Bump Microsoft.Identity.Web and 3 others

[dependabot]

Updated Microsoft.Identity.Web from 4.0.0 to 4.1.1.

Release notes

Sourced from Microsoft.Identity.Web's releases.

4.1.1

Bug fixes

• Authority-only configuration parsing improvements: Early parsing of Authority into Instance/TenantId and defensive fallback in PrepareAuthorityInstanceForMsal. Behavior is backward compatible; Authority is still ignored when Instance/TenantId explicitly provided—now surfaced via a warning. See #​3612.

New features

• Added warning diagnostics for conflicting Authority vs Instance/TenantId: Emitting a single structured warning when both styles are provided. See #​3611.

Fundamentals

• Expanded authority test matrix: Coverage for AAD (v1/v2), B2C (/tfp/ normalization, policy path), CIAM (PreserveAuthority), query parameters, scheme-less forms, and conflict scenarios. See #​3610.

4.1.0

New features

• Migrate to .NET 10 GA. #​3449 and #​3590

Dependencies updates

• Bump MSAL.NET to version 4.79.2 and handle changes to deprecated WithExtraQueryParameters APIs. #​3583
• Update Microsoft.IdentityModel and Abstractions versions. #​3604
• Update coverlet.collector to 6.0.4. #​3587
• Update package validation baseline version to 4.0.0. #​3589
• Bump js-yaml from 4.1.0 to 4.1.1 in /tests/DevApps/SidecarAdapter/typescript. #​3595

Entra ID SDK sidecar

• Restrict hosts to localhost for sidecar. #​3579
• Update http file to match endpoints. #​3555
• Revise sidecar issue template for Entra ID. #​3577

Documentation

• Update README to include Entra SDK container info. #​3578

Fundamentals

• Include NET 9.0 in template-install-dependencies. #​3593
• Fix CodeQL alerts. #​3591
• Suppression file is needed. #​3592

4.0.1

Bugs fixes

• Correctly compute Application Key when credential usage fails.
• Fix bugs where agent user identities didn't work with non-default authentication schemes.

Fundamentals

• Update .net version to CG compliance

Sidecar

• Configure Sidecar to default AllowWebApiToBeAuthorizedByACL to true as the container doesn't do authZ

Commits viewable in compare view.

Updated Microsoft.Identity.Web.DownstreamApi from 4.0.0 to 4.1.1.

Release notes

Sourced from Microsoft.Identity.Web.DownstreamApi's releases.

4.1.1

Bug fixes

• Authority-only configuration parsing improvements: Early parsing of Authority into Instance/TenantId and defensive fallback in PrepareAuthorityInstanceForMsal. Behavior is backward compatible; Authority is still ignored when Instance/TenantId explicitly provided—now surfaced via a warning. See #​3612.

New features

• Added warning diagnostics for conflicting Authority vs Instance/TenantId: Emitting a single structured warning when both styles are provided. See #​3611.

Fundamentals

• Expanded authority test matrix: Coverage for AAD (v1/v2), B2C (/tfp/ normalization, policy path), CIAM (PreserveAuthority), query parameters, scheme-less forms, and conflict scenarios. See #​3610.

4.1.0

New features

• Migrate to .NET 10 GA. #​3449 and #​3590

Dependencies updates

• Bump MSAL.NET to version 4.79.2 and handle changes to deprecated WithExtraQueryParameters APIs. #​3583
• Update Microsoft.IdentityModel and Abstractions versions. #​3604
• Update coverlet.collector to 6.0.4. #​3587
• Update package validation baseline version to 4.0.0. #​3589
• Bump js-yaml from 4.1.0 to 4.1.1 in /tests/DevApps/SidecarAdapter/typescript. #​3595

Entra ID SDK sidecar

• Restrict hosts to localhost for sidecar. #​3579
• Update http file to match endpoints. #​3555
• Revise sidecar issue template for Entra ID. #​3577

Documentation

• Update README to include Entra SDK container info. #​3578

Fundamentals

• Include NET 9.0 in template-install-dependencies. #​3593
• Fix CodeQL alerts. #​3591
• Suppression file is needed. #​3592

4.0.1

Bugs fixes

• Correctly compute Application Key when credential usage fails.
• Fix bugs where agent user identities didn't work with non-default authentication schemes.

Fundamentals

• Update .net version to CG compliance

Sidecar

• Configure Sidecar to default AllowWebApiToBeAuthorizedByACL to true as the container doesn't do authZ

Commits viewable in compare view.

Updated Microsoft.NET.Test.Sdk from 18.0.0 to 18.0.1.

Release notes

Sourced from Microsoft.NET.Test.Sdk's releases.

18.0.1

What's Changed

Fixing an issue with loading covrun64.dll on systems that have .NET 10 SDK installed: https://learn.microsoft.com/en-us/dotnet/core/compatibility/sdk/10.0/code-coverage-dynamic-native-instrumentation

• Disable DynamicNative instrumentation by default by @​nohwnd in [rel/18.0] Disable DynamicNative instrumentation by default microsoft/vstest#15298
• Update MicrosoftInternalCodeCoveragePackageVersion to 18.0.6 by @​nohwnd in Update MicrosoftInternalCodeCoveragePackageVersion to 18.0.6 microsoft/vstest#15312

Internal changes

• Update VersionPrefix to 18.0.1 by @​nohwnd in Update VersionPrefix to 18.0.1 microsoft/vstest#15301
• Update build tools to 17.8.43 by @​nohwnd in Update build tools to 17.8.43 microsoft/vstest#15305

Full Changelog: microsoft/vstest@v18.0.0...v18.0.1

Commits viewable in compare view.

Updated OPCFoundation.NetStandard.Opc.Ua.Client from 1.5.376.213 to 1.5.377.22.

Release notes

Sourced from OPCFoundation.NetStandard.Opc.Ua.Client's releases.

1.5.377.22

This maintenance release scope is to fix an important memory leak found in release 1.5.377.21

Released packages

OPCFoundation.NetStandard.Opc.Ua
OPCFoundation.NetStandard.Opc.Ua.Core
OPCFoundation.NetStandard.Opc.Ua.Security.Certificates
OPCFoundation.NetStandard.Opc.Ua.Configuration
OPCFoundation.NetStandard.Opc.Ua.Server
OPCFoundation.NetStandard.Opc.Ua.Client
OPCFoundation.NetStandard.Opc.Ua.Client.ComplexTypes
OPCFoundation.NetStandard.Opc.Ua.Bindings.Https
OPCFoundation.NetStandard.Opc.Ua.PubSub

What's Changed

• Cherry Pick 'fix memory leak of Monitored Items (#​3324)' by @​romanett in Cherry Pick 'fix memory leak of Monitored Items (#3324)' OPCFoundation/UA-.NETStandard#3325

Full Changelog: OPCFoundation/UA-.NETStandard@1.5.377.21...1.5.377.22

1.5.377.21

Breaking Changes:

Server

• IMonitoredItem Interface extended & used instead of MonitoredItem Class
• New ISession Interface instead of Session Class
• ISesssionManager, ISubscriptionManager, ISubscription & IServerInternal interfaces extended

Core

• ICertificateStore Async Methods now have async suffixes, old names deprecated
• All obsolete Methods removed

Client

• All sync methods are now marked as deprecated
• DataTypeDictionaries moved into the ComplexTypes Package. If the helper methods of the Session were used we recommend to use the complex type system as a replacement that can handle all servers from OPC UA Spec 1.0 - 1.0.05.
• NodeCache now has an async interface (to have access to the ITypeTable interface use the .TypeTree property or AsNodeTable method

ApplicationInstance

• Methods Returning a task have asyny suffixes

GDS Client

• sync apis marked as deprecated

Bug Fixes:

Server

• Fix Subscription Keepalive being sent on first publish
• Handle unsent requests on closed SecureChannel to be sent on new channel of the same session

Client

• Disable Subscription cleanup if subscriptions are being created
• Fix subscription leaking due to not completed PublishResponseMessageWorkerAsync tasks
• Fix subscription leaking due to not completed PublishResponseMessageWorkerAsync tasks

New features:

Server

• Support for async method calls by implementing IAsyncNodeManager interface (see ConfigurationNodeManager for an example usage)
• New Task based Request Queue
• New generated Code with async Method Call handlers & async Service Calls
• New extended CustomNodeManager with support for SamplingGroup Mechanism

GDS Client

• exposes async APIS and marks sync apis as deprecated

Client

• New LRU NodeCache added & used in ComplexType System

Released packages

OPCFoundation.NetStandard.Opc.Ua
OPCFoundation.NetStandard.Opc.Ua.Core
... (truncated)

1.5.377.11-preview

Breaking Changes:

Server

• IMonitoredItem Interface extended & used instead of MonitoredItem Class
• New ISession Interface instead of Session Class
• ISesssionManager, ISubscriptionManager, ISubscription & IServerInternal interfaces extended

Core

• ICertificateStore Async Methods now have async suffixes, old names deprecated
• All obsolete Methods removed

Client

• All sync methods are now marked as deprecated
• DataTypeDictionaries moved into the ComplexTypes Package. If the helper methods of the Session were used we recommend to use the complex type system as a replacement that can handle all servers from OPC UA Spec 1.0 - 1.0.05.
• NodeCache now has an async interface (to have access to the ITypeTable interface use the .TypeTree property or AsNodeTable method

ApplicationInstance

• Methods Returning a task have asyny suffixes

GDS Client

• sync apis marked as deprecated

Bug Fixes:

Server

• Fix Subscription Keepalive being sent on first publish
• Handle unsent requests on closed SecureChannel to be sent on new channel of the same session

Client

• Disable Subscription cleanup if subscriptions are being created
• Fix subscription leaking due to not completed PublishResponseMessageWorkerAsync tasks
• Fix subscription leaking due to not completed PublishResponseMessageWorkerAsync tasks

New features:

Server

• Support for async method calls by implementing IAsyncNodeManager interface (see ConfigurationNodeManager for an example usage)
• New Task based Request Queue
• New generated Code with async Method Call handlers & async Service Calls
• New extended CustomNodeManager with support for SamplingGroup Mechanism

GDS Client

• exposes async APIS and marks sync apis as deprecated

Client

• New LRU NodeCache added & used in ComplexType System

Released packages

OPCFoundation.NetStandard.Opc.Ua
OPCFoundation.NetStandard.Opc.Ua.Core
... (truncated)

1.5.376.244

1.05.376 July Release

This release is based on the 1.05.05 Nodeset with generated files from the ModelCompiler.
It contains important bug fixes which were found after the last 1.05.376 release, as well as new features.

Enhancements:

• Enhance enum definition handling and validation.
• Use Central Package Management for Nuget Packages.

New Features:

• Implement Support for PEM Public Keys in Directory Certificate Store.
• Allow to modify sensitivity of KeepAliveStopped on Client.
• Add support for Async Service Calls in the generated files.

Fixes:

• Fix Client removing subscription if publish response is received before createSubscriptionResponse.
• Fix Subscription Diagnostics DataChangeNotificationsCount being calcualted incorrectly.

NET6.0 target removed

• The NET6.0 outdated target has been removed since it is superseded by NET8.0.

Released packages

OPCFoundation.NetStandard.Opc.Ua
OPCFoundation.NetStandard.Opc.Ua.Core
OPCFoundation.NetStandard.Opc.Ua.Security.Certificates
OPCFoundation.NetStandard.Opc.Ua.Configuration
OPCFoundation.NetStandard.Opc.Ua.Server
OPCFoundation.NetStandard.Opc.Ua.Client
OPCFoundation.NetStandard.Opc.Ua.Client.ComplexTypes
OPCFoundation.NetStandard.Opc.Ua.Bindings.Https
OPCFoundation.NetStandard.Opc.Ua.PubSub

What's Changed

• [Server] Fix Subscription Diagnostics DataChangeNotificationsCount being calcualted incorrectly by @​romanett in [Server] Fix Subscription Diagnostics DataChangeNotificationsCount being calcualted incorrectly OPCFoundation/UA-.NETStandard#3119
• [Client] Fix removal of Subscription if PublishResponse is received before CreateSubscriptionResponse by @​romanett in [Client] Fix removal of Subscription if PublishResponse is received before CreateSubscriptionResponse OPCFoundation/UA-.NETStandard#3120
• Remove net6 / Label Pubsub Package as Release / Update Nuget Packages by @​romanett in Remove net6 / Label Pubsub Package as Release / Update Nuget Packages OPCFoundation/UA-.NETStandard#3121
• Use Central Package Management for Nuget Packages by @​romanett in Use Central Package Management for Nuget Packages OPCFoundation/UA-.NETStandard#3122
• Enhance enum definition handling and validation by @​marcschier in Enhance enum definition handling and validation OPCFoundation/UA-.NETStandard#3124
• [Client] Allow to modify sensitivity of KeepAliveStopped by @​romanett in [Client] Allow to modify sensitivity of KeepAliveStopped OPCFoundation/UA-.NETStandard#3105
• Implement Support for PEM Public Keys in Directory Certificate Store by @​romanett in Implement Support for PEM Public Keys in Directory Certificate Store OPCFoundation/UA-.NETStandard#3088
• Update for 1.5.5 release with Async Service Calls by @​opcfoundation-org in Update for 1.5.5 release with Async Service Calls OPCFoundation/UA-.NETStandard#3116
• Remove net6.0 left-overs. by @​mrsuciu in Remove net6.0 left-overs. OPCFoundation/UA-.NETStandard#3130
• Merge master to release/1.5.376 by @​mrsuciu in Merge master to release/1.5.376 OPCFoundation/UA-.NETStandard#3131

Full Changelog: OPCFoundation/UA-.NETStandard@1.5.376.235...1.5.376.244

1.5.376.235

1.05.376 June Release

It contains important bug fixes which were found after the last 1.05.376 release, as well as a couple of new features.

Enhancements:

• Enhance role permission validation on server.

New Features:

• Allow to define a custom StringComparsion for Equals Operator.
• Implement Support for client requested "mul" locale.

Fixes:

• Fix XML Encoding and decoding of Matrix element to conform to specification.
• Fix closing of shared Transport Channel in Recreate Scenario on client.
• Fix Regression - Sampling Group disposing m_shutdownEvent in Shutdown Method on server.

Released packages

OPCFoundation.NetStandard.Opc.Ua
OPCFoundation.NetStandard.Opc.Ua.Core
OPCFoundation.NetStandard.Opc.Ua.Security.Certificates
OPCFoundation.NetStandard.Opc.Ua.Configuration
OPCFoundation.NetStandard.Opc.Ua.Server
OPCFoundation.NetStandard.Opc.Ua.Client
OPCFoundation.NetStandard.Opc.Ua.Client.ComplexTypes
OPCFoundation.NetStandard.Opc.Ua.Bindings.Https
OPCFoundation.NetStandard.Opc.Ua.PubSub

What's Changed

• Fix XML Encoding and decoding of Matrix Element in Variant to conform to spec by @​romanett in Fix XML Encoding and decoding of Matrix Element in Variant to conform to spec OPCFoundation/UA-.NETStandard#3053
• Bump Microsoft.Extensions.Logging and Microsoft.NETFramework.ReferenceAssemblies by @​dependabot in Bump Microsoft.Extensions.Logging and Microsoft.NETFramework.ReferenceAssemblies OPCFoundation/UA-.NETStandard#3057
• Bump NUnit.Console and Microsoft.NETFramework.ReferenceAssemblies by @​dependabot in Bump NUnit.Console and Microsoft.NETFramework.ReferenceAssemblies OPCFoundation/UA-.NETStandard#3058
• Bump Microsoft.Extensions.Configuration and Microsoft.NETFramework.ReferenceAssemblies by @​dependabot in Bump Microsoft.Extensions.Configuration and Microsoft.NETFramework.ReferenceAssemblies OPCFoundation/UA-.NETStandard#3060
• Add version System.Diagnostics.DiagnosticSource to match Microsoft.Extensions.Logging.Abstractions version by @​mrsuciu in Add version System.Diagnostics.DiagnosticSource to match Microsoft.Extensions.Logging.Abstractions version OPCFoundation/UA-.NETStandard#3061
• [Server] Add Back removed Public QueueEvent(EventFieldList fields) Method to MonitoredItem by @​romannet in [Server] Add Back removed Public QueueEvent(EventFieldList fields) Method to MonitoredItem OPCFoundation/UA-.NETStandard#3064
• Bump Microsoft.Extensions.Configuration, Microsoft.Extensions.Configuration.EnvironmentVariables and Microsoft.NETFramework.ReferenceAssemblies by @​dependabot in bump Microsoft.Extensions.Configuration, Microsoft.Extensions.Configuration.EnvironmentVariables and Microsoft.NETFramework.ReferenceAssemblies OPCFoundation/UA-.NETStandard#3066
• Bump Serilog, Serilog.Sinks.File and Microsoft.NETFramework.ReferenceAssemblies by @​dependabot in bump Serilog, Serilog.Sinks.File and Microsoft.NETFramework.ReferenceAssemblies OPCFoundation/UA-.NETStandard#3067
• Update to latest nuget packages by @​mrsuciu in Update to latest nuget packages OPCFoundation/UA-.NETStandard#3069
• Disable strongname warning for net8.0 and net9.0 for MQTTnet latest unsigned assembly by @​mrsuciu in Disable strongname warning for net8.0 and net9.0 for MQTTnet latest unsigned assembly  OPCFoundation/UA-.NETStandard#3073
• [Server] Enhance role permission validation by @​romanett in [Server] Enhance role permission validation OPCFoundation/UA-.NETStandard#3047
• [Client] Fix closing of shared Transport Channel in Recreate Scenario / Add missing event Handler to Session Constructor / Call RenewUserIdentity on Session.ReCreate by @​romanett in [Client] Fix closing of shared Transport Channel in Recreate Scenario / Add missing event Handler to Session Constructor / Call RenewUserIdentity on Session.ReCreate OPCFoundation/UA-.NETStandard#3055
• Fix XML Encoding of Null Variant to conform to spec by @​romanett in Fix XML Encoding of Null Variant to conform to spec OPCFoundation/UA-.NETStandard#3062
• [Server] [Regression] fix Sampling Group disposing m_shutdownEvent in Shutdown Method. Fix double call of Shutdown Method by @​romanett in [Server] [Regression] fix Sampling Group disposing m_shutdownEvent in Shutdown Method. Fix double call of Shutdown Method OPCFoundation/UA-.NETStandard#3070
• Make RelativePath.Parse throw SRE if NamespaceIndexes cannot be found by @​romanett in Make RelativePath.Parse throw SRE if NamespaceIndexes cannot be found. OPCFoundation/UA-.NETStandard#3071

... (truncated)

Commits viewable in compare view.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: dependencies, nuget. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[dependabot]

Superseded by #302.