Bump the production-dependencies group with 28 updates

[dependabot]

Updated Aspire.AppHost.Sdk from 13.2.2 to 13.3.5.

Release notes

Sourced from Aspire.AppHost.Sdk's releases.

13.3.5

What's New in Aspire 13.3.5

Patch release for Aspire 13.3 with fixes for the Azure provisioning location prompt and an Aspire CLI named-pipe timeout on Linux with .NET SDK 10.0.300.

🐛 Fixes

• 📍 Azure provisioning location prompt not populated — Selecting an existing resource group during aspire publish now correctly populates dependent server-controlled fields (such as Location). Previously, server-provided values for disabled inputs were discarded, leaving those fields blank. (#​17278, backported via #​17291)
• 🔧 Aspire CLI named-pipe timeout on Linux with .NET SDK 10.0.300 — The Aspire CLI was forcing DOTNET_CLI_USE_MSBUILD_SERVER=1 for all dotnet run/dotnet build invocations. On Linux with SDK 10.0.300 this caused a named-pipe timeout that prevented aspire run from building the AppHost. The forced override has been removed so the SDK chooses MSBuild server behavior. Fixes #​16849. (#​17313, backported via #​17314)

🏷️ Housekeeping

• ⬆️ Skipped log publish for WinGet/Homebrew installer pipeline jobs to fix Prepare Installers stage failures (#​17134)
• 🚀 Bumped branding to 13.3.5 (#​17315)

---

Full Changelog: microsoft/aspire@v13.3.4...v13.3.5

Full commit: 70b33bcb5f64c75e3ab6f57616545f35bd43dc81

Generated by Generate release notes for a new stable Aspire release · ● 4.3M

13.3.4

What's New in Aspire 13.3.4

Patch release for Aspire 13.3 with a fix for the Aspire skill description exceeding agent host limits.

🐛 Fixes

• 📝 Aspire skill description too long for agent hosts — The SKILL.md generated by aspire agent init included a frontmatter description that exceeded the 1024-character limit enforced by agent hosts such as Codex and Copilot CLI, causing the Aspire skill to fail to load. The bundled skill description has been shortened to stay within the limit. (#​17183, backported via #​17188)

🏷️ Housekeeping

• 🚀 Bumped branding to 13.3.4 (#​17215)

---

Full commit: 75080796af797483231a9da2d1642b5130617565

Generated by Generate release notes for a new stable Aspire release · ● 3.6M

13.3.3

What's New in Aspire 13.3.3

Patch release for Aspire 13.3 with fixes for debug log level leaking into user resources, Keycloak HTTPS endpoint token invalidation, and endpoint materialization in HostResourceWithEndpoints.

🐛 Fixes

• 🔇 Debug log level leaking into user resources — Logging__LogLevel__Default=Debug set by the app host was being inherited by all user resources, silently changing their logging verbosity. The app host now uses ASPIRE_APPHOST_LOGLEVEL instead, which is scoped to Aspire processes only. (#​17071, backported via #​17078)
• 🔑 Keycloak HTTPS primary endpoint — Fixed a regression where Keycloak tokens became invalid after an app host restart because the HTTPS endpoint port was dynamic. When developer certificates are enabled, Keycloak's primary endpoint is now upgraded to HTTPS directly, and the endpoint name is set to http to enable standard http+https:// service discovery URLs. (#​17058, backported via #​17063)
• 🔌 Endpoint materialization in HostResourceWithEndpoints — Endpoints configured via HostResourceWithEndpoints are now correctly materialized, ensuring endpoint resolution and service discovery work as expected. (#​17091, backported via #​17092)

🏷️ Housekeeping

• ⬆️ Bumped DCP (Microsoft.DeveloperControlPlane) from 0.23.5 → 0.23.6 — includes fixes for Kubernetes OpenAPI generator types that caused [SHOULD NOT HAPPEN] failed to update managedFields errors. (#​17070)
• 🚀 Bumped branding to 13.3.3 (#​17088)

---

Full commit: a4615e7c6def6cba4703cdbd84009cd3da9a261b

13.3.2

What's New in Aspire 13.3.2

Patch release for Aspire 13.3 with a fix for container tunnel startup when tunnel-dependent containers use WaitFor().

🐛 Fixes

• 🚇 Fix WaitFor() for tunnel-dependent containers — The container tunnel implementation that shipped in Aspire 13.3 deadlocked at startup when tunnel-using containers waited on other resources, because resource waits blocked ResourceStarting before the tunnel initialization could complete. Container and tunnel startup have been refactored to cooperate correctly, and additional tunnel-dependent containers can now be started at any point during the application lifecycle. Also improves error reporting for container tunnel failures. (#​16988, backported via #​16993)

🏷️ Housekeeping

• 🚀 Bumped branding to 13.3.2 (#​17053)

13.3.1

Aspire 13.3.1

What's New in Aspire 13.3.1

Patch release for Aspire 13.3 with a regression fix for aspire run and a DCP bump.

🐛 Fixes

• 🏃 aspire run compute environment validation — Skip compute environment validation in run mode so customers no longer hit Resource '<name>' is configured to publish as an Azure Container App, but there are no 'AzureContainerAppEnvironmentResource' resources. Ensure you have added one by calling 'AddAzureContainerAppEnvironment'. errors during local runs. The check is now only performed in publish mode, matching pre-13.3 behavior. (#​16945, backported via #​16952)

🏷️ Housekeeping

• ⬆️ Bumped DCP (Microsoft.DeveloperControlPlane) from 0.23.4 → 0.23.5 (#​16944)
• 🌐 Updated localization resources (#​16602)
• 🚀 Bumped branding to 13.3.1 (#​16951)

13.3.0

Aspire 13.3.0

Aspire 13.3 is here! 🚀 This release is packed with new ways to deploy, debug, and build distributed apps — including aspire destroy, browser telemetry in the dashboard, Kubernetes deployment, first-class JavaScript publishing, and major TypeScript AppHost parity
improvements.

Highlights

• 🧹 Clean teardown — New aspire destroy tears down Azure, Kubernetes, and Docker Compose deployments, and pipeline summaries make deploy/publish/destroy runs easier to follow.
• 🔍 Frontend telemetry — Aspire.Hosting.Browsers captures browser console logs, network requests, and screenshots right in the Aspire dashboard.
• ☸️ Kubernetes deploy preview — aspire deploy can now generate Helm-based Kubernetes deployments, with first-class Ingress and Gateway API routing.
• 🟨 JavaScript publishing — New PublishAs* methods support static sites, Node servers, npm-script apps, Next.js, Vite, Bun, Yarn, and pnpm.
• 🌐 TypeScript AppHost parity — Unified withEnvironment, Docker Compose hooks, endpoint expressions, Azure Container Apps domains, and more close the gap with C# AppHosts.
• 🛠️ CLI upgrades — Run the standalone dashboard with aspire dashboard run, install the CLI as a NativeAOT dotnet tool, and search API docs from the terminal.
• ☁️ Azure goodness — New Azure Front Door, Network Security Perimeter, AKS, private endpoint, and Foundry Prompt Agent support.
• 🐳 Better containers — The Aspire container tunnel is now enabled by default for consistent host connectivity across Docker Desktop, Docker Engine, and Podman.

⚠️ Breaking changes

Notable breaking changes include --log-level becoming --pipeline-log-level, the dashboard MCP server being replaced by aspire agent init, dotnet new aspire-py-starter moving to aspire new aspire-py-starter, and several API shape updates across AKS,
Foundry, JavaScript diagnostics, and TypeScript AppHost helpers.

See the full list in the Aspire 13.3 breaking changes.

📖 Learn more

For the full details, examples, migration guidance, and everything new in this release, check out What's new in Aspire 13.3.

Thank you to all the community contributors who helped make Aspire 13.3 possible! 💜

13.2.4

Aspire 13.2.4

What's New in Aspire 13.2.4

Patch release addressing a security advisory in OpenTelemetry dependencies.

🐛 Fixes

• 🔒 Bumped OpenTelemetry dependencies to address CVE-2026-40894 (#​16420)

🏷️ Housekeeping

• 🚀 Bumped branding to
  13.2.4 (#​16436)

13.2.3

What's New in Aspire 13.2.3

Patch release focused on CLI packaging, signing, and reliability fixes.

🐛 Fixes

• 🛑 aspire stop now properly cleans up application containers on Windows (#​16123)
• 🔐 Fixed macOS signing, permissions, and certificate trust with improved CI verification (#​16053)
• ✍️ Fixed signing for the aspire-managed bundle payload (#​16211)
• 🎭 Fixed Playwright CLI provenance verification for the new tag format (#​16134)
• 🧭 Updated service discovery environment variables (#​16223)

🔧 Improvements

• 📊 Removed telemetry API data limits and refactored URL builders (#​16023)
• ⏱️ Increased native build + sign timeout to 60 minutes for reliability (#​16212)

🏷️ Housekeeping

• 🔖 Bumped branding to 13.2.3 (#​16181)
• 🧪 Temporarily disabled Verify CLI archive step on Windows while investigating (#​16276, #​16285)

Commits viewable in compare view.

Updated Aspire.Hosting.AppHost from 13.2.2 to 13.3.5.

Release notes

Sourced from Aspire.Hosting.AppHost's releases.

13.3.5

What's New in Aspire 13.3.5

Patch release for Aspire 13.3 with fixes for the Azure provisioning location prompt and an Aspire CLI named-pipe timeout on Linux with .NET SDK 10.0.300.

🐛 Fixes

• 📍 Azure provisioning location prompt not populated — Selecting an existing resource group during aspire publish now correctly populates dependent server-controlled fields (such as Location). Previously, server-provided values for disabled inputs were discarded, leaving those fields blank. (#​17278, backported via #​17291)
• 🔧 Aspire CLI named-pipe timeout on Linux with .NET SDK 10.0.300 — The Aspire CLI was forcing DOTNET_CLI_USE_MSBUILD_SERVER=1 for all dotnet run/dotnet build invocations. On Linux with SDK 10.0.300 this caused a named-pipe timeout that prevented aspire run from building the AppHost. The forced override has been removed so the SDK chooses MSBuild server behavior. Fixes #​16849. (#​17313, backported via #​17314)

🏷️ Housekeeping

• ⬆️ Skipped log publish for WinGet/Homebrew installer pipeline jobs to fix Prepare Installers stage failures (#​17134)
• 🚀 Bumped branding to 13.3.5 (#​17315)

---

Full Changelog: microsoft/aspire@v13.3.4...v13.3.5

Full commit: 70b33bcb5f64c75e3ab6f57616545f35bd43dc81

Generated by Generate release notes for a new stable Aspire release · ● 4.3M

13.3.4

What's New in Aspire 13.3.4

Patch release for Aspire 13.3 with a fix for the Aspire skill description exceeding agent host limits.

🐛 Fixes

• 📝 Aspire skill description too long for agent hosts — The SKILL.md generated by aspire agent init included a frontmatter description that exceeded the 1024-character limit enforced by agent hosts such as Codex and Copilot CLI, causing the Aspire skill to fail to load. The bundled skill description has been shortened to stay within the limit. (#​17183, backported via #​17188)

🏷️ Housekeeping

• 🚀 Bumped branding to 13.3.4 (#​17215)

---

Full commit: 75080796af797483231a9da2d1642b5130617565

Generated by Generate release notes for a new stable Aspire release · ● 3.6M

13.3.3

What's New in Aspire 13.3.3

Patch release for Aspire 13.3 with fixes for debug log level leaking into user resources, Keycloak HTTPS endpoint token invalidation, and endpoint materialization in HostResourceWithEndpoints.

🐛 Fixes

• 🔇 Debug log level leaking into user resources — Logging__LogLevel__Default=Debug set by the app host was being inherited by all user resources, silently changing their logging verbosity. The app host now uses ASPIRE_APPHOST_LOGLEVEL instead, which is scoped to Aspire processes only. (#​17071, backported via #​17078)
• 🔑 Keycloak HTTPS primary endpoint — Fixed a regression where Keycloak tokens became invalid after an app host restart because the HTTPS endpoint port was dynamic. When developer certificates are enabled, Keycloak's primary endpoint is now upgraded to HTTPS directly, and the endpoint name is set to http to enable standard http+https:// service discovery URLs. (#​17058, backported via #​17063)
• 🔌 Endpoint materialization in HostResourceWithEndpoints — Endpoints configured via HostResourceWithEndpoints are now correctly materialized, ensuring endpoint resolution and service discovery work as expected. (#​17091, backported via #​17092)

🏷️ Housekeeping

• ⬆️ Bumped DCP (Microsoft.DeveloperControlPlane) from 0.23.5 → 0.23.6 — includes fixes for Kubernetes OpenAPI generator types that caused [SHOULD NOT HAPPEN] failed to update managedFields errors. (#​17070)
• 🚀 Bumped branding to 13.3.3 (#​17088)

---

Full commit: a4615e7c6def6cba4703cdbd84009cd3da9a261b

13.3.2

What's New in Aspire 13.3.2

Patch release for Aspire 13.3 with a fix for container tunnel startup when tunnel-dependent containers use WaitFor().

🐛 Fixes

• 🚇 Fix WaitFor() for tunnel-dependent containers — The container tunnel implementation that shipped in Aspire 13.3 deadlocked at startup when tunnel-using containers waited on other resources, because resource waits blocked ResourceStarting before the tunnel initialization could complete. Container and tunnel startup have been refactored to cooperate correctly, and additional tunnel-dependent containers can now be started at any point during the application lifecycle. Also improves error reporting for container tunnel failures. (#​16988, backported via #​16993)

🏷️ Housekeeping

• 🚀 Bumped branding to 13.3.2 (#​17053)

13.3.1

Aspire 13.3.1

What's New in Aspire 13.3.1

Patch release for Aspire 13.3 with a regression fix for aspire run and a DCP bump.

🐛 Fixes

• 🏃 aspire run compute environment validation — Skip compute environment validation in run mode so customers no longer hit Resource '<name>' is configured to publish as an Azure Container App, but there are no 'AzureContainerAppEnvironmentResource' resources. Ensure you have added one by calling 'AddAzureContainerAppEnvironment'. errors during local runs. The check is now only performed in publish mode, matching pre-13.3 behavior. (#​16945, backported via #​16952)

🏷️ Housekeeping

• ⬆️ Bumped DCP (Microsoft.DeveloperControlPlane) from 0.23.4 → 0.23.5 (#​16944)
• 🌐 Updated localization resources (#​16602)
• 🚀 Bumped branding to 13.3.1 (#​16951)

13.3.0

Aspire 13.3.0

Aspire 13.3 is here! 🚀 This release is packed with new ways to deploy, debug, and build distributed apps — including aspire destroy, browser telemetry in the dashboard, Kubernetes deployment, first-class JavaScript publishing, and major TypeScript AppHost parity
improvements.

Highlights

• 🧹 Clean teardown — New aspire destroy tears down Azure, Kubernetes, and Docker Compose deployments, and pipeline summaries make deploy/publish/destroy runs easier to follow.
• 🔍 Frontend telemetry — Aspire.Hosting.Browsers captures browser console logs, network requests, and screenshots right in the Aspire dashboard.
• ☸️ Kubernetes deploy preview — aspire deploy can now generate Helm-based Kubernetes deployments, with first-class Ingress and Gateway API routing.
• 🟨 JavaScript publishing — New PublishAs* methods support static sites, Node servers, npm-script apps, Next.js, Vite, Bun, Yarn, and pnpm.
• 🌐 TypeScript AppHost parity — Unified withEnvironment, Docker Compose hooks, endpoint expressions, Azure Container Apps domains, and more close the gap with C# AppHosts.
• 🛠️ CLI upgrades — Run the standalone dashboard with aspire dashboard run, install the CLI as a NativeAOT dotnet tool, and search API docs from the terminal.
• ☁️ Azure goodness — New Azure Front Door, Network Security Perimeter, AKS, private endpoint, and Foundry Prompt Agent support.
• 🐳 Better containers — The Aspire container tunnel is now enabled by default for consistent host connectivity across Docker Desktop, Docker Engine, and Podman.

⚠️ Breaking changes

Notable breaking changes include --log-level becoming --pipeline-log-level, the dashboard MCP server being replaced by aspire agent init, dotnet new aspire-py-starter moving to aspire new aspire-py-starter, and several API shape updates across AKS,
Foundry, JavaScript diagnostics, and TypeScript AppHost helpers.

See the full list in the Aspire 13.3 breaking changes.

📖 Learn more

For the full details, examples, migration guidance, and everything new in this release, check out What's new in Aspire 13.3.

Thank you to all the community contributors who helped make Aspire 13.3 possible! 💜

13.2.4

Aspire 13.2.4

What's New in Aspire 13.2.4

Patch release addressing a security advisory in OpenTelemetry dependencies.

🐛 Fixes

• 🔒 Bumped OpenTelemetry dependencies to address CVE-2026-40894 (#​16420)

🏷️ Housekeeping

• 🚀 Bumped branding to
  13.2.4 (#​16436)

13.2.3

What's New in Aspire 13.2.3

Patch release focused on CLI packaging, signing, and reliability fixes.

🐛 Fixes

• 🛑 aspire stop now properly cleans up application containers on Windows (#​16123)
• 🔐 Fixed macOS signing, permissions, and certificate trust with improved CI verification (#​16053)
• ✍️ Fixed signing for the aspire-managed bundle payload (#​16211)
• 🎭 Fixed Playwright CLI provenance verification for the new tag format (#​16134)
• 🧭 Updated service discovery environment variables (#​16223)

🔧 Improvements

• 📊 Removed telemetry API data limits and refactored URL builders (#​16023)
• ⏱️ Increased native build + sign timeout to 60 minutes for reliability (#​16212)

🏷️ Housekeeping

• 🔖 Bumped branding to 13.2.3 (#​16181)
• 🧪 Temporarily disabled Verify CLI archive step on Windows while investigating (#​16276, #​16285)

Commits viewable in compare view.

Updated Aspire.Hosting.AppHost from 13.2.4 to 13.3.5.

Release notes

Sourced from Aspire.Hosting.AppHost's releases.

13.3.5

What's New in Aspire 13.3.5

Patch release for Aspire 13.3 with fixes for the Azure provisioning location prompt and an Aspire CLI named-pipe timeout on Linux with .NET SDK 10.0.300.

🐛 Fixes

• 📍 Azure provisioning location prompt not populated — Selecting an existing resource group during aspire publish now correctly populates dependent server-controlled fields (such as Location). Previously, server-provided values for disabled inputs were discarded, leaving those fields blank. (#​17278, backported via #​17291)
• 🔧 Aspire CLI named-pipe timeout on Linux with .NET SDK 10.0.300 — The Aspire CLI was forcing DOTNET_CLI_USE_MSBUILD_SERVER=1 for all dotnet run/dotnet build invocations. On Linux with SDK 10.0.300 this caused a named-pipe timeout that prevented aspire run from building the AppHost. The forced override has been removed so the SDK chooses MSBuild server behavior. Fixes #​16849. (#​17313, backported via #​17314)

🏷️ Housekeeping

• ⬆️ Skipped log publish for WinGet/Homebrew installer pipeline jobs to fix Prepare Installers stage failures (#​17134)
• 🚀 Bumped branding to 13.3.5 (#​17315)

---

Full Changelog: microsoft/aspire@v13.3.4...v13.3.5

Full commit: 70b33bcb5f64c75e3ab6f57616545f35bd43dc81

Generated by Generate release notes for a new stable Aspire release · ● 4.3M

13.3.4

What's New in Aspire 13.3.4

Patch release for Aspire 13.3 with a fix for the Aspire skill description exceeding agent host limits.

🐛 Fixes

• 📝 Aspire skill description too long for agent hosts — The SKILL.md generated by aspire agent init included a frontmatter description that exceeded the 1024-character limit enforced by agent hosts such as Codex and Copilot CLI, causing the Aspire skill to fail to load. The bundled skill description has been shortened to stay within the limit. (#​17183, backported via #​17188)

🏷️ Housekeeping

• 🚀 Bumped branding to 13.3.4 (#​17215)

---

Full commit: 75080796af797483231a9da2d1642b5130617565

Generated by Generate release notes for a new stable Aspire release · ● 3.6M

13.3.3

What's New in Aspire 13.3.3

Patch release for Aspire 13.3 with fixes for debug log level leaking into user resources, Keycloak HTTPS endpoint token invalidation, and endpoint materialization in HostResourceWithEndpoints.

🐛 Fixes

• 🔇 Debug log level leaking into user resources — Logging__LogLevel__Default=Debug set by the app host was being inherited by all user resources, silently changing their logging verbosity. The app host now uses ASPIRE_APPHOST_LOGLEVEL instead, which is scoped to Aspire processes only. (#​17071, backported via #​17078)
• 🔑 Keycloak HTTPS primary endpoint — Fixed a regression where Keycloak tokens became invalid after an app host restart because the HTTPS endpoint port was dynamic. When developer certificates are enabled, Keycloak's primary endpoint is now upgraded to HTTPS directly, and the endpoint name is set to http to enable standard http+https:// service discovery URLs. (#​17058, backported via #​17063)
• 🔌 Endpoint materialization in HostResourceWithEndpoints — Endpoints configured via HostResourceWithEndpoints are now correctly materialized, ensuring endpoint resolution and service discovery work as expected. (#​17091, backported via #​17092)

🏷️ Housekeeping

• ⬆️ Bumped DCP (Microsoft.DeveloperControlPlane) from 0.23.5 → 0.23.6 — includes fixes for Kubernetes OpenAPI generator types that caused [SHOULD NOT HAPPEN] failed to update managedFields errors. (#​17070)
• 🚀 Bumped branding to 13.3.3 (#​17088)

---

Full commit: a4615e7c6def6cba4703cdbd84009cd3da9a261b

13.3.2

What's New in Aspire 13.3.2

Patch release for Aspire 13.3 with a fix for container tunnel startup when tunnel-dependent containers use WaitFor().

🐛 Fixes

• 🚇 Fix WaitFor() for tunnel-dependent containers — The container tunnel implementation that shipped in Aspire 13.3 deadlocked at startup when tunnel-using containers waited on other resources, because resource waits blocked ResourceStarting before the tunnel initialization could complete. Container and tunnel startup have been refactored to cooperate correctly, and additional tunnel-dependent containers can now be started at any point during the application lifecycle. Also improves error reporting for container tunnel failures. (#​16988, backported via #​16993)

🏷️ Housekeeping

• 🚀 Bumped branding to 13.3.2 (#​17053)

13.3.1

Aspire 13.3.1

What's New in Aspire 13.3.1

Patch release for Aspire 13.3 with a regression fix for aspire run and a DCP bump.

🐛 Fixes

• 🏃 aspire run compute environment validation — Skip compute environment validation in run mode so customers no longer hit Resource '<name>' is configured to publish as an Azure Container App, but there are no 'AzureContainerAppEnvironmentResource' resources. Ensure you have added one by calling 'AddAzureContainerAppEnvironment'. errors during local runs. The check is now only performed in publish mode, matching pre-13.3 behavior. (#​16945, backported via #​16952)

🏷️ Housekeeping

• ⬆️ Bumped DCP (Microsoft.DeveloperControlPlane) from 0.23.4 → 0.23.5 (#​16944)
• 🌐 Updated localization resources (#​16602)
• 🚀 Bumped branding to 13.3.1 (#​16951)

13.3.0

Aspire 13.3.0

Aspire 13.3 is here! 🚀 This release is packed with new ways to deploy, debug, and build distributed apps — including aspire destroy, browser telemetry in the dashboard, Kubernetes deployment, first-class JavaScript publishing, and major TypeScript AppHost parity
improvements.

Highlights

• 🧹 Clean teardown — New aspire destroy tears down Azure, Kubernetes, and Docker Compose deployments, and pipeline summaries make deploy/publish/destroy runs easier to follow.
• 🔍 Frontend telemetry — Aspire.Hosting.Browsers captures browser console logs, network requests, and screenshots right in the Aspire dashboard.
• ☸️ Kubernetes deploy preview — aspire deploy can now generate Helm-based Kubernetes deployments, with first-class Ingress and Gateway API routing.
• 🟨 JavaScript publishing — New PublishAs* methods support static sites, Node servers, npm-script apps, Next.js, Vite, Bun, Yarn, and pnpm.
• 🌐 TypeScript AppHost parity — Unified withEnvironment, Docker Compose hooks, endpoint expressions, Azure Container Apps domains, and more close the gap with C# AppHosts.
• 🛠️ CLI upgrades — Run the standalone dashboard with aspire dashboard run, install the CLI as a NativeAOT dotnet tool, and search API docs from the terminal.
• ☁️ Azure goodness — New Azure Front Door, Network Security Perimeter, AKS, private endpoint, and Foundry Prompt Agent support.
• 🐳 Better containers — The Aspire container tunnel is now enabled by default for consistent host connectivity across Docker Desktop, Docker Engine, and Podman.

⚠️ Breaking changes

Notable breaking changes include --log-level becoming --pipeline-log-level, the dashboard MCP server being replaced by aspire agent init, dotnet new aspire-py-starter moving to aspire new aspire-py-starter, and several API shape updates across AKS,
Foundry, JavaScript diagnostics, and TypeScript AppHost helpers.

See the full list in the Aspire 13.3 breaking changes.

📖 Learn more

For the full details, examples, migration guidance, and everything new in this release, check out What's new in Aspire 13.3.

Thank you to all the community contributors who helped make Aspire 13.3 possible! 💜

Commits viewable in compare view.

Updated Aspire.Hosting.PostgreSQL from 13.2.4 to 13.3.5.

Release notes

Sourced from Aspire.Hosting.PostgreSQL's releases.

13.3.5

What's New in Aspire 13.3.5

Patch release for Aspire 13.3 with fixes for the Azure provisioning location prompt and an Aspire CLI named-pipe timeout on Linux with .NET SDK 10.0.300.

🐛 Fixes

• 📍 Azure provisioning location prompt not populated — Selecting an existing resource group during aspire publish now correctly populates dependent server-controlled fields (such as Location). Previously, server-provided values for disabled inputs were discarded, leaving those fields blank. (#​17278, backported via #​17291)
• 🔧 Aspire CLI named-pipe timeout on Linux with .NET SDK 10.0.300 — The Aspire CLI was forcing DOTNET_CLI_USE_MSBUILD_SERVER=1 for all dotnet run/dotnet build invocations. On Linux with SDK 10.0.300 this caused a named-pipe timeout that prevented aspire run from building the AppHost. The forced override has been removed so the SDK chooses MSBuild server behavior. Fixes #​16849. (#​17313, backported via #​17314)

🏷️ Housekeeping

• ⬆️ Skipped log publish for WinGet/Homebrew installer pipeline jobs to fix Prepare Installers stage failures (#​17134)
• 🚀 Bumped branding to 13.3.5 (#​17315)

---

Full Changelog: microsoft/aspire@v13.3.4...v13.3.5

Full commit: 70b33bcb5f64c75e3ab6f57616545f35bd43dc81

Generated by Generate release notes for a new stable Aspire release · ● 4.3M

13.3.4

What's New in Aspire 13.3.4

Patch release for Aspire 13.3 with a fix for the Aspire skill description exceeding agent host limits.

🐛 Fixes

• 📝 Aspire skill description too long for agent hosts — The SKILL.md generated by aspire agent init included a frontmatter description that exceeded the 1024-character limit enforced by agent hosts such as Codex and Copilot CLI, causing the Aspire skill to fail to load. The bundled skill description has been shortened to stay within the limit. (#​17183, backported via #​17188)

🏷️ Housekeeping

• 🚀 Bumped branding to 13.3.4 (#​17215)

---

Full commit: 75080796af797483231a9da2d1642b5130617565

Generated by Generate release notes for a new stable Aspire release · ● 3.6M

13.3.3

What's New in Aspire 13.3.3

Patch release for Aspire 13.3 with fixes for debug log level leaking into user resources, Keycloak HTTPS endpoint token invalidation, and endpoint materialization in HostResourceWithEndpoints.

🐛 Fixes

• 🔇 Debug log level leaking into user resources — Logging__LogLevel__Default=Debug set by the app host was being inherited by all user resources, silently changing their logging verbosity. The app host now uses ASPIRE_APPHOST_LOGLEVEL instead, which is scoped to Aspire processes only. (#​17071, backported via #​17078)
• 🔑 Keycloak HTTPS primary endpoint — Fixed a regression where Keycloak tokens became invalid after an app host restart because the HTTPS endpoint port was dynamic. When developer certificates are enabled, Keycloak's primary endpoint is now upgraded to HTTPS directly, and the endpoint name is set to http to enable standard http+https:// service discovery URLs. (#​17058, backported via #​17063)
• 🔌 Endpoint materialization in HostResourceWithEndpoints — Endpoints configured via HostResourceWithEndpoints are now correctly materialized, ensuring endpoint resolution and service discovery work as expected. (#​17091, backported via #​17092)

🏷️ Housekeeping

• ⬆️ Bumped DCP (Microsoft.DeveloperControlPlane) from 0.23.5 → 0.23.6 — includes fixes for Kubernetes OpenAPI generator types that caused [SHOULD NOT HAPPEN] failed to update managedFields errors. (#​17070)
• 🚀 Bumped branding to 13.3.3 (#​17088)

---

Full commit: a4615e7c6def6cba4703cdbd84009cd3da9a261b

13.3.2

What's New in Aspire 13.3.2

Patch release for Aspire 13.3 with a fix for container tunnel startup when tunnel-dependent containers use WaitFor().

🐛 Fixes

• 🚇 Fix WaitFor() for tunnel-dependent containers — The container tunnel implementation that shipped in Aspire 13.3 deadlocked at startup when tunnel-using containers waited on other resources, because resource waits blocked ResourceStarting before the tunnel initialization could complete. Container and tunnel startup have been refactored to cooperate correctly, and additional tunnel-dependent containers can now be started at any point during the application lifecycle. Also improves error reporting for container tunnel failures. (#​16988, backported via #​16993)

🏷️ Housekeeping

• 🚀 Bumped branding to 13.3.2 (#​17053)

13.3.1

Aspire 13.3.1

What's New in Aspire 13.3.1

Patch release for Aspire 13.3 with a regression fix for aspire run and a DCP bump.

🐛 Fixes

• 🏃 aspire run compute environment validation — Skip compute environment validation in run mode so customers no longer hit Resource '<name>' is configured to publish as an Azure Container App, but there are no 'AzureContainerAppEnvironmentResource' resources. Ensure you have added one by calling 'AddAzureContainerAppEnvironment'. errors during local runs. The check is now only performed in publish mode, matching pre-13.3 behavior. (#​16945, backported via #​16952)

🏷️ Housekeeping

• ⬆️ Bumped DCP (Microsoft.DeveloperControlPlane) from 0.23.4 → 0.23.5 (#​16944)
• 🌐 Updated localization resources (#​16602)
• 🚀 Bumped branding to 13.3.1 (#​16951)

13.3.0

Aspire 13.3.0

Aspire 13.3 is here! 🚀 This release is packed with new ways to deploy, debug, and build distributed apps — including aspire destroy, browser telemetry in the dashboard, Kubernetes deployment, first-class JavaScript publishing, and major TypeScript AppHost parity
improvements.

Highlights

• 🧹 Clean teardown — New aspire destroy tears down Azure, Kubernetes, and Docker Compose deployments, and pipeline summaries make deploy/publish/destroy runs easier to follow.
• 🔍 Frontend telemetry — Aspire.Hosting.Browsers captures browser console logs, network requests, and screenshots right in the Aspire dashboard.
• ☸️ Kubernetes deploy preview — aspire deploy can now generate Helm-based Kubernetes deployments, with first-class Ingress and Gateway API routing.
• 🟨 JavaScript publishing — New PublishAs* methods support static sites, Node servers, npm-script apps, Next.js, Vite, Bun, Yarn, and pnpm.
• 🌐 TypeScript AppHost parity — Unified withEnvironment, Docker Compose hooks, endpoint expressions, Azure Container Apps domains, and more close the gap with C# AppHosts.
• 🛠️ CLI upgrades — Run the standalone dashboard with aspire dashboard run, install the CLI as a NativeAOT dotnet tool, and search API docs from the terminal.
• ☁️ Azure goodness — New Azure Front Door, Network Security Perimeter, AKS, private endpoint, and Foundry Prompt Agent support.
• 🐳 Better containers — The Aspire container tunnel is now enabled by default for consistent host connectivity across Docker Desktop, Docker Engine, and Podman.

⚠️ Breaking changes

Notable breaking changes include --log-level becoming --pipeline-log-level, the dashboard MCP server being replaced by aspire agent init, dotnet new aspire-py-starter moving to aspire new aspire-py-starter, and several API shape updates across AKS,
Foundry, JavaScript diagnostics, and TypeScript AppHost helpers.

See the full list in the Aspire 13.3 breaking changes.

📖 Learn more

For the full details, examples, migration guidance, and everything new in this release, check out What's new in Aspire 13.3.

Thank you to all the community contributors who helped make Aspire 13.3 possible! 💜

Commits viewable in compare view.

Updated Aspire.Hosting.Seq from 13.2.2 to 13.3.5.

Release notes

Sourced from Aspire.Hosting.Seq's releases.

13.3.5

What's New in Aspire 13.3.5

Patch release for Aspire 13.3 with fixes for the Azure provisioning location prompt and an Aspire CLI named-pipe timeout on Linux with .NET SDK 10.0.300.

🐛 Fixes

• 📍 Azure provisioning location prompt not populated — Selecting an existing resource group during aspire publish now correctly populates dependent server-controlled fields (such as Location). Previously, server-provided values for disabled inputs were discarded, leaving those fields blank. (#​17278, backported via #​17291)
• 🔧 Aspire CLI named-pipe timeout on Linux with .NET SDK 10.0.300 — The Aspire CLI was forcing DOTNET_CLI_USE_MSBUILD_SERVER=1 for all dotnet run/dotnet build invocations. On Linux with SDK 10.0.300 this caused a named-pipe timeout that prevented aspire run from building the AppHost. The forced override has been removed so the SDK chooses MSBuild server behavior. Fixes #​16849. (#​17313, backported via #​17314)

🏷️ Housekeeping

• ⬆️ Skipped log publish for WinGet/Homebrew installer pipeline jobs to fix Prepare Installers stage failures (#​17134)
• 🚀 Bumped branding to 13.3.5 (#​17315)

---

Full Changelog: microsoft/aspire@v13.3.4...v13.3.5

Full commit: 70b33bcb5f64c75e3ab6f57616545f35bd43dc81

Generated by Generate release notes for a new stable Aspire release · ● 4.3M

13.3.4

What's New in Aspire 13.3.4

Patch release for Aspire 13.3 with a fix for the Aspire skill description exceeding agent host limits.

🐛 Fixes

• 📝 Aspire skill description too long for agent hosts — The SKILL.md generated by aspire agent init included a frontmatter description that exceeded the 1024-character limit enforced by agent hosts such as Codex and Copilot CLI, causing the Aspire skill to fail to load. The bundled skill description has been shortened to stay within the limit. (#​17183, backported via #​17188)

🏷️ Housekeeping

• 🚀 Bumped branding to 13.3.4 (#​17215)

---

Full commit: 75080796af797483231a9da2d1642b5130617565

Generated by Generate release notes for a new stable Aspire release · ● 3.6M

13.3.3

What's New in Aspire 13.3.3

Patch release for Aspire 13.3 with fixes for debug log level leaking into user resources, Keycloak HTTPS endpoint token invalidation, and endpoint materialization in HostResourceWithEndpoints.

🐛 Fixes

• 🔇 Debug log level leaking into user resources — Logging__LogLevel__Default=Debug set by the app host was being inherited by all user resources, silently changing their logging verbosity. The app host now uses ASPIRE_APPHOST_LOGLEVEL instead, which is scoped to Aspire processes only. (#​17071, backported via #​17078)
• 🔑 Keycloak HTTPS primary endpoint — Fixed a regression where Keycloak tokens became invalid after an app host restart because the HTTPS endpoint port was dynamic. When developer certificates are enabled, Keycloak's primary endpoint is now upgraded to HTTPS directly, and the endpoint name is set to http to enable standard http+https:// service discovery URLs. (#​17058, backported via #​17063)
• 🔌 Endpoint materialization in HostResourceWithEndpoints — Endpoints configured via HostResourceWithEndpoints are now correctly materialized, ensuring endpoint resolution and service discovery work as expected. (#​17091, backported via #​17092)

🏷️ Housekeeping

• ⬆️ Bumped DCP (Microsoft.DeveloperControlPlane) from 0.23.5 → 0.23.6 — includes fixes for Kubernetes OpenAPI generator types that caused [SHOULD NOT HAPPEN] failed to update managedFields errors. (#​17070)
• 🚀 Bumped branding to 13.3.3 (#​17088)

---

Full commit: a4615e7c6def6cba4703cdbd84009cd3da9a261b

13.3.2

What's New in Aspire 13.3.2

Patch release for Aspire 13.3 with a fix for container tunnel startup when tunnel-dependent containers use WaitFor().

🐛 Fixes

• 🚇 Fix WaitFor() for tunnel-dependent containers — The container tunnel implementation that shipped in Aspire 13.3 deadlocked at startup when tunnel-using containers waited on other resources, because resource waits blocked ResourceStarting before the tunnel initialization could complete. Container and tunnel startup have been refactored to cooperate correctly, and additional tunnel-dependent containers can now be started at any point during the application lifecycle. Also improves error reporting for container tunnel failures. (#​16988, backported via #​16993)

🏷️ Housekeeping

• 🚀 Bumped branding to 13.3.2 (#​17053)

13.3.1

Aspire 13.3.1

What's New in Aspire 13.3.1

Patch release for Aspire 13.3 with a regression fix for aspire run and a DCP bump.

🐛 Fixes

• 🏃 aspire run compute environment validation — Skip compute environment validation in run mode so customers no longer hit Resource '<name>' is configured to publish as an Azure Container App, but there are no 'AzureContainerAppEnvironmentResource' resources. Ensure you have added one by calling 'AddAzureContainerAppEnvironment'. errors during local runs. The check is now only performed in publish mode, matching pre-13.3 behavior. (#​16945, backported via #​16952)

🏷️ Housekeeping

• ⬆️ Bumped DCP (Microsoft.DeveloperControlPlane) from 0.23.4 → 0.23.5 (#​16944)
• 🌐 Updated localization resources (#​16602)
• 🚀 Bumped branding to 13.3.1 (#​16951)

13.3.0

Aspire 13.3.0

Aspire 13.3 is here! 🚀 This release is packed with new ways to deploy, debug, and build distributed apps — including aspire destroy, browser telemetry in the dashboard, Kubernetes deployment, first-class JavaScript publishing, and major TypeScript AppHost parity
improvements.

Highlights

• 🧹 Clean teardown — New aspire destroy tears down Azure, Kubernetes, and Docker Compose deployments, and pipeline summaries make deploy/publish/destroy runs easier to follow.
• 🔍 Frontend telemetry — Aspire.Hosting.Browsers captures browser console logs, network requests, and screenshots right in the Aspire dashboard.
• ☸️ Kubernetes deploy preview — aspire deploy can now generate Helm-based Kubernetes deployments, with first-class Ingress and Gateway API routing.
• 🟨 JavaScript publishing — New PublishAs* methods support static sites, Node servers, npm-script apps, Next.js, Vite, Bun, Yarn, and pnpm.
• 🌐 TypeScript AppHost parity — Unified withEnvironment, Docker Compose hooks, endpoint expressions, Azure Container Apps domains, and more close the gap with C# AppHosts.
• 🛠️ CLI upgrades — Run the standalone dashboard with aspire dashboard run, install the CLI as a NativeAOT dotnet tool, and search API docs from the terminal.
• ☁️ Azure goodness — New Azure Front Door, Network Security Perimeter, AKS, private endpoint, and Foundry Prompt Agent support.
• 🐳 Better containers — The Aspire container tunnel is now enabled by default for consistent host connectivity across Docker Desktop, Docker Engine, and Podman.

⚠️ Breaking changes

Notable breaking changes include --log-level becoming --pipeline-log-level, the dashboard MCP server being replaced by aspire agent init, dotnet new aspire-py-starter moving to aspire new aspire-py-starter, and several API shape updates across AKS,
Foundry, JavaScript diagnostics, and TypeScript AppHost helpers.

See the full list in the Aspire 13.3 breaking changes.

📖 Learn more

For the full details, examples, migration guidance, and everything new in this release, check out What's new in Aspire 13.3.

Thank you to all the community contributors who helped make Aspire 13.3 possible! 💜

13.2.4

Aspire 13.2.4

What's New in Aspire 13.2.4

Patch release addressing a security advisory in OpenTelemetry dependencies.

🐛 Fixes

• 🔒 Bumped OpenTelemetry dependencies to address CVE-2026-40894 (#​16420)

🏷️ Housekeeping

• 🚀 Bumped branding to
  13.2.4 (#​16436)

13.2.3

What's New in Aspire 13.2.3

Patch release focused on CLI packaging, signing, and reliability fixes.

🐛 Fixes

• 🛑 aspire stop now properly cleans up application containers on Windows (#​16123)
• 🔐 Fixed macOS signing, permissions, and certificate trust with improved CI verification (#​16053)
• ✍️ Fixed signing for the aspire-managed bundle payload (#​16211)
• 🎭 Fixed Playwright CLI provenance verification for the new tag format (#​16134)
• 🧭 Updated service discovery environment variables (#​16223)

🔧 Improvements

• 📊 Removed telemetry API data limits and refactored URL builders (#​16023)
• ⏱️ Increased native build + sign timeout to 60 minutes for reliability (#​16212)

🏷️ Housekeeping

• 🔖 Bumped branding to 13.2.3 (#​16181)
• 🧪 Temporarily disabled Verify CLI archive step on Windows while investigating (#​16276, #​16285)

Commits viewable in compare view.

Updated AWSSDK.S3 from 4.0.22.1 to 4.0.23.4.

Release notes

Sourced from AWSSDK.S3's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated AWSSDK.SimpleEmailV2 from 4.0.12.12 to 4.0.13.

Release notes

Sourced from AWSSDK.SimpleEmailV2's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated coverlet.collector from 10.0.0 to 10.0.1.

Release notes

Sourced from coverlet.collector's releases.

10.0.1

Improvements

• Coverlet with MTP 2 doesn't show test coverage statistic in console #​1907
• Avoid unnecessary testhost restarts #​1912 by https://github.com/mawosoft

Fixed

• Fix inconsistent paths in cobertura reports #​1723
• Fix when using "is" with "and" in pattern matching, branch coverage is lower than normal #​1313
• Fix Coverlet flagging a branch for an async functions finally block where none exists #​1337
• Fix Coverlet Tracker Missing CompilerGeneratedAttribute #​1828

Maintenance

• Add architecture docs and diagrams for all integrations #​1927
• Update NuGet packages and .NET SDK versions #​1933

Diff between 10.0.0 and 10.0.1

Commits viewable in compare view.

Updated Microsoft.AspNetCore.Authentication.JwtBearer from 10.0.7 to 10.0.8.

Release notes

Sourced from Microsoft.AspNetCore.Authentication.JwtBearer's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.AspNetCore.Mvc.Testing from 10.0.7 to 10.0.8.

Release notes

Sourced from Microsoft.AspNetCore.Mvc.Testing's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.AspNetCore.OpenApi from 10.0.7 to 10.0.8.

Release notes

Sourced from Microsoft.AspNetCore.OpenApi's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.EntityFrameworkCore from 10.0.7 to 10.0.8.

Release notes

Sourced from Microsoft.EntityFrameworkCore's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.EntityFrameworkCore.Design from 10.0.7 to 10.0.8.

Release notes

Sourced from Microsoft.EntityFrameworkCore.Design's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.EntityFrameworkCore.Tools from 10.0.7 to 10.0.8.

Release notes

Sourced from Microsoft.EntityFrameworkCore.Tools's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.Extensions.Caching.Hybrid from 10.5.0 to 10.6.0.

Release notes

Sourced from Microsoft.Extensions.Caching.Hybrid's releases.

10.6.0

Version 10.6.0 stabilizes the response continuation token and background-response APIs in Microsoft.Extensions.AI.Abstractions. Most other AI work for May shipped in 10.5.1; this monthly release rolls those changes up alongside dependency updates and a small Resource Monitoring cleanup.

Experimental API Changes

Now Stable

• ResponseContinuationToken and background-response APIs are now stable (previously MEAI001) #​7512

What's Changed

AI

• Stabilize ResponseContinuationToken / background-response APIs #​7512 by @​jozkee (co-authored by @​Copilot)

Repository Infrastructure Updates

• Update version to 10.6.0 #​7458 by @​jeffhandley
• [main] Update dependencies from dotnet/arcade #​7451
• Bump follow-redirects from 1.15.11 to 1.16.0 in /src/Libraries/Microsoft.Extensions.AI.Evaluation.Reporting/TypeScript/azure-devops-report/tasks/PublishAIEvaluationReport #​7469
• Merge release/10.5 into main #​7470 by @​jeffhandley
• Bump microsoft.visualstudio.slngen.tool from 12.0.13 to 12.0.32 #​7484
• Bump postcss from 8.5.9 to 8.5.12 in /src/Libraries/Microsoft.Extensions.AI.Evaluation.Reporting/TypeScript #​7494
• Bump dotnet-reportgenerator-globaltool from 5.5.7 to 5.5.9 #​7504
• Rename release-notes skill to write-release-notes #​7511 by @​jeffhandley (co-authored by @​Copilot)

Acknowledgements

• @​wtgodbe @​tarekgh @​peterwald @​JeremyLikness @​eiriktsarpalis @​ericstj @​evgenyfedorov2 reviewed pull requests

Full Changelog: dotnet/extensions@v10.5.2...v10.6.0

10.5.2

This patch release ships a single fix to Microsoft.Extensions.VectorData.Abstractions, correcting StorageName resolution when external serialization is enabled. Microsoft.Extensions.VectorData.ConformanceTests, Microsoft.Extensions.AI.Abstractions, Microsoft.Extensions.AI, and Microsoft.Extensions.AI.OpenAI are published alongside it for version coherency — they contain no code changes from 10.5.1.

Packages in this release

Package	Version
Microsoft.Extensions.VectorData.Abstractions	10.5.2
Microsoft.Extensions.VectorData.ConformanceTests	10.5.2
Microsoft.Extensions.AI.Abstractions	10.5.2
Microsoft.Extensions.AI	10.5.2
Microsoft.Extensions.AI.OpenAI	10.5.2

What's Changed

Microsoft.Extensions.VectorData.Abstractions

• Minor fixes to MEVD.Abstractions: correct StorageName behavior when external serialization is enabled, and disable a warning for net462. (by @​roji in #​7475)

Full Changelog: dotnet/extensions@v10.5.1...v10.5.2

10.5.1

Version 10.5.1 of the Microsoft.Extensions.AI packages stabilizes CodeInterpreter, WebSearch, and ImageGeneration tool content types. The release adds new experimental tool search and OpenAI request policy hooks. And the OpenTelemetry gen-ai semantic conventions are updated to align with v1.41.

The 'aiagent-webapi' project template in Microsoft.Agents.AI.ProjectTemplates is updated to align with v1.3.0 of Agent Framework, updating the OpenTelemetry dependencies within the template projects as well.

Packages in this release

Package	Version
Microsoft.Extensions.AI	10.5.1
Microsoft.Extensions.AI.Abstractions	10.5.1
Microsoft.Extensions.AI.OpenAI	10.5.1
Microsoft.Extensions.AI.Templates	10.5.1-preview.3.26251.3
Microsoft.Agents.AI.ProjectTemplates	1.3.0-preview.1.26251.3

Experimental API Changes

Now Stable

The following types previously emitted the MEAI001 experimental diagnostic and are now stable.

• CodeInterpreter and WebSearch tool content types are now stable #​7493
  • CodeInterpreterToolCallContent
  • CodeInterpreterToolResultContent
  • WebSearchToolCallContent
  • WebSearchToolResultContent
• ImageGeneration tool content types and tool are now stable #​7476
  • ImageGenerationToolCallContent
  • ImageGenerationToolResultContent
  • HostedImageGenerationTool
  • ImageGenerationOptions
  • ImageGenerationResponseFormat (the Hosted enum value remains experimental)
  • IImageGenerator and the rest of the image generation infrastructure also remain experimental

New Experimental APIs

The following new APIs emit the MEAI001 experimental diagnostic.

• New experimental API: HostedToolSearchTool with DeferredTools for tool-search-driven deferred tool loading #​7471
• New experimental API: OpenAIRequestPolicies extension hook for appending System.ClientModel.PipelinePolicy instances to outgoing OpenAI requests #​7495

Breaking Changes to Experimental APIs

• WebSearchToolResultContent.Results was renamed to Outputs as part of the stabilization in #​7493, aligning with CodeInterpreterToolResultContent.Outputs. The original Results property was included in version 10.4.0 and 10.5.0; this is a binary breaking change and consumers need to update to consume the updated property.

  WebSearchToolResultContent content = ...;
  - IList<AIContent>? items = content.Results;
  + IList<AIContent>? items = content.Outputs;

... (truncated)

Commits viewable in compare view.

Updated Microsoft.Extensions.Caching.StackExchangeRedis from 10.0.7 to 10.0.8.

Release notes

Sourced from Microsoft.Extensions.Caching.StackExchangeRedis's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.Extensions.Configuration from 10.0.7 to 10.0.8.

Release notes

Sourced from Microsoft.Extensions.Configuration's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.Extensions.Configuration.Abstractions from 10.0.7 to 10.0.8.

Release notes

Sourced from Microsoft.Extensions.Configuration.Abstractions's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.Extensions.Http.Resilience from 10.5.0 to 10.6.0.

Release notes

Sourced from Microsoft.Extensions.Http.Resilience's releases.

10.6.0

Version 10.6.0 stabilizes the response continuation token and background-response APIs in Microsoft.Extensions.AI.Abstractions. Most other AI work for May shipped in 10.5.1; this monthly release rolls those changes up alongside dependency updates and a small Resource Monitoring cleanup.

Experimental API Changes

Now Stable

• ResponseContinuationToken and background-response APIs are now stable (previously MEAI001) #​7512

What's Changed

AI

• Stabilize ResponseContinuationToken / background-response APIs #​7512 by @​jozkee (co-authored by @​Copilot)

Repository Infrastructure Updates

• Update version to 10.6.0 #​7458 by @​jeffhandley
• [main] Update dependencies from dotnet/arcade #​7451
• Bump follow-redirects from 1.15.11 to 1.16.0 in /src/Libraries/Microsoft.Extensions.AI.Evaluation.Reporting/TypeScript/azure-devops-report/tasks/PublishAIEvaluationReport #​7469
• Merge release/10.5 into main #​7470 by @​jeffhandley
• Bump microsoft.visualstudio.slngen.tool from 12.0.13 to 12.0.32 #​7484
• Bump postcss from 8.5.9 to 8.5.12 in /src/Libraries/Microsoft.Extensions.AI.Evaluation.Reporting/TypeScript #​7494
• Bump dotnet-reportgenerator-globaltool from 5.5.7 to 5.5.9 #​7504
• Rename release-notes skill to write-release-notes #​7511 by @​jeffhandley (co-authored by @​Copilot)

Acknowledgements

• @​wtgodbe @​tarekgh @​peterwald @​JeremyLikness @​eiriktsarpalis @​ericstj @​evgenyfedorov2 reviewed pull requests

Full Changelog: dotnet/extensions@v10.5.2...v10.6.0

10.5.2

This patch release ships a single fix to Microsoft.Extensions.VectorData.Abstractions, correcting StorageName resolution when external serialization is enabled. Microsoft.Extensions.VectorData.ConformanceTests, Microsoft.Extensions.AI.Abstractions, Microsoft.Extensions.AI, and Microsoft.Extensions.AI.OpenAI are published alongside it for version coherency — they contain no code changes from 10.5.1.

Packages in this release

Package	Version
Microsoft.Extensions.VectorData.Abstractions	10.5.2
Microsoft.Extensions.VectorData.ConformanceTests	10.5.2
Microsoft.Extensions.AI.Abstractions	10.5.2
Microsoft.Extensions.AI	10.5.2
Microsoft.Extensions.AI.OpenAI	10.5.2

What's Changed

Microsoft.Extensions.VectorData.Abstractions

• Minor fixes to MEVD.Abstractions: correct StorageName behavior when external serialization is enabled, and disable a warning for net462. (by @​roji in #​7475)

Full Changelog: dotnet/extensions@v10.5.1...v10.5.2

10.5.1

Version 10.5.1 of the Microsoft.Extensions.AI packages stabilizes CodeInterpreter, WebSearch, and ImageGeneration tool content types. The release adds new experimental tool search and OpenAI request policy hooks. And the OpenTelemetry gen-ai semantic conventions are updated to align with v1.41.

The 'aiagent-webapi' project template in Microsoft.Agents.AI.ProjectTemplates is updated to align with v1.3.0 of Agent Framework, updating the OpenTelemetry dependencies within the template projects as well.

Packages in this release

Package	Version
Microsoft.Extensions.AI	10.5.1
Microsoft.Extensions.AI.Abstractions	10.5.1
Microsoft.Extensions.AI.OpenAI	10.5.1
Microsoft.Extensions.AI.Templates	10.5.1-preview.3.26251.3
Microsoft.Agents.AI.ProjectTemplates	1.3.0-preview.1.26251.3

Experimental API Changes

Now Stable

The following types previously emitted the MEAI001 experimental diagnostic and are now stable.

• CodeInterpreter and WebSearch tool content types are now stable #​7493
  • CodeInterpreterToolCallContent
  • CodeInterpreterToolResultContent
  • WebSearchToolCallContent
  • WebSearchToolResultContent
• ImageGeneration tool content types and tool are now stable #​7476
  • ImageGenerationToolCallContent
  • ImageGenerationToolResultContent
  • HostedImageGenerationTool
  • ImageGenerationOptions
  • ImageGenerationResponseFormat (the Hosted enum value remains experimental)
  • IImageGenerator and the rest of the image generation infrastructure also remain experimental

New Experimental APIs

The following new APIs emit the MEAI001 experimental diagnostic.

• New experimental API: HostedToolSearchTool with DeferredTools for tool-search-driven deferred tool loading #​7471
• New experimental API: OpenAIRequestPolicies extension hook for appending System.ClientModel.PipelinePolicy instances to outgoing OpenAI requests #​7495

Breaking Changes to Experimental APIs

• WebSearchToolResultContent.Results was renamed to Outputs as part of the stabilization ...

Description has been truncated

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

[...

Description has been truncated

[dependabot]

Labels

The following labels could not be found: dependencies, nuget. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[dependabot]

Superseded by #57.