chore(nuget): Bump the nuget-dependencies group with 4 updates

[dependabot]

Updated Microsoft.Extensions.Http.Resilience from 10.4.0 to 10.5.0.

Release notes

Sourced from Microsoft.Extensions.Http.Resilience's releases.

10.5.0

HTTP Logging Middleware APIs in Microsoft.AspNetCore.Diagnostics.Middleware are now stable. This release also transfers Microsoft.Extensions.VectorData.Abstractions and Microsoft.Extensions.VectorData.ConformanceTests from the Semantic Kernel repository into dotnet/extensions, jumping from 10.1.0 to 10.5.0 for consistent versioning. The release also delivers fixes across the AI libraries, AI Evaluation, and Service Discovery.

Breaking Changes

1. Rename VectorStoreVectorAttribute constructor parameter #​7460
   • The Dimensions parameter was renamed to dimensions (lowercase). This is a source-breaking change only — binary compatibility is preserved.
   • If you use the named argument syntax new VectorStoreVectorAttribute(Dimensions: 1536), update it to new VectorStoreVectorAttribute(dimensions: 1536).

Experimental API Changes

Now Stable

• HTTP Logging Middleware APIs are now stable (previously EXTEXP0013): AddHttpLogEnricher<T>, IHttpLogEnricher, and RequestHeadersLogEnricherOptions.HeadersDataClasses #​7380

What's Changed

AI

• Fix OpenAIResponsesChatClient to respect "store":false in responses #​7417 by @​stephentoub
• Fix InvalidOperationException in CoalesceWebSearchToolCallContent #​7419 by @​stephentoub
• Handle F# optional parameters in AIFunctionFactory schema generation #​7439 by @​eiriktsarpalis
• Fix ComputerCallResponseItem using Item.Id instead of CallId #​7446 by @​jozkee
• Fix HostedFileContent with image MIME type sent as input_file instead of input_image #​7438 by @​stephentoub (co-authored by @​copilot)
• Guard Activity.Current restore with null check in OpenTelemetry streaming clients #​7443 by @​stephentoub (co-authored by @​copilot)
• Enable stateless mode in remote MCP server template (released as v1.2.0 on 2026-04-01) #​7441 by @​jeffhandley

Vector Data

• Move Microsoft.Extensions.VectorData.Abstractions over from Semantic Kernel #​7434 by @​roji
• Rename VectorStoreVectorAttribute dimensions constructor parameter #​7460 by @​roji

AI Evaluation

• Add Path Validation for DiskBasedResponseCache and DiskBasedResultStore #​7397 by @​peterwald
• Update brace-expansion for CVE-2026-33750 #​7457 by @​SamMonoRT

ASP.NET Core Extensions

• Removing experimental attribute from Http logging middleware #​7380 by @​mariamgerges

Service Discovery

• Implement RFC6761 reserved DNS names handling #​6924 by @​rzikm

Documentation Updates

• Remove per-library CHANGELOG.md files #​7413 by @​jeffhandley

Test Improvements

... (truncated)

10.4.1

This release of the Microsoft.Extensions.AI packages adds new experimental APIs for Realtime client sessions and Text-to-Speech, along with OpenTelemetry and middleware improvements.

Packages in this release

Package	Version
Microsoft.Extensions.AI.Abstractions	10.4.1
Microsoft.Extensions.AI	10.4.1
Microsoft.Extensions.AI.OpenAI	10.4.1

Experimental API Changes

New Experimental APIs

• New experimental API: Realtime Client Sessions #​7285 and #​7399
• New experimental API: Text-to-Speech Client #​7381

Changes to Experimental APIs

• Hosted File Download Stream: write-path methods now explicitly throw NotSupportedException #​7394

What's Changed

AI

• Add ITextToSpeechClient abstraction, middleware, and OpenAI implementation #​7381 by @​stephentoub
• Realtime Client Proposal #​7285 by @​tarekgh
• Add VoiceActivityDetection options to realtime session abstractions #​7399 by @​tarekgh
• Make UriContent mediaType parameter optional with inference from URI file extension #​7398 by @​stephentoub (co-authored by @​Copilot)
• Emit gen_ai.client.operation.exception via ILogger LoggerMessage on OpenTelemetry instrumentation classes #​7379 by @​stephentoub (co-authored by @​Copilot)
• Support invoke_workflow as an equivalent parent span to invoke_agent in FunctionInvokingChatClient #​7382 by @​stephentoub (co-authored by @​Copilot)
• Make HostedFileDownloadStream explicitly read-only #​7394 by @​stephentoub (co-authored by @​Copilot)

Documentation Updates

• Document JSON schema derivation for return types in AIFunctionFactory #​7400 by @​stephentoub (co-authored by @​Copilot)

Test Improvements

• Fix test warnings #​7369 by @​jozkee
• Add tests for JSON deserialization of serializable types #​7373 by @​stephentoub (co-authored by @​Copilot)

Repository Infrastructure Updates

• Update Package Validation Baseline to 10.4.0 #​7389 by @​jeffhandley (co-authored by @​Copilot)
• Update ModelContextProtocol libraries to version 1.0.0 #​7340 by @​stephentoub (co-authored by @​Copilot)

Acknowledgements

• @​eiriktsarpalis @​ericstj @​CodeBlanch @​lmolkova @​adamsitnik @​joperezr reviewed pull requests
  ... (truncated)

Commits viewable in compare view.

Updated Microsoft.Identity.Web from 4.6.0 to 4.7.0.

Release notes

Sourced from Microsoft.Identity.Web's releases.

4.7.0

4.7.0

Bug fixes

• Updates to Microsoft.Identity.Abstractions 12.0.0 to revert breaking changes introduced in Abstractions 11.0.0. (On .NET 10 target, Certificate extension method in CredentialDescription was reverted to normal property.) See #​3767.

Commits viewable in compare view.

Updated Microsoft.NET.Test.Sdk from 18.3.0 to 18.4.0.

Release notes

Sourced from Microsoft.NET.Test.Sdk's releases.

18.4.0

What's Changed

• Add LoongArch64 support by @​stdmnpkg in Add LoongArch64 support microsoft/vstest#15359

• Refactor Condition evaluation by @​Youssef1313 in Refactor Condition evaluation microsoft/vstest#15357

• Adding info on extensions points part 1 by @​nohwnd in Adding info on extensions points part 1 microsoft/vstest#15360

• Add option to ask for uploading code QL before the standard window ends by @​nohwnd in Add option to ask for uploading code QL before the standard window ends microsoft/vstest#15373

• Update runtime versions by @​nohwnd in Update runtime versions microsoft/vstest#15372

• Fix .NET 10 regression for traits by @​Youssef1313 in Fix .NET 10 regression for traits microsoft/vstest#15370

• Update target frameworks to net10.0 and net11.0 by @​dotnet-maestro[bot] in Update target frameworks to net10.0 and net11.0 microsoft/vstest#15349

• Fix names in pipeline matrix so we don't have to align them by @​nohwnd in Fix names in pipeline matrix so we don't have to align them microsoft/vstest#15365

• Update SECURITY.md by @​Youssef1313 in Update SECURITY.md microsoft/vstest#15342

New Contributors

• @​stdmnpkg made their first contribution in Add LoongArch64 support microsoft/vstest#15359

Full Changelog: microsoft/vstest@v18.3.0...v18.4.0

Commits viewable in compare view.

Updated Testcontainers from 4.4.0 to 4.11.0.

Release notes

Sourced from Testcontainers's releases.

4.11.0

What's Changed

Thanks to all contributors. Once again, really great contributions from everyone 🤝.

The NuGet packages for this release have been attested for supply chain security using actions/attest. This confirms the integrity and provenance of the artifacts and helps ensure they can be trusted: #​21198535.

Please be aware that we have changed the supported and underlying image used for the Cosmos DB module. The latest tag only supports certain environments and provides a limited set of features. Microsoft has introduced a new implementation, vnext-preview, which receives more updates and features. Due to the limitations of the latest tag, we decided to replace it with vnext-preview. You find more information about the image here: https://github.com/Azure/azure-cosmos-db-emulator-docker.

⚠️ Breaking Changes

• feat(CosmosDb): Update base image from latest to vnext-preview (#​1324) @​NelsonBN

🚀 Features

• feat(CosmosDb): Update base image from latest to vnext-preview (#​1324) @​NelsonBN
• feat: Add typed WithResourceMapping(...) overloads (#​1497) @​cimnine
• feat: Add Seq module (#​1276) @​montanehamilton
• feat(PostgreSql): Add WithSsl builder API (#​1529) @​ozkanpakdil
• feat: Add Temporal module (#​1635) @​bgener
• feat: Add module connection string provider (#​1632) @​HofmeisterAn
• fead: Add default container connection string provider (#​1630) @​HofmeisterAn
• feat(ServiceBus): Add method to get HTTP connection string (#​1622) @​NelsonBN

🐛 Bug Fixes

• fix(MongoDb): Wait for post-init startup readiness before replica set initiation (#​1656) @​HofmeisterAn
• fix(Seq): Assert connection string provider (#​1645) @​HofmeisterAn
• fix(EventHubs): Ignore runtime property to support reuse (#​1644) @​franciscosamuel
• fix(ServiceBus): Ignore runtime property to support reuse (#​1643) @​franciscosamuel
• fix(ResourceReaper): Set wait strategy (#​1634) @​HofmeisterAn
• fix(ServiceBus): Workaround health API timeout (#​1625) @​HofmeisterAn
• fix: Do not set console buffer width (ConsoleLogger) (#​1623) @​HofmeisterAn
• fix(EventHubs): Workaround health API timeout (#​1624) @​HofmeisterAn

📖 Documentation

• docs(CosmosDb): Replace unsupported tag 'latest' with 'vnext-preview' (#​1660) @​HofmeisterAn
• docs(Redis): Add example (#​1641) @​HofmeisterAn

🧹 Housekeeping

• chore(examples): Enable NuGet restore lock mode (#​1659) @​HofmeisterAn
• chore: Pin image digest (#​1658) @​HofmeisterAn
• fix: Run OpenSSF Scorecard only on default branch (#​1657) @​HofmeisterAn
• chore: Remove Git LFS tracking for .snk (#​1655) @​HofmeisterAn
• feat: Enable Dependabot for NuGet (repo) (#​1654) @​HofmeisterAn
• feat: Enable Dependabot for NuGet (src) (#​1653) @​HofmeisterAn
• fix: Replace branch protection with ruleset (#​1652) @​HofmeisterAn
• fix: Do not enforce policies for admins (#​1651) @​HofmeisterAn
• fix: Remove missing labels from Dependabot (#​1650) @​HofmeisterAn
  ... (truncated)

4.10.0

What's Changed

Happy New Year, everyone! 🎉

Please note that going forward, we expect developers to explicitly pin the image version (testcontainers/testcontainers-dotnet#1470). We consider this a best practice and it aligns with other language implementations.

Also, due to the recent Docker Engine v29 release, TC for .NET pins the Docker Engine API version to 1.44 (see the previous release notes). You can override this default and set it to the version you're using, ideally 1.52, which corresponds to v29, if you're already running it.

⚠️ Breaking Changes

• feat: Add Docker Engine v29 support (#​1609) @​HofmeisterAn
• chore: Remove EventStoreDb module (#​1599) @​HofmeisterAn

🚀 Features

• feat: Require explicit container image in Testcontainers.Xunit (#​1612) @​0xced
• feat: Add Platform property to IImage interface (#​1610) @​HofmeisterAn
• feat: Add Docker Engine v29 support (#​1609) @​HofmeisterAn
• feat: Require explicit container image when creating container builder (#​1584) @​digital88
• feat: Add connection string provider (#​1588) @​HofmeisterAn

🐛 Bug Fixes

• fix(Kafka): Bump image version to prevent container crash on startup (#​1604) @​HofmeisterAn
• fix(Elasticsearch): Use HTTP wait strategy (#​1593) @​digital88
• fix(Milvus): Use healthcheck wait strategy (#​1585) @​verdie-g

📖 Documentation

• docs: Pin the image version explicitly (#​1605) @​HofmeisterAn

🧹 Housekeeping

• chore: Remove Sonar findings (#​1611) @​HofmeisterAn
• chore: Pin Docker Engine API for GH workflow to 1.47 (#​1608) @​HofmeisterAn
• chore: Set remaining container image explicit (#​1606) @​digital88
• fix(Kafka): Bump image version to prevent container crash on startup (#​1604) @​HofmeisterAn
• chore: Remove EventStoreDb test project from SLNX file (#​1603) @​0xced
• chore: Skip unnecessary work for empty or null sequences (#​1601) @​HofmeisterAn
• chore: Delegate container builder ctor string to IImage (#​1600) @​HofmeisterAn
• chore: Remove EventStoreDb module (#​1599) @​HofmeisterAn
• feat: Prepare next release cycle (4.10.0) (#​1586) @​HofmeisterAn

4.9.0

What's Changed

This release adds a new configuration (DOCKER_API_VERSION) that lets you pin and downgrade the Docker Engine API version. This was needed because Docker Engine v29 introduced breaking changes that affect Docker.DotNet and Testcontainers for .NET. This release pins the API version to 1.44. So far, no issues or negative side effects have been observed.

I am also working on updating Docker.DotNet to make it fully compatible with Docker Engine v29. There is already a work-in-progress PR.

Thanks to all the contributors who helped with this release 👍.

⚠️ Breaking Changes

• feat: Add KurrentDb module (#​1583) @​diegosasw

🚀 Features

• feat: Add KurrentDb module (#​1583) @​diegosasw
• chore: Bump NuGet dependencies (#​1578) @​HofmeisterAn
• feat: Add .NET 10 support (#​1572) @​HofmeisterAn
• feat: Support configuring Docker API version (#​1576) @​HofmeisterAn
• feat: Add Mosquitto module (#​1522) @​EtherZa
• feat: Add Toxiproxy module (#​1454) @​iltertaha
• feat: Add Grafana module (#​1509) @​thomhurst
• feat: Add Playwright module (#​1288) @​alimahboubi

🐛 Bug Fixes

• fix(Milvus): Set DEPLOY_MODE=STANDALONE (necessary for v2.6+) (#​1569) @​verdie-g
• fix: Set Kusto wait strategy encoding to UTF-8 (#​1567) @​MattKotsenas
• fix: Split ALL_CHANGED_FILES on any whitespace (#​1566) @​HofmeisterAn

📖 Documentation

• docs: Use correct comment characters for C# language (#​1564) @​HofmeisterAn

🧹 Housekeeping

• feat: Add SLNX file (#​1579) @​HofmeisterAn
• chore: Update Toxiproxy NuGet dependency to a .NET compatible version (#​1568) @​HofmeisterAn
• chore: Add script to detect which tests to run in CI (#​1563) @​HofmeisterAn
• chore: Make the continuous delivery job fork-friendly (#​1559) @​0xced
• feat: Prepare next release cycle (4.9.0) (#​1561) @​HofmeisterAn

4.8.1

What's Changed

🐛 Bug Fixes

• fix: Compute correct relative Dockerfile file path (#​1558) @​HofmeisterAn

4.8.0

What's Changed

Thank you to all the contributors 🙌.

In version 4.7.0, we noticed that the reuse hash could change depending on the order of dictionary values. This has been fixed to ensure that dictionary values are processed in a consistent order when generating the reuse hash. As a result, the reuse hash will likely change again with 4.8.0.

Wait strategies now default to the Running mode. This mode expects the container to remain running throughout startup. If the container exits unexpectedly, Testcontainers will throw a ContainerNotRunningException that includes the exit code and container logs.

The container startup callback now includes an additional overload that provides the actual container configuration. If you implement IContainerBuilder<TBuilderEntity, TContainerEntity>, you need to add the container configuration (e.g., IContainerConfiguration) as a third generic type constraint to IContainerBuilder.

IContainerBuilder.WithResourceMapping and IContainer.CopyAsync now include two new optional arguments: uid and gid. If you do not need to specify those, use named arguments for the existing parameters: fileMode or ct.

⚠️ Breaking Changes

• fix: Generate consistent reuse hashes by sorting dictionary keys (#​1554) @​0xced
• feat: Throw if container not running (#​1550) @​HofmeisterAn
• feat: Add startup callback overload with configuration type (#​1547) @​HofmeisterAn
• feat: Support UID/GID when copying files (#​1531) @​HofmeisterAn

🚀 Features

• feat: Throw if container not running (#​1550) @​HofmeisterAn
• feat: Add startup callback overload with configuration type (#​1547) @​HofmeisterAn
• feat: Add Docker build context (#​1536) @​HofmeisterAn
• feat: Add WithTarget(string) to image builder (#​1534) @​HofmeisterAn
• feat: Resolve Dockerfile ARGs pulling base images (#​1532) @​HofmeisterAn
• feat: Support UID/GID when copying files (#​1531) @​HofmeisterAn
• feat(Keycloak): Add API to import a realm configuration file (#​1526) @​VladislavAntonyuk

🐛 Bug Fixes

• fix: Generate consistent reuse hashes by sorting dictionary keys (#​1554) @​0xced
• fix(MongoDb): Use db.runCommand({hello:1}) do detect readiness (#​1548) @​HofmeisterAn
• fix(Papercut): Pin version 7.0 and set new HTTP and SMTP ports (#​1549) @​HofmeisterAn
• fix(Pulsar): Wait for default namespace (#​1539) @​HofmeisterAn
• fix(Keycloak): Wait until user created (#​1535) @​HofmeisterAn

📖 Documentation

• docs: Remove obsolete UntilOperationIsSucceeded wait strategy example (#​1551) @​ascott18
• docs: Fix link to Ryuk in IContainerBuilder.WithAutoRemove code comment (#​1546) @​hojmark

🧹 Housekeeping

• chore: Don't create a static field in a generic class (#​1555) @​HofmeisterAn
• chore: Add test certificates to common project (#​1545) @​HofmeisterAn
• chore: Update CI workflow to ubuntu-24.04 (#​1544) @​HofmeisterAn
• chore: Collect test projects at CI runtime (#​1543) @​HofmeisterAn
• chore: Fix grammar (#​1542) @​Smoothengineer
• chore: Bump Ryuk (#​1537) @​HofmeisterAn
  ... (truncated)

4.7.0

What's Changed

This release doesn't introduce breaking changes to the public API, but it isn't binary compatible due to necessary internal changes. Make sure to update all related packages (Testcontainers modules) to the same version. See more details here. Thanks to all contributors 👏.

⚠️ Breaking Changes

• feat(Kafka): Add KRaft support (#​1353) @​SukharevAndrey
• feat: Add ability to override enumerable builder values (#​1506) @​HofmeisterAn

🚀 Features

• feat: Add wait strategy to check external (TCP) port availability (#​1495) @​WhiteTomX
• feat(Kafka): Add KRaft support (#​1353) @​SukharevAndrey
• feat: Relax Base64 auth provider and ignore path segments in Docker registry URLs (#​1516) @​HofmeisterAn
• feat: Add ability to override enumerable builder values (#​1506) @​HofmeisterAn
• feat(Elasticsearch): Return HTTP connection string if security is disabled (#​1494) @​HofmeisterAn
• fix: Add tooling to inherit XML docs (#​1493) @​HofmeisterAn
• feat: Resolve .slnx (solution) file in common directory paths (#​1492) @​alexander-jesner-AP
• feat: Support getting all mapped ports (#​1485) @​HofmeisterAn
• feat: Add named pipe connection timeout custom configuration (#​1480) @​HofmeisterAn

🐛 Bug Fixes

• feat(Kafka): Add KRaft support (#​1353) @​SukharevAndrey
• fix: Send valid HTTP test responses (#​1505) @​HofmeisterAn
• fix: Use null-conditional operator to access FinishedAt (#​1499) @​HofmeisterAn
• fix: Remove timeout that kills PID 1 when stopping a container (#​1481) @​HofmeisterAn
• fix(Pulsar): Wait until the consumer becomes connected (#​1467) @​HofmeisterAn
• fix(ServiceBus): Remove container lifecycle overrides (#​1465) @​HofmeisterAn

📖 Documentation

• docs: Explain how to substitute the Docker Hub registry (#​1503) @​HofmeisterAn
• docs: Extend example copying files to a container (#​1487) @​cimnine

🧹 Housekeeping

• chore: Change Kafka vendor configuration from class to interface (#​1519) @​HofmeisterAn
• chore: Bump Docker.DotNet version to 3.128.5 (#​1511) @​HofmeisterAn
• chore: Build a single project instead of the whole solution (#​1502) @​HofmeisterAn

4.6.0

What's Changed

This is a patch release (but the minor version was already set). It fixes a bug in our Docker.DotNet fork where a wrong HTTP Connection header break Podman and possibly other environments. Shipped a quick fix. Thanks again to @​ahaeber and @​victor-lambret for the help.

🐛 Bug Fixes

• chore: Bump Docker.DotNet version to 3.128.3 (#​1462) @​HofmeisterAn

🧹 Housekeeping

• chore: Bump Docker.DotNet version to 3.128.3 (#​1462) @​HofmeisterAn

4.5.0

What's Changed

Big thanks to everyone who contributed to this release 🤜🤛.

🚀 Features

• feat: Add OpenSearch module (#​1395) @​digital88
• feat: Add Typesense module (#​1446) @​brainded
• feat: Add Task<ExecResult> extension method ThrowOnFailure (#​1448) @​HofmeisterAn
• feat: Throw DockerUnavailableException when Docker is not available (#​1308) @​0xced
• feat: Improve error reporting when loading the Docker configuration file (#​1263) @​0xced
• feat: Add a wait strategy that waits until the ADO.NET database is available (#​1401) @​0xced
• feat: Add Ollama module (#​1099) @​frankhaugen
• feat: Allow canceling container start in xUnit.net v3 fixtures (#​1431) @​TheConstructor
• fix(EventHubs): Support default consumer group name (#​1432) @​scrocquesel-ml150
• feat: Add Lowkey Vault module (#​1344) @​Xor-el
• feat(ServiceBus): Add builder API to upload config file (#​1424) @​chasewallis

🐛 Bug Fixes

• fix: Set container created, started, stopped time from inspect response (#​1455) @​HofmeisterAn
• fix(EventHubs): Change predicate that it does not always evaluate to true (#​1433) @​HofmeisterAn
• fix(EventHubs): Support default consumer group name (#​1432) @​scrocquesel-ml150

📖 Documentation

• docs(ClickHouse): Add example (#​1421) @​digital88
• docs: Mention the xUnit.net v3 module (package) (#​1442) @​TheConstructor

🧹 Housekeeping

• chore: Add ExecResult serializable test data (#​1456) @​HofmeisterAn
• chore: Remove Sonar findings (#​1450) @​HofmeisterAn
• chore: Replace Cake .NET Tool with Cake Frosting (#​1437) @​0xced
• chore: Update test-framework to xUnit.net v3 (#​1441) @​TheConstructor
• chore: Bump Docker.DotNet version to 3.128.1 (#​1443) @​HofmeisterAn
• chore: Add xUnit.net v3 tests (#​1430) @​TheConstructor
• chore: Bump CI .NET SDK and Cake version (#​1434) @​HofmeisterAn

Commits viewable in compare view.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: dependencies, dotnet. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.