Skip to content

Updated dependencies#53

Closed
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/nuget/src/DogQuiz/main-ebed2d8d73
Closed

Updated dependencies#53
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/nuget/src/DogQuiz/main-ebed2d8d73

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot Bot commented on behalf of github Dec 22, 2025

Updated Humanizer.Core from 2.14.1 to 3.0.1.

Release notes

Sourced from Humanizer.Core's releases.

3.0.1

Changes:

  • #​1651: Renormalize line endings
  • #​1648: Extract duplicated regex patterns into constants across conditional compilation regions
  • #​1649: Delete dotnet.config
  • #​1647: move to net10 stable
  • #​1641: Add analyzer tests to CI and fix test failures

This list of changes was auto generated.

3.0.0-rc.30

Changes:

  • #​1640: Update dependencies and refactor for performance

This list of changes was auto generated.

3.0.0-rc.29

Changes:

Enhancement:

  • #​1625: Add multi-targeted, performance-optimized Roslyn analyzer and code fix for Humanizer v3 namespace migration

Others:

  • #​1637: Fix performance regressions vs v3.0.0-rc.6 in transformers and registry lookups
  • #​1636: Fix performance regressions from eager registry initialization and micro-optimizations
  • #​1635: Optimize ToLowerCase, PrependArticleSuffix, and ToQuantity for .NET 8+ performance and fix thread safety issues
  • #​1634: Fix performance regressions vs v3.0.0-rc.6 with zero-allocation optimizations
  • #​1633: Fix performance regressions in core hot paths (enum dehumanize, clock notation, metric numerals, transformers, truncators, string operations)
  • #​1632: Fix ByteSize.TryParse for cultures with multi-character number format symbols and optimize performance
  • #​1629: Comprehensive XML documentation enhancement for all public APIs, README modernization, and docs structure
See More
  • #​1624: Performance optimizations: Source-generated regex, FrozenDictionary, SearchValues, benchmarks with baseline comparison workflow
  • #​1622: Fix trim warnings in EnumCache and EnumDehumanizeExtensions for .NET 9/10 compatibility
  • #​1620: Update verify-packages.ps1 to validate package restoration on multiple SDK versions
  • #​1618: Clarify test run timing in AGENTS guidance
  • #​1617: Update SDK version in global.json to 10.0.100-rc.2
  • #​1616: Update testing and coverage to xUnit v3
  • #​1615: Code modernization, formatting, cleanup
  • #​1614: Add Jekyll GitHub Pages site with automatic dark mode support
  • #​1613: Reorganize solution items and update build scripts

This list of changes was auto generated.

3.0.0-rc.6

Changes:

Bugs:

  • #​385: Titlelize returns empty if text contains no known letters
  • #​1611: Fix Titleize to preserve input with no recognized letters (Issue #​385)
  • #​1605: Fix culture parameter being ignored in Blazor WebAssembly
  • #​1570: Fix metric rounding

Localization:

  • #​1590: Add Catalan localisation support
  • #​1569: Added support for negative Vietnamese numbers to words
  • #​1574: ru-Ru data units, heading, plus minor adjustments to numbers

Enhancement:

See More
  • #​1596: Add long.ToMetric and associated tests

Others:

  • #​1612: Add package verification step to Azure Pipeline
  • #​1606: General documentation improvements for readme file
  • #​1607: Bump to RC
  • #​1610: Expand repository agent guidelines
  • #​1609: ✨ Add comprehensive Copilot instructions for the repository
  • #​1603: Switch to .slnx format for solution configuration
  • #​1600: Add .devskim configuration file for code scanning
  • #​1599: DevSkim workflow to trigger only on 'main'
  • #​1595: Improve bit size validation in ByteSize.cs
  • #​1582: Introduce TryToNumber methods for safe word-to-number conversion
  • #​1594: Potential fix for code scanning alert no. 24: Possible loss of precision
  • #​1593: Add CodeQL configuration for security analysis
  • #​1592: Update CodeQL workflow for C# analysis
  • #​1591: Update for .NET 10.0 RC and code modernization
  • #​1587: Create jekyll-gh-pages.yml
  • #​1531: Spelling and grammar improvements in Readme.md

This list of changes was auto generated.

3.0.0-beta.96

Changes:

Localization:

  • #​1539: Replace "ناقص" with "سالب" for negative number representation in Arabic

Others:

  • #​1536: Add german TimeOnly.ToClockNotationConverter
  • #​1547: fix truncation if truncationString is null
  • #​1544: Change in the lt language causing misconception
  • #​1560: #​1559
  • #​4: Typo in Romanian localization
  • #​1559: Truncate operation does not consider words
  • #​3: Added Resources for Romanian
See More
  • #​1548: Handling the special case in ToQuantity where they pass in a negative…
  • #​1563: fixed exception thrown in lithuanian language for DateHumanize_Now resource key
  • #​1564: Words to number convert Fixes #​348
  • #​1561: fix grammar in README
  • #​1566: Add unit tests for Ordinalize method in Turkish culture
  • #​348: Humanized string to number
  • #​2: DateTime Humanize
  • #​1: Allow localization of messages
  • #​1553: Fixed minor typo in readme.md
  • #​1517: Support native AoT
  • #​1526: update Polyfill
  • #​1524: update xunit
  • #​1525: update Nerdbank.GitVersioning
  • #​1523: update Microsoft.NET.Test.Sdk
  • #​1518: Remove duplicate test case
  • #​1516: Fix MSBuild condition

This list of changes was auto generated.

3.0.0-beta.54

Changes:

  • #​1509: use InternalsVisibleTo MSBuild item
  • #​1504: Remove allocation from ByteSize.TryParse
  • #​1514: Various cleanup largely driven by analyzers
  • #​1512: Fix assert in GetRomanNumeralCharValue
  • #​1513: fix nuspec
  • #​1505: Replace relevant Substring use with AsSpan
  • #​1510: Remove some string interpolation allocation
  • #​1506: Cache Truncator singletons returned from static properties
  • #​1508: Remove overhead from RomanNumeralExtensions
  • #​1498: changes to address idiomatic differences between pt-PT and pt-BR
See More
  • #​1501: Added hungarian translations, and hungarian number formatters
  • #​1493: Avoid string concat in resource lookups
  • #​1491: enable nuget audit
  • #​1488: Bump coverlet.collector from 6.0.1 to 6.0.2
  • #​1485: Bump Polyfill from 3.0.0 to 4.0.0
  • #​1486: Bump Verify.Xunit from 23.3.0 to 23.5.0

This list of changes was auto generated.

3.0.0-beta.13

Changes:

Bugs:

  • #​1461: Fix to words for negative numbers below 1000 in Russian & Ukrainian
  • #​1460: Fix Bulgarian TimeSpan to words & genders in number to words
  • #​1426: Fix missing resources errors
  • #​1165: Armenian nuspec lists "ru" as the language
  • #​1250: Correct unit and tens names, expand conversion to int64, add unit test - Croatian
  • #​1356: Add some more problematic plural/singular words to Vocabularies
  • #​1244: As was to were irregularity
  • #​1228: fix: Use DayNumber instead of DayOfYear to compare DateOnly instances
  • #​1299: kebab-cased string returns a Kebab-Cased
See More
  • #​1082: Fix Japanese single year translation
  • #​1193: bulgarian number fix: "един" shoud be "едно" in string[] UnitsMap.
  • #​1246: Replace the greek B (Beta) char to a regular B in method
  • #​1280: Fix Hundreds Map typo for "εννιακόσιες"
  • #​1178: special case for letter 's'

Localization:

  • #​1197: #​1196 - Support long for FarsiNumberToWordsConverter

Others:

  • #​1483: remove netstandard1.0 from core nuspec
  • #​1482: drop net462 and net472
  • #​1481: Bump Verify.Xunit from 23.2.2 to 23.3.0
  • #​1480: re-add gitversion
  • #​1476: reduce string alloc in MalteseFormatter
  • #​1477: remove redundant string alloc in RussianFormatter
  • #​1478: remove redundant string alloc in UkrainianFormatter
  • #​1479: remove redundant protected and public modifiers
  • #​1475: Resolve some warnings
  • #​1474: Disable some R# warnings due to differences in frameworks
  • #​1472: Do not use Linq to slice array in DefaultCollectionFormatter
  • #​1471: Fix nullable annotations for ICollectionFormatter
  • #​1473: Fix leap year bug in InYear test
  • #​1469: Bump Verify.Xunit from 23.2.1 to 23.2.2
  • #​1468: Support InvariantGlobalization by using provided CultureInfo instead of instantiating
  • #​1466: Convert some switch statements to switch expressions
  • #​1465: Add missing static in GreekNumberToWordsConverter
    ... (truncated)

Commits viewable in compare view.

Updated Magick.NET-Q8-AnyCPU from 14.6.0 to 14.10.0.

Release notes

Sourced from Magick.NET-Q8-AnyCPU's releases.

14.10.0

What's Changed

  • Allow specifying the pdf format in the constructor of the PdfWriteDefines (#​1931).
  • Added HighBitDepth to the JpegWriteDefines.

Related changes in ImageMagick since the last release of Magick.NET:

Library updates:

  • ImageMagick 7.1.2-10 (2025-12-07)
  • brotli 1.2.0 (2025-10-27)
  • openexr 3.4.4 (2025-11-19)
  • harfbuzz 12.2.0 (2025-11-05)
  • openjph 0.25.3 (2025-11-16)
  • libpng 1.6.52 (2025-12-03)
  • REMOVED: libdeflate (#​1932)

Full Changelog: dlemstra/Magick.NET@14.9.1...14.10.0

14.9.1

What's Changed

Related changes in ImageMagick since the last release of Magick.NET:

  • CLAHE : Unsigned underflow and division-by-zero lead to OOB pointer arithmetic and process crash (DoS) (GHSA-wpp4-vqfq-v4hp)

Library updates:

  • ImageMagick 7.1.2-8 (2025-10-28)
  • openexr 3.4.2 (2025-10-16)
  • gdk-pixbuf 2.44.4 (2025-10-21)
  • imath 3.2.2 (2025-10-08)
  • libxml2 2.15.1 (2025-10-16)

Full Changelog: dlemstra/Magick.NET@14.8.2...14.9.0

14.9.0

What's Changed

  • Converting Tif file with 2 alpha channels yields scrambled result. #​1523
  • Embedded base64 image not rendered when converting SVG on Linux RHEL (regression since 14.7.1) #​1917
  • Allow setting the StrokeDashArray of the DrawingSettings to null.
  • Moved static properties in ColorProfile to a new ColorProfiles class and mark them obsolete.

Related changes in ImageMagick since the last release of Magick.NET:

  • Fix issue where the size of a line is extended to 70 characters when writing a PBM image (Restore previous PBM raster line format ImageMagick/ImageMagick#8346).
  • Extra images will be added as meta channels when combining images.
  • Added support for reading and writing meta channels in a TIFF images with separate planes of data.
  • Promote photometric tiff tag to required
  • Added extra check to resolve issue on 32-bit systems (GHSA-9pp9-cfwx-54rm)

Library updates:

  • ImageMagick 7.1.2-7 (2025-10-15)
  • aom 3.13.1 (2025-09-05)
  • openexr 3.4.0 (2025-09-05)
  • freetype 2.14.1 (2024-09-11)
  • gdk-pixbuf 2.44.3 (2025-09-30)
  • harfbuzz 12.1.0 (2025-10-01)
  • libjpeg-turbo 3.1.2 (2025-09-03)
  • openjpeg 2.5.4 (2025-09-20)
  • libtiff 4.7.1 (2025-09-12)
  • libxml2 2.15.0 (2025-09-15)

Full Changelog: dlemstra/Magick.NET@14.8.2...14.9.0

14.8.2

What's Changed

  • Corrected the generated version and added a unit test for it (#​1894).
  • Fixed missing embedded resources in the native library (#​1896 and #​1898).

Related changes in ImageMagick since the last release of Magick.NET:

Library updates:

  • ImageMagick 7.1.2-3 (2025-08-31)
  • harfbuzz 11.4.4 (2025-08-26)

Full Changelog: dlemstra/Magick.NET@14.8.1...14.8.2

14.8.1

What's Changed

  • Corrected Gravity overload of the Splice method (#​1881).

Related changes in ImageMagick since the last release of Magick.NET:

Library updates:

  • ImageMagick 7.1.2-2 (2025-08-24)
  • ffi 3.5.2 (2025-08-02)
  • harfbuzz 11.4.1 (2025-08-13)
  • heif 1.20.2 (2025-08-05)
  • highway 1.3.0 (2025-08-14)
  • imath 3.2.1 (2025-08-15)
  • raqm 0.10.3 (2025-08-05)

Full Changelog: dlemstra/Magick.NET@14.8.0...14.8.1

14.8.0

What's Changed

  • Added Sf3 to MagickFormat.
  • Added Gravity overload to the Splice method (#​1881).
  • Added TrimMemory to the ResourceLimits (#​1854).

Library updates:

  • ImageMagick 7.1.2-1 (2025-08-12)
  • exr 3.3.5 (2025-07-26)
  • ffi 3.5.1 (2025-06-10)
  • fontconfig 2.17.1 (2025-07-02)
  • gdk-pixbuf 2.43.3 (2025-06-29)
  • jpeg-turbo 3.1.1 (2025-06-10)
  • pixman 0.46.4 (2025-07-20)
  • png 1.6.50 (2025-07-02)
  • webp 1.6.0 (2025-07-09)
  • xml 2.14.5 (2025-07-10)
  • zip 1.11.4 (2025-05-23)

Full Changelog: dlemstra/Magick.NET@14.7.0...14.8.0

14.7.0

What's Changed

  • Added extra overload to the Resize method that allows specifying the filter (#​1819).
  • Allow reading of clip paths without a name and give them a numeric name that can be used by ImageMagick (#​1814).
  • Use the ArrayPool API in .NET Standard 2.1 or later to reduce the creation of LOH objects (#​1812).
  • Allow modification of X and Y in the PointD struct (#​1856).
  • Improved parsing of a geometry in the MagickGeometry class (#​1855).
  • Added Icn to MagickFormat.

Related changes in ImageMagick since the last release of Magick.NET:

Library updates:

  • ImageMagick 7.1.2-0 (2025-07-13)
  • aom 3.12.1 (2025-04-11)
  • de265 1.0.16 (2025-05-04)
  • deflate 1.24.0 (2025-05-11)
  • ffi 3.4.8 (2025-04-10)
  • harfbuzz 11.2.1 (2025-05-15)
  • heif 1.20.1 (2025-07-02)
  • lzma 5.8.1 (2025-04-03)
  • openexr 3.3.3 (2025-03-24)
  • pixman 0.46.0 (2025-04-30)
  • png 1.6.48 (2025-04-30)
  • raw 0.22.0-Devel202502 (2024-02-24)
  • xml 2.14.3 (2025-05-13)

Full Changelog: dlemstra/Magick.NET@14.6.0...14.7.0

Commits viewable in compare view.

Updated Microsoft.CodeAnalysis.Metrics from 3.3.4 to 4.14.0.

Release notes

Sourced from Microsoft.CodeAnalysis.Metrics's releases.

4.2.0-4.22266.5

Release

4.2.0-3.22151.16

Release

4.2.0-1.22108.11

Release

4.0.0-2.21354.7

Release

4.0.0-2.21254.26

Release

4.0.0-1.21277.15

Release

3.10.0-3.21201.20

Release

3.10.0-2.21153.36

Release

3.10.0-1.21102.26

Release

3.7.0-3.20312.3

Release Notes
Install Instructions

Repos

3.7.0-3.20269.11

Release Notes
Install Instructions

Repos

3.7.0-2.20277.1

Release Notes
Install Instructions

Repos

3.6.0

Release Notes
Install Instructions

Commits viewable in compare view.

Updated Microsoft.Data.Sqlite from 9.0.5 to 10.0.1.

Release notes

Sourced from Microsoft.Data.Sqlite's releases.

10.0.0-preview.6.25358.103

You can build .NET 10.0 Preview 6 from the repository by cloning the release tag v10.0.0-preview.6.25358.103 and following the build instructions in the main README.md.

Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.

Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023

10.0.0-preview.5.25277.114

You can build .NET 10.0 Preview 5 from the repository by cloning the release tag v10.0.0-preview.5.25277.114 and following the build instructions in the main README.md.

Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.

Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023

10.0.0-preview.4.25258.110

You can build .NET 10.0 Preview 4 from the repository by cloning the release tag v10.0.0-preview.4.25258.110 and following the build instructions in the main README.md.

Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.

Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023

10.0.0-preview.3.25171.5

You can build .NET 10.0 Preview 3 from the repository by cloning the release tag v10.0.0-preview.3.25171.5 and following the build instructions in the main README.md.

Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.

Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023

10.0.0-preview.2.25163.2

You can build .NET 10.0 Preview 2 from the repository by cloning the release tag v10.0.0-preview.2.25163.2 and following the build instructions in the main README.md.

Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.

Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023

10.0.0-preview.1.25080.5

You can build .NET 10.0 Preview 1 from the repository by cloning the release tag v10.0.0-preview.1.25080.5 and following the build instructions in the main README.md.

Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.

Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023

9.0.112

You can build .NET 9.0 from the repository by cloning the release tag v9.0.112 and following the build instructions in the main README.md.

Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.

Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023

9.0.111

You can build .NET 9.0 from the repository by cloning the release tag v9.0.111 and following the build instructions in the main README.md.

Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.

Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023

9.0.110

You can build .NET 9.0 from the repository by cloning the release tag v9.0.110 and following the build instructions in the main README.md.

Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.

Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023

9.0.109

You can build .NET 9.0 from the repository by cloning the release tag v9.0.109 and following the build instructions in the main README.md.

Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.

Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023

9.0.101

You can build .NET 9.0 from the repository by cloning the release tag v9.0.101 and following the build instructions in the main README.md.

Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.

Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023

9.0.7

You can build .NET 9.0 from the repository by cloning the release tag v9.0.7 and following the build instructions in the main README.md.

Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.

Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023

9.0.6

You can build .NET 9.0 from the repository by cloning the release tag v9.0.6 and following the build instructions in the main README.md.

Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.

Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023

Commits viewable in compare view.

Updated NetEscapades.AspNetCore.SecurityHeaders from 1.1.0 to 1.3.1.

Release notes

Sourced from NetEscapades.AspNetCore.SecurityHeaders's releases.

1.3.1

Changes in 1.3.1

Fixes:

  • Fix WithHashTagHelper() using incorrect tag helper hashes for style-src, style-src-attr, and style-scr-elem CSP directives (#​279)

Breaking Changes:

  • Don't expose WithHashTagHelper() on CustomDirectiveBuilder or DefaultSourceDirectiveBuilder - technically breaking, but really a bug (#​279)

Changes in 1.3.0:

Features:

  • Add API for registering an async policy selector #​259 (Thanks @​jchannon)
  • Update Content-Security-Policy builders to encourage correct directives and to flag incorrect directives #​272
  • Add OverInsecureHttp() and OverInsecureWs() scheme sources to CSP builders #​273

Changes in 1.2.0:

Features:

  • Add support for child-src to Content-Security-Policy #​259
  • Allow multiple calls to AddSecurityHeadersPolicies() for registering named polices #​250

Fixes:

Changes in 1.1.0

Features:

  • Add AddRange() to SourceCollection #​240, #​242 (Thanks @​rankobp)
  • Improve CSP documentation #​241 (Thanks @​Meir017)
  • Add X-Frame-Options ALLOW-FROM with correct method name AddFrameOptionsAllowFrom() #​244

Changes in 1.0.0

This marks the first major release of the NetEscapades.AspNetCore.SecurityHeaders. For simplicity, all the changes since 0.24.0 are included below.

Breaking Changes:

  • Drop support for .NET Standard 2.0, raises minimum framework to .NET Core 3.1 #​167, #​171
  • Removed "document header" functionality, in favour of always adding all headers #​186
  • Remove X-XSS-Protection from default headers and mark obsolete #​168
  • Add cross-origin-opener-policy: same-origin to default headers #​184
  • Mark Feature-Policy as obsolete #​187
  • Mark Expect-CT as obsolete #​197
  • Make nonce generation lazy on call to HttpContext.GetNonce() #​198
  • Remove ambient-light-sensor=() from DefaultSecureDirectives() for permissions policy #​203 (Thanks damienbod!)
  • Update COOP, COEP, and CORP for AddDefaultSecurityHeaders() and AddDefaultApiSecurityHeaders() #​204 (Thanks damienbod!)
  • Removes obsolete APIs (#​217)

Features:

... (truncated)

1.3.0

Changes in 1.3.0:

Features:

  • Add API for registering an async policy selector #​259 (Thanks @​jchannon)
  • Update Content-Security-Policy builders to encourage correct directives and to flag incorrect directives #​272
  • Add OverInsecureHttp() and OverInsecureWs() scheme sources to CSP builders #​273

Changes in 1.2.0:

Features:

  • Add support for child-src to Content-Security-Policy #​259
  • Allow multiple calls to AddSecurityHeadersPolicies() for registering named polices #​250

Fixes:

Changes in 1.1.0

Features:

  • Add AddRange() to SourceCollection #​240, #​242 (Thanks @​rankobp)
  • Improve CSP documentation #​241 (Thanks @​Meir017)
  • Add X-Frame-Options ALLOW-FROM with correct method name AddFrameOptionsAllowFrom() #​244

Changes in 1.0.0

This marks the first major release of the NetEscapades.AspNetCore.SecurityHeaders. For simplicity, all the changes since 0.24.0 are included below.

Breaking Changes:

  • Drop support for .NET Standard 2.0, raises minimum framework to .NET Core 3.1 #​167, #​171
  • Removed "document header" functionality, in favour of always adding all headers #​186
  • Remove X-XSS-Protection from default headers and mark obsolete #​168
  • Add cross-origin-opener-policy: same-origin to default headers #​184
  • Mark Feature-Policy as obsolete #​187
  • Mark Expect-CT as obsolete #​197
  • Make nonce generation lazy on call to HttpContext.GetNonce() #​198
  • Remove ambient-light-sensor=() from DefaultSecureDirectives() for permissions policy #​203 (Thanks damienbod!)
  • Update COOP, COEP, and CORP for AddDefaultSecurityHeaders() and AddDefaultApiSecurityHeaders() #​204 (Thanks damienbod!)
  • Removes obsolete APIs (#​217)

Features:

  • Allow configuring "named" policies, and applying different policies to different endpoints #​172, #​173, #​185
  • Allow customizing the HeaderPolicyCollection just before it is applied, customizing per request #​174, #​185
  • Make adding directives to Content-Security-Policy idempotent to avoid duplicates #​169
  • Add AddDefaultApiSecurityHeaders() for adding default headers to APIs #​183, #​184
  • Add AddPermissionsPolicyWithRecommendedDirectives() and PermissionsPolicyBuilder.AddDefaultSecureDirectives() for adding secure Permissions-Policy directives in bulk #​183, #​184
  • NetEscapades.AspNetCore.SecurityHeaders now has an icon, thanks @​khalidabuhakmeh! #​195
  • Allow accessing an IServiceProvider when configuring a SecurityHeaderPolicyBuilder #​200
  • Adds support for Trusted Types to Content-Security-Policy (#​216, #​218)
    ... (truncated)

1.2.0

Changes in 1.2.0:

Features:

  • Add support for child-src to Content-Security-Policy #​259
  • Allow multiple calls to AddSecurityHeadersPolicies() for registering named polices #​250

Fixes:

Changes in 1.1.0

Features:

  • Add AddRange() to SourceCollection #​240, #​242 (Thanks @​rankobp)
  • Improve CSP documentation #​241 (Thanks @​Meir017)
  • Add X-Frame-Options ALLOW-FROM with correct method name AddFrameOptionsAllowFrom() #​244

Changes in 1.0.0

This marks the first major release of the NetEscapades.AspNetCore.SecurityHeaders. For simplicity, all the changes since 0.24.0 are included below.

Breaking Changes:

  • Drop support for .NET Standard 2.0, raises minimum framework to .NET Core 3.1 #​167, #​171
  • Removed "document header" functionality, in favour of always adding all headers #​186
  • Remove X-XSS-Protection from default headers and mark obsolete #​168
  • Add cross-origin-opener-policy: same-origin to default headers #​184
  • Mark Feature-Policy as obsolete #​187
  • Mark Expect-CT as obsolete #​197
  • Make nonce generation lazy on call to HttpContext.GetNonce() #​198
  • Remove ambient-light-sensor=() from DefaultSecureDirectives() for permissions policy #​203 (Thanks damienbod!)
  • Update COOP, COEP, and CORP for AddDefaultSecurityHeaders() and AddDefaultApiSecurityHeaders() #​204 (Thanks damienbod!)
  • Removes obsolete APIs (#​217)

Features:

  • Allow configuring "named" policies, and applying different policies to different endpoints #​172, #​173, #​185
  • Allow customizing the HeaderPolicyCollection just before it is applied, customizing per request #​174, #​185
  • Make adding directives to Content-Security-Policy idempotent to avoid duplicates #​169
  • Add AddDefaultApiSecurityHeaders() for adding default headers to APIs #​183, #​184
  • Add AddPermissionsPolicyWithRecommendedDirectives() and PermissionsPolicyBuilder.AddDefaultSecureDirectives() for adding secure Permissions-Policy directives in bulk #​183, #​184
  • NetEscapades.AspNetCore.SecurityHeaders now has an icon, thanks @​khalidabuhakmeh! #​195
  • Allow accessing an IServiceProvider when configuring a SecurityHeaderPolicyBuilder #​200
  • Adds support for Trusted Types to Content-Security-Policy (#​216, #​218)

Build updates:

  • Allow building from forks #​232
  • Fix release generation #​231, #​235, #​236
  • Fix recording test results #​221
  • Define version in the build project instead #​223
    ... (truncated)

Commits viewable in compare view.

Updated NLog.Web.AspNetCore from 5.4.0 to 6.1.0.

Release notes

Sourced from NLog.Web.AspNetCore's releases.

6.1.0

  • #​1110 Added NET10 targetframework
  • #​1110 aspnet-request-tls-handshake supporting NegotiatedCipherSuite + HostName

6.0.6

  • #​1111 Updated to NLog v6.0.6

6.0.5

  • #​1108 Updated to NLog v6.0.5

6.0.4

  • #​1107 Updated to NLog v6.0.4

6.0.3

  • NLog.Web.AspNetCore

    • #​1101 Added ${aspnet-request-endpoint-group} (@​snakefoot)
    • #​1102 Added ${aspnet-request-endpoint-name} (@​snakefoot)
    • #​1103 Updated dependency NLog v6.0.3 (@​snakefoot)

  • NLog.Web

    • #​1103 Updated dependency NLog v6.0.3 (@​snakefoot)

6.0.2

  • #​1099 Updated to NLog v6.0.2

6.0.1

  • #​1097 Updated to NLog v6.0.1

6.0

  • NLog.Web.AspNetCore

    • Updated dependency NLog v6.0
    • Enabled nullable references
    • Enabled <IsAotCompatible>
    • Removed support for .NET Core 3.1 + .NET v5
    • Updated .NET Framework 4.6.2 to use NET8-nuget-dependencies
    • Added ${host-environment} as alias for ${aspnet-environment}
    • Added ${host-rootdir} as alias for ${aspnet-appbasepath}
    • Added ${host-appname} as alias for ${iis-site-name}
    • Removed obsolete extension-methods to register NLog as Logging Provider.
    • Removed support for EvaluateAsNestedProperties, instead use ObjectPath.
    • Renamed class-names for old LayoutRenderers to follow standards (@​bakgerman)
    • Marked AspNetLayoutRendererBase DoAppend-method as obsolete (@​bakgerman)

  • NLog.Web

    • Updated dependency NLog v6.0
    • Enabled nullable references
    • Added ${host-rootdir} as alias for ${aspnet-appbasepath}
    • Added ${host-appname} as alias for ${iis-site-name}
    • Removed support for EvaluateAsNestedProperties, instead use ObjectPath.
    • Renamed class-names for old LayoutRenderers to follow standards (@​bakgerman)
    • Marked AspNetLayoutRendererBase DoAppend-method as obsolete (@​bakgerman)
    • Introduced NLogBufferingTargetWrapperModule to replace NLogHttpModule (@​bakgerman)

See also List of major changes in NLog v6

6.0.0-rc4

  • #​1090 Updated dependency NLog v6.0 RC4

6.0.0-rc3

  • NLog.Web.AspNetCore

    • #​1089 Updated dependency NLog v6.0 RC3
    • Added ${host-environment} as alias for ${aspnet-environment}
    • Added ${host-rootdir} as alias for ${aspnet-appbasepath}
    • Added ${host-appname} as alias for ${iis-site-name}

  • NLog.Web

    • #​1089 Updated dependency NLog v6.0 RC3
    • Added ${host-rootdir} as alias for ${aspnet-appbasePath}
    • Added ${host-appname} as alias for ${iis-site-name}
    • Introduced NLogBufferingTargetWrapperModule to replace NLogHttpModule (@​bakgerman)

6.0.0-rc2

  • NLog.Web.AspNetCore

    • Updated dependency NLog v6.0 RC2
    • Enabled nullable references
    • Enabled <IsAotCompatible>
    • Removed support for .NET Core 3.1 + .NET v5
    • Removed obsolete extension-methods to register NLog as Logging Provider.
    • Removed support for EvaluateAsNestedProperties, instead use ObjectPath.
    • Renamed class-names for old LayoutRenderers to follow standards (@​bakgerman)
    • Marked AspNetLayoutRendererBase DoAppend-method as obsolete (@​bakgerman)

  • NLog.Web

    • Updated dependency NLog v6.0 RC2
    • Enabled nullable references
    • Removed support for EvaluateAsNestedProperties, instead use ObjectPath.
    • Renamed class-names for old LayoutRenderers to follow standards (@​bakgerman)
    • Marked AspNetLayoutRendererBase DoAppend-method as obsolete (@​bakgerman)

See also List of major changes in NLog v6

5.5

  • NLog.Web.AspNetCore

    • #​1078 Added UseNLog extension method for IHostApplicationBuilder (#​1080) (@​snakefoot)
    • #​1078 Added AddNLogWeb extension method for IServiceCollection (#​1080) (@​snakefoot)
    • #​1078 Updated dependency NLog.Extensions.Logging v5.5 (#​1080) (@​snakefoot)

  • NLog.Web

    • #​1078 Updated dependency NLog v5.5 (#​1080) (@​snakefoot)

Commits viewable in compare view.

Updated Ulid from 1.3.4 to 1.4.1.

Release notes

Sourced from Ulid's releases.

1.4.1

What's Changed

New Contributors

Full Changelog: Cysharp/Ulid@1.4.0...1.4.1

1.4.0

What's Changed

New Contributors

Full Changelog: Cysharp/Ulid@1.3.5...1.4.0

1.3.5

What's Changed

New Contributors

Full Changelog: Cysharp/Ulid@1.3.4...1.3.5

Commits viewable in compare view.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump Humanizer.Core and 6 others
12deedc 
Bumps Humanizer.Core from 2.14.1 to 3.0.1
Bumps Magick.NET-Q8-AnyCPU from 14.6.0 to 14.10.0
Bumps Microsoft.CodeAnalysis.Metrics from 3.3.4 to 4.14.0
Bumps Microsoft.Data.Sqlite from 9.0.5 to 10.0.1
Bumps NetEscapades.AspNetCore.SecurityHeaders from 1.1.0 to 1.3.1
Bumps NLog.Web.AspNetCore from 5.4.0 to 6.1.0
Bumps Ulid from 1.3.4 to 1.4.1

---
updated-dependencies:
- dependency-name: Humanizer.Core
  dependency-version: 3.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: main
- dependency-name: Magick.NET-Q8-AnyCPU
  dependency-version: 14.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: main
- dependency-name: Microsoft.CodeAnalysis.Metrics
  dependency-version: 4.14.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: main
- dependency-name: Microsoft.Data.Sqlite
  dependency-version: 10.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: main
- dependency-name: NetEscapades.AspNetCore.SecurityHeaders
  dependency-version: 1.3.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: main
- dependency-name: NLog.Web.AspNetCore
  dependency-version: 6.1.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: main
- dependency-name: Ulid
  dependency-version: 1.4.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: main
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added .NET Pull requests that update .NET code dependencies Pull requests that update a dependency file labels Dec 22, 2025
@github-actions github-actions Bot changed the title Bump Humanizer.Core and 6 others Updated dependencies Dec 22, 2025
@dependabot @github
Copy link
Copy Markdown
Author

dependabot Bot commented on behalf of github Dec 22, 2025

Superseded by #55.

@dependabot dependabot Bot closed this Dec 22, 2025
@dependabot dependabot Bot deleted the dependabot/nuget/src/DogQuiz/main-ebed2d8d73 branch December 22, 2025 20:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@yavorfingarov yavorfingarov

Labels

dependencies Pull requests that update a dependency file .NET Pull requests that update .NET code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@yavorfingarov