Skip to content

Bump Azure.Identity and 5 others #128

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump Azure.Identity and 5 others #128

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 29, 2025
edited
Loading

Updated Azure.Identity from 1.14.1 to 1.17.1.

Release notes

Sourced from Azure.Identity's releases.

1.17.1

1.17.1 (2025-11-18)

Other Changes

  • Updated Microsoft.Identity.Client and Microsoft.Identity.Client.Extensions.Msal dependencies to version 4.78.0.

1.15.0-beta.1

1.15.0-beta.1 (2025-12-01)

Features Added

  • Upgraded api-version tag from 'package-2025-09-01' to 'package-2025-09-01-preview'. Tag detail available at https://github.com/Azure/azure-rest-api-specs/blob/1da0ccefea2127820defac6496bf4710c0902d78/specification/netapp/resource-manager/Microsoft.NetApp/NetApp/readme.md.
  • Added NetAppCache resource type
  • Added ElasticAccount resource type
  • Added ElasticPool resource type
  • Added ElasticVolume resource type
  • Added ElasticSnapshotPolicy resource type
  • Added ElasticSnapshot resource type
  • Added ElasticBackupVault resource type
  • Added ElasticBackupPolicy resource type
  • Added ElasticBackup resource type
  • Added ActiveDirectory resource type
  • Added RansomwareReport resource type, Support for Advance AntiRansomware features
  • Added LdapConfiguration to NetAppAccountResource to support LDAP configuration at account level
  • Added LargeVolumeType to NetAppVolumeResource to support ExtraLargeVolumes

Commits viewable in compare view.

Updated Microsoft.Data.SqlClient from 6.0.2 to 6.1.3.

Release notes

Sourced from Microsoft.Data.SqlClient's releases.

6.1.3

This update includes the following changes since the 6.1.2 release:

Added

App Context Switch for Ignoring Server-Provided Failover Partner

What Changed:

  • A new app context switch Switch.Microsoft.Data.SqlClient.IgnoreServerProvidedFailoverPartner was introduced to let the client ignore server-provided failover partner info in Basic Availability Groups (BAGs). When the switch is enabled, only the failover partner specified in the connection string is used; server-supplied partner values are skipped. This context switch was introduced in PR #​3702.

Who Benefits:

  • Applications connecting to SQL Server BAGs using TCP and custom ports, especially where the server's provided partner name lacks the protocol, host, or port. This avoids connection failures when the server-provided partner is incompatible or incomplete.
  • Teams who manage availability groups and rely on client-side control of failover behavior in heterogeneous networking environments.

Impact:

  • If your environment might be affected (i.e., you operate a BAG with custom ports, or have experienced failures after failover), you can enable the new switch in your application:
AppContext.SetSwitch("Switch.Microsoft.Data.SqlClient.IgnoreServerProvidedFailoverPartner", true);
  • Then, ensure your connection string includes your preferred failover partner (with correct tcp:host,port) so that the client uses that instead of the server's suggestion.
  • Without enabling this, by default, the client continues to prefer the server-provided partner, maintaining backwards compatibility.

Fixed

  • Fixed an issue to ensure reliable metrics initialization during startup, preventing missed telemetry when EventSource is enabled early. (#​3718)

Target Platform Support

  • .NET Framework 4.6.2+ (Windows ARM64, Windows x86, Windows x64)
  • .NET 8.0+ (Windows x86, Windows x64, Windows ARM64, Windows ARM, Linux, macOS)

Dependencies

.NET Framework 4.6.2+

  • Azure.Core 1.47.1
  • Azure.Identity 1.14.2
  • Microsoft.Bcl.Cryptography 8.0.0
  • Microsoft.Data.SqlClient.SNI 6.0.2
  • Microsoft.Extensions.Caching.Memory 8.0.1
  • Microsoft.IdentityModel.JsonWebTokens 7.7.1
  • Microsoft.IdentityModel.Protocols.OpenIdConnect 7.7.1
  • System.Buffers 4.5.1
  • System.Data.Common 4.3.0
  • System.Security.Cryptography.Pkcs 8.0.1
  • System.Text.Encodings.Web 8.0.0
    ... (truncated)

6.1.2

This update brings the below changes over the previous stable release:

Fixed

  • Fixed an issue where initializing PerformanceCounters would throw System.InvalidOperationException #​3629
  • Fixed an issue where a Custom SqlClientAuthenticationProvider was being overwritten by default implementation. #​3651
  • Fixed a concurrency issue in connection pooling where the number of active connections could be lower than the configured maximum pool size. #​3653

6.1.1

This update includes the following changes since the 6.1.0 release:

Fixed

  • Reverted changes related to improving partial packet detection, fixup, and replay functionality. This revert addresses regressions introduced in 6.1.0. (#​3556)
  • Applied reference assembly corrections supporting vector, fixed JSON tests, and ensured related tests are enabled. #​3562
  • Fixed SqlVector<T>.Null API signature in Reference assembly. #​3521

Changed

  • Upgraded Azure.Identity and other dependencies to newer versions. (#​3538) (#​3552)

6.1.0

Release Notes

[!WARNING]
This release version is delisted from NuGet.org and is no longer supported.
It contains critical bugs that make it unsuitable for use.

Stable Release 6.1.0 - 2025-07-25

This update brings the following changes since the 6.0.2 stable release:

Added

Added dedicated SQL Server vector datatype support

What Changed:

  • Optimized vector communications between MDS and SQL Server 2025, employing a custom binary format over the TDS protocol. (#​3433, #​3443)
  • Reduced processing load compared to existing JSON-based vector support.
  • Initial support for 32-bit single-precision floating point vectors.

Who Benefits:

  • Applications moving large vector data sets will see beneficial improvements to processing times and memory requirements.
  • Vector-specific APIs are ready to support future numeric representations with a consistent look-and-feel.

Impact:

  • Reduced transmission and processing times for vector operations versus JSON using SQL Server 2025 preview:
    • Reads: 50x improvement
    • Writes: 3.3x improvement
    • Bulk Copy: 19x improvement
    • (Observed with vector column of max 1998 size, and 10,000 records for each operation.)
  • Improved memory footprint due to the elimination of JSON serialization/deserialization and string representation bloat.
  • For backwards compatibility with earlier SQL Server Vector implementations, applications may continue to use JSON strings to send/receive vector data, although they will not see any of the performance improvements noted above.

Revived .NET Standard 2.0 target support

What Changed:

Who Benefits:

  • Libraries that depend on MDS may seamlessly target any of the following frameworks:
    • .NET Standard 2.0
    • .NET Framework 4.6.2 and above
    • .NET 8.0
    • .NET 9.0
  • Applications should continue to target runtimes.
    ... (truncated)

6.1.0-preview2

Preview Release 6.1.0-preview2.25178.5 - 2025-06-27

This update brings the following changes since the 6.1.0-preview1 release:

Added

Added dedicated SQL Server vector datatype support

What Changed:

  • Optimized vector communications between MDS and SQL Server 2025, employing a custom binary format over the TDS protocol. (#​3433, #​3443)
  • Reduced processing load compared to existing JSON-based vector support.
  • Initial support for 32-bit single-precision floating point vectors.

Who Benefits:

  • Applications moving large vector data sets will see beneficial improvements to processing times and memory requirements.
  • Vector-specific APIs are ready to support future numeric representations with a consistent look-and-feel.

Impact:

  • Reduced transmission and processing times for vector operations versus JSON using SQL Server 2025 preview:
    • Reads: 50x improvement
    • Writes: 3.3x improvement
    • Bulk Copy: 19x improvement
    • (Observed with vector column of max 1998 size, and 10,000 records for each operation.)
  • Improved memory footprint due to the elimination of JSON serialization/deserialization and string representation bloat.
  • For backwards compatibility with earlier SQL Server Vector implementations, applications may continue to use JSON strings to send/receive vector data, although they will not see any of the performance improvements noted above.

Revived .NET Standard 2.0 target support

What Changed:

Who Benefits:

  • Libraries that depend on MDS may seamlessly target any of the following frameworks:
    • .NET Standard 2.0
    • .NET Framework 4.6.2 and above
    • .NET 8.0
    • .NET 9.0
  • Applications should continue to target runtimes.
    • The MDS .NET Standard 2.0 target framework support does not include an actual implementation, and cannot be used with a runtime.
    • An application's build/publish process should always pick the appropriate MDS .NET/.NET Framework runtime implementation.
    • Custom build/publish actions that incorrectly try to deploy the MDS .NET Standard 2.0 reference DLL at runtime are not supported.

Impact:

... (truncated)

6.1.0-preview1

This update brings the following changes over the previous release:

Added

  • Added packet multiplexing support to improve large data read performance. #​2714 #​3161 #​3202
  • Added support for special casing with Fabric endpoints. #​3084

Fixed

  • Fixed distributed transactions to be preserved during pooled connection resets. #​3019.
  • Fixed application crash when the Data Source parameter begins with a comma. #​3250.
  • Resolved synonym count discrepancies in debug mode. #​3098.
  • Addressed warnings for down-level SSL/TLS versions. #​3126.

Changed

New Contributors

6.0.4

This update brings the below changes over the 6.0.3 release:

Added

App Context Switch for Ignoring Server-Provided Failover Partner

What Changed:

  • A new app context switch Switch.Microsoft.Data.SqlClient.IgnoreServerProvidedFailoverPartner was introduced to let the client ignore server-provided failover partner info in Basic Availability Groups (BAGs). When the switch is enabled, only the failover partner specified in the connection string is used; server-supplied partner values are skipped. This context switch was introduced in PR #​3703.

Who Benefits:

  • Applications connecting to SQL Server BAGs using TCP and custom ports, especially where the server's provided partner name lacks the protocol, host, or port. This avoids connection failures when the server-provided partner is incompatible or incomplete.
  • Teams who manage availability groups and rely on client-side control of failover behavior in heterogeneous networking environments.

Impact:

  • If your environment might be affected (i.e., you operate a BAG with custom ports, or have experienced failures after failover), you can enable the new switch in your application:
AppContext.SetSwitch("Switch.Microsoft.Data.SqlClient.IgnoreServerProvidedFailoverPartner", true);
  • Then, ensure your connection string includes your preferred failover partner (with correct tcp:host,port) so that the client uses that instead of the server's suggestion.
  • Without enabling this, by default, the client continues to prefer the server-provided partner, maintaining backwards compatibility.

Target Platform Support

  • .NET Framework 4.6.2+ (Windows ARM64, Windows x64, Windows x86)
  • .NET 8.0+ (Linux, macOS, Windows ARM64, Windows x64, Windows x86)

Dependencies

.NET Framework

  • Azure.Identity 1.14.2
  • Microsoft.Bcl.Cryptography 8.0.0
  • Microsoft.Data.SqlClient.SNI 6.0.2
  • Microsoft.Extensions.Caching.Memory 8.0.1
  • Microsoft.IdentityModel.JsonWebTokens 7.5.0
  • Microsoft.IdentityModel.Protocols.OpenIdConnect 7.5.0
  • System.Buffers 4.5.1
  • System.Security.Cryptography.Pkcs 8.0.1
  • System.Text.Encodings.Web 8.0.0
  • System.Text.Json 8.0.5
  • System.Data.Common 4.3.0

.NET 8

  • Azure.Identity 1.14.2
    ... (truncated)

6.0.3

This update brings the below changes over the previous stable release:

Fixed

  • Fixed an issue where a Custom SqlClientAuthenticationProvider was being overwritten by default implementation. #​3652
  • Fixed a concurrency issue in connection pooling where the number of active connections could be lower than the configured maximum pool size. #​3654

Changed

  • Updated MSAL usage as per code compliance requirements #​3360
  • Updated SqlDecimal implementation to improve code compliance #​3466
  • Updated Azure.Identity and related dependencies #​3553

Commits viewable in compare view.

Updated Microsoft.Extensions.Configuration.Abstractions from 9.0.7 to 9.0.11.

Release notes

Sourced from Microsoft.Extensions.Configuration.Abstractions's releases.

9.0.11

Release

What's Changed

Full Changelog: dotnet/runtime@v9.0.10...v9.0.11

9.0.10

Release

What's Changed

Full Changelog: dotnet/runtime@v9.0.9...v9.0.10

9.0.9

Release

What's Changed

Full Changelog: dotnet/runtime@v9.0.8...v9.0.9

9.0.8

Release

What's Changed

Full Changelog: dotnet/runtime@v9.0.7...v9.0.8

Commits viewable in compare view.

Updated Microsoft.IdentityModel.JsonWebTokens from 8.12.1 to 8.15.0.

Release notes

Sourced from Microsoft.IdentityModel.JsonWebTokens's releases.

8.15.0

New Features

  • Add ECDsa support in X509SecurityKey and JsonWebKeyConverter.ConvertFromX509SecurityKey
    Extended X509SecurityKey and JsonWebKeyConverter.ConvertFromX509SecurityKey to support ECDSA keys.
    See PR #​2377 for details.

Bug Fixes

  • Sanitize logs to avoid leaking sensitive data
    Updated logging to sanitize sensitive values, reducing the risk of inadvertently exposing secrets or PII in logs.
    See PR #​3316 for details.
  • Optimize log sanitization with SearchValues
    Improved the performance of the log sanitization logic introduced earlier by using SearchValues, making sanitization more efficient in high-throughput scenarios.
    See PR #​3341 for details.
  • Update test for IDX10400
    Adjusted the IDX10400 test to align with the current behavior and error messaging.
    See PR #​3314 for details.

Fundamentals

  • Add supported algorithm tests
    Added new tests to validate the set of supported cryptographic algorithms, increasing confidence in algorithm coverage and compatibility.
    See PR #​3296 for details.
  • Migrate repository agent rules from .clinerules to agents.md
    Moved repository agent/AI-assist rules into markdown documentation to make them more visible and easier to maintain.
    See PR #​3313 for details.
  • Migrate Microsoft.IdentityModel.TestExtensions from Newtonsoft.Json to System.Text.Json
    Updated Microsoft.IdentityModel.TestExtensions to use System.Text.Json instead of Newtonsoft.Json, aligning tests with the runtime serialization stack.
    See PR #​3356 for details.
  • Disable code coverage comments
    Turned off automated code coverage comments on PRs to reduce noise while retaining coverage data elsewhere.
    See PR #​3349 for details.
  • Fix CodeQL alerts
    Addressed CodeQL-reported issues to improve security posture and static analysis cleanliness.
    See PR #​3364 for details.

.NET 10 / SDK and tooling updates

  • Building with .NET 10 preview / RC 1
    Updated the repository to build and test against .NET 10.0 preview/RC1, ensuring early compatibility with the upcoming runtime.
    See PRs #​3287, #​3357, and #​3358 for details.
  • Fix .NET 10 test execution consistency
    Ensured consistent use of the TargetNetNext parameter across build, test, and pack phases so .NET 10.0 tests execute reliably.
    See PR #​3337 for details.
  • Update project files and workflows for .NET 10.0 compatibility
    Adjusted project files and CI workflows to correctly target and run on .NET 10.0, including test and pack scenarios.
    See PR #​3363 for details.
  • Update .NET version to meet CG compliance
    Updated the .NET version references to be compliant with corporate governance (CG) requirements.
    See PR #​3353 for details.
  • Update Coverlet collector and test SDK
    • Bumped CoverletCollectorVersion to 6.0.4.
      See PR #​3333 for details.
    • Upgraded Microsoft.NET.Test.Sdk to a newer version for improved test reliability and tooling support.
      ... (truncated)

8.14.0

8.14.0

Bug Fixes

  • Switch back to use ValidationResult instead of OperationResult when validating a token in a new experimental validation flow. Additionally removed the dependency on Microsoft.IdentityModel.Abstractions. See #​3299 for details.

8.13.1

8.13.1

Dependencies

Microsoft.IdentityModel now depends on Microsoft.Identity.Abstractions 9.3.0

Bug Fixes

  • Fixed a decompression failure happening for large JWE payloads. See #​3286 for details.

Work related to redesign of IdentityModel's token validation logic #​2711

  • Update the validation methods to return Microsoft.Identity.Abstractions.OperationResult. See #​3284 for details.

8.13.0

8.13.0

8.13.0

Fundamentals

  • CaseSensitiveClaimsIdentity.SecurityToken setter is now protected internal (was internal). See PR #​3278 for details.
  • Update .NET SDK version to 9.0.108 used when building or running the code. See PR #​3274 for details.
  • Update RsaSecurityKey.cs to replace the Pkcs1 padding by Pss from HasPrivateKey check. See #​3280 for details.

What's Changed

New Contributors

Full Changelog: AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet@8.12.1...8.13.0

Commits viewable in compare view.

Updated System.IdentityModel.Tokens.Jwt from 8.12.1 to 8.15.0.

Release notes

Sourced from System.IdentityModel.Tokens.Jwt's releases.

8.15.0

New Features

  • Add ECDsa support in X509SecurityKey and JsonWebKeyConverter.ConvertFromX509SecurityKey
    Extended X509SecurityKey and JsonWebKeyConverter.ConvertFromX509SecurityKey to support ECDSA keys.
    See PR #​2377 for details.

Bug Fixes

  • Sanitize logs to avoid leaking sensitive data
    Updated logging to sanitize sensitive values, reducing the risk of inadvertently exposing secrets or PII in logs.
    See PR #​3316 for details.
  • Optimize log sanitization with SearchValues
    Improved the performance of the log sanitization logic introduced earlier by using SearchValues, making sanitization more efficient in high-throughput scenarios.
    See PR #​3341 for details.
  • Update test for IDX10400
    Adjusted the IDX10400 test to align with the current behavior and error messaging.
    See PR #​3314 for details.

Fundamentals

  • Add supported algorithm tests
    Added new tests to validate the set of supported cryptographic algorithms, increasing confidence in algorithm coverage and compatibility.
    See PR #​3296 for details.
  • Migrate repository agent rules from .clinerules to agents.md
    Moved repository agent/AI-assist rules into markdown documentation to make them more visible and easier to maintain.
    See PR #​3313 for details.
  • Migrate Microsoft.IdentityModel.TestExtensions from Newtonsoft.Json to System.Text.Json
    Updated Microsoft.IdentityModel.TestExtensions to use System.Text.Json instead of Newtonsoft.Json, aligning tests with the runtime serialization stack.
    See PR #​3356 for details.
  • Disable code coverage comments
    Turned off automated code coverage comments on PRs to reduce noise while retaining coverage data elsewhere.
    See PR #​3349 for details.
  • Fix CodeQL alerts
    Addressed CodeQL-reported issues to improve security posture and static analysis cleanliness.
    See PR #​3364 for details.

.NET 10 / SDK and tooling updates

  • Building with .NET 10 preview / RC 1
    Updated the repository to build and test against .NET 10.0 preview/RC1, ensuring early compatibility with the upcoming runtime.
    See PRs #​3287, #​3357, and #​3358 for details.
  • Fix .NET 10 test execution consistency
    Ensured consistent use of the TargetNetNext parameter across build, test, and pack phases so .NET 10.0 tests execute reliably.
    See PR #​3337 for details.
  • Update project files and workflows for .NET 10.0 compatibility
    Adjusted project files and CI workflows to correctly target and run on .NET 10.0, including test and pack scenarios.
    See PR #​3363 for details.
  • Update .NET version to meet CG compliance
    Updated the .NET version references to be compliant with corporate governance (CG) requirements.
    See PR #​3353 for details.
  • Update Coverlet collector and test SDK
    • Bumped CoverletCollectorVersion to 6.0.4.
      See PR #​3333 for details.
    • Upgraded Microsoft.NET.Test.Sdk to a newer version for improved test reliability and tooling support.
      ... (truncated)

8.14.0

8.14.0

Bug Fixes

  • Switch back to use ValidationResult instead of OperationResult when validating a token in a new experimental validation flow. Additionally removed the dependency on Microsoft.IdentityModel.Abstractions. See #​3299 for details.

8.13.1

8.13.1

Dependencies

Microsoft.IdentityModel now depends on Microsoft.Identity.Abstractions 9.3.0

Bug Fixes

  • Fixed a decompression failure happening for large JWE payloads. See #​3286 for details.

Work related to redesign of IdentityModel's token validation logic #​2711

  • Update the validation methods to return Microsoft.Identity.Abstractions.OperationResult. See #​3284 for details.

8.13.0

8.13.0

8.13.0

Fundamentals

  • CaseSensitiveClaimsIdentity.SecurityToken setter is now protected internal (was internal). See PR #​3278 for details.
  • Update .NET SDK version to 9.0.108 used when building or running the code. See PR #​3274 for details.
  • Update RsaSecurityKey.cs to replace the Pkcs1 padding by Pss from HasPrivateKey check. See #​3280 for details.

What's Changed

New Contributors

Full Changelog: AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet@8.12.1...8.13.0

Commits viewable in compare view.

Updated System.Text.Json from 9.0.7 to 9.0.11.

Release notes

Sourced from System.Text.Json's releases.

9.0.11

Release

What's Changed

Full Changelog: dotnet/runtime@v9.0.10...v9.0.11

9.0.10

Release

What's Changed

Description has been truncated

@dependabot
Bump Azure.Identity and 5 others
5d6330a 
Bumps Azure.Identity from 1.14.1 to 1.17.1
Bumps Microsoft.Data.SqlClient from 6.0.2 to 6.1.3
Bumps Microsoft.Extensions.Configuration.Abstractions from 9.0.7 to 9.0.11
Bumps Microsoft.IdentityModel.JsonWebTokens from 8.12.1 to 8.15.0
Bumps System.IdentityModel.Tokens.Jwt from 8.12.1 to 8.15.0
Bumps System.Text.Json from 9.0.7 to 9.0.11

---
updated-dependencies:
- dependency-name: Azure.Identity
  dependency-version: 1.17.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-patches
- dependency-name: Microsoft.Data.SqlClient
  dependency-version: 6.1.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-patches
- dependency-name: Microsoft.Extensions.Configuration.Abstractions
  dependency-version: 9.0.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-patches
- dependency-name: Microsoft.IdentityModel.JsonWebTokens
  dependency-version: 8.15.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-patches
- dependency-name: System.IdentityModel.Tokens.Jwt
  dependency-version: 8.15.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-patches
- dependency-name: System.Text.Json
  dependency-version: 9.0.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-patches
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added .NET Pull requests that update .NET code dependencies Pull requests that update a dependency file labels Dec 29, 2025
@github-actions
Copy link

github-actions bot commented Dec 29, 2025

Test Results

0 tests   0 ✅  0s ⏱️
0 suites  0 💤
0 files    0 ❌

Results for commit 5d6330a.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file .NET Pull requests that update .NET code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant