Skip to content

Bump Microsoft.Extensions.Http.Resilience from 10.6.0 to 10.7.0#61

Merged
JerrettDavis merged 2 commits into
mainfrom
dependabot/nuget/JD.Writer.ServiceDefaults/Microsoft.Extensions.Http.Resilience-10.7.0
Jun 16, 2026
Merged

Bump Microsoft.Extensions.Http.Resilience from 10.6.0 to 10.7.0#61
JerrettDavis merged 2 commits into
mainfrom
dependabot/nuget/JD.Writer.ServiceDefaults/Microsoft.Extensions.Http.Resilience-10.7.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 14, 2026

Copy link
Copy Markdown
Contributor

Updated Microsoft.Extensions.Http.Resilience from 10.6.0 to 10.7.0.

Release notes

Sourced from Microsoft.Extensions.Http.Resilience's releases.

10.7.0

v10.7.0 graduates the Microsoft.Extensions.Diagnostics.ResourceMonitoring.Kubernetes package to stable. The package registers a Kubernetes-aware ResourceQuotaProvider that reads the pod's CPU and memory requests and limits and exposes them to Microsoft.Extensions.Diagnostics.ResourceMonitoring as baseline and maximum quotas, which then feed the request and limit dimensions of the published resource utilization metrics. The companion ResourceQuota and ResourceQuotaProvider types in Microsoft.Extensions.Diagnostics.ResourceMonitoring graduate to stable in the same change so that consumers can implement custom quota providers without taking an experimental dependency.

On the AI side, Microsoft.Extensions.AI.OpenAI moves to OpenAI 2.11.0 and fixes a deserialization bug in ToolJson.AdditionalProperties so that JSON Schema additionalProperties values shaped as sub-schema objects (for example {"type":"string"}) are preserved instead of throwing during deserialization. HostedFileContent.SizeInBytes and HostedFileContent.CreatedAt graduate to stable since both values are consistently available across hosted-file providers, while Purpose and Scope remain experimental as provider-shaped vocabulary. FunctionInvokingChatClient drops a backward-compat path that auto-marked ToolApprovalResponseContent entries with InformationalOnly: true; consumers that need to continue accepting sessions serialized before #​7468 can use the sample ApprovalHistoryNormalizingChatClient middleware added in the test project.

Experimental API Changes

Now Stable

  • Microsoft.Extensions.Diagnostics.ResourceMonitoring.Kubernetes package is now stable #​7253
  • Resource Monitoring ResourceQuota and ResourceQuotaProvider APIs are now stable (previously EXTEXP0008) #​7253
  • HostedFileContent.SizeInBytes and HostedFileContent.CreatedAt are now stable (previously MEAI001) #​7513

What's Changed

AI

  • Graduate HostedFileContent.SizeInBytes and HostedFileContent.CreatedAt #​7513 by @​jozkee (co-authored by @​Copilot)
  • Remove backward-compat InformationalOnly case from FICC; suggest middleware workaround #​7538 by @​jozkee (co-authored by @​Copilot)
  • Upgrade OpenAI package from 2.10.0 to 2.11.0 #​7544 by @​jozkee (co-authored by @​Copilot)
  • Fix ToolJson.AdditionalProperties to accept sub-schema objects #​7546 by @​jozkee (co-authored by @​Copilot)

Diagnostics, Health Checks, and Resource Monitoring

  • Move Microsoft.Extensions.Diagnostics.ResourceMonitoring.Kubernetes to stable #​7253 by @​amadeuszl (co-authored by @​Copilot)

Repository Infrastructure Updates

  • [main] Update dependencies from dotnet/arcade #​7521
  • Bump dotnet-reportgenerator-globaltool from 5.5.9 to 5.5.10 #​7522
  • Bump dotnet-coverage from 18.6.2 to 18.7.0 #​7530
  • Bump PowerShell from 7.6.1 to 7.6.2 #​7531
  • Bump qs from 6.15.1 to 6.15.2 in /src/Libraries/Microsoft.Extensions.AI.Evaluation.Reporting/TypeScript #​7532
  • [main] Update dependencies from dotnet/arcade #​7534
  • Bump tmp from 0.2.5 to 0.2.6 in /src/Libraries/Microsoft.Extensions.AI.Evaluation.Reporting/TypeScript #​7537

Acknowledgements

  • @​ericstj submitted issue #​7509 (resolved by #​7544)
  • @​scottt732 submitted issue #​7540 (resolved by #​7546)
  • @​DeagleGross @​wtgodbe @​dariusclay @​evgenyfedorov2 @​peterwald @​PranavSenthilnathan @​shyamnamboodiripad @​stephentoub @​tarekgh reviewed pull requests

Full Changelog: dotnet/extensions@v10.6.0...v10.7.0

Commits viewable in compare view.

@dependabot @github

dependabot Bot commented on behalf of github Jun 14, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@github-actions

github-actions Bot commented Jun 14, 2026

Copy link
Copy Markdown

⚠️ Deprecation Warning: The deny-licenses option is deprecated for possible removal in the next major release. For more information, see issue 997.

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 1 package(s) with unknown licenses.
See the Details below.

License Issues

JD.Writer.ServiceDefaults/JD.Writer.ServiceDefaults.csproj

PackageVersionLicenseIssue Type
Microsoft.Extensions.Http.Resilience10.7.0NullUnknown License
Denied Licenses: GPL-2.0, GPL-3.0, AGPL-3.0

OpenSSF Scorecard

PackageVersionScoreDetails
nuget/Microsoft.Extensions.Http.Resilience 10.7.0 🟢 6.7
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 10 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 10all changesets reviewed
Packaging⚠️ -1packaging workflow not detected
Security-Policy🟢 10security policy file detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
License🟢 10license file detected
Branch-Protection🟢 5branch protection is not maximal on development and all release branches
Binary-Artifacts🟢 10no binaries found in the repo
Signed-Releases⚠️ -1no releases found
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies🟢 9dependency not pinned by hash detected -- score normalized to 9
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0

Scanned Files

  • JD.Writer.ServiceDefaults/JD.Writer.ServiceDefaults.csproj

@github-actions

github-actions Bot commented Jun 14, 2026

Copy link
Copy Markdown

Test Results

26 tests   26 ✅  1m 52s ⏱️
 1 suites   0 💤
 1 files     0 ❌

Results for commit 6af0e80.

♻️ This comment has been updated with latest results.

---
updated-dependencies:
- dependency-name: Microsoft.Extensions.Http.Resilience
  dependency-version: 10.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/nuget/JD.Writer.ServiceDefaults/Microsoft.Extensions.Http.Resilience-10.7.0 branch from c1ab024 to bb5acef Compare June 15, 2026 23:24
@JerrettDavis JerrettDavis merged commit 581e3d0 into main Jun 16, 2026
17 checks passed
@JerrettDavis JerrettDavis deleted the dependabot/nuget/JD.Writer.ServiceDefaults/Microsoft.Extensions.Http.Resilience-10.7.0 branch June 16, 2026 00:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant