Bump the nuget-minor-patch group with 4 updates

[dependabot]

Updated Microsoft.NET.Test.Sdk from 18.6.0 to 18.7.0.

Release notes

Sourced from Microsoft.NET.Test.Sdk's releases.

18.7.0

What's Changed

• Add ARM64 msdia140.dll support to test platform packages by @​jamesmcroft in Add ARM64 msdia140.dll support to test platform packages microsoft/vstest#15689
• Update System.Memory from 4.5.5 to 4.6.3 by @​nohwnd in Update System.Memory from 4.5.5 to 4.6.3 microsoft/vstest#15706

New Contributors

• @​jamesmcroft made their first contribution in Add ARM64 msdia140.dll support to test platform packages microsoft/vstest#15689

Full Changelog: microsoft/vstest@v18.6.0...v18.7.0

Commits viewable in compare view.

Updated Microsoft.Playwright from 1.60.0 to 1.61.0.

Release notes

Sourced from Microsoft.Playwright's releases.

1.61.0

🔑 WebAuthn passkeys

New Credentials virtual authenticator, available via BrowserContext.Credentials, lets tests register passkeys and answer navigator.credentials.create() / navigator.credentials.get() ceremonies in the page — no real hardware key required, works in all browsers:

var context = await browser.NewContextAsync();

// Seed a passkey your backend provisioned for a test user.
await context.Credentials.CreateAsync("example.com", new()
{
    Id = credentialId,
    UserHandle = userHandle,
    PrivateKey = privateKey,
    PublicKey = publicKey,
});
await context.Credentials.InstallAsync();

var page = await context.NewPageAsync();
await page.GotoAsync("https://example.com/login");
// The page's navigator.credentials.get() is answered with the seeded passkey.

You can also let the app register a passkey once in a setup test, read it back with Credentials.GetAsync(), and seed it into later tests — see Credentials for details.

🗃️ Web Storage

New WebStorage API, available via Page.LocalStorage and Page.SessionStorage, reads and writes the page's storage for the current origin:

await page.LocalStorage.SetItemAsync("token", "abc");
var token = await page.LocalStorage.GetItemAsync("token");
var items = await page.SessionStorage.ItemsAsync();

New APIs

• APIResponse.SecurityDetailsAsync() and APIResponse.ServerAddrAsync() mirror the browser-side Response.SecurityDetailsAsync() and Response.ServerAddrAsync().
• New option ArtifactsDir in BrowserType.ConnectOverCDPAsync() controls where artifacts such as traces and downloads are stored when attached to an existing browser.
• New option Cursor in Screencast.ShowActionsAsync() controls the cursor decoration rendered for pointer actions.
• The OnFrame callback in Screencast.StartAsync() now receives a Timestamp of when the frame was presented by the browser.

🛠️ Other improvements

• Playwright now supports Ubuntu 26.04.
• HAR and trace recordings now include WebSocket requests.

Browser Versions

• Chromium 149.0.7827.55
• Mozilla Firefox 151.0
• WebKit 26.5

This version was also tested against the following stable channels:
... (truncated)

Commits viewable in compare view.

Updated Quartz.Extensions.Hosting from 3.18.1 to 3.18.2.

Release notes

Sourced from Quartz.Extensions.Hosting's releases.

3.18.2

Quartz.NET 3.18.2 is a maintenance release that stabilizes the dashboard introduced in 3.18.0, fixes several scheduling correctness bugs, and speeds up cron next-fire-time computation. It is a drop-in upgrade from earlier 3.18.x releases — no breaking changes and no database schema migrations.

Highlights

• Type-load failures no longer stall the whole scheduler — a trigger or job whose type failed to load could throw inside AcquireNextTrigger and block acquisition of every other trigger. The faulting trigger is now isolated so the rest keep firing. (#​3108)
• "Reschedule next" misfire policies no longer fire immediately — after a misfire, the reschedule-next policies could fire once right away instead of waiting for the next scheduled time. (#​3100)
• Named-scheduler JSON config is honored — schedules defined under the root Quartz configuration section were not loaded for named schedulers. (#​3113)
• Dashboard fixes — authorization policy no longer leaks to host-app endpoints (#​3067); static assets and a custom DashboardPath work under a fail-closed FallbackPolicy, and the Blazor circuit is allowed anonymous access under the same policy (#​3098, #​3120); trigger and calendar JSON deserialization is fixed (#​3102); and JobDataMap and SimpleSchedule trigger details now display correctly (#​3132).
• MySQL FORCE INDEX fix — schema-qualified table prefixes produced a malformed FORCE INDEX hint. (#​3086)
• Faster cron scheduling — cron next-fire-time computation gains a bitmask fast path and avoids needless DateTimeOffset churn in the hot loop. (#​3126, #​3129)
• Smaller enhancements — health-check tags can now be passed to AddQuartzServer (#​3112), and new public helpers make plugin configuration extensible (#​3104).

What's Changed

• Fix dashboard authorization policy leaking to host app endpoints (#​3066) by @​lahma in Fix dashboard authorization policy leaking to host app endpoints (#3066) quartznet/quartznet#3067
• Fix malformed MySQL FORCE INDEX hint with schema-qualified table prefix by @​lahma in Fix malformed MySQL FORCE INDEX hint with schema-qualified table prefix quartznet/quartznet#3086
• Fix dashboard FallbackPolicy asset blocking, honor custom DashboardPath, document Blazor integration (3.x) by @​lahma in Fix dashboard FallbackPolicy asset blocking, honor custom DashboardPath, document Blazor integration (3.x) quartznet/quartznet#3098
• Fix reschedule-next misfire policies firing immediately after misfire (#​3096) by @​lahma in Fix reschedule-next misfire policies firing immediately after misfire (#3096) quartznet/quartznet#3100
• Fix dashboard trigger and calendar JSON deserialization (#​3094) by @​lahma in Fix dashboard trigger and calendar JSON deserialization (#3094) quartznet/quartznet#3102
• Fix type-load exceptions in AcquireNextTrigger blocking all other triggers by @​lahma with @​Copilot in Fix type-load exceptions in AcquireNextTrigger blocking all other triggers quartznet/quartznet#3108
• Fix JSON schedule config not loaded for named schedulers using root Quartz section (#​3106) by @​lahma in Fix JSON schedule config not loaded for named schedulers using root Quartz section (#3106) quartznet/quartznet#3113
• Allow passing health check tags to AddQuartzServer by @​lahma in Allow passing health check tags to AddQuartzServer quartznet/quartznet#3112
• Strip 3.x branch docs to NuGet package READMEs only (#​3116) by @​lahma in Strip 3.x branch docs to NuGet package READMEs only (#3116) quartznet/quartznet#3119
• Allow the dashboard Blazor circuit anonymous access under a fail-closed FallbackPolicy (#​3117) by @​lahma in Allow the dashboard Blazor circuit anonymous access under a fail-closed FallbackPolicy (#3117) quartznet/quartznet#3120
• Add public plugin configuration extensibility helpers (3.x) by @​lahma in Add public plugin configuration extensibility helpers (3.x) quartznet/quartznet#3104
• Speed up cron next-fire-time computation with a bitmask fast path by @​lahma in Speed up cron next-fire-time computation with a bitmask fast path quartznet/quartznet#3126
• Reduce DateTimeOffset churn in the cron next-fire-time loop (3.x) by @​lahma in Reduce DateTimeOffset churn in the cron next-fire-time loop (3.x) quartznet/quartznet#3129
• Fix dashboard JobDataMap and SimpleSchedule trigger display (3.x) by @​lahma in Fix dashboard JobDataMap and SimpleSchedule trigger display (3.x) quartznet/quartznet#3132

Full Changelog: quartznet/quartznet@v3.18.1...v3.18.2

Commits viewable in compare view.

Updated Swashbuckle.AspNetCore from 10.2.2 to 10.2.3.

Release notes

Sourced from Swashbuckle.AspNetCore's releases.

10.2.3

What's Changed

• Bump swagger-ui-dist to 5.32.7 by @​dependabot in Bump swagger-ui-dist from 5.32.6 to 5.32.7 in /src/Swashbuckle.AspNetCore.SwaggerUI domaindrivendev/Swashbuckle.AspNetCore#4015

Full Changelog: domaindrivendev/Swashbuckle.AspNetCore@v10.2.2...v10.2.3

Commits viewable in compare view.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

.NET test coverage

• Line coverage: 61.7%
• Branch coverage: 46.5%