Bump the nuget-dependencies group with 14 updates#36
Merged
gregyjames merged 2 commits intomainfrom Mar 17, 2026
Merged
Conversation
dependabot
bot
added
.NET
Bumps Azure.Identity from 1.14.1 to 1.19.0 Bumps Azure.Storage.Blobs from 12.24.1 to 12.27.0 Bumps Microsoft.Extensions.Caching.Abstractions from 10.0.1 to 10.0.5 Bumps Microsoft.Extensions.Caching.StackExchangeRedis from 10.0.3 to 10.0.5 Bumps Microsoft.Extensions.Configuration.Json from 10.0.3 to 10.0.5 Bumps Microsoft.Extensions.Hosting from 10.0.3 to 10.0.5 Bumps Microsoft.Extensions.Logging from 10.0.3 to 10.0.5 Bumps Microsoft.Extensions.Logging.Abstractions from 10.0.1 to 10.0.5 Bumps Microsoft.Extensions.Options from 10.0.1 to 10.0.5 Bumps StackExchange.Redis from 2.8.41 to 2.12.1 Bumps Testcontainers.Azurite from 4.10.0 to 4.11.0 Bumps Testcontainers.Minio from 4.10.0 to 4.11.0 Bumps Testcontainers.Redis from 4.10.0 to 4.11.0 Bumps ZiggyCreatures.FusionCache from 2.5.0 to 2.6.0 --- updated-dependencies: - dependency-name: Azure.Identity dependency-version: 1.19.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nuget-dependencies - dependency-name: Azure.Storage.Blobs dependency-version: 12.27.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nuget-dependencies - dependency-name: Microsoft.Extensions.Caching.Abstractions dependency-version: 10.0.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nuget-dependencies - dependency-name: Microsoft.Extensions.Caching.StackExchangeRedis dependency-version: 10.0.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nuget-dependencies - dependency-name: Microsoft.Extensions.Configuration.Json dependency-version: 10.0.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nuget-dependencies - dependency-name: Microsoft.Extensions.Hosting dependency-version: 10.0.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nuget-dependencies - dependency-name: Microsoft.Extensions.Logging dependency-version: 10.0.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nuget-dependencies - dependency-name: Microsoft.Extensions.Logging.Abstractions dependency-version: 10.0.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nuget-dependencies - dependency-name: Microsoft.Extensions.Options dependency-version: 10.0.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nuget-dependencies - dependency-name: StackExchange.Redis dependency-version: 2.12.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nuget-dependencies - dependency-name: Testcontainers.Azurite dependency-version: 4.11.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nuget-dependencies - dependency-name: Testcontainers.Minio dependency-version: 4.11.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nuget-dependencies - dependency-name: Testcontainers.Redis dependency-version: 4.11.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nuget-dependencies - dependency-name: ZiggyCreatures.FusionCache dependency-version: 2.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nuget-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>
Owner
|
Looks like this is failing because the Azurite image does not support the API version in the latest blob/identity packages yet. Leaving this open for now until it is resolved on their end. RELEVANT ISSUE ON AZURITE We can get around this if needed with: _azuriteContainer = new AzuriteBuilder(
image: "mcr.microsoft.com/azure-storage/azurite:latest"
)
.WithCommand("--skipApiVersionCheck").Build(); |
dependabot
bot
force-pushed
the
dependabot/nuget/nuget-dependencies-02ee8d184e
branch
from
0712d78 to
369a21f
Compare
mrfootoyou
force-pushed
the
dependabot/nuget/nuget-dependencies-02ee8d184e
branch
from
369a21f to
ba7c80e
Compare
Collaborator
@gregyjames You beat me to it! I was going to propose we add |
Contributor
Author
|
Dependabot received an unexpected response from a private package registry. Because of this, Dependabot cannot update this pull request. |
mrfootoyou
approved these changes
Mar 16, 2026
Configure the Azurite container with `--loose` and `--skipApiVersionCheck` flags to ensure compatibility with older Azure Storage SDKs and prevent API version mismatch errors during tests.
mrfootoyou
force-pushed
the
dependabot/nuget/nuget-dependencies-02ee8d184e
branch
from
ba7c80e to
49fb632
Compare
Owner
|
@mrfootoyou thanks for making the change, I agree we should do this so we are not impacted by an more Azurite delays. |
gregyjames
approved these changes
Mar 17, 2026
dependabot
bot
deleted the
dependabot/nuget/nuget-dependencies-02ee8d184e
branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Updated Azure.Identity from 1.14.1 to 1.19.0.
Release notes
Sourced from Azure.Identity's releases.
1.19.0
1.19.0 (2026-03-11)
Features Added
ClientCertificateCredentialto specify a path in the form ofcert:/StoreLocation/StoreName/Thumbprintto refer to a certificate in the platform certificate store - such as the Windows Certificate Store on Windows, and the KeyChain on MacOS - instead of a file on disk. For example to load a certificate from the "My" store in the "CurrentUser" location use the pathcert:/CurrentUser/My/E661583E8FABEF4C0BEF694CBC41C28FB81CD870(A community contribution, courtesy of fowl2).Other Changes
Microsoft.Identity.ClientandMicrosoft.Identity.Client.Extensions.Msaldependencies to version 4.83.1.1.18.0
1.18.0 (2026-02-25)
Features Added
Added experimental
Microsoft.Extensions.ConfigurationandMicrosoft.Extensions.DependencyInjectionintegration for Azure SDK clients. For details, see the Configuration and Dependency Injection documentation.The
WorkloadIdentityCredentialOptions.IsAzureProxyEnabledproperty, which enables Azure Kubernetes token proxy mode, is only available in beta releases of this package.AzureDeveloperCliCredentialnow parses JSON error output fromazd auth tokento extract clean error messages instead of including raw JSON in exceptions. Error messages like{"type":"consoleMessage","data":{"message":"ERROR: fetching token: ..."}}are now displayed asERROR: fetching token: ....1.18.0-beta.3
1.18.0-beta.3 (2026-02-20)
Breaking Changes
WorkloadIdentityCredentialOptions.IsAzureKubernetesTokenProxyEnabledtoIsAzureProxyEnabledto follow .NET naming conventions for boolean properties.Bugs Fixed
Fixed a NullReferenceException that occurred during X509Chain validation on Linux when using the Identity Bindings feature.
Disabled MSAL's internal retry logic for
ConfidentialClientApplicationandPublicClientApplicationto prevent double retries when combined with Azure SDK's retry policy. Only the configured Azure SDK retry policy is applied, avoiding unexpected additional retry attempts.1.15.0
1.15.0 (2026-02-02)
Features Added
Commits viewable in compare view.
Updated Azure.Storage.Blobs from 12.24.1 to 12.27.0.
Release notes
Sourced from Azure.Storage.Blobs's releases.
No release notes found for this version range.
Commits viewable in compare view.
Updated Microsoft.Extensions.Caching.Abstractions from 10.0.1 to 10.0.5.
Release notes
Sourced from Microsoft.Extensions.Caching.Abstractions's releases.
No release notes found for this version range.
Commits viewable in compare view.
Updated Microsoft.Extensions.Caching.StackExchangeRedis from 10.0.3 to 10.0.5.
Release notes
Sourced from Microsoft.Extensions.Caching.StackExchangeRedis's releases.
No release notes found for this version range.
Commits viewable in compare view.
Updated Microsoft.Extensions.Configuration.Json from 10.0.3 to 10.0.5.
Release notes
Sourced from Microsoft.Extensions.Configuration.Json's releases.
No release notes found for this version range.
Commits viewable in compare view.
Updated Microsoft.Extensions.Hosting from 10.0.3 to 10.0.5.
Release notes
Sourced from Microsoft.Extensions.Hosting's releases.
No release notes found for this version range.
Commits viewable in compare view.
Updated Microsoft.Extensions.Logging from 10.0.3 to 10.0.5.
Release notes
Sourced from Microsoft.Extensions.Logging's releases.
No release notes found for this version range.
Commits viewable in compare view.
Updated Microsoft.Extensions.Logging.Abstractions from 10.0.1 to 10.0.5.
Release notes
Sourced from Microsoft.Extensions.Logging.Abstractions's releases.
No release notes found for this version range.
Commits viewable in compare view.
Updated Microsoft.Extensions.Options from 10.0.1 to 10.0.5.
Release notes
Sourced from Microsoft.Extensions.Options's releases.
No release notes found for this version range.
Commits viewable in compare view.
Updated StackExchange.Redis from 2.8.41 to 2.12.1.
Release notes
Sourced from StackExchange.Redis's releases.
No release notes found for this version range.
Commits viewable in compare view.
Updated Testcontainers.Azurite from 4.10.0 to 4.11.0.
Release notes
Sourced from Testcontainers.Azurite's releases.
4.11.0
What's Changed
Thanks to all contributors. Once again, really great contributions from everyone 🤝.
The NuGet packages for this release have been attested for supply chain security using
actions/attest. This confirms the integrity and provenance of the artifacts and helps ensure they can be trusted: #21198535.Please be aware that we have changed the supported and underlying image used for the Cosmos DB module. The
latesttag only supports certain environments and provides a limited set of features. Microsoft has introduced a new implementation,vnext-preview, which receives more updates and features. Due to the limitations of thelatesttag, we decided to replace it withvnext-preview. You find more information about the image here: https://github.com/Azure/azure-cosmos-db-emulator-docker.🚀 Features
🐛 Bug Fixes
📖 Documentation
🧹 Housekeeping
... (truncated)
Commits viewable in compare view.
Updated Testcontainers.Minio from 4.10.0 to 4.11.0.
Release notes
Sourced from Testcontainers.Minio's releases.
4.11.0
What's Changed
Thanks to all contributors. Once again, really great contributions from everyone 🤝.
The NuGet packages for this release have been attested for supply chain security using
actions/attest. This confirms the integrity and provenance of the artifacts and helps ensure they can be trusted: #21198535.Please be aware that we have changed the supported and underlying image used for the Cosmos DB module. The
latesttag only supports certain environments and provides a limited set of features. Microsoft has introduced a new implementation,vnext-preview, which receives more updates and features. Due to the limitations of thelatesttag, we decided to replace it withvnext-preview. You find more information about the image here: https://github.com/Azure/azure-cosmos-db-emulator-docker.🚀 Features
🐛 Bug Fixes
📖 Documentation
🧹 Housekeeping
... (truncated)
Commits viewable in compare view.
Updated Testcontainers.Redis from 4.10.0 to 4.11.0.
Release notes
Sourced from Testcontainers.Redis's releases.
4.11.0
What's Changed
Thanks to all contributors. Once again, really great contributions from everyone 🤝.
The NuGet packages for this release have been attested for supply chain security using
actions/attest. This confirms the integrity and provenance of the artifacts and helps ensure they can be trusted: #21198535.Please be aware that we have changed the supported and underlying image used for the Cosmos DB module. The
latesttag only supports certain environments and provides a limited set of features. Microsoft has introduced a new implementation,vnext-preview, which receives more updates and features. Due to the limitations of thelatesttag, we decided to replace it withvnext-preview. You find more information about the image here: https://github.com/Azure/azure-cosmos-db-emulator-docker.🚀 Features
🐛 Bug Fixes
📖 Documentation
🧹 Housekeeping
... (truncated)
Commits viewable in compare view.
Updated ZiggyCreatures.FusionCache from 2.5.0 to 2.6.0.
Release notes
Sourced from ZiggyCreatures.FusionCache's releases.
2.6.0
🏷️ Configurable cleanup behavior for
RemoveByTag()Normally, when calling
RemoveByTag("my-tag"), the entries with such a tag will be gradually expired on a subsequent access.Community member @charlesvigneault asked for the ability to instead properly remove them.
So I added a new option to allow configuring this behavior:
See here for the original issue.
RemoveByTag("*")in HybridCache adapterAfter the initial release of HybridCache in 2025, the team added support for a special case: using
RemoveByTag("*")to clear the entire cache.I didn't notice untile recently, and thanks to community user @vrbyjimmy I did that.
Or, to better say it, he did that!
He acted so quickly that a PR immediately landed with the implementation, so thanks Jakub for that!
What happens underneath is that a
RemoveByTag("*")call on the adapter is detected and re-routed to a Clear() call on the underlying FusionCache instance: very simple and elegant, and I like that a lot.See here for the original issue.
🔒 Better Distributed Locker + Eager Refresh
Community user @jgshowpad noticed that when using the new distributed stampede protection introduced in v2.5.0 with Eager Refresh some errors were being logged.
That was caused by the Redis-based distributed locker not handling correctly a timeout of zero (which btw is a pretty common approach to basically check for a lock already being acquired by someone else, without having to wait).
This has now been fixed.
See here for the original issue.
⚡ Perf boost for
GenerateOperationId()Community user @Inok contributed with a nice set of low-level perf optimizations for the
GenerateOperationId()internal method, which may be called quite a lot when doing observability (logging, OTEL, etc).That's a very nice and welcome contribution, thanks Pavel!
See here for the original issue.
... (truncated)
Commits viewable in compare view.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions