Bump the all-nuget group with 21 updates#67
Open
dependabot[bot] wants to merge 1 commit into
Open
Conversation
Bumps JsonSchema.Net from 9.2.1 to 9.2.2 Bumps Microsoft.AspNetCore.Mvc.Testing from 8.0.27 to 8.0.28 Bumps Microsoft.Extensions.Configuration from 10.0.8 to 10.0.9 Bumps Microsoft.Extensions.Configuration.Abstractions from 10.0.8 to 10.0.9 Bumps Microsoft.Extensions.Configuration.CommandLine from 10.0.8 to 10.0.9 Bumps Microsoft.Extensions.Configuration.Json from 10.0.8 to 10.0.9 Bumps Microsoft.Extensions.DependencyInjection from 10.0.8 to 10.0.9 Bumps Microsoft.Extensions.DependencyInjection.Abstractions from 10.0.8 to 10.0.9 Bumps Microsoft.Extensions.Hosting from 10.0.8 to 10.0.9 Bumps Microsoft.Extensions.Http from 10.0.8 to 10.0.9 Bumps Microsoft.Extensions.Logging from 10.0.8 to 10.0.9 Bumps Microsoft.Extensions.Logging.Abstractions from 10.0.8 to 10.0.9 Bumps Microsoft.Extensions.Options.ConfigurationExtensions from 10.0.8 to 10.0.9 Bumps Microsoft.Identity.Client from 4.84.0 to 4.85.2 Bumps Microsoft.NET.Test.Sdk from 18.5.1 to 18.7.0 Bumps ModelContextProtocol from 1.3.0 to 1.4.0 Bumps ModelContextProtocol.Core from 1.3.0 to 1.4.0 Bumps System.CommandLine from 2.0.8 to 2.0.9 Bumps System.Text.Json from 10.0.8 to 10.0.9 Bumps Testcontainers from 4.11.0 to 4.12.0 Bumps WireMock.Net from 2.6.0 to 2.11.0 --- updated-dependencies: - dependency-name: JsonSchema.Net dependency-version: 9.2.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-nuget - dependency-name: Microsoft.AspNetCore.Mvc.Testing dependency-version: 8.0.28 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-nuget - dependency-name: Microsoft.Extensions.Configuration dependency-version: 10.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-nuget - dependency-name: Microsoft.Extensions.Configuration.Abstractions dependency-version: 10.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-nuget - dependency-name: Microsoft.Extensions.Configuration.CommandLine dependency-version: 10.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-nuget - dependency-name: Microsoft.Extensions.Configuration.Json dependency-version: 10.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-nuget - dependency-name: Microsoft.Extensions.DependencyInjection dependency-version: 10.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-nuget - dependency-name: Microsoft.Extensions.DependencyInjection.Abstractions dependency-version: 10.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-nuget - dependency-name: Microsoft.Extensions.Hosting dependency-version: 10.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-nuget - dependency-name: Microsoft.Extensions.Http dependency-version: 10.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-nuget - dependency-name: Microsoft.Extensions.Logging dependency-version: 10.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-nuget - dependency-name: Microsoft.Extensions.Logging dependency-version: 10.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-nuget - dependency-name: Microsoft.Extensions.Logging.Abstractions dependency-version: 10.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-nuget - dependency-name: Microsoft.Extensions.Options.ConfigurationExtensions dependency-version: 10.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-nuget - dependency-name: Microsoft.Identity.Client dependency-version: 4.85.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-nuget - dependency-name: Microsoft.NET.Test.Sdk dependency-version: 18.7.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-nuget - dependency-name: ModelContextProtocol dependency-version: 1.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-nuget - dependency-name: ModelContextProtocol.Core dependency-version: 1.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-nuget - dependency-name: System.CommandLine dependency-version: 2.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-nuget - dependency-name: System.Text.Json dependency-version: 10.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-nuget - dependency-name: Testcontainers dependency-version: 4.12.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-nuget - dependency-name: WireMock.Net dependency-version: 2.11.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-nuget ... Signed-off-by: dependabot[bot] <support@github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Updated JsonSchema.Net from 9.2.1 to 9.2.2.
Release notes
Sourced from JsonSchema.Net's releases.
No release notes found for this version range.
Commits viewable in compare view.
Updated Microsoft.AspNetCore.Mvc.Testing from 8.0.27 to 8.0.28.
Release notes
Sourced from Microsoft.AspNetCore.Mvc.Testing's releases.
8.0.28
Release
What's Changed
Full Changelog: dotnet/aspnetcore@v8.0.27...v8.0.28
Commits viewable in compare view.
Updated Microsoft.Extensions.Configuration from 10.0.8 to 10.0.9.
Release notes
Sourced from Microsoft.Extensions.Configuration's releases.
No release notes found for this version range.
Commits viewable in compare view.
Updated Microsoft.Extensions.Configuration.Abstractions from 10.0.8 to 10.0.9.
Release notes
Sourced from Microsoft.Extensions.Configuration.Abstractions's releases.
No release notes found for this version range.
Commits viewable in compare view.
Updated Microsoft.Extensions.Configuration.CommandLine from 10.0.8 to 10.0.9.
Release notes
Sourced from Microsoft.Extensions.Configuration.CommandLine's releases.
No release notes found for this version range.
Commits viewable in compare view.
Updated Microsoft.Extensions.Configuration.Json from 10.0.8 to 10.0.9.
Release notes
Sourced from Microsoft.Extensions.Configuration.Json's releases.
No release notes found for this version range.
Commits viewable in compare view.
Updated Microsoft.Extensions.DependencyInjection from 10.0.8 to 10.0.9.
Release notes
Sourced from Microsoft.Extensions.DependencyInjection's releases.
No release notes found for this version range.
Commits viewable in compare view.
Updated Microsoft.Extensions.DependencyInjection.Abstractions from 10.0.8 to 10.0.9.
Release notes
Sourced from Microsoft.Extensions.DependencyInjection.Abstractions's releases.
No release notes found for this version range.
Commits viewable in compare view.
Updated Microsoft.Extensions.Hosting from 10.0.8 to 10.0.9.
Release notes
Sourced from Microsoft.Extensions.Hosting's releases.
No release notes found for this version range.
Commits viewable in compare view.
Updated Microsoft.Extensions.Http from 10.0.8 to 10.0.9.
Release notes
Sourced from Microsoft.Extensions.Http's releases.
No release notes found for this version range.
Commits viewable in compare view.
Updated Microsoft.Extensions.Logging from 10.0.8 to 10.0.9.
Release notes
Sourced from Microsoft.Extensions.Logging's releases.
No release notes found for this version range.
Commits viewable in compare view.
Updated Microsoft.Extensions.Logging.Abstractions from 10.0.8 to 10.0.9.
Release notes
Sourced from Microsoft.Extensions.Logging.Abstractions's releases.
No release notes found for this version range.
Commits viewable in compare view.
Updated Microsoft.Extensions.Options.ConfigurationExtensions from 10.0.8 to 10.0.9.
Release notes
Sourced from Microsoft.Extensions.Options.ConfigurationExtensions's releases.
No release notes found for this version range.
Commits viewable in compare view.
Updated Microsoft.Identity.Client from 4.84.0 to 4.85.2.
Release notes
Sourced from Microsoft.Identity.Client's releases.
4.85.2
What's Changed
Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@4.85.1...4.85.2
4.85.1
What's Changed
Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@4.85.0...4.85.1
4.85.0
What's Changed
New Contributors
Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@4.84.2...4.85.0
4.84.2
New Features
ManagedIdentityApplication.GetManagedIdentityCapabilitiesAsync(CancellationToken)returning aManagedIdentityCapabilitiesobject that reports the detected managed identitySource, the host'sMaxSupportedBindingStrength(newMtlsBindingStrengthenum:None,Software,KeyGuard), and a derivedIsMtlsPopSupportedByHost. ReplacesGetManagedIdentitySourceAsync()/ManagedIdentitySourceResult. The publicManagedIdentitySource.ImdsV2value is folded intoImds(v1/v2 routing remains internal). #6049user_fic) flow viaAcquireTokenByUserFederatedIdentityCredential(scopes, Guid userObjectId, assertion). #6050WithClaimsFromClient(claimsJson)to forward client-originated claims across managed identity and confidential client flows. #5999WithCertificate(() => x509)(dynamic certificate credential). #5957Changes
CertificateOptions.SendCertificateOverMtls) to the OBO, refresh-token, and authorization-code flows. #6009Microsoft.Identity.Client.KeyAttestationpackage. #6038GetTenantedAuthorityinCiamAuthorityandDstsAuthority. #6001Bug Fixes
WithExtraQueryParametersonManagedIdentityApplicationBuilderbypassing token caching. #6035KnownInstanceMetadataIsUpToDateAsync. #60484.84.1
What's Changed
New Features
Changes
Bug Fixes
Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@6ff7075...main (AzureAD/microsoft-authentication-library-for-dotnet@6ff7075...main)
Commits viewable in compare view.
Updated Microsoft.NET.Test.Sdk from 18.5.1 to 18.7.0.
Release notes
Sourced from Microsoft.NET.Test.Sdk's releases.
18.7.0
What's Changed
New Contributors
Full Changelog: microsoft/vstest@v18.6.0...v18.7.0
18.6.0
What's Changed
Changes to tests and infra
... (truncated)
Commits viewable in compare view.
Updated ModelContextProtocol from 1.3.0 to 1.4.0.
Release notes
Sourced from ModelContextProtocol's releases.
1.4.0
v1.4.0 introduces support for the Identity Assertion Authorization Grant (ID-JAG) flow via the new
IdentityAssertionGrantProvider, enabling enterprise SSO scenarios where users authenticate once via their enterprise Identity Provider and access MCP servers without per-server authorization prompts. The release also adds a newInheritEnvironmentVariablesoption onStdioClientTransportOptionsfor controlling the child server's environment, alongside two security hardening fixes: the stdio client transport no longer enumerates child-process environment variables in Trace logs, andDELETEon a Streamable HTTP session now requires the same authenticated user that initiated the session.What's Changed
InheritEnvironmentVariablestoStdioClientTransportOptions#1563 by @halter73 (co-authored by @Copilot)HandleDeleteRequestAsyncnow mirrors theHasSameUserIdcheck already enforced on GET and POST. ADELETEwith a validMcp-Session-Idbut a different authenticated user now returns403 Forbiddeninstead of terminating the session — defense-in-depth against a leaked session ID being used to DoS the original owner.IdentityAssertionGrantProviderand supporting option/response types inModelContextProtocol.Authenticationimplementing the Identity Assertion Authorization Grant flow: RFC 8693 token exchange at the enterprise IdP (ID Token → JWT Authorization Grant) followed by RFC 7523 JWT bearer grant at the MCP authorization server (JAG → access token). See the new Cross-Application Access section in the transport docs for full usage details.Documentation Updates
Repository Infrastructure Updates
Acknowledgements
Full Changelog: modelcontextprotocol/csharp-sdk@v1.3.0...v1.4.0
Commits viewable in compare view.
Updated ModelContextProtocol.Core from 1.3.0 to 1.4.0.
Release notes
Sourced from ModelContextProtocol.Core's releases.
1.4.0
v1.4.0 introduces support for the Identity Assertion Authorization Grant (ID-JAG) flow via the new
IdentityAssertionGrantProvider, enabling enterprise SSO scenarios where users authenticate once via their enterprise Identity Provider and access MCP servers without per-server authorization prompts. The release also adds a newInheritEnvironmentVariablesoption onStdioClientTransportOptionsfor controlling the child server's environment, alongside two security hardening fixes: the stdio client transport no longer enumerates child-process environment variables in Trace logs, andDELETEon a Streamable HTTP session now requires the same authenticated user that initiated the session.What's Changed
InheritEnvironmentVariablestoStdioClientTransportOptions#1563 by @halter73 (co-authored by @Copilot)HandleDeleteRequestAsyncnow mirrors theHasSameUserIdcheck already enforced on GET and POST. ADELETEwith a validMcp-Session-Idbut a different authenticated user now returns403 Forbiddeninstead of terminating the session — defense-in-depth against a leaked session ID being used to DoS the original owner.IdentityAssertionGrantProviderand supporting option/response types inModelContextProtocol.Authenticationimplementing the Identity Assertion Authorization Grant flow: RFC 8693 token exchange at the enterprise IdP (ID Token → JWT Authorization Grant) followed by RFC 7523 JWT bearer grant at the MCP authorization server (JAG → access token). See the new Cross-Application Access section in the transport docs for full usage details.Documentation Updates
Repository Infrastructure Updates
Acknowledgements
Full Changelog: modelcontextprotocol/csharp-sdk@v1.3.0...v1.4.0
Commits viewable in compare view.
Updated System.CommandLine from 2.0.8 to 2.0.9.
Release notes
Sourced from System.CommandLine's releases.
No release notes found for this version range.
Commits viewable in compare view.
Updated System.Text.Json from 10.0.8 to 10.0.9.
Release notes
Sourced from System.Text.Json's releases.
No release notes found for this version range.
Commits viewable in compare view.
Updated Testcontainers from 4.11.0 to 4.12.0.
Release notes
Sourced from Testcontainers's releases.
4.12.0
What's Changed
Thanks to all contributors 👏.
The NuGet packages for this release have been attested for supply chain security using
actions/attest. This confirms the integrity and provenance of the artifacts and helps ensure they can be trusted: #21198535.🚀 Features
🐛 Bug Fixes
📖 Documentation
🧹 Housekeeping
📦 Dependency Updates
Commits viewable in compare view.
Updated WireMock.Net from 2.6.0 to 2.11.0.
Release notes
Sourced from WireMock.Net's releases.
2.10.0
What's Changed
Full Changelog: wiremock/WireMock.Net@2.9.0...2.10.0
2.9.0
What's Changed
Full Changelog: wiremock/WireMock.Net@2.8.0...2.9.0
2.8.0
What's Changed
Full Changelog: wiremock/WireMock.Net@2.7.0...2.8.0
2.7.0
What's Changed
New Contributors
Full Changelog: wiremock/WireMock.Net@2.6.0...2.7.0
Commits viewable in compare view.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions