Skip to content

[release/10.0] Bump Microsoft.Identity.Web from 4.9.0 to 4.10.0#9448

Merged
wiktork merged 1 commit into
release/10.0from
dependabot/nuget/eng/dependabot/independent/release/10.0/identity-dependencies-a2c007eb74
Jun 2, 2026
Merged

[release/10.0] Bump Microsoft.Identity.Web from 4.9.0 to 4.10.0#9448
wiktork merged 1 commit into
release/10.0from
dependabot/nuget/eng/dependabot/independent/release/10.0/identity-dependencies-a2c007eb74

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 25, 2026
edited
Loading

Updated Microsoft.Identity.Web from 4.9.0 to 4.10.0.

Release notes

Sourced from Microsoft.Identity.Web's releases.

4.10.0

New features

  • Add WithExtraBodyParameters fluent API for attaching extra body parameters to token acquisition requests. See #​3819.
  • Add IConfidentialClientApplicationProvider extensibility interface and CachePartitionKey support for silent token acquisition. See #​3822.

Bug fixes

  • Redirect URI sanitization in authorization scenarios; centralize redirect URI validation in a shared helper. See #​3825.
  • Reject dSTS-shaped Authority values with a clearer exception, steering users to use Instance + TenantId instead. See #​3805.
  • Improve regex handling and adding length/timeout safeguards for SameSite User Agent. See #​3811.

Behavior changes

  • B2C OpenID Connect event handler: LRU cache for issuer address. Issuer address lookups in the B2C OIDC event handler are now cached with an LRU cache, improving performance for repeated lookups. See #​3821.

Dependencies updates

  • Update MSAL.NET to 4.84.1. See #​3822.
  • Pin Microsoft.Kiota.Abstractions to 1.22.0 for GraphServiceClient. See #​3817.
  • Bump uuid and @​azure/msal-node in SidecarAdapter TypeScript test app. See #​3826.
  • Bump qs in SidecarAdapter TypeScript test app. See #​3829.

Commits viewable in compare view.

@dependabot dependabot Bot added .NET Pull requests that update .net code dependencies Pull requests that update a dependency file labels May 25, 2026
@dependabot dependabot Bot requested a review from a team as a code owner May 25, 2026 22:42
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file .NET Pull requests that update .net code labels May 25, 2026
@dependabot
[release/10.0] Bump Microsoft.Identity.Web from 4.9.0 to 4.10.0
1f09c75 
---
updated-dependencies:
- dependency-name: Microsoft.Identity.Web
  dependency-version: 4.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: identity-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title [release/10.0] Bump the identity-dependencies group with 1 update [release/10.0] Bump Microsoft.Identity.Web from 4.9.0 to 4.10.0 Jun 1, 2026
@dependabot dependabot Bot force-pushed the dependabot/nuget/eng/dependabot/independent/release/10.0/identity-dependencies-a2c007eb74 branch from 2daef88 to 1f09c75 Compare June 1, 2026 16:47
@wiktork
Copy link
Copy Markdown
Member

wiktork commented Jun 1, 2026

/azp run

@azure-pipelines
Copy link
Copy Markdown

azure-pipelines Bot commented Jun 1, 2026

Azure Pipelines successfully started running 1 pipeline(s).

wiktork
wiktork approved these changes Jun 2, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@wiktork wiktork left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approving dependency update - all checks passing.

@wiktork wiktork enabled auto-merge (squash) June 2, 2026 03:10
@wiktork wiktork merged commit 042e89e into release/10.0 Jun 2, 2026
20 checks passed
@wiktork wiktork deleted the dependabot/nuget/eng/dependabot/independent/release/10.0/identity-dependencies-a2c007eb74 branch June 2, 2026 03:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@wiktork wiktork wiktork approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file .NET Pull requests that update .net code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@wiktork