-
Notifications
You must be signed in to change notification settings - Fork 5
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update Major backend dependencies (major) #4803
Open
renovate
wants to merge
1
commit into
dev
Choose a base branch
from
renovate/major-major-backend-dependencies
base: dev
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
+7
−7
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
renovate
bot
force-pushed
the
renovate/major-major-backend-dependencies
branch
from
April 26, 2024 19:16
0582af5
to
3b95a92
Compare
renovate
bot
changed the title
chore(deps): update dependency csvhelper to v32
Update dependency CsvHelper to v32
May 2, 2024
renovate
bot
changed the title
Update dependency CsvHelper to v32
chore(deps): update dependency csvhelper to v32
May 2, 2024
renovate
bot
changed the title
chore(deps): update dependency csvhelper to v32
Update dependency CsvHelper to v32
May 3, 2024
renovate
bot
changed the title
Update dependency CsvHelper to v32
chore(deps): update dependency csvhelper to v32
May 7, 2024
renovate
bot
force-pushed
the
renovate/major-major-backend-dependencies
branch
from
May 7, 2024 19:42
3b95a92
to
e670ff0
Compare
renovate
bot
changed the title
chore(deps): update dependency csvhelper to v32
Update dependency CsvHelper to v32
May 9, 2024
renovate
bot
force-pushed
the
renovate/major-major-backend-dependencies
branch
from
May 13, 2024 14:14
e670ff0
to
935378c
Compare
renovate
bot
changed the title
Update dependency CsvHelper to v32
chore(deps): update dependency csvhelper to v32
May 16, 2024
renovate
bot
changed the title
chore(deps): update dependency csvhelper to v32
Update dependency CsvHelper to v32
May 20, 2024
renovate
bot
changed the title
Update dependency CsvHelper to v32
chore(deps): update dependency csvhelper to v32
May 23, 2024
renovate
bot
changed the title
chore(deps): update dependency csvhelper to v32
Update dependency CsvHelper to v32
May 28, 2024
renovate
bot
changed the title
Update dependency CsvHelper to v32
chore(deps): update dependency csvhelper to v32
May 30, 2024
renovate
bot
changed the title
chore(deps): update dependency csvhelper to v32
Update dependency CsvHelper to v32
Jun 3, 2024
renovate
bot
force-pushed
the
renovate/major-major-backend-dependencies
branch
from
June 3, 2024 15:20
935378c
to
fce5125
Compare
renovate
bot
changed the title
Update dependency CsvHelper to v32
Update Major backend dependencies (major)
Jun 3, 2024
renovate
bot
force-pushed
the
renovate/major-major-backend-dependencies
branch
from
June 5, 2024 07:47
fce5125
to
917f432
Compare
renovate
bot
changed the title
Update Major backend dependencies (major)
chore(deps): update major backend dependencies (major)
Jun 6, 2024
renovate
bot
changed the title
chore(deps): update major backend dependencies (major)
Update Major backend dependencies (major)
Jun 7, 2024
renovate
bot
changed the title
Update Major backend dependencies (major)
chore(deps): update major backend dependencies (major)
Jun 12, 2024
renovate
bot
force-pushed
the
renovate/major-major-backend-dependencies
branch
from
June 17, 2024 15:31
917f432
to
4b826e3
Compare
renovate
bot
changed the title
chore(deps): update major backend dependencies (major)
Update Major backend dependencies (major)
Jun 18, 2024
renovate
bot
changed the title
Update Major backend dependencies (major)
chore(deps): update major backend dependencies (major)
Jun 20, 2024
renovate
bot
force-pushed
the
renovate/major-major-backend-dependencies
branch
2 times, most recently
from
June 22, 2024 22:52
e04fadc
to
2d2dc67
Compare
renovate
bot
changed the title
chore(deps): update major backend dependencies (major)
Update Major backend dependencies (major)
Jun 25, 2024
renovate
bot
changed the title
Update Major backend dependencies (major)
chore(deps): update major backend dependencies (major)
Jun 27, 2024
renovate
bot
force-pushed
the
renovate/major-major-backend-dependencies
branch
3 times, most recently
from
July 4, 2024 11:16
703923a
to
36235c7
Compare
renovate
bot
force-pushed
the
renovate/major-major-backend-dependencies
branch
11 times, most recently
from
October 14, 2024 11:19
b80ac6d
to
4df8ff9
Compare
renovate
bot
changed the title
chore(deps): update major backend dependencies (major)
Update Major backend dependencies (major)
Oct 14, 2024
renovate
bot
force-pushed
the
renovate/major-major-backend-dependencies
branch
11 times, most recently
from
October 17, 2024 16:30
e73b91c
to
9312e74
Compare
renovate
bot
force-pushed
the
renovate/major-major-backend-dependencies
branch
5 times, most recently
from
October 23, 2024 09:24
45101ab
to
3c34fba
Compare
renovate
bot
force-pushed
the
renovate/major-major-backend-dependencies
branch
from
October 24, 2024 00:24
3c34fba
to
f77c056
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
None yet
0 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
31.0.4
->33.0.1
1.9.1
->2.0.0
2.21.1
->3.2.2
7.7.1
->8.1.2
2.3.0
->3.0.0
7.7.1
->8.1.2
Release Notes
JoshClose/CsvHelper (CsvHelper)
v33.0.1
Compare Source
v33.0.0
Compare Source
v32.0.3
Compare Source
v32.0.2
Compare Source
v32.0.1
Compare Source
v32.0.0
Compare Source
AzureAD/microsoft-identity-web (Microsoft.Identity.Web)
v3.2.2
Compare Source
=========
v3.2.1
Compare Source
=========
v3.2.0
Compare Source
=========
New features
IDownstreamApi
overloads take aJsonTypeInfo<T>
parameter to enable source generated JSON deserialization. See issue #2930 for details.Bug fixes:
Fundamentals:
GetCacheKey
. See PR #3020 for details.v3.1.0
Compare Source
=========
Security improvement:
CaseSensitiveClaimsIdentity
by default and provides AppContextSwitches to fallback to usingClaimsIdentity
. This means that when you loopup claims with FindFirst(), FindAll() and HasClaim(), you need to provide the right casing for the claim. See PR #2977 for details.Bug fixes:
GetTokenAcquirer
now setsSendX5C
in particular protocols. See issue #2887 for details.The input string " was not in a correct format
when enabling same-site cookie compatibility with userAgent: "Dalvik/2.1.0 (Linux; U; Android 12; Chromecast Build/STTE.230319.008.H1). See issue #2879 for details.Fundamentals:
AzureKeyVault@2
in AzureDevOps, #2981.========
See rel/v2 branch changelog for changes to all 2.x.x versions after 2.18.1.
The changes listed in the rel/v2 changelog are also in the 3.x.x versions of Id Web but are not listed here.
========
v3.0.1
Compare Source
=========
v3.0.0
=========
CVE package updates
CVE-2024-30105
See PR #2929 for details.
Updated to Microsoft.IdentityModel.* 8.0.0, Microsoft.Identity.Lab API 1.0.2, Microsoft.Identity.Abstractions 6.0.0
See rel/v2 changelog for full list of added features to 3.0.0.
Fundamentals:
AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet (Microsoft.IdentityModel.Tokens)
v8.1.2
Compare Source
=====
Bug fixes
CaseSensitiveClaimsIdentity
as expected. See 2879Fundamentals
v8.1.1
Compare Source
=====
Bug fixes
v8.1.0
Compare Source
=====
Performance improvements
New features
Bug fixes
Fundamentals
IsTargetFrameworkCompatible(*)
so AOT is forward-compatible with .NET 9 and beyond. See PR #2790 for details.[DynamicallyAccessedMembers(DynamicallyAccessedMemberTypes.PublicConstructors)]. See PR #2820.
Work related to redesign of IdentityModel's token validation logic #2711
v8.0.2
Compare Source
=====
Security fundamentals
BannedApiAnalyzers
to prevent use ofClaimsIdentity
constructors. See PR #2778 for details.Bug fixes
UseRfcDefinitionOfEpkAndKid
switch. See PR #2747 for details.DoNotFailOnMissingTid
in 7x andDontFailOnMissingTid
in 8x, adding the method for back compat. See issue #2750 for details.JsonWebKeySet
stores the original string it was created with. See PR #2755 for details.SignatureProvider
. See #2788 for details.Fundamentals
9.0.100-preview.7.24407.12
and add<NoWarn>$(NoWarn);SYSLIB0057</NoWarn>
due to breaking changes in preview7. #2786.Work relating to #2711
v8.0.1
Compare Source
=====
Bug fixes
SignatureProvider
was disposed but still able to leverage the cache andSignatureProvider
now disposes when compacting. See PR #2682 for details.JsonWebTokenHandler.ValidateJWEAsync
now considers the decrypt keys in the configuration. See issue #2737 for details.Performance improvement
AppContext.TryGetSwitch
statically caches internally but takes out a lock..NET almost always caches these values. They're not expected to change while the process is running unlike normal config. IdentityModel now caches the value. See issue #2722 for details.
v8.0.0
Compare Source
=====
CVE package updates
CVE-2024-30105
Breaking change:
Full list of breaking changes.
ClaimsIdentity
where claim retrieval is case-sensitive. The currentClaimsIdentity
, in .NET, retrieves claims in a case-insensitive manner which is different than querying the underlyingSecurityToken
. The newCaseSensitiveClaimsIdentity
class provides consistent retrieval logic withSecurityToken
. Fallback to previous behavior via an AppContext switch. See PR #2700 for details.CollectionUtilities.IsNullOrEmpty
internal. See issues**https://redirect.github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/issues/2651dotnet/issues/2651) and #1722 for details.Overall improvements to the validation in IdentityModel:
New Features:
Stream
toWrite
inOIDCConfigurationSerializer
. See PR #2698 for details.Bug fixes:
AadIssuerValidator.GetTenantIdFromToken
inValidateIssuerSigningKey
, to only consider thetid
. An AppContext switch enables fallbacking to the previous behavior, which should not be needed. See PR #2680 for details.authorization_details_types_supported
from RFC 9396 - OAuth 2.0 Rich Authorization Requests toOpenIdConnectConfiguration
.OpenIdConnectPrompt
now has thecreate
prompt from Initiating User Registration via OpenID Connect 1.0OpenIdConnectGrantTypes
:urn:ietf:params:oauth:grant-type:saml2-bearer
from RFC 7522 - Security Assertion Markup Language (SAML) 2.0 Profile for OAuth 2.0 Client Authentication and Authorization Grants,urn:ietf:params:oauth:grant-type:jwt-bearer
from RFC 7523 - JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants,urn:ietf:params:oauth:grant-type:device_code
from RFC 8628 - OAuth 2.0 Device Authorization Grant,urn:ietf:params:oauth:grant-type:token-exchange
from RFC 8693 - OAuth 2.0 Token Exchange,urn:openid:params:grant-type:ciba
from OpenID Connect Client-Initiated Backchannel Authentication Flow - Core 1.0NotImplementedException
. Now a message is returned that the user can act on to fix the issue. See issue #1970.Fundamentals
ConfigurationManager.GetConfigurationAsync
a virtual method. See PR #2661WalkerCodeRanger/semver (Semver)
v3.0.0
: semver v3.0.0A major release to support arbitrary-sized version numbers, prevent invalid version numbers, remove obsolete functionality, and strong name the assembly.
Breaking Changes:
SemVersion.Parse
andSemVersion.TryParse
now default to strict parsing. UseSemVersionStyles
to control parsingSemVersion.Major
,SemVersion.Minor
,SemVersion.Patch
, andPrereleaseIdentifier.NumericValue
properties are nowBigInteger
(#73)string
(#47). UseSemVersion.Parse
insteadSemVersion(int major, int minor = 0, int patch = 0, string prerelease = "", string build = "")
constructor. Use another constructor orSemVersion.ParsedFrom
insteadSemVersion.Parse
andSemVersion.TryParse
overloads with thestrict
parameter. They now default to strict. UseSemVersionStyles
to control parsingSemVersion.CompareTo
,SemVersion.Compare
,SemVersion.CompareByPrecedence
,<
,<=
,>
,>=
, orSemVersion.PrecedenceMatches
. UseSemVersion.ComparePrecedenceTo
,SemVersion.CompareSortOrderTo
,SemVersion.ComparePrecedence
, orSemVersion.CompareSortOrder
instead.SemVersion.Build
. UseSemVersion.Metadata
insteadSemVersion.Change
. UseSemVersion.With
orSemVersion.WithX
methods insteadSemVersion(Version)
constructor. UseSemVersion.FromVersion
insteadSemVersion
no longer implementsIComparable<SemVersion>
orIComparable
. UseSemVersion.PrecedenceComparer
orSemVersion.SortOrderComparer
insteadmaxLength
parameter values now throwArgumentOutOfRangeException
(#72)Other Changes:
Configuration
📅 Schedule: Branch creation - "every 3 months" in timezone Europe/London, Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about these updates again.
This PR was generated by Mend Renovate. View the repository job log.