Skip to content

chore: Bump the minor-and-patch group with 9 updates#19

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/nuget/Tyto.Api.Tests/minor-and-patch-3d326700b6
Open

chore: Bump the minor-and-patch group with 9 updates#19
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/nuget/Tyto.Api.Tests/minor-and-patch-3d326700b6

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 6, 2026

Copy link
Copy Markdown

Updated Azure.Identity from 1.17.2 to 1.21.0.

Release notes

Sourced from Azure.Identity's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated FluentAssertions from 7.0.0 to 7.2.2.

Release notes

Sourced from FluentAssertions's releases.

7.2.2

What's Changed

Fixes

Building

Full Changelog: fluentassertions/fluentassertions@7.2.1...7.2.2

7.2.1

What's Changed

Fixes

Full Changelog: fluentassertions/fluentassertions@7.2.0...7.2.1

7.2.0

What's Changed

Improvements

Fixes

Others

Full Changelog: fluentassertions/fluentassertions@7.1.0...7.2.0

7.1.0

What's Changed

Improvements

Others

Full Changelog: fluentassertions/fluentassertions@7.0.0...7.1.0

Commits viewable in compare view.

Updated Mapster from 10.0.7 to 10.0.10.

Release notes

Sourced from Mapster's releases.

10.0.9

What's Changed

Full Changelog: MapsterMapper/Mapster@v10.0.8...v10.0.9

10.0.8

What's Changed

New Contributors

Full Changelog: MapsterMapper/Mapster@10.0.7...v10.0.8

10.0.8-pre07

What's Changed

New Contributors

Full Changelog: MapsterMapper/Mapster@v10.0.8-pre06...v10.0.8-pre07

10.0.8-pre06

What's Changed

Full Changelog: MapsterMapper/Mapster@v10.0.8-pre05...v10.0.8-pre06

10.0.8-pre05

What's Changed

Full Changelog: MapsterMapper/Mapster@v10.0.8-pre04...v10.0.8-pre05

10.0.8-pre04

What's Changed

Full Changelog: MapsterMapper/Mapster@v10.0.8-pre03...v10.0.8-pre04

10.0.8-pre03

What's Changed

Full Changelog: MapsterMapper/Mapster@v10.0.8-pre02...v10.0.8-pre03

10.0.8-pre02

What's Changed

Full Changelog: MapsterMapper/Mapster@v10.0.8-pre01...v10.0.8-pre02

10.0.8-pre01

What's Changed

Full Changelog: MapsterMapper/Mapster@10.0.7...v10.0.8-pre01

Commits viewable in compare view.

Updated Microsoft.Identity.Client from 4.84.2 to 4.85.2.

Release notes

Sourced from Microsoft.Identity.Client's releases.

4.85.2

What's Changed

Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@4.85.1...4.85.2

4.85.1

What's Changed

Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@4.85.0...4.85.1

4.85.0

What's Changed

New Contributors

Full Changelog: AzureAD/microsoft-authentication-library-for-dotnet@4.84.2...4.85.0

Commits viewable in compare view.

Updated Microsoft.Identity.Web from 4.10.0 to 4.12.2.

Release notes

Sourced from Microsoft.Identity.Web's releases.

4.12.2

Bug fixes

  • Make the Microsoft.Identity.Client.KeyAttestation dependency conditional on modern .NET (.NETCoreApp) targets. It transitively pulls the native-only Microsoft.Azure.Security.KeyGuardAttestation package, which ships no .NET Framework/netstandard-compatible assets and broke NuGet restore for .NET Framework (packages.config) projects. Microsoft.Identity.Web.Certificateless now multi-targets, and .NET Framework consumers use the netstandard2.0 asset without this dependency. See #​3894.

4.12.1

Bug fixes

  • Preserve ManagedIdentity when converting AcquireTokenOptions to TokenAcquisitionOptions in TokenAcquirer. Previously the ITokenAcquirer.GetTokenForAppAsync / GetTokenForUserAsync paths silently dropped ManagedIdentity and fell back to the confidential-client path, breaking managed-identity mTLS PoP (e.g. MISE Native). See #​3914.

Behavior changes

  • Sidecar: outbound HTTP redirects suppressed by default. The sidecar no longer follows outbound HTTP redirects; a new opt-in Sidecar:AllowOutboundRedirects flag (default false) restores the previous behavior. See #​3906.
  • Sidecar: per-request isolation of downstream API options. Downstream API options resolved from the singleton IOptionsMonitor are now cloned per request (including fresh ExtraParameters / ExtraHeaderParameters / ExtraQueryParameters dictionaries), preventing request-scoped values from leaking across requests or racing under concurrency. See #​3919.

Fundamentals

  • Build the solution in the PR pipeline before running tests. See #​3911.
  • Restore OWIN 5.7.1 packages from the internal IDDP feed in the PR pipeline. See #​3912.
  • Run the PR pipeline on the Wilson pool so integration/E2E tests can access the lab KeyVault. See #​3913.

4.12.0

New features

  • Implement IAuthorizationHeaderProvider2 (from Microsoft.Identity.Abstractions 12.3.0) on DefaultAuthorizationHeaderProvider and the public BaseAuthorizationHeaderProvider, exposing the metadata-rich CreateAuthorizationHeaderInformation* surface (returning OperationResult<AuthorizationHeaderInformation, AuthorizationHeaderError>) with binding-certificate propagation. DownstreamApi and MicrosoftIdentityMessageHandler now prefer IAuthorizationHeaderProvider2 for mTLS PoP and soft-deprecate the bound-only IBoundAuthorizationHeaderProvider path (kept as a fallback for source/binary compatibility). See #​3899.
  • Populate TokenAcquisitionMetadata.ExpiresOn on AcquireTokenResult from the MSAL AuthenticationResult.ExpiresOn value. See #​3905.

Bug fixes

  • Finalize the DownstreamApi request (headers, query parameters, content, and customizations) before creating the authorization header, adding Authorization only after signing so request-binding providers do not include it in their signed material. See #​3902.

Dependencies updates

  • Update Microsoft.Identity.Abstractions to 12.4.0. See #​3899, #​3905.
  • Update MSAL.NET (Microsoft.Identity.Client / Microsoft.Identity.Client.KeyAttestation) to 4.85.2. See #​3896.
  • Update Microsoft.IdentityModel.Protocols.WsFederation (Microsoft.Identity.Web.OWIN) to 5.7.1. See #​3900.

4.11.0

What's Changed

New Contributors

Full Changelog: AzureAD/microsoft-identity-web@4.10.0...4.11.0

Commits viewable in compare view.

Updated Microsoft.OpenApi from 1.6.22 to 1.6.29.

Release notes

Sourced from Microsoft.OpenApi's releases.

1.6.29

1.6.29 (2026-04-14)

Bug Fixes

  • hidi: update Microsoft.OpenApi.OData to 1.7.6 (11ba851)
  • hidi: update Microsoft.OpenApi.OData to 1.7.6 (f596327), closes #​2813

1.6.28

1.6.28 (2025-10-06)

Bug Fixes

  • Improve server creation and URL handling logic to maintain port (a15c50e)
  • missing deserialization for header content property in 3.0 (7c65a49)
  • missing deserialization for header content property in 3.0 (e256d29)

1.6.27

1.6.27 (2025-10-02)

Bug Fixes

  • typo in encoding allow reserved deserialization (6eeca52)
  • typo in encoding allow reserved deserialization (3fadb7d)

1.6.26

1.6.26 (2025-09-19)

Bug Fixes

  • OpenApiEncoding explode default value when using form style (09b5a28)

1.6.25

1.6.25 (2025-08-22)

Bug Fixes

  • missing examples when one example is with an empty array. (4697af4)

1.6.24

1.6.24 (2025-04-01)

Bug Fixes

  • a flaky behaviour for format property serialization (e072790)
  • a flaky behaviour for format property serialization (4d06f86)
  • null reference on alternate keys during hidi transform (17247ed)
  • null reference on alternate keys during hidi transform (55f0f54)

1.6.23

Changes:

  • #​2020: fix: reverts to a regular variable for the tag value
  • #​2018: fix/ci hidi gh upload to v1
  • #​2013: chore: bumps version for releasing
  • #​2012: chore/hidi maintenance
  • #​2011: feat: bumps v3 patch version to 3.0.4
  • #​2010: ci: fixes hidi gh release
  • #​2007: security: bumps STJ version to fix security vulnerabilities

This list of changes was auto generated.

Commits viewable in compare view.

Updated OpenTelemetry.Instrumentation.AspNetCore from 1.15.2 to 1.16.0.

Release notes

Sourced from OpenTelemetry.Instrumentation.AspNetCore's releases.

1.16.0

1.16.0-beta.1

1.16.0-alpha.1

Commits viewable in compare view.

Updated OpenTelemetry.Instrumentation.Http from 1.15.1 to 1.16.0.

Release notes

Sourced from OpenTelemetry.Instrumentation.Http's releases.

1.16.0

1.16.0-beta.1

1.16.0-alpha.1

1.15.2

Commits viewable in compare view.

Updated xunit.runner.visualstudio from 3.1.4 to 3.1.5.

Release notes

Sourced from xunit.runner.visualstudio's releases.

3.1.5

Release notes: https://xunit.net/releases/visualstudio/3.1.5

Commits viewable in compare view.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps Azure.Identity from 1.17.2 to 1.21.0
Bumps FluentAssertions from 7.0.0 to 7.2.2
Bumps Mapster from 10.0.7 to 10.0.10
Bumps Microsoft.Identity.Client from 4.84.2 to 4.85.2
Bumps Microsoft.Identity.Web from 4.10.0 to 4.12.2
Bumps Microsoft.OpenApi from 1.6.22 to 1.6.29
Bumps OpenTelemetry.Instrumentation.AspNetCore from 1.15.2 to 1.16.0
Bumps OpenTelemetry.Instrumentation.Http from 1.15.1 to 1.16.0
Bumps xunit.runner.visualstudio from 3.1.4 to 3.1.5

---
updated-dependencies:
- dependency-name: Azure.Identity
  dependency-version: 1.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: FluentAssertions
  dependency-version: 7.2.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: Mapster
  dependency-version: 10.0.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: Microsoft.Identity.Client
  dependency-version: 4.85.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: Microsoft.Identity.Web
  dependency-version: 4.12.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: Microsoft.OpenApi
  dependency-version: 1.6.29
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: OpenTelemetry.Instrumentation.AspNetCore
  dependency-version: 1.16.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: OpenTelemetry.Instrumentation.Http
  dependency-version: 1.16.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: xunit.runner.visualstudio
  dependency-version: 3.1.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added .NET Pull requests that update .NET code dependencies Pull requests that update a dependency file labels Jul 6, 2026
@dependabot dependabot Bot requested a review from alonsoegm as a code owner July 6, 2026 00:28
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file .NET Pull requests that update .NET code labels Jul 6, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file .NET Pull requests that update .NET code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Update Microsoft.OpenApi.OData to 1.7.6 on support/v1 (OpenAPI 3.0)

0 participants