Skip to content

Bump the all-dependencies group with 6 updates#2544

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/nuget/all-dependencies-108dbfcf40
Closed

Bump the all-dependencies group with 6 updates#2544
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/nuget/all-dependencies-108dbfcf40

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 22, 2026

Copy link
Copy Markdown
Contributor

Updated ICU4N from 60.1.0-alpha.439 to 60.1.0-alpha.440.

Release notes

Sourced from ICU4N's releases.

60.1.0-alpha.440

What's Changed

NOTE: This release is API-compatible with 60.1.0-alpha.436 and includes the latest updates and bug fixes. There are no breaking API changes, so it serves as a drop-in replacement for 60.1.0-alpha.436 for users of Lucene.Net.ICU 4.8.0-beta-00017 and SaxonCS versions targeting that release.

🎉 New Features

🐞 Bug Fixes

🏆 Improvements

Full Changelog: NightOwl888/ICU4N@v60.1.0-alpha.439...v60.1.0-alpha.440

Commits viewable in compare view.

Updated Meziantou.Analyzer from 3.0.101 to 3.0.109.

Release notes

Sourced from Meziantou.Analyzer's releases.

3.0.109

NuGet package: https://www.nuget.org/packages/Meziantou.Analyzer/3.0.109

What's Changed

Full Changelog: meziantou/Meziantou.Analyzer@3.0.108...3.0.109

3.0.108

NuGet package: https://www.nuget.org/packages/Meziantou.Analyzer/3.0.108

What's Changed

Full Changelog: meziantou/Meziantou.Analyzer@3.0.107...3.0.108

3.0.107

NuGet package: https://www.nuget.org/packages/Meziantou.Analyzer/3.0.107

What's Changed

Full Changelog: meziantou/Meziantou.Analyzer@3.0.106...3.0.107

3.0.106

NuGet package: https://www.nuget.org/packages/Meziantou.Analyzer/3.0.106

What's Changed

Full Changelog: meziantou/Meziantou.Analyzer@3.0.105...3.0.106

3.0.105

NuGet package: https://www.nuget.org/packages/Meziantou.Analyzer/3.0.105

What's Changed

Full Changelog: meziantou/Meziantou.Analyzer@3.0.104...3.0.105

3.0.104

NuGet package: https://www.nuget.org/packages/Meziantou.Analyzer/3.0.104

What's Changed

Full Changelog: meziantou/Meziantou.Analyzer@3.0.103...3.0.104

3.0.103

NuGet package: https://www.nuget.org/packages/Meziantou.Analyzer/3.0.103

What's Changed

Full Changelog: meziantou/Meziantou.Analyzer@3.0.102...3.0.103

3.0.102

NuGet package: https://www.nuget.org/packages/Meziantou.Analyzer/3.0.102

What's Changed

Full Changelog: meziantou/Meziantou.Analyzer@3.0.101...3.0.102

Commits viewable in compare view.

Updated Microsoft.Extensions.DependencyInjection from 10.0.8 to 10.0.9.

Release notes

Sourced from Microsoft.Extensions.DependencyInjection's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.Extensions.TimeProvider.Testing from 10.6.0 to 10.7.0.

Release notes

Sourced from Microsoft.Extensions.TimeProvider.Testing's releases.

10.7.0

v10.7.0 graduates the Microsoft.Extensions.Diagnostics.ResourceMonitoring.Kubernetes package to stable. The package registers a Kubernetes-aware ResourceQuotaProvider that reads the pod's CPU and memory requests and limits and exposes them to Microsoft.Extensions.Diagnostics.ResourceMonitoring as baseline and maximum quotas, which then feed the request and limit dimensions of the published resource utilization metrics. The companion ResourceQuota and ResourceQuotaProvider types in Microsoft.Extensions.Diagnostics.ResourceMonitoring graduate to stable in the same change so that consumers can implement custom quota providers without taking an experimental dependency.

On the AI side, Microsoft.Extensions.AI.OpenAI moves to OpenAI 2.11.0 and fixes a deserialization bug in ToolJson.AdditionalProperties so that JSON Schema additionalProperties values shaped as sub-schema objects (for example {"type":"string"}) are preserved instead of throwing during deserialization. HostedFileContent.SizeInBytes and HostedFileContent.CreatedAt graduate to stable since both values are consistently available across hosted-file providers, while Purpose and Scope remain experimental as provider-shaped vocabulary. FunctionInvokingChatClient drops a backward-compat path that auto-marked ToolApprovalResponseContent entries with InformationalOnly: true; consumers that need to continue accepting sessions serialized before #​7468 can use the sample ApprovalHistoryNormalizingChatClient middleware added in the test project.

Experimental API Changes

Now Stable

  • Microsoft.Extensions.Diagnostics.ResourceMonitoring.Kubernetes package is now stable #​7253
  • Resource Monitoring ResourceQuota and ResourceQuotaProvider APIs are now stable (previously EXTEXP0008) #​7253
  • HostedFileContent.SizeInBytes and HostedFileContent.CreatedAt are now stable (previously MEAI001) #​7513

What's Changed

AI

  • Graduate HostedFileContent.SizeInBytes and HostedFileContent.CreatedAt #​7513 by @​jozkee (co-authored by @​Copilot)
  • Remove backward-compat InformationalOnly case from FICC; suggest middleware workaround #​7538 by @​jozkee (co-authored by @​Copilot)
  • Upgrade OpenAI package from 2.10.0 to 2.11.0 #​7544 by @​jozkee (co-authored by @​Copilot)
  • Fix ToolJson.AdditionalProperties to accept sub-schema objects #​7546 by @​jozkee (co-authored by @​Copilot)

Diagnostics, Health Checks, and Resource Monitoring

  • Move Microsoft.Extensions.Diagnostics.ResourceMonitoring.Kubernetes to stable #​7253 by @​amadeuszl (co-authored by @​Copilot)

Repository Infrastructure Updates

  • [main] Update dependencies from dotnet/arcade #​7521
  • Bump dotnet-reportgenerator-globaltool from 5.5.9 to 5.5.10 #​7522
  • Bump dotnet-coverage from 18.6.2 to 18.7.0 #​7530
  • Bump PowerShell from 7.6.1 to 7.6.2 #​7531
  • Bump qs from 6.15.1 to 6.15.2 in /src/Libraries/Microsoft.Extensions.AI.Evaluation.Reporting/TypeScript #​7532
  • [main] Update dependencies from dotnet/arcade #​7534
  • Bump tmp from 0.2.5 to 0.2.6 in /src/Libraries/Microsoft.Extensions.AI.Evaluation.Reporting/TypeScript #​7537

Acknowledgements

  • @​ericstj submitted issue #​7509 (resolved by #​7544)
  • @​scottt732 submitted issue #​7540 (resolved by #​7546)
  • @​DeagleGross @​wtgodbe @​dariusclay @​evgenyfedorov2 @​peterwald @​PranavSenthilnathan @​shyamnamboodiripad @​stephentoub @​tarekgh reviewed pull requests

Full Changelog: dotnet/extensions@v10.6.0...v10.7.0

Commits viewable in compare view.

Updated Verify.NUnit from 31.19.0 to 31.20.0.

Release notes

Sourced from Verify.NUnit's releases.

31.20.0

31.19.1

  • #​1746 Mark passthrough string Verify overloads as [StringSyntax("*")]

Commits viewable in compare view.

Updated YantraJS.Core from 1.2.405 to 1.2.406.

Release notes

Sourced from YantraJS.Core's releases.

No release notes found for this version range.

Commits viewable in compare view.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps ICU4N from 60.1.0-alpha.439 to 60.1.0-alpha.440
Bumps Meziantou.Analyzer from 3.0.101 to 3.0.109
Bumps Microsoft.Extensions.DependencyInjection from 10.0.8 to 10.0.9
Bumps Microsoft.Extensions.TimeProvider.Testing from 10.6.0 to 10.7.0
Bumps Verify.NUnit from 31.19.0 to 31.20.0
Bumps YantraJS.Core from 1.2.405 to 1.2.406

---
updated-dependencies:
- dependency-name: ICU4N
  dependency-version: 60.1.0-alpha.440
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: Meziantou.Analyzer
  dependency-version: 3.0.109
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: Microsoft.Extensions.DependencyInjection
  dependency-version: 10.0.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: Microsoft.Extensions.TimeProvider.Testing
  dependency-version: 10.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: Verify.NUnit
  dependency-version: 31.20.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: YantraJS.Core
  dependency-version: 1.2.406
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added .NET Pull requests that update .NET code dependencies Pull requests that update a dependency file labels Jun 22, 2026
lahma added a commit to lahma/jint that referenced this pull request Jun 23, 2026
…dates

Supersedes sebastienros#2544, which failed to build because the Meziantou.Analyzer
3.0.101 -> 3.0.109 bump promotes MA0074 (use a Contains overload with a
StringComparison) and warnings are treated as errors. Add
StringComparison.Ordinal to the five flagged string.Contains calls in the
Intl code; this is behaviour-identical (string.Contains(string) already
compares ordinally) and matches the adjacent EndsWith(..., Ordinal) calls.

Bring all packages to their latest stable versions so we don't have to
update again shortly (prereleases/betas intentionally skipped):
- ICU4N 60.1.0-alpha.439 -> .440
- Meziantou.Analyzer 3.0.101 -> 3.0.109
- Microsoft.Extensions.DependencyInjection 10.0.8 -> 10.0.9
- Microsoft.Extensions.TimeProvider.Testing 10.6.0 -> 10.7.0
- Verify.NUnit 31.19.0 -> 31.20.0
- YantraJS.Core 1.2.405 -> 1.2.406
- BenchmarkDotNet.TestAdapter 0.13.12 -> 0.15.8 (aligns with BenchmarkDotNet)
- Microsoft.NET.Test.Sdk 18.6.0 -> 18.7.0
- System.Text.Json 10.0.8 -> 10.0.9
- Spectre.Console.Cli 0.45.0 -> 0.55.0
- Zio 0.22.2 -> 0.24.0

Replace the catch-all dependabot "all-dependencies" group with logical
groups (analyzers, testing, benchmark, js-engine-comparisons, acornima,
microsoft) so weekly update PRs are cohesive instead of one large mixed PR.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_013iGpTz8AqQM1m6eRoF9jDr
lahma added a commit that referenced this pull request Jun 23, 2026
…dates (#2545)

Supersedes #2544, which failed to build because the Meziantou.Analyzer
3.0.101 -> 3.0.109 bump promotes MA0074 (use a Contains overload with a
StringComparison) and warnings are treated as errors. Add
StringComparison.Ordinal to the five flagged string.Contains calls in the
Intl code; this is behaviour-identical (string.Contains(string) already
compares ordinally) and matches the adjacent EndsWith(..., Ordinal) calls.

Bring all packages to their latest stable versions so we don't have to
update again shortly (prereleases/betas intentionally skipped):
- ICU4N 60.1.0-alpha.439 -> .440
- Meziantou.Analyzer 3.0.101 -> 3.0.109
- Microsoft.Extensions.DependencyInjection 10.0.8 -> 10.0.9
- Microsoft.Extensions.TimeProvider.Testing 10.6.0 -> 10.7.0
- Verify.NUnit 31.19.0 -> 31.20.0
- YantraJS.Core 1.2.405 -> 1.2.406
- BenchmarkDotNet.TestAdapter 0.13.12 -> 0.15.8 (aligns with BenchmarkDotNet)
- Microsoft.NET.Test.Sdk 18.6.0 -> 18.7.0
- System.Text.Json 10.0.8 -> 10.0.9
- Spectre.Console.Cli 0.45.0 -> 0.55.0
- Zio 0.22.2 -> 0.24.0

Replace the catch-all dependabot "all-dependencies" group with logical
groups (analyzers, testing, benchmark, js-engine-comparisons, acornima,
microsoft) so weekly update PRs are cohesive instead of one large mixed PR.


Claude-Session: https://claude.ai/code/session_013iGpTz8AqQM1m6eRoF9jDr

Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@dependabot @github

dependabot Bot commented on behalf of github Jun 23, 2026

Copy link
Copy Markdown
Contributor Author

The group that created this PR has been removed from your configuration.

@dependabot dependabot Bot closed this Jun 23, 2026
@dependabot dependabot Bot deleted the dependabot/nuget/all-dependencies-108dbfcf40 branch June 23, 2026 13:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file .NET Pull requests that update .NET code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants