Skip to content

Bump the all-dependencies group with 5 updates#2102

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/nuget/samples/TeamsJS/graph-app-installation-lifecycle/csharp/AppInstallation/all-dependencies-c9d90b6d2f
Closed

Bump the all-dependencies group with 5 updates#2102
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/nuget/samples/TeamsJS/graph-app-installation-lifecycle/csharp/AppInstallation/all-dependencies-c9d90b6d2f

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github May 14, 2026

Copy link
Copy Markdown

Updated Microsoft.AspNetCore.Mvc.NewtonsoftJson from 6.0.11 to 6.0.36.

Release notes

Sourced from Microsoft.AspNetCore.Mvc.NewtonsoftJson's releases.

6.0.36

Release

What's Changed

Full Changelog: dotnet/aspnetcore@v6.0.35...v6.0.36

6.0.35

Release

6.0.33

Release

6.0.32

Release

6.0.31

Release

6.0.30

Release

6.0.29

Release

6.0.28

Release

6.0.26

Release

6.0.25

Release

What's Changed

Full Changelog: dotnet/aspnetcore@v6.0.24...v6.0.25

6.0.24

Release

6.0.23

Release

6.0.22

Release

6.0.21

Release

Commits viewable in compare view.

Updated Microsoft.Bot.Builder.Integration.AspNet.Core from 4.18.1 to 4.23.1.

Release notes

Sourced from Microsoft.Bot.Builder.Integration.AspNet.Core's releases.

4.23.1

Final Release of Bot Framework DotNet SDK

Bot Framework DotNet SDK has reached end-of-life. This is the last planned release. This project will no longer be updated or maintained. Customers using this SDK will not be disrupted. However, the SDK will no longer be supported through service tickets in the Azure portal and will not receive product updates.

To build agents with your choice of AI services, orchestration, and knowledge, consider using the Microsoft 365 Agents SDK. The Agents SDK is GA and has support for C#, JavaScript or Python. You can learn more about the Agents SDK at aka.ms/agents. If you're looking for a SaaS-based agent platform, consider Microsoft Copilot Studio. If you have an existing bot built with the Bot Framework SDK, you can update your bot to the Agents SDK. You can review the core changes and updates at Bot Framework SDK to Agents SDK migration guidance here. Support tickets for the Bot Framework SDK will no longer be serviced as of December 31, 2025.

4.23.0

What's Changed

Full Changelog: microsoft/botbuilder-dotnet@4.22.9...4.23.0

4.22.9

What's Changed

4.22.8

This is the September 2024 release of the DotNet Bot Framework SDK.

What's Changed

This release also adds the correct PublicKeyToken back to the assemblies. This does not appear as a PR since it was a build pipeline issue.

4.22.7

This is the June 2024 release of the Bot Framework DotNet SDK. This release contains security and authorization fixes.

What's Changed

4.22.4

This is the May 2024 Bot Framework DotNet SDK patch release. This release contains security fixes, .Net 8, and authentication improvements.

What's Changed

Full Changelog: microsoft/botbuilder-dotnet@4.22.3...4.22.4

4.22.3

This is the April 2024 DotNet SDK patch release. This version contains minor bug fixes and security updates.

What's Changed

4.22.2

This is the second February 2024 patch release to correct LU parsing issues and a security fix.

What's Changed

4.22.1

This is the February 2024 4.22.1 release for the DotNet SDK. This contains bug fixes.

What's Changed

4.22.0

This is the January 2024 4.22.0 release for the DotNet SDK. This contains a security fixes Sharepoint support, and ASE improvements.

What's Changed

4.21.1

This is the October 2023 patch release for the Bot Framework DotNet SDK.

What's Changed

Full Changelog: microsoft/botbuilder-dotnet@4.21.0...4.21.1

4.21.0

Welcome to the September 2023 minor release of the Bot Framework SDK.

What's Changed

Teams

Other

New Contributors

Full Changelog: microsoft/botbuilder-dotnet@4.20.0...4.21.0

4.20.1

Welcome to the July 2023 patch release of the Bot Framework SDK.

What's Changed

4.20.0

This is the June 2023 release of the DotNet SDK. This release contains Teams features and bug/security fixes.

What's Changed

Teams

Other

New Contributors

Full Changelog: microsoft/botbuilder-dotnet@4.19.0...4.20.0

4.19.3

Welcome to the February 2023 patch release of the Bot Framework SDK.

What's Changed

  • Concurrency issue with TimeZoneConverter #​6593

4.19.2

Welcome to the February 2023 patch release of the Bot Framework SDK.

What's Changed

Teams

  • Fix class structure for meeting notification feature extensibility #​6579

Other

  • Incorrect serialization of state when using Blob or CosmosDB storage #​6585
  • Added log to ProcessAsync method in CloudAdapter #​6587

4.19.1

Welcome to the January 2023 patch release of the Bot Framework SDK. This release has been focused on bug fixes.

What's Changed

  • Fix cast issue in SendHandoffActivity action #​6575
  • Expired JWT token exception not being handled #​6572

Full Changelog: microsoft/botbuilder-dotnet@4.19.0...4.19.1

4.19.0

Welcome to the January 2023 release of the Bot Framework SDK. This release has been focused on bug fixes and general improvements.

What's Changed

Teams

Other

New Contributors

Full Changelog: microsoft/botbuilder-dotnet@4.18.1...4.19.0

Commits viewable in compare view.

Updated Microsoft.Graph from 5.76.0 to 5.105.0.

Release notes

Sourced from Microsoft.Graph's releases.

5.105.0

5.105.0 (2026-04-24)

Features

  • generation: update request builders and models (143504b)

5.104.0

5.104.0 (2026-04-16)

Features

  • generation: update request builders and models (bacd780)

5.103.0

5.103.0 (2026-02-19)

Features

  • generation: update request builders and models (bf1a051)

5.102.0

5.102.0 (2026-02-05)

Features

5.101.0

5.101.0 (2026-01-22)

Features

5.100.0

5.100.0 (2026-01-06)

Features

  • generation: update request builders and models (35267bd)

5.99.0

5.99.0 (2025-12-17)

Features

  • generation: update request builders and models (b2cf8ee)

5.98.0

5.98.0 (2025-12-03)

Features

5.97.0

5.97.0 (2025-11-18)

Features

  • generation: update request builders and models (c7d3d3d)

5.96.0

5.96.0 (2025-11-06)

Features

5.95.0

5.95.0 (2025-10-21)

Features

  • generation: update request builders and models (bd116ee)
  • generation: update request builders and models (5e39ec0)

5.94.0

5.94.0 (2025-10-03)

Features

  • generation: update request builders and models (dc5ef6e)

5.93.0

5.93.0 (2025-09-16)

Features

  • generation: update request builders and models (fc94f58)

5.92.0

5.92.0 (2025-09-10)

Features

5.91.0

5.91.0 (2025-08-20)

Features

  • generation: update request builders and models (e7d67e4)

Bug Fixes

5.90.0

5.90.0 (2025-08-12)

Features

  • generation: update request builders and models (4abd52c)

5.89.0

5.89.0 (2025-08-05)

Features

  • generation: update request builders and models (929e730)

5.88.0

5.88.0 (2025-07-30)

Features

  • generation: update request builders and models (419e244)

5.87.0

5.87.0 (2025-07-22)

Features

  • generation: update request builders and models (efdf651)

5.86.0

5.86.0 (2025-07-16)

Features

  • generation: update request builders and models (4724c72)

5.85.0

5.85.0 (2025-07-08)

Features

  • generation: update request builders and models (18f2ddf)

5.84.0

5.84.0 (2025-07-01)

Features

  • generation: update request builders and models (f75b95f)

5.83.0

5.83.0 (2025-06-24)

Features

  • generation: update request builders and models (956a3a3)

5.82.0

5.82.0 (2025-06-17)

Features

  • generation: update request builders and models (16a7b10)

5.81.0

5.81.0 (2025-06-10)

Features

  • generation: update request builders and models (c882f34)

5.79.0

5.79.0 (2025-05-20)

Features

  • generation: update request builders and models (16da103)

Bug Fixes

  • wrong type for drive items versions (b97f17b)

5.78.0

5.78.0 (2025-05-13)

Features

  • generation: update request builders and models (b70825f)

5.77.0

5.77.0 (2025-04-15)

Features

  • generation: update request builders and models (7ce6ebc)

Commits viewable in compare view.

Updated Microsoft.Identity.Client from 4.48.0 to 4.84.0.

Release notes

Sourced from Microsoft.Identity.Client's releases.

4.83.3

New Features

  • Added support for User Federated Identity Credential (UserFIC) scenarios through the IByUserFederatedIdentityCredential interface and user_fic grant type. #​5802

Changes

  • Updated NativeInterop to version 0.20.3. #​5866

Bug Fixes

  • Fixed response handling in HttpListenerInterceptor.cs to ensure the full response is properly closed. #​5478
  • Fixed macOS detection to include maccatalyst target in desktop platform checks.#​5882

Infrastructure & Dependencies

  • Extracted reusable MSAL test infrastructure into Microsoft.Identity.Lab.API. #​5864

4.83.1

Bug Fixes

4.83.0

New Features

  • Agent Skills: Added Agent Skills catalog with complete coverage of both Confidential Client Authentication and mTLS PoP flows #​5733
  • mTLS PoP Skills Guide: Added comprehensive guide for GitHub Copilot Chat covering MSAL.NET authentication, mTLS Proof of Possession, and Federated Identity Credentials #​5790

Changes

  • Credential Guard Attestation: Integrated native DLL handling for Credential Guard attestation with centralized versioning #​5674

Bug Fixes

  • IMDSv2 mTLS Auto-Recovery: Implemented automatic recovery from SCHANNEL handshake failures by evicting cached certificates and re-minting #​5761
  • Managed Identity Fallback Behavior: Restored classic fallback behavior in MSAL MI unless GetManagedIdentitySourceAsync() is explicitly invoked #​5815
  • Attestation Token Expiration: Exposed expires_on field in attestation tokens for better token lifecycle management #​5741
  • Service Fabric API Version: Updated Service Fabric managed identity API version from 2019-07-01-preview to 2020-05-01 #​5781
  • Cached Token Validation: Enhanced ValidateCachedTokenAsync to work properly with multiple APIs beyond the initial scope #​5764
  • Client Credentials Tenant ID: Updated result to properly pass tenant ID in client credentials flow #​5754
  • Experimental Flag Removal: Removed experimental flag requirement from IAuthenticationOperation and WithAuthenticationExtension #​5699
  • OpenTelemetry Exception Handling: Expanded OTel exception handling for Azure Functions compatibility #​5720
  • ICustomWebUi Security Warning: Added security warnings to ICustomWebUi documentation #​5704

Infrastructure & Dependencies

  • GitHub Actions Workflow: Added GitHub Actions workflow for Managed Identity WebAPI automated build and deployment to Azure #​5751
  • .NET SDK Security Update: Updated .NET SDK from version 8.0.415 to 8.0.418 to address high severity security vulnerabilities #​5779 #​5783

4.82.1

Bug Fixes

  • Remove experimental flag requirement from IAuthenticationOperation #​5699
  • Add security warning to ICustomWebUi documentation #​5704

Changes

  • Adds support for implicit mTLS (Mutual TLS) transport for client assertion delegates #​5670

4.82.0

4.82.0

Highlights

This release expands extensibility for confidential-client authentication (certificates + client assertions), adds additional sovereign cloud environments, and hardens security-sensitive flows (mTLS PoP and system browser auth) with clearer validation and safer defaults.

Features

  • Certificate-based confidential client extensibility: Introduced CertificateOptions and updated WithCertificate extensibility APIs to accept it, including support for passing sendX5C configuration through the options model. (#​5655)
  • Sovereign cloud support: Added instance discovery / authority validation support for Bleu (France), Delos (Germany), and GovSG (Singapore) cloud environments. (#​5671)
  • Client assertion customization: Added WithExtraClientAssertionClaims on AcquireTokenForClientParameterBuilder to enable supplying additional signed claims in client assertions (intended for advanced scenarios and higher-level libraries). (#​5650)
  • mTLS PoP guardrails: Added validation and explicit error handling when mTLS PoP is requested for unsupported environments and/or non-login.* hosts. (#​5684)
  • System browser hardening: Added response_mode=form_post support for the default system browser (loopback) flow. MSAL will enforce form_post and process the authorization response from POST data. (#​5678)

Changes

  • Key Attestation packaging rename: Microsoft.Identity.Client.MtlsPop renamed to Microsoft.Identity.Client.KeyAttestation (assembly/package naming update). (#​5653)

4.81.0

What's Changed

Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@4.80.0...4.81.0

4.80.0

Features

  • Added extensibility APIs—WithCertificate, OnMsalServiceFailure, and OnCompletion—to enable callback handling for certificate injection, retry on MSAL service failure events, and completion notifications #​5573
  • Extend IAuthenticationOperation interface with Async methods in IAuthenticationOperation2 #​5376
  • Enable IAuthenticationOperation2 to reject MSAL cached tokens and fetch new ones from ESTS #​5567

Changes

  • IMDS Source Detection Logic Improvement #​5602
  • Update DesktopOsHelper.IsMac to work properly on .NET 10 + macOS 26 #​5541

Bug Fixes

  • Fix KeyNotFoundException during retry when headers lack correlation ID #​5617
  • Implement Service Exception for IMDS Probe #​5615

4.79.2

What's Changed

Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@4.79.0...4.79.2

4.79.0

What's Changed

Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@4.78.0...4.79.0

4.78.0

Changes

  • Update SDK version from 8.0.404 to 8.0.415. #​5543
  • Hide / deprecate some obscure APIs. #​5484

Bug Fixes

  • Support Android edge-to-edge. #​5499
  • Android broker does not support ADFS authority. #​5522

4.77.1

What's Changed

Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@4.77.0...4.77.1

4.77.0

Features

Changes

Bug fixes

4.76.0

What's Changed

New Contributors

Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@4.74.1...4.76.0

4.74.1

Bug fixes

4.74.0

Features

Bug fixes

4.73.1

What's Changed

Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@4.73.0...4.73.1

4.73.0

What's Changed

Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@4.72.1...4.73.0

4.72.1

4.72.1

Bug Fixes

Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@4.72.0...4.72.1

4.72.0

4.72.0

Features

Bug Fixes

  • Ensure additional cache parameters are persisted in cache serializationIssue #​5261

4.71.1

Bug Fixes

Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@4.71.0...4.71.1

4.71.0

Bug Fixes

  • Enable the Service Fabric flow to get a httpClient from the factory with ssl validation callback. See Issue #​5220

Full changelog: 4.70.2 .. 4.71.0

4.70.2

What's Changed

Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@4.70.1...4.70.2

4.70.1

What's Changed

Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@4.70.0...4.70.1

4.70.0

Features

  • Added a .WithAccessTokenSha256ToRefresh() method to AcquireTokenForClientParameterBuilder for ConfidentialClientApplication, allowing finer control over token refresh scenarios. Issue #​5111, PR #​5179
  • Added TokenCacheNotificationArgs.NoDistributedCacheUseReason in order to indicate that the configured serialized cache should not be a distributed cache to prevent issues when acquiring tokens. Issue #​5199

Bug Fixes

  • Removed invalid tenant checks (/organizations or /common) in MTLS flows for AAD/dSTS authorities. Issue #​5093
  • Fixed an issue where specifying a null service config region in MTLS scenarios did not correctly throw an exception. Issue #​5181

4.69.1

4.69.1

Features

  • Enabled broker support on the Linux platform. See Issue #​5086
  • Added a WithCertificate(..., bool associateTokensWithCertificateSerialNumber) overload to enable the use of the certificate's serial number as part of the cache key for tokens. Issue #​5150

Bug Fixes

  • MSAL will now stop replacing "%20" with "+" since it is obsolete. See Issue #​5061
  • Exposed client capabilities in AssertionRequestOptions for MSI FIC scenarios Issue #​4948
  • Added the missing claims in SignedAssertion when using the AssertionRequestOptions Delegate Issue #​5143

4.68.0

Features

  • Added WithFmiPath() api to support FMI scenarios in MSAL. See Issue #​5110
  • MSAL will now pass Client sku and Version to MsalRuntime for MSAL Runtime's client telemetry. See Issue #​5103

Bug Fixes

  • Reordered the condition for ManagedIdentitySource.MachineLearning to be checked after ManagedIdentitySource.AppService instead of before it. See Issue #​5077
  • Improved Managed Identity Source Detection Logging for Debugging. See Issue #​5097
  • When a 404 error occurs, MSAL will now include the endpoint and authority URLs in the exception message for better debugging. See Issue #​4769
  • MSAL will now set UseShellExecute to false in OpenLinuxBrowser. See Issue #​5075
  • Fixed a threading exception when using ExtraQueryParameters. See Issue #​5108

4.67.2

Bug Fixes

  • Fixed an issue with Managed Identity source detection where Azure ML was prioritized incorrectly over Azure App Service, causing token acquisition failures. See Bug #​5077

4.67.1

Bug Fixes

  • Added support for Azure Machine Learning (Azure ML) Managed Identity (MSI) to address missing functionality for token acquisition in Azure Machine Learning environments. See Bug #​4984

4.67.0

New Features

  • MSAL.NET now supports acquiring token for Client Credentials flow with a Subject Name Issuer (SNI) certificate over Mutual TLS (mTLS) for first-party applications. See Issue #​4986
  • Bumped NET SDK from net6 to net8, aligning MSAL.NET with the latest .NET standards and features. See Feature Request #​5025
  • Public API analyzer integrated to enhance API compliance and stability. See Feature Request #​4931

Bug Fixes

  • Improved AcquireTokenSilent logging and handling of Family of Client IDs (FOCI). See Bug #​4988
  • Fixed issues where DurationTotalInMs in AuthenticationResultMetadata differed from Stopwatch measurements. See Bug #​4895
  • Resolved incorrect computation of OTel durations in L1 cache and during the creation of POP tokens. See Bug #​5036
  • Addressed an issue where AbstractAcquireTokenParameterBuilder<T>.WithAdfsAuthority threw exceptions when the tenant ID was null and the authority host URI ended in /adfs. See Bug #​4860
  • Fixed a parsing issue in Managed Identity to align with Azure.Identity's behavior for handling invalid JSON responses. See Bug #​5016

Deprecated

4.66.2

4.66.2

Bug Fixes

  • Fixed a bug where MSAL .NET fails to launch the iOS broker on IOS 18.0.1. See Issue #​4958

4.66.1

Bug Fixes

  • Fixed a bug where MSAL .NET fails to correctly handle the expires_on field for Managed Identity tokens in ISO 8601 format. This fix ensures accurate parsing of ISO 8601 date-time formats during token acquisition. See Issue #​4963

4.66.0

4.66.0

New Features

  • Enabled extended functionality in the MSAL authentication flow through the implementation of IAuthenticationOperation. This allows for custom extensions in the authentication flow by providing an authentication operation interface. See Issue #​4956
  • MSAL.NET will now opt-in to regional ESTS when the environment variable MSAL_FORCE_REGION is set (e.g., MSAL_FORCE_REGION=eastus). This automatically directs MSAL to use the specified region for token acquisition. If the region is explicitly set to "DisableMsalForceRegion", MSAL will not opt-in to regional ESTS. Use of the WithAzureRegion(xyz) API takes precedence over the environment variable. See Issue #​4930

4.65.2-Preview

  • Refactored CDT Prototype
  • Moved prototype to separate folder
  • Removed dependency on MSAL internals

4.65.0

New Features

  • Update telemetry to include the caller SDK details. See Issue #​4863
  • MSAL.Net now exposes an API to enable developers to cache additional values in the token response. See Issue #​4922
  • Managed identity .WithClaims() and .WithClientCapabilities() APIs are now generally available. See Issue #​4921

Bug Fixes

-...

Description has been truncated

@dependabot
Bump the all-dependencies group with 5 updates
f31b162 
Bumps Microsoft.AspNetCore.Mvc.NewtonsoftJson from 6.0.11 to 6.0.36
Bumps Microsoft.Bot.Builder.Integration.AspNet.Core from 4.18.1 to 4.23.1
Bumps Microsoft.Graph from 5.76.0 to 5.105.0
Bumps Microsoft.Identity.Client from 4.48.0 to 4.84.0
Bumps Microsoft.VisualStudio.Web.CodeGeneration.Design from 6.0.10 to 6.0.18

---
updated-dependencies:
- dependency-name: Microsoft.AspNetCore.Mvc.NewtonsoftJson
  dependency-version: 6.0.36
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: Microsoft.Bot.Builder.Integration.AspNet.Core
  dependency-version: 4.23.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: Microsoft.Graph
  dependency-version: 5.105.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: Microsoft.Identity.Client
  dependency-version: 4.84.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: Microsoft.VisualStudio.Web.CodeGeneration.Design
  dependency-version: 6.0.18
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added .NET Pull requests that update .NET code dependencies Pull requests that update a dependency file labels May 14, 2026
@dependabot dependabot Bot mentioned this pull request May 14, 2026
Closed
@dependabot @github

dependabot Bot commented on behalf of github May 14, 2026

Copy link
Copy Markdown
Author

Superseded by #2104.

@dependabot dependabot Bot closed this May 14, 2026
@dependabot dependabot Bot deleted the dependabot/nuget/samples/TeamsJS/graph-app-installation-lifecycle/csharp/AppInstallation/all-dependencies-c9d90b6d2f branch May 14, 2026 07:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file .NET Pull requests that update .NET code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants