Skip to content

chore(deps): Bump the nuget-dependencies group with 8 updates#31

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/nuget/nuget-dependencies-7d577f2105
Open

chore(deps): Bump the nuget-dependencies group with 8 updates#31
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/nuget/nuget-dependencies-7d577f2105

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 13, 2026

Copy link
Copy Markdown
Contributor

Updated BCrypt.Net-Next from 4.1.0 to 4.2.0.

Release notes

Sourced from BCrypt.Net-Next's releases.

4.2.0

Full Changelog: BcryptNet/bcrypt.net@v4.1.0...v4.2.0

Commits viewable in compare view.

Updated CloudinaryDotNet from 1.28.0 to 1.29.2.

Release notes

Sourced from CloudinaryDotNet's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated MediatR from 14.1.0 to 14.2.0.

Release notes

Sourced from MediatR's releases.

14.2.0

What's Changed

Full Changelog: LuckyPennySoftware/MediatR@v14.1.0...v14.2.0

Commits viewable in compare view.

Updated Microsoft.AspNetCore.Authentication.JwtBearer from 10.0.6 to 10.0.9.

Release notes

Sourced from Microsoft.AspNetCore.Authentication.JwtBearer's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.AspNetCore.OpenApi from 10.0.6 to 10.0.9.

Release notes

Sourced from Microsoft.AspNetCore.OpenApi's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.EntityFrameworkCore.Design from 9.0.15 to 9.0.17.

Release notes

Sourced from Microsoft.EntityFrameworkCore.Design's releases.

9.0.17

Release

What's Changed

Full Changelog: dotnet/efcore@v9.0.16...v9.0.17

9.0.16

Release

What's Changed

Full Changelog: dotnet/efcore@v9.0.15...v9.0.16

Commits viewable in compare view.

Updated Polly from 8.6.6 to 8.7.0.

Release notes

Sourced from Polly's releases.

8.7.0

Highlights

What's Changed

New Contributors

Full Changelog: App-vNext/Polly@8.6.6...8.7.0

Commits viewable in compare view.

Updated SonarAnalyzer.CSharp from 10.23.0.137933 to 10.29.0.143774.

Release notes

Sourced from SonarAnalyzer.CSharp's releases.

10.29.0.143774

Release notes - .NET Analyzers - 10.29

Feature

NET-3997 Move S6444 out of hotspot
NET-4060 Update RSPEC before 10.29 release

False Positive

NET-1626 Fix S6444 FP: REGEX_DEFAULT_MATCH_TIMEOUT

False Negative

NET-3920 Fix S2971 FN: Should raise on EntityFramework IQueryables
NET-3921 Fix S1155 FN: Should raise on EntityFramework IQueryables
NET-3922 Fix S3981 FN: Should raise on EntityFramework IQueryables
NET-3924 Fix S3169 FN: Should raise on EntityFramework IQueryables

10.28.0.143324

Release notes - .NET Analyzers - 10.28

Feature

NET-1990 S100/S101: Configuration for custom acronyms
NET-2280 New Rule T0048: Avoid is not { } value
NET-3802 Update RSPEC before 10.28 release
NET-3818 Change Protobuf Info message to Debug
NET-3820 Coverage warnings should surface as Analysis Warnings
NET-3827 Create RSPEC for S8717: Multiple "[Key]" attributes should not be used to define a composite key
NET-3843 Implement rule S8717: Multiple "[Key]" attributes should not be used to define a composite key
NET-3949 Modify rule S2696: add fix guidance, compliant example, and exceptions
NET-3950 Modify rule S1135: add compliant example and fix guidance
NET-3951 Modify rule S108: give the C# page its own code examples
NET-3952 Modify rule S1133: add rationale, fix guidance, code examples
NET-3953 Modify rule S3251: add compliant example, fix guidance, and exceptions
NET-3967 Move S1313 out of hotspot
NET-3969 Move S2077 out of hotspot
NET-3972 Move S2092 and S3330 out of hotspot
NET-3973 Move S2245 out of hotspot
NET-3975 Move S2257 out of hotspot
NET-3976 Move S4036 out of hotspot
NET-3978 Move S4502 out of hotspot
NET-3980 Move S4507 out of hotspot
NET-3982 Move S5122 out of hotspot
NET-3983 Move S5332 out of hotspot
NET-3993 Move S5443 out of hotspot
NET-3995 Move S5753 out of hotspot
NET-3996 Move S5766 out of hotspot
NET-3998 Move S6640 out of hotspot
NET-4000 Move S4790 out of hotspot
NET-4001 Move S5693 out of hotspot
NET-4008 Change S1313 message
NET-4009 Change S2257 message
NET-4010 Change S4036 message
NET-4011 Change S2077 message

False Positive

NET-3564 Fix FP S6966: Do not raise for methods for SqlDataReader.IsDBNull/GetFieldValue
NET-3808 Fix S4260 FP: Don't raise on extension properties
NET-3821 Fix S1244 FP: Should not raise on comparison to 0
NET-3825 Fix S2221 FP: Do not raise on async void
NET-3878 Fix S3358 FP: Suggesting to extract ternary from EF Core select
NET-3914 Fix T0044 FP: Should not raise on locator annotaitons
NET-3926 Fix S6608 FP: Should not raise inside expression tree
NET-3927 Fix S6603 FP: Should not raise inside expression tree
NET-3932 S2068: Do not raise on @​paramName and $paramName

False Negative

NET-1673 Fix S4790 FN: default parameters
NET-2846 Fix S1117 FN: Extensions, Partial Events
... (truncated)

10.27.0.140913

Release notes - .NET Analyzers - 10.27

Feature

NET-1285 S2629: Add custom message for Log4Net and Castle.Core
NET-3666 Deprecate S5042 and move it from HotSpots to Code Smell
NET-3783 Update RSPEC before 10.27 release

False Positive

NET-2696 Fix S4260 FP: Extension Properties always raise

False Negative

NET-230 Fix S4056 FN: SpecifyIFormatProviderOrCultureInfo for C#​13 compatibility
NET-2692 Fix S2190 FN: Recursive extension properties
NET-2705 Fix S3343 FN: Partial Constructor with attribute in definition
NET-2732 Fix S1172 FN: Extension blocks
NET-2745 Fix S4144 FN: Extension Members
NET-2829 Fix S3241 FN: Extension methods and extension blocks
NET-3541 Fix S1117 FN: add CatchDeclaration coverage and adopt LocalDeclarationKinds

10.26.0.140279

Release notes - .NET Analyzers - 10.26

Feature

NET-3694 Update RSPEC before 10.26 release

False Positive

NET-2346 Fix S1854 FP: Variable used after another assignment in finally
NET-2347 Fix S1168 FP: Do not report on value types
NET-3698 Fix S1210 FP: file-scoped types should be exempt

False Negative

NET-1265 Fix S2930 FN: raise issues on non-disposed RegistryKeys
NET-2685 Fix S3604 FN: Field Keyword, Partial Constructors, NullConditional Assignment
NET-2812 Fix S4275 FN: Field Keyword
NET-2999 Fix S6672 FN: Mismatch in primary constructor is not recognized

10.25

?

Feature

  • NET-3613 - Support Cobertura coverage file format
    • Cobertura report paths can be passed via the sonar.cs.cobertura.reportsPaths parameter
  • NET-3665 - Update RSPEC before 10.25 release

False Positive

  • NET-3640 - Fix S3400 FP: Don't report function with conditional compilation body

10.24

 This release brings a batch of false negative fixes and analyzer crash fixes.

Bug Fixes

  • NET-3596 - Fix S1144 AD0001: Index out of range exception with type named Nullable
  • NET-3522 - Fix S1215 AD0001: ArgumentOutOfRangeException
  • NET-3521 - Fix S2053 AD0001: NRE
  • NET-3520 - Fix S3267 AD0001: NRE

False Positives

  • NET-2276 - Fix S1192 FP: EF migration classes

False Negatives

  • NET-3569 - Fix T0008 and T0009 FN: Support extension blocks
  • NET-2875 - Fix S2092 FN: Null Conditional Assignment
  • NET-2857 - Fix S3330 FN: Null Conditional Assignment
  • NET-2719 - Fix S4136 FN: Extension methods
  • NET-2688 - Fix S4433 FN: Null-conditional assignment in tracker
  • NET-2675 - Fix S6418 FN: Field keyword
  • NET-2667 - Fix S2934 FN: Null-conditional assignment and field keyword
  • NET-2658 - Fix S127 FN: BitShiftCompound

Commits viewable in compare view.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps BCrypt.Net-Next from 4.1.0 to 4.2.0
Bumps CloudinaryDotNet from 1.28.0 to 1.29.2
Bumps MediatR from 14.1.0 to 14.2.0
Bumps Microsoft.AspNetCore.Authentication.JwtBearer from 10.0.6 to 10.0.9
Bumps Microsoft.AspNetCore.OpenApi from 10.0.6 to 10.0.9
Bumps Microsoft.EntityFrameworkCore.Design from 9.0.15 to 9.0.17
Bumps Polly from 8.6.6 to 8.7.0
Bumps SonarAnalyzer.CSharp from 10.23.0.137933 to 10.29.0.143774

---
updated-dependencies:
- dependency-name: BCrypt.Net-Next
  dependency-version: 4.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: nuget-dependencies
- dependency-name: CloudinaryDotNet
  dependency-version: 1.29.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: nuget-dependencies
- dependency-name: MediatR
  dependency-version: 14.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: nuget-dependencies
- dependency-name: Microsoft.AspNetCore.Authentication.JwtBearer
  dependency-version: 10.0.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: nuget-dependencies
- dependency-name: Microsoft.AspNetCore.OpenApi
  dependency-version: 10.0.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: nuget-dependencies
- dependency-name: Microsoft.EntityFrameworkCore.Design
  dependency-version: 9.0.17
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: nuget-dependencies
- dependency-name: Polly
  dependency-version: 8.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: nuget-dependencies
- dependency-name: SonarAnalyzer.CSharp
  dependency-version: 10.29.0.143774
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: nuget-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added .NET Pull requests that update .NET code dependencies Pull requests that update a dependency file labels Jul 13, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file .NET Pull requests that update .NET code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants