chore(deps): update microsoft.aspnetcore to 10.0.4

[thomhurst]

This PR contains the following updates:

Package	Type	Update	Change
Microsoft.AspNetCore.Authentication.JwtBearer (source)	nuget	patch	10.0.3 → 10.0.4
Microsoft.AspNetCore.Mvc.Testing (source)	nuget	patch	10.0.3 → 10.0.4
Microsoft.AspNetCore.OpenApi (source)	nuget	patch	10.0.3 → 10.0.4
Microsoft.AspNetCore.TestHost (source)	nuget	patch	10.0.3 → 10.0.4

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

[claude]

Code Review: chore(deps): update microsoft.aspnetcore to 10.0.4

This is a straightforward Renovate Bot dependency update bumping four Microsoft.AspNetCore packages from 10.0.3 to 10.0.4 (patch version bump).

Summary of Changes

• Directory.Packages.props — Central version management updated for Microsoft.AspNetCore.Mvc.Testing, Microsoft.AspNetCore.OpenApi, Microsoft.AspNetCore.TestHost
• TUnit.AspNetCore/TUnit.AspNetCore.csproj — Framework-conditional overrides updated
• TUnit.Templates/ — Template project references updated
• examples/CloudShop/ — Example app references updated

Assessment

The changes look correct and consistent. All references to the 10.0.3 versions have been updated to 10.0.4 across all affected files.

One observation worth noting: The TUnit.AspNetCore.csproj file has a minor inconsistency — the Version attribute on the PackageReference elements for net8.0 and net9.0 targets is updated to 10.0.4, but those entries also carry a VersionOverride of 8.0.0/9.0.0 which is what actually gets resolved. The Version attribute in this case is effectively documentation/metadata and doesn't affect resolution, so this is fine functionally — but it could be misleading over time if the two drift apart. Worth considering whether the redundant Version attribute could be removed from those conditional overrides to reduce noise.

This is a patch update from a trusted Microsoft package family with automerge enabled, which is appropriate. No architectural concerns. Good to merge.

[claude]

Code Review: chore(deps): update microsoft.aspnetcore to 10.0.4

This is a Renovate Bot patch update bumping four Microsoft.AspNetCore packages from 10.0.3 → 10.0.4.

Files Changed

File	Change
Directory.Packages.props	Central version management for Mvc.Testing, OpenApi, TestHost
TUnit.AspNetCore/TUnit.AspNetCore.csproj	Framework-conditional overrides updated
TUnit.Templates/	Template project references updated
examples/CloudShop/	Example app references updated

Assessment

The changes are correct and consistent — all 10.0.3 references are updated to 10.0.4 across the repo.

Existing observation (from previous review, still applies): In TUnit.AspNetCore.csproj, the net8.0 and net9.0 conditional overrides have both a Version attribute (now 10.0.4) and a VersionOverride (pinned to 8.0.0/9.0.0). The VersionOverride wins at resolution time, so the Version attribute there is effectively inert documentation. This is a pre-existing design choice and not introduced by this PR — worth cleaning up separately to avoid confusion, but it doesn't block this update.

This is a routine patch update from a trusted Microsoft package family with automerge enabled. No architectural concerns. Approved.

[claude]

Code Review: chore(deps): update microsoft.aspnetcore to 10.0.4

This is a follow-up review of a Renovate Bot patch update bumping four Microsoft.AspNetCore packages from 10.0.3 → 10.0.4.

Previous Reviews Recap

Two prior Claude reviews were posted on this PR. Both identified the same pre-existing observation:

In TUnit.AspNetCore.csproj, the net8.0 and net9.0 conditional overrides carry both a Version attribute (now 10.0.4) and a VersionOverride (pinned to 8.0.0/9.0.0). Since VersionOverride wins at resolution time, the Version attribute is effectively inert. This is a pre-existing design choice, not introduced by this PR.

Current State

No changes have been made to address the above observation (it was flagged as a pre-existing issue, not a blocker). The PR diff itself remains correct and complete — all 10.0.3 references are consistently updated to 10.0.4 across:

• Directory.Packages.props (central version management)
• TUnit.AspNetCore/TUnit.AspNetCore.csproj (framework-conditional overrides)
• TUnit.Templates/ (template project references)
• examples/CloudShop/ (example app references)

Recommendation

The VersionOverride redundancy in TUnit.AspNetCore.csproj is worth addressing in a separate cleanup PR for clarity, but it is not a blocker here.

This is a routine, low-risk patch update from a trusted Microsoft package family. No architectural concerns. Safe to merge.

[claude]

Code Review: chore(deps): update microsoft.aspnetcore to 10.0.4

This is the fourth review pass on this PR. No changes have been made to the diff since the previous reviews — the PR remains a straightforward Renovate Bot patch bump of four Microsoft.AspNetCore packages from 10.0.3 → 10.0.4.

Previous Observation (still standing, still not a blocker)

In TUnit.AspNetCore.csproj, the net8.0 and net9.0 conditional PackageReference items carry both a Version attribute (updated to 10.0.4) and a VersionOverride (pinned to 8.0.0/9.0.0). Because VersionOverride takes precedence at resolution time, the Version attribute in those items is effectively dead code — it does not affect what gets resolved. This is a pre-existing pattern, not introduced by this PR. A separate cleanup PR to remove the redundant Version attribute from those conditional overrides would reduce future confusion.

Summary

All 10.0.3 references are consistently updated to 10.0.4 across:

• Directory.Packages.props (central version management)
• TUnit.AspNetCore/TUnit.AspNetCore.csproj (framework-conditional overrides)
• TUnit.Templates/ (template project references)
• examples/CloudShop/ (example app references)

Routine patch update, trusted package family, automerge enabled. No architectural concerns. Safe to merge.