits viewable in compare view.
Updated OpenTelemetry.Instrumentation.Runtime from 1.16.0 to 1.17.0.
Release notes
Sourced from OpenTelemetry.Instrumentation.Runtime's releases.
1.17.0
NuGet: OpenTelemetry.Exporter.Geneva v1.17.0
Updated OpenTelemetry core component version(s) to
1.17.0.(#4773)
Updated ETW manifest and payload in
EtwDataTransportwith synthetic payload so that the runtime-generated .NET
ETW manifest matches the actual payload.
(#4729
See CHANGELOG for details.
1.17.0-rc.1
NuGet: OpenTelemetry.Instrumentation.Process v1.17.0-rc.1
1.17.0.(#4773)
See CHANGELOG for details.
1.17.0-beta.1
NuGet: OpenTelemetry.Extensions.Enrichment v1.17.0-beta.1
1.17.0.(#4773)
See CHANGELOG for details.
1.17.0-alpha.1
NuGet: OpenTelemetry.Instrumentation.EventCounters v1.17.0-alpha.1
Assemblies are now digitally signed using cosign.
(#4637)
Updated OpenTelemetry core component version(s) to
1.17.0.(#4773)
See CHANGELOG for details.
Commits viewable in compare view.
Updated Radzen.Blazor from 11.1.3 to 11.1.5.
Release notes
Sourced from Radzen.Blazor's releases.
11.1.5
11.1.5 - 2026-07-15
Improvements
TitleFormatandTitleFormatterparameters on the scheduler views give full control over each view's title: a format string, or a formatter function for complete customization.Fixes
OnAfterRenderAsyncinterop completes), avoiding "Cannot create a JSObjectReference from the value 'null'".11.1.4
11.1.4 - 2026-07-13
Improvements
MaxGroupsandOthersLabelproperties onRadzenPivotRowandRadzenPivotColumnlimit the number of row or column groups displayed at each level. The most significant groups (ranked by the sorted aggregate or the first aggregate) are kept and the remaining items are combined into a single localizable "Others" group. Fixes #2470.HandleLabelFormatterproperty accepts a formatter function (receiving aDateTimefor date ranges or adoublefor numeric ranges) for full control over the handle labels, taking precedence overHandleLabelFormatString. Fixes #2617.IsLoadingandLoadingTemplateare now available on DropDown and ListBox, and DropDownDataGrid forwards itsLoadingTemplateto the inner DataGrid. Thanks to @artnim!Fixes
Commits viewable in compare view.
Updated WolverineFx.Marten from 6.17.1 to 6.20.0.
Release notes
Sourced from WolverineFx.Marten's releases.
6.20.0
Wolverine 6.20.0
Dependency upgrades (critter stack)
Multi-tenancy & connection footprint
nodes × databases. Plus daemon tracker-subscription leak hygiene.IntegrateWithWolverine()now honors a database-per-tenant Polecat store and readsMainDatabaseConnectionString.DatabaseDescriptor.Portinstead of re-parsing (jasperfx#514).CritterWatch / connection state
Kafka
SentAtand expose record headers on raw-JSON listeners (GH-3407).JsonSerializerOptionson raw-JSON endpoints now actually applies;PublishRawJsonmapper registration fixed.Sagas
SagaConcurrencyExceptionnow inheritsJasperFx.ConcurrencyException(GH-3444) — existingOnException<ConcurrencyException>()policies now catch saga concurrency failures.Other
TrackedSessionnot-tracked vs not-routed fix (#3435).6.19.0
CosmosDB
CosmosDbConfiguration.PartitionSagasById(): opt-in, saga id becomes the document partition key (GH-3415) @mysticmindCosmosClientwhose serializer would drop a saga'sidat host start; document the camelCase requirement (GH-3416) @mysticmindHTTP / OpenAPI
uuidinstead of falling back tostring(GH-3420) @mysticmindDurability / persistence
IWolverineObserver.ConnectionBudget(GH-3397) @jeremydmillerTest infrastructure only
IntegrationContextfrom disposing a class fixture it doesn't own; pinApplicationAssemblyin the CoreTests harness (GH-3423) @jeremydmillerusing_dynamic_multi_tenancyfrom poisoning its own next run @mysticmindMilestone: https://github.com/JasperFx/wolverine/issues?q=is%3Aissue%20state%3Aclosed%20milestone%3A6.19.0
Full Changelog: JasperFx/wolverine@V6.18.0...V6.19.0
6.18.0
Wolverine 6.18.0
A security-relevant serialization fix, a startup-fatal codegen fix, a silently-dead-listener fix in RabbitMQ, the first F# saga codegen support of any persistence provider, and the CI split that makes "merge when green" mean something again.
If you use MassTransit interop over a durable listener, take this release. See the first section.
#3408 — fixed in #3411
EnvelopeSerializerwrote the typed envelope properties to the wire format and then appended everyEnvelope.Headersentry verbatim, with no reserved-key filter — and the appended entries came last. Because the reader parses reserved keys straight back into typed properties, aHeadersentry under a reserved key silently overwrote the real property on the next read.A value in
envelope.Headers["tenant-id"]is inert while the envelope is in memory. It stops being inert the moment the envelope crosses the serializer — any durable listener, the inbox/outbox, or the scheduled-message store:tenant-idintoenvelope.Headers.env.TenantIdis set from it.saga-idreaches another saga's state, andidrewritesEnvelope.Id— the inbox's dedupe identity.This was live, not theoretical.
MassTransitEnvelope.TransferDataalready copies every incoming MassTransit header intoenvelope.Headersunfiltered (and by assignment, notTryAdd). Any Wolverine app doing MassTransit interop over a durable listener has had this path open. If that describes you, this release is the one to take.The fix filters reserved keys on the write side, so the typed property stays authoritative and a reserved key sitting in
Headersbecomes a no-op.causation-idis deliberately not filtered —DeliveryOptionsintentionally carries it as a loose header forWolverine.Marten'sOutboxedSessionFactory, and it is never promoted by the reader.Startup-fatal codegen fix
#3399 — fixed in #3406 — invalid generated class name for batched (array) message types. This one prevents the application from starting.
Fixes
DaemonMode.Solo/HotColddaemon alongside managed distribution is now an actionable startup exception instead of two schedulers quietly fighting over the same shards.IAgentRuntime.ApplyRestrictionsAsyncpersisted the restriction and then never dispatched the commands it computed, so pausing an agent had no immediate effect. Reported by @erdtsieck against a live cluster.Internalstatus. It now returns an actionable diagnostic telling you to put the saga identity on the request DTO.[AsParameters]now rejects unparseable values in collection query parameters, closing the gap left by the scalar fix in #3372.IEventStorebridge registered twice, soGetServices<IEventStore>()returned the same store instance two times and anything iterating it double-counted. Polecat's ownAddPolecat()had started registeringIEventStoreand Wolverine was still bridging it as well.State = Connected— a silently dead listener. The listener now defers toReconnectedAsync(), which re-declares and re-consumes. Also pins theConnectionMonitortracking invariant that #3370 fixed but nothing guarded.OpenAPI
#3380 (#3418) — OpenAPI parameters are now derived from the full binding chain rather than the handler signature alone. Two real defects closed:
After/Finallypostprocessor were omitted from the operation entirely.string) whenever the description was assembled before those frames resolved — which is exactly the build-time OpenAPI /openapiCLI path, because ASP.NET caches the first ApiExplorer read.More importantly, this ships the OpenAPI shape-test harness that was missing. Adding a shape assertion is now one endpoint plus one
[Fact], which is why this class of omission kept shipping unnoticed.New: Azure Service Bus emulator support
#3366 (#3409) — the docs told you to call
UseAzureServiceBusTesting(), which only ever existed in Wolverine's own test suite. It is now a real, shipping API:... (truncated)
6.17.3
Bug-fix and scale release, following the 6.17.2 community sweep. Every item below came from a community report or a review finding — thank you all.
Closed issues
PeriodicTimer, so at high database counts the metrics polling itself became significant connection pressure. Agents now register their store with a node-wide sequential sweeper that walks the node's databases one at a time across theUpdateMetricsPeriodwindow — at most one metrics connection in flight per node, regardless of database count. The registration set is re-read every pass, so databases join and leave the sweep as agents start and stop without a restart.Disconnectedstate that #3187 fixed. Two follow-ups are tracked in #3391.TrackedSessionwould pick up and then sit waiting on messages the test never sent. The default ignore rule now covers all ofINotToBeRouted(agent commands and framework telemetry), with a deliberate carve-out forAcknowledgement/FailureAcknowledgement, which the session's own acknowledgement APIs depend on. If you are on an older version,IgnoreMessagesMatchingType(t => t.CanBeCastTo<INotToBeRouted>())is the workaround.Fixes from review
UpdateMetricsPeriod = TimeSpan.Zerowould hot-spin the sweep loop (the pre-#3384PeriodicTimerthrew); it is now rejected at configuration time, withDurabilityMetricsEnabled = falseas the way to turn polling off.Marten test-helper:
PauseThenCatchUpOnMartenDaemonActivity#3388 — cold first catch-up appeared to stall (PR #3394, reported by @uniquelau). Investigated in depth. The reported mechanism — that
coordinator.ResumeAsync()does not start never-started shards — does not hold: under Wolverine-managed distribution the coordinator isWolverineProjectionCoordinator, whoseResumeAsyncbuilds the daemon lazily and starts every shard, bypassing agent assignment entirely. The cold path works, and there are now four tests proving it (including with a second subscription-agent consumer sharing the agent family).The real defect was a timeout mismatch, and it explains the reported symptom exactly. The stage runs inside a child
TrackedSessionwhose token cancels atTrackedSession.Timeout— 5 seconds by default — while the catch-up ignored that token and waited on an internal 60-second budget. The session gave up first and left the catch-up envelope started-but-never-finished, which reads as a hang. This is a genuine 6.16 → 6.17 behavior change: the old activeForceAllfinished inside 5 seconds; resume-and-wait on a cold daemon or a busy machine does not. The catch-up now honors the session's token and raises an actionableTimeoutExceptionnaming the store and pointing atTrackActivity().Timeout(...).If you hit this on 6.17.0–6.17.2, raising the tracked-session timeout is the fix.
Docs
IMessageBus.InvokeAsync<T>and the chain that runs is the handler's. The header-identified gap is tracked as #3385, with a clear diagnostic planned.Timeout()bounds the whole session including its stages, so a slow stage likePauseThenCatchUpOnMartenDaemonActivity()is capped by the...Description has been truncated