Bump the dotnet-minor-patch group with 22 updates

[dependabot]

Updated AWSSDK.S3 from 3.7.406 to 3.7.511.8.

Release notes

Sourced from AWSSDK.S3's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.AspNetCore.Authentication.JwtBearer from 10.0.8 to 10.0.9.

Release notes

Sourced from Microsoft.AspNetCore.Authentication.JwtBearer's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.AspNetCore.Identity.EntityFrameworkCore from 10.0.8 to 10.0.9.

Release notes

Sourced from Microsoft.AspNetCore.Identity.EntityFrameworkCore's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.AspNetCore.Mvc.Testing from 10.0.8 to 10.0.9.

Release notes

Sourced from Microsoft.AspNetCore.Mvc.Testing's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.AspNetCore.OpenApi from 10.0.8 to 10.0.9.

Release notes

Sourced from Microsoft.AspNetCore.OpenApi's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.Data.SqlClient from 7.0.1 to 7.0.2.

Release notes

Sourced from Microsoft.Data.SqlClient's releases.

7.0.2

This update brings the following changes since the 7.0.1 release:

Important — package version alignment: Starting with 7.0.2, the Microsoft.Data.SqlClient driver and its companion packages share a single aligned version. The following packages now ship together as 7.0.2:

• Microsoft.Data.SqlClient
• Microsoft.Data.SqlClient.AlwaysEncrypted.AzureKeyVaultProvider
• Microsoft.Data.SqlClient.Extensions.Azure
• Microsoft.Data.SqlClient.Extensions.Abstractions
• Microsoft.Data.SqlClient.Internal.Logging

(Microsoft.SqlServer.Server continues to version independently and remains at 1.0.0.)

Applications must reference the same versions of Microsoft.Data.SqlClient and its extensions for best compatibility. In particular, applications that reference Microsoft.Data.SqlClient.Extensions.Azure must upgrade it to 7.0.2 when upgrading Microsoft.Data.SqlClient to 7.0.2.

Breaking change (.NET Framework only): As part of this alignment, the AssemblyVersion of Microsoft.Data.SqlClient.Extensions.Azure, Microsoft.Data.SqlClient.Extensions.Abstractions, and Microsoft.Data.SqlClient.Internal.Logging changed from 1.0.0.0 to 7.0.0.0 (the Microsoft.Data.SqlClient and Microsoft.Data.SqlClient.AlwaysEncrypted.AzureKeyVaultProvider assembly versions are unchanged). On .NET Framework, AssemblyVersion is part of the strong-name identity, so applications that drop these assemblies into an existing deployment without rebuilding must rebuild against the 7.0.2 packages (or add binding redirects). Applications on .NET / .NET Core are not affected.

Companion package release notes

The following companion packages ship aligned as 7.0.2. See their individual release notes for package-specific changes (including the Microsoft.Data.SqlClient.Extensions.Azure WAM broker support):

• Microsoft.Data.SqlClient.AlwaysEncrypted.AzureKeyVaultProvider 7.0.2
• Microsoft.Data.SqlClient.Extensions.Azure 7.0.2
• Microsoft.Data.SqlClient.Extensions.Abstractions 7.0.2
• Microsoft.Data.SqlClient.Internal.Logging 7.0.2

Fixed

• Fixed a NullReferenceException in SqlCommand.Cancel(). The diagnostic message built during cancellation dereferenced the active connection directly; it now uses a null-conditional access so cancellation no longer throws when the connection has already been torn down.
  (#​4372,#​4373)

• Fixed a NullReferenceException in SqlDataReader when calling GetBytes/GetChars with a null destination buffer. The argument-validation path that constructs the InvalidDestinationBufferIndex exception now guards against the null buffer so the correct ArgumentException is surfaced instead of an NRE.
  (#​4159,#​4206)

• Fixed Always Encrypted column master key signature verification incorrectly reusing cached results. The SignatureVerificationCache lookup logic was corrected so signature verification outcomes are cached and retrieved against the correct key, preventing stale or mismatched verification results.
  (#​4339,#​4343)

Changed

Hardened TDS token parsing with data-length bounds checks

What Changed:

• Added bounds checking when parsing TDS token and feature-extension-acknowledgment data lengths. The parser now validates the declared length of incoming token data against the available buffer before reading, rejecting malformed or out-of-range length values instead of reading past the intended boundary.
  (#​4340,#​4358)

Who Benefits:

• All consumers benefit from improved resilience against malformed or hostile TDS responses. A server (or man-in-the-middle) sending an invalid token length can no longer drive the parser to read beyond the declared payload.

Impact:
... (truncated)

Commits viewable in compare view.

Updated Microsoft.EntityFrameworkCore from 10.0.8 to 10.0.9.

Release notes

Sourced from Microsoft.EntityFrameworkCore's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.EntityFrameworkCore.Design from 10.0.8 to 10.0.9.

Release notes

Sourced from Microsoft.EntityFrameworkCore.Design's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.EntityFrameworkCore.InMemory from 10.0.8 to 10.0.9.

Release notes

Sourced from Microsoft.EntityFrameworkCore.InMemory's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.EntityFrameworkCore.SqlServer from 10.0.8 to 10.0.9.

Release notes

Sourced from Microsoft.EntityFrameworkCore.SqlServer's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.EntityFrameworkCore.Tools from 10.0.8 to 10.0.9.

Release notes

Sourced from Microsoft.EntityFrameworkCore.Tools's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.Extensions.Caching.Abstractions from 10.0.8 to 10.0.9.

Release notes

Sourced from Microsoft.Extensions.Caching.Abstractions's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.Extensions.Caching.StackExchangeRedis from 10.0.8 to 10.0.9.

Release notes

Sourced from Microsoft.Extensions.Caching.StackExchangeRedis's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.Extensions.Configuration.Abstractions from 10.0.8 to 10.0.9.

Release notes

Sourced from Microsoft.Extensions.Configuration.Abstractions's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.Extensions.Identity.Stores from 10.0.8 to 10.0.9.

Release notes

Sourced from Microsoft.Extensions.Identity.Stores's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.NET.Test.Sdk from 18.5.1 to 18.7.0.

Release notes

Sourced from Microsoft.NET.Test.Sdk's releases.

18.7.0

What's Changed

• Add ARM64 msdia140.dll support to test platform packages by @​jamesmcroft in Add ARM64 msdia140.dll support to test platform packages microsoft/vstest#15689
• Update System.Memory from 4.5.5 to 4.6.3 by @​nohwnd in Update System.Memory from 4.5.5 to 4.6.3 microsoft/vstest#15706

New Contributors

• @​jamesmcroft made their first contribution in Add ARM64 msdia140.dll support to test platform packages microsoft/vstest#15689

Full Changelog: microsoft/vstest@v18.6.0...v18.7.0

18.6.0

What's Changed

• Revert removal of Video Recorder by @​nohwnd in Revert removal of Video Recorder microsoft/vstest#15336
• Speed up blame by filtering non-.NET processes from dump collection by @​nohwnd in Speed up blame tests by filtering non-.NET processes from dump collection microsoft/vstest#15518
• Add README.md to NuGet packages by @​nohwnd in Add README.md to NuGet packages microsoft/vstest#15550
• Report child process info on connection timeout by @​nohwnd in Report child process info on connection timeout microsoft/vstest#15603

Changes to tests and infra

• Brand as 18.6 by @​nohwnd in Brand as 18.6 microsoft/vstest#15423
• Upgrading code coverage version to 18.5.1, by @​fhnaseer in Upgrading code coverage version to 18.5.1, microsoft/vstest#15422
• Updating System.Collections.Immutable to 9.0.11 by @​MSLukeWest in Updating System.Collections.Immutable to 9.0.11 microsoft/vstest#15425
• Fix attachVS when used for debugging integration tests by @​nohwnd in Fix attachVS when used for debugging integration tests microsoft/vstest#15451
• Replace dotnet.config, with global.json by @​nohwnd in Replace dotnet.config, with global.json microsoft/vstest#15449
• Document debugging integration tests with AttachVS by @​Copilot in Document debugging integration tests with AttachVS microsoft/vstest#15452
• Fix stack overflow tests by @​nohwnd in Fix stack overflow tests microsoft/vstest#15461
• Make TestAssets.sln buildable locally by @​Youssef1313 in Make TestAssets.sln buildable locally microsoft/vstest#15466
• Try filtering out tests by @​nohwnd in Try filtering out tests microsoft/vstest#15463
• Build just once when tfms run in parallel by @​nohwnd in Build just once when tfms run in parallel microsoft/vstest#15465
• Review simplify compatibility sources, deduplicate tests by @​nohwnd in Review simplify compatibility sources, deduplicate tests microsoft/vstest#15472
• Cleanup dead TRX code by @​Youssef1313 in Cleanup dead TRX code microsoft/vstest#15474
• Update .NET runtimes to 8.0.25, 9.0.14, and 10.0.4 by @​nohwnd in Update .NET runtimes to 8.0.25, 9.0.14, and 10.0.4 microsoft/vstest#15481
• Compat matrix checker by @​nohwnd in Compat matrix checker microsoft/vstest#15480
• Add trx analysis skill by @​nohwnd in Add trx analysis skill microsoft/vstest#15486
• Split integration tests to single tfm and multi tfm project by @​nohwnd in Split integration tests to single tfm and multi tfm project microsoft/vstest#15484
• Update matrix by @​nohwnd in Update matrix microsoft/vstest#15477
• Break infinite restore loop in VS by @​nohwnd in Break infinite restore loop in VS microsoft/vstest#15503
• Use global package cache for build, and local for running integration tests by @​nohwnd in Use global package cache for build, and local for running integration tests microsoft/vstest#15500
• Update contributing by @​nohwnd in Update contributing microsoft/vstest#15505
• Reduce test wall-clock time by increasing minThreads by @​drognanar in Reduce test wall-clock time by increasing minThreads microsoft/vstest#15502
• Indicator flakiness by @​nohwnd in Indicator flakiness microsoft/vstest#15513
• Fix ci build by @​nohwnd in Fix ci build microsoft/vstest#15515
• Fix thread safety issues by @​Evangelink in Fix thread safety issues microsoft/vstest#15512
• Optimize DotnetSDKSimulation_PostProcessing test (163s → 61s) by @​nohwnd in Optimize DotnetSDKSimulation_PostProcessing test (163s → 61s) microsoft/vstest#15516
• Build isolated test assets for single TFM instead of 7 by @​nohwnd in Build isolated test assets for single TFM instead of 7 microsoft/vstest#15517
• Remove unused dependencies from Library.IntegrationTests by @​nohwnd in Remove unused dependencies from Library.IntegrationTests microsoft/vstest#15527
• Remove printing _attachments content to console by @​nohwnd in Remove printing _attachments content to console microsoft/vstest#15520
• Add Linux/macOS test filtering guide to CONTRIBUTING.md by @​nohwnd in Add Linux/macOS test filtering guide to CONTRIBUTING.md microsoft/vstest#15521
• Change integration test parallelization from ClassLevel to MethodLevel by @​nohwnd in Change integration test parallelization from ClassLevel to MethodLevel microsoft/vstest#15526
• Unify target framework checks with IsNetFrameworkTarget/IsNetTarget by @​nohwnd in Unify target framework checks with IsNetFrameworkTarget/IsNetTarget microsoft/vstest#15523
• Add unattended work instructions to copilot-instructions.md by @​nohwnd in Add unattended work instructions to copilot-instructions.md microsoft/vstest#15531
• Reduce code style rule severity from warning to suggestion by @​nohwnd in Reduce code style rule severity from warning to suggestion microsoft/vstest#15522
• Remove Debug/Release line number branching from tests by @​nohwnd in Remove Debug/Release line number branching from tests microsoft/vstest#15519
• Revise unattended work instructions in copilot-instructions.md by @​nohwnd in Revise unattended work instructions in copilot-instructions.md microsoft/vstest#15532
• Improve CompatibilityRowsBuilder error message with diagnostic details by @​nohwnd in Improve CompatibilityRowsBuilder error message with diagnostic details microsoft/vstest#15529
• docs: add git worktree and upstream sync workflow to copilot-instructions.md by @​nohwnd in docs: add git worktree and upstream sync workflow to copilot-instructions.md microsoft/vstest#15538
• Add VSIX runner to smoke tests by @​nohwnd in Add VSIX runner to smoke tests microsoft/vstest#15541
• Remove deprecated WebTest and TMI test methods by @​nohwnd in Remove deprecated WebTest and TMI test methods microsoft/vstest#15525
• Fix compatibility test failures for legacy vstest.console and MSTest adapter by @​nohwnd in Fix compatibility test failures for legacy vstest.console and MSTest adapter microsoft/vstest#15534
• Convert TestPlatform.sln to slnx format by @​nohwnd in Convert TestPlatform.sln to slnx format microsoft/vstest#15551
• Convert test/TestAssets .sln files to .slnx format by @​nohwnd in Convert test/TestAssets .sln files to .slnx format microsoft/vstest#15557
  ... (truncated)

Commits viewable in compare view.

Updated PdfPig from 0.1.14 to 0.1.15.

Release notes

Sourced from PdfPig's releases.

0.1.15

What's Changed

• Bump version to 0.1.15 by @​github-actions[bot] in Bump version to 0.1.15 UglyToad/PdfPig#1272
• remove draft release from build by @​EliotJones in remove draft release from build UglyToad/PdfPig#1273
• Expose StackDepthGuard via ISeekableTokenScanner so DirectObjectFinder.Get can enforce the nesting depth limit when resolving indirect references and fix #​1274 by @​BobLd in Expose StackDepthGuard via ISeekableTokenScanner so DirectObjectFinder.Get can enforce the nesting depth limit when resolving indirect references and fix #1274 UglyToad/PdfPig#1276
• Support netstandard2.1 by @​PsykerUdot in Support netstandard2.1 UglyToad/PdfPig#1283
• Properly handle uncoloured tiling patterns color space, removed redundant code and streamlined the handling of alternate and base color spaces by @​BobLd in Properly handle uncoloured tiling patterns color space, removed redundant code and streamlined the handling of alternate and base color spaces UglyToad/PdfPig#1288
• Allow overriding BeginText and EndText methods in IOperationContext and BaseStreamProcessor by @​BobLd in Allow overriding BeginText and EndText methods in IOperationContext and BaseStreamProcessor UglyToad/PdfPig#1294
• Handle Type 3 font char procs by @​BobLd in Handle Type 3 font char procs UglyToad/PdfPig#1295
• adding support to tif images by @​username77 in adding support to tif images UglyToad/PdfPig#1227
• Make ProcessOperations virtual and ensure state is properly restored in ProcessFormXObject by @​BobLd in Make ProcessOperations virtual and ensure state is properly restored in ProcessFormXObject UglyToad/PdfPig#1296
• Xref table expose by @​vafle228 in Xref table expose UglyToad/PdfPig#1292
• Fix TextSequence over-increment on TJ (#​1241 follow-up) by @​simonedd in Fix TextSequence over-increment on TJ (#1241 follow-up) UglyToad/PdfPig#1298
• Add span methods to PdfFunction, Shading and ColorSpaceDetails by @​BobLd in Add span methods to PdfFunction, Shading and ColorSpaceDetails  UglyToad/PdfPig#1301
• Improve Type 3 font bounding boxes by @​BobLd in Improve Type 3 font bounding boxes UglyToad/PdfPig#1299
• Issues/1300 by @​BobLd in Issues/1300 UglyToad/PdfPig#1303
• Properly handle decode values in images by @​BobLd in Properly handle decode values in images UglyToad/PdfPig#1304
• Fix font width array parsing when entries are indirect object references by @​VarunSaiTeja in Fix font width array parsing when entries are indirect object references UglyToad/PdfPig#1307
• Fix encrypted PDF string decryption when ciphertext starts with BOM bytes by @​VarunSaiTeja in Fix encrypted PDF string decryption when ciphertext starts with BOM bytes UglyToad/PdfPig#1306
• make TokenScanner public through Structure to iterate indirect objects by @​jeske in make TokenScanner public through Structure to iterate indirect objects UglyToad/PdfPig#1308
• Add and use PdfDocumentStackDepthException in StackDepthGuard to avoid conflict with PdfDocumentFormatException handling by @​BobLd in Add and use PdfDocumentStackDepthException in StackDepthGuard to avoid conflict with PdfDocumentFormatException handling UglyToad/PdfPig#1310
• Support opening PDFs larger than 2 GiB by @​OrganizationUsername in Support opening PDFs larger than 2 GiB UglyToad/PdfPig#1293
• Fix TrueTypeSimpleFont missing width and fix #​1300 by @​BobLd in Fix TrueTypeSimpleFont missing width and fix #1300 UglyToad/PdfPig#1311
• Add ParsingOptions.UseActualText to use marked-content ActualText when extracting text by @​BobLd in Add ParsingOptions.UseActualText to use marked-content ActualText when extracting text UglyToad/PdfPig#1312
• Handle duplicate codes in malformed CMaps by @​BobLd in Handle duplicate codes in malformed CMaps UglyToad/PdfPig#1313
• Invert top / bottom for type 3 font bounding boxes and add tests. Confirm #​1164 is fixed by @​BobLd in Invert top / bottom for type 3 font bounding boxes and add tests. Confirm #1164 is fixed UglyToad/PdfPig#1315
• Use CIDFont glyph displacement in Type0Font and fix #​1176 by @​BobLd in Use CIDFont glyph displacement in Type0Font and fix #1176 UglyToad/PdfPig#1316
• Ensure no infinite recursion in ReadCompositeGlyph and fix #​1237 by @​BobLd in Ensure no infinite recursion in ReadCompositeGlyph and fix #1237 UglyToad/PdfPig#1317
• Fix cid cff font character name by @​BobLd in Fix cid cff font character name UglyToad/PdfPig#1318
• Better handle duplicate codes in malformed CMaps by @​BobLd in Better handle duplicate codes in malformed CMaps UglyToad/PdfPig#1319
• Fix garbled CIDFontType0 glyph paths with OpenType/CFF programs and fix #​1320 by @​BobLd in Fix garbled CIDFontType0 glyph paths with OpenType/CFF programs and fix #1320 UglyToad/PdfPig#1321
• Fix regression for 'Fix cid cff font character name' by @​BobLd in Fix regression for 'Fix cid cff font character name' UglyToad/PdfPig#1322
• Remove UglyToad.PdfPig.Rendering by @​BobLd in Remove UglyToad.PdfPig.Rendering UglyToad/PdfPig#1323
• Fix Tpe 0 font spacing and address #​1320 by @​BobLd in Fix Tpe 0 font spacing and address #1320 UglyToad/PdfPig#1324
• Fix type 0 and 2 CID fonts default width and vertical displacement by @​BobLd in Fix type 0 and 2 CID fonts default width and vertical displacement UglyToad/PdfPig#1325
• Port missing annotation's actions by @​BobLd in Port missing annotation's actions UglyToad/PdfPig#1326
• Fix image bytes being truncated because wrong 'EI' flag being picked up by @​BobLd in Fix image bytes being truncated because wrong 'EI' flag being picked up UglyToad/PdfPig#1329
• Add % as token separator in PlainTokenizer and fix #​1332 by @​BobLd in Add % as token separator in PlainTokenizer and fix #1332 UglyToad/PdfPig#1333
• Add CoreTokenScanner.ClearPreReadByte() and further fix #​1332 by @​BobLd in Add CoreTokenScanner.ClearPreReadByte() and further fix #1332 UglyToad/PdfPig#1334
• Process rendering intent 'RI' in SetNamedGraphicsState() by @​BobLd in Process rendering intent 'RI' in SetNamedGraphicsState() UglyToad/PdfPig#1336
• Support default colour spaces by @​BobLd in Support default colour spaces UglyToad/PdfPig#1337
• Allow PlainTokenizer to break tokens on digits, only when parsing CMap and fix #​1331 by @​BobLd in Allow PlainTokenizer to break tokens on digits, only when parsing CMap and fix #1331 UglyToad/PdfPig#1338
• Correct MediaBox and CropBox sizes and fix #​1330 by @​BobLd in Correct MediaBox and CropBox sizes and fix #1330 UglyToad/PdfPig#1340
• Update DebugType to portable to fix issue when publishing NuGet by @​BobLd in Update DebugType to portable to fix issue when publishing NuGet UglyToad/PdfPig#1342

New Contributors

• @​github-actions[bot] made their first contribution in Bump version to 0.1.15 UglyToad/PdfPig#1272
• @​username77 made their first contribution in adding support to tif images UglyToad/PdfPig#1227
• @​vafle228 made their first contribution in Xref table expose UglyToad/PdfPig#1292
• @​VarunSaiTeja made their first contribution in Fix font width array parsing when entries are indirect object references UglyToad/PdfPig#1307
• @​jeske made their first contribution in make TokenScanner public through Structure to iterate indirect objects UglyToad/PdfPig#1308
  ... (truncated)

Commits viewable in compare view.

Updated QuestPDF from 2026.5.0 to 2026.6.1.

Release notes

Sourced from QuestPDF's releases.

2026.6.1

• Updated the Skia native dependency to M150.
• Improved text rendering stability when handling an excessive number of whitespace characters.
• Improved the failure message shown when the library runs on an unsupported platform (e.g., Android, iOS, or WASM).
• Improved platform compatibility checks and introduced more advanced fallback mechanisms.
• Improved diagnostics for missing font glyph exceptions.
• Improved PDF output consistency of section links by avoiding name escaping and removing unnecessary documentId prefix.
• Made the Image.Size property public.

2026.6.0

• Substantially revised the QuestPDF legal documents to better support enterprise procurement and compliance requirements and to define usage terms more clearly.
• Introduced native support for Windows ARM64 (win-arm64) environments.
• Improved compatibility with older Linux distributions (glibc 2.28 and newer).
• Reduced the NuGet package size by optimizing native dependencies.
• Renamed the TranslateX / TranslateY methods to OffsetX / OffsetY to improve discoverability.
• SVG rendering improvements:
  • Prevented zero-width strokes from being rendered as hairlines, aligning behavior with the SVG specification.
  • Added support for embedded Base64 images that use the modern href attribute instead of xlink:href.
  • Added support for the #RGBA and #RRGGBBAA color formats.
  • Added support for the transparent named color.
• Fixed PDF bookmark titles so they include only text from the associated paragraph, excluding the alternative text of images.
• Fixed SectionLink behaving incorrectly when target Section is placed in page header.
• Updated the Skia native dependency to version m149.
• Updated the qpdf native dependency to version 12.3.2.
• Modernized the build system for native dependencies, including how QuestPDF-specific patches are applied.
• Updated all GitHub Actions workflows to use standard runners, reducing costs and making it easier for everyone to contribute to the project.

Commits viewable in compare view.

Updated Sentry.AspNetCore from 6.5.0 to 6.6.0.

Release notes

Sourced from Sentry.AspNetCore's releases.

6.6.0

Features ✨

• feat: propagate trace to sentry-android and sentry-cocoa by @​bitsandfoxes in #​5244
• feat: User.Id can now be overriden (set to null) in Global mode by @​jamescrosswell in #​5039
• feat: Implement strict trace continuation by @​giortzisg in #​4981

Fixes 🐛

• fix: return early from AddSentryOtlpExporter when DSN is the disable-SDK sentinel by @​jamescrosswell in #​5247
• fix: sync default tags to native layer by @​bitsandfoxes in #​5214

Dependencies ⬆️

Deps

• chore(deps): update Cocoa SDK to v9.14.0 by @​github-actions[bot] in #​5252
• chore(deps): update Java SDK to v8.42.0 by @​github-actions[bot] in #​5208

Other

• release: 6.6.0 by @​jamescrosswell in 0140be0a
• chore: update scripts/update-cli.ps1 to 3.4.3 by @​github-actions[bot] in #​5251
• ci: update the Update Dependencies workflow by @​Flash0ver in #​5175
• chore: update modules/sentry-native to 0.14.2 by @​github-actions[bot] in #​5229
• chore: update modules/sentry-cocoa to 9.13.0 by @​github-actions[bot] in #​5221
• chore: update scripts/update-cli.ps1 to 3.4.2 by @​github-actions[bot] in #​5220
• chore: update modules/sentry-cocoa to 9.12.1 by @​github-actions[bot] in #​5207

Commits viewable in compare view.

Updated Sentry.Serilog from 6.5.0 to 6.6.0.

Release notes

Sourced from Sentry.Serilog's releases.

6.6.0

Features ✨

• feat: propagate trace to sentry-android and sentry-cocoa by @​bitsandfoxes in #​5244
• feat: User.Id can now be overriden (set to null) in Global mode by @​jamescrosswell in #​5039
• feat: Implement strict trace continuation by @​giortzisg in #​4981

Fixes 🐛

• fix: return early from AddSentryOtlpExporter when DSN is the disable-SDK sentinel by @​jamescrosswell in #​5247
• fix: sync default tags to native layer by @​bitsandfoxes in #​5214

Dependencies ⬆️

Deps

• chore(deps): update Cocoa SDK to v9.14.0 by @​github-actions[bot] in #​5252
• chore(deps): update Java SDK to v8.42.0 by @​github-actions[bot] in #​5208

Other

• release: 6.6.0 by @​jamescrosswell in 0140be0a
• chore: update scripts/update-cli.ps1 to 3.4.3 by @​github-actions[bot] in #​5251
• ci: update the Update Dependencies workflow by @​Flash0ver in #​5175
• chore: update modules/sentry-native to 0.14.2 by @​github-actions[bot] in #​5229
• chore: update modules/sentry-cocoa to 9.13.0 by @​github-actions[bot] in #​5221
• chore: update scripts/update-cli.ps1 to 3.4.2 by @​github-actions[bot] in #​5220
• chore: update modules/sentry-cocoa to 9.12.1 by @​github-actions[bot] in #​5207

Commits viewable in compare view.

Updated Swashbuckle.AspNetCore from 10.1.7 to 10.2.3.

Release notes

Sourced from Swashbuckle.AspNetCore's releases.

10.2.3

What's Changed

• Bump swagger-ui-dist to 5.32.7 by @​dependabot in Bump swagger-ui-dist from 5.32.6 to 5.32.7 in /src/Swashbuckle.AspNetCore.SwaggerUI domaindrivendev/Swashbuckle.AspNetCore#4015

Full Changelog: domaindrivendev/Swashbuckle.AspNetCore@v10.2.2...v10.2.3

10.2.2

What's Changed

• Update NuGet packages by @​martincostello in Update NuGet packages domaindrivendev/Swashbuckle.AspNetCore#3990
• Set SOURCE_DATE_EPOCH by @​martincostello in Set SOURCE_DATE_EPOCH domaindrivendev/Swashbuckle.AspNetCore#3997
• Fix InvalidOperationException if no route matches by @​martincostello in Fix InvalidOperationException if no route matches domaindrivendev/Swashbuckle.AspNetCore#3999
• Fix empty parameter example not generated by @​dldl-cmd in Fix empty parameter example not generated domaindrivendev/Swashbuckle.AspNetCore#3932
• Map [MinLength]/[MaxLength] on dictionary properties to minProperties/maxProperties by @​KitKeen in Map [MinLength]/[MaxLength] on dictionary properties to minProperties / maxProperties domaindrivendev/Swashbuckle.AspNetCore#3922
• Fix conflicting required+nullable schema when only NonNullableReferen… by @​KitKeen in Fix conflicting required+nullable schema when only NonNullableReferen… domaindrivendev/Swashbuckle.AspNetCore#3912
• Fix ExposeSwaggerDocumentUrlsRoute behaviour by @​martincostello in Fix ExposeSwaggerDocumentUrlsRoute behaviour domaindrivendev/Swashbuckle.AspNetCore#4000
• Use NUGET_API_KEY by @​martincostello in Use NUGET_API_KEY domaindrivendev/Swashbuckle.AspNetCore#4006

New Contributors

• @​KitKeen made their first contribution in Map [MinLength]/[MaxLength] on dictionary properties to minProperties / maxProperties domaindrivendev/Swashbuckle.AspNetCore#3922

Full Changelog: domaindrivendev/Swashbuckle.AspNetCore@v10.2.1...v10.2.2

10.2.1

What's Changed

• Update Microsoft.OpenApi to 2.7.5 to pick up fix for GHSA-v5pm-xwqc-g5wc by @​martincostello in Update Microsoft.OpenApi to 2.7.5 domaindrivendev/Swashbuckle.AspNetCore#3974

Full Changelog: domaindrivendev/Swashbuckle.AspNetCore@v10.2.0...v10.2.1

10.2.0

What's Changed

• Add MapSwaggerUI and MapReDoc to support endpoint routing by @​Strepto in Add MapSwaggerUI and MapReDoc to support endpoint routing domaindrivendev/Swashbuckle.AspNetCore#3822
• Bump version to 10.2.0 by @​martincostello in Bump version to 10.2.0 domaindrivendev/Swashbuckle.AspNetCore#3872
• Bump swagger-ui-dist from 5.32.1 to 5.32.2 by @​dependabot in Bump swagger-ui-dist from 5.32.1 to 5.32.2 in /src/Swashbuckle.AspNetCore.SwaggerUI domaindrivendev/Swashbuckle.AspNetCore#3883
• Support HEAD requests by @​snebjorn in Support HEAD requests domaindrivendev/Swashbuckle.AspNetCore#3887
• Use IAsyncSwaggerProvider in CLI tofile command by @​bt-Knodel in Use IAsyncSwaggerProvider in CLI tofile command domaindrivendev/Swashbuckle.AspNetCore#3910
• Pin runner images by @​martincostello in Pin runner images domaindrivendev/Swashbuckle.AspNetCore#3944
• Disable npm install scripts by @​martincostello in Disable npm install scripts domaindrivendev/Swashbuckle.AspNetCore#3946
• Bump redoc from 2.5.2 to 2.5.3 by @​dependabot in Bump redoc from 2.5.2 to 2.5.3 in /src/Swashbuckle.AspNetCore.ReDoc domaindrivendev/Swashbuckle.AspNetCore#3967

New Contributors

• @​Strepto made their first contribution in Add MapSwaggerUI and MapReDoc to support endpoint routing domaindrivendev/Swashbuckle.AspNetCore#3822
• @​snebjorn made their first contribution in Support HEAD requests domaindrivendev/Swashbuckle.AspNetCore#3887
• @​bt-Knodel made their first contribution in Use IAsyncSwaggerProvider in CLI tofile command domaindrivendev/Swashbuckle.AspNetCore#3910

Full Changelog: domaindrivendev/Swashbuckle.AspNetCore@v10.1.7...v10.2.0

Commits viewable in compare view.

Updated System.IdentityModel.Tokens.Jwt from 8.18.0 to 8.19.1.

Release notes

Sourced from System.IdentityModel.Tokens.Jwt's releases.

8.19.1

Bug Fixes

• Update JwtSecurityTokenHandler for IssuerSigningKeyResolverUsingConfiguration to take priority over IssuerSigningKeyResolver, matching the documented contract and the correct behavior already present in JsonWebTokenHandler. See PR #​3519.

8.19.0

New Features

• Add ML-DSA (FIPS 204) post-quantum signature support. See PR #​3479.
• Cache custom crypto providers in CryptoProviderFactory. See PR #​3489.

Bug Fixes

• Disable automatic redirects on default HttpClient for JKU retrieval. See PR #​3494.
• Adjust rented buffer handling in claim set parsing. See PR #​3493.
• Tidy null handling in SAML conditions validation. See PR #​3491.
• Improve validation of jku claim. See PR #​3481.
• Limit telemetry algorithm dimension cardinality. See PR #​3490.
• Add defensive copy of collections in ValidationParameters. See PR #​3492.
• Update TokenValidationParameter copy constructor to make a deep copy. See PR #​3488.
• Update to fail-closed when replay protection isn't configured and other DPoP hardening. See PR #​3505.
• Apply RFC 3986 section 6.2.2 normalization to DPoP htu comparison. See PR #​3509.

Commits viewable in compare view.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions