Skip to content

Bump coverlet.collector and 29 others#336

Open
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/nuget/src/aspire/app-host/all-6c2d39a7f5
Open

Bump coverlet.collector and 29 others#336
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/nuget/src/aspire/app-host/all-6c2d39a7f5

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 8, 2026

Updated coverlet.collector from 8.0.1 to 10.0.0.

Release notes

Sourced from coverlet.collector's releases.

10.0.0

Improvements

  • Unique Report Filenames (coverlet.MTP and AzDO) #​1866
  • Add --coverlet-file-prefix option for unique report files #​1869
  • Introduce .NET 10 support #​1823

Fixed

  • Fix [BUG] Wrong branch rate on IAsyncEnumerable for generic type #​1836
  • Fix [BUG] Missing Coverage after moving to MTP #​1843
  • Fix [BUG] No coverage reported when targeting .NET Framework with 8.0.1 #​1842
  • Fix [BUG] Behavior changes between MTP and Legacy (msbuild) #​1878
  • Fix [BUG] Coverlet.MTP - Unable to load coverlet.mtp.appsettings.json #​1880
  • Fix [BUG] Coverlet.Collector produces empty report when Mediator.SourceGenerator is referenced #​1718 by https://github.com/yusyd
  • Fix [BUG] Crash during instrumentation (Methods using LibraryImport/DllImport have no body) #​1762

Maintenance

  • Add comprehensive async method tests and documentation for issue #​1864
  • Replace Tmds.ExecFunction Package in coverlet.core.coverage.tests #​1833
  • Add net9.0 and net10.0 targets #​1822

Diff between 8.0.1 and 10.0.0

Commits viewable in compare view.

Updated coverlet.msbuild from 8.0.1 to 10.0.0.

Release notes

Sourced from coverlet.msbuild's releases.

10.0.0

Improvements

  • Unique Report Filenames (coverlet.MTP and AzDO) #​1866
  • Add --coverlet-file-prefix option for unique report files #​1869
  • Introduce .NET 10 support #​1823

Fixed

  • Fix [BUG] Wrong branch rate on IAsyncEnumerable for generic type #​1836
  • Fix [BUG] Missing Coverage after moving to MTP #​1843
  • Fix [BUG] No coverage reported when targeting .NET Framework with 8.0.1 #​1842
  • Fix [BUG] Behavior changes between MTP and Legacy (msbuild) #​1878
  • Fix [BUG] Coverlet.MTP - Unable to load coverlet.mtp.appsettings.json #​1880
  • Fix [BUG] Coverlet.Collector produces empty report when Mediator.SourceGenerator is referenced #​1718 by https://github.com/yusyd
  • Fix [BUG] Crash during instrumentation (Methods using LibraryImport/DllImport have no body) #​1762

Maintenance

  • Add comprehensive async method tests and documentation for issue #​1864
  • Replace Tmds.ExecFunction Package in coverlet.core.coverage.tests #​1833
  • Add net9.0 and net10.0 targets #​1822

Diff between 8.0.1 and 10.0.0

Commits viewable in compare view.

Updated Grpc.AspNetCore from 2.76.0 to 2.80.0.

Release notes

Sourced from Grpc.AspNetCore's releases.

2.80.0

What's Changed

New Contributors

Full Changelog: grpc/grpc-dotnet@v2.76.0...v2.80.0

2.80.0-pre1

What's Changed

New Contributors

Full Changelog: grpc/grpc-dotnet@v2.76.0...v2.80.0-pre1

Commits viewable in compare view.

Pinned Grpc.Core.Api at 2.80.0.

Release notes

Sourced from Grpc.Core.Api's releases.

2.80.0

What's Changed

New Contributors

Full Changelog: grpc/grpc-dotnet@v2.76.0...v2.80.0

2.80.0-pre1

What's Changed

New Contributors

Full Changelog: grpc/grpc-dotnet@v2.76.0...v2.80.0-pre1

Commits viewable in compare view.

Updated Grpc.Net.Client from 2.76.0 to 2.80.0.

Release notes

Sourced from Grpc.Net.Client's releases.

2.80.0

What's Changed

New Contributors

Full Changelog: grpc/grpc-dotnet@v2.76.0...v2.80.0

2.80.0-pre1

What's Changed

New Contributors

Full Changelog: grpc/grpc-dotnet@v2.76.0...v2.80.0-pre1

Commits viewable in compare view.

Updated Grpc.Net.ClientFactory from 2.76.0 to 2.80.0.

Release notes

Sourced from Grpc.Net.ClientFactory's releases.

2.80.0

What's Changed

New Contributors

Full Changelog: grpc/grpc-dotnet@v2.76.0...v2.80.0

2.80.0-pre1

What's Changed

New Contributors

Full Changelog: grpc/grpc-dotnet@v2.76.0...v2.80.0-pre1

Commits viewable in compare view.

Updated Keycloak.AuthServices.Authentication from 2.9.0 to 3.0.0.

Release notes

Sourced from Keycloak.AuthServices.Authentication's releases.

3.0.0

  • feat(aspire): external DB support, issuer pinning, version bumps by @​NikiforovAll (#​253)
  • [KeyBot] fix: propagate RequestAborted in UmaAuthorizationMiddlewareResultHandler by @​github-actions (#​250)
  • [KeyBot] fix: propagate CancellationToken in UmaTokenHandler.CloneRequestAsync by @​github-actions (#​252)
  • [KeyBot] fix: propagate HttpContext.RequestAborted in authorization handlers by @​github-actions (#​249)

👨🏼‍💻 Contributors

@​NikiforovAll, @​github-actions and @​github-actions[bot]

3.0.0-rc.1

  • feat: UMA Support by @​NikiforovAll (#​248)
  • feat!: 3.0.0 release preparation by @​NikiforovAll (#​247)

👨🏼‍💻 Contributors

@​NikiforovAll

2.10.0-rc.1

  • [KeyBot] perf: avoid HashSet allocation in role requirement handlers by @​github-actions (#​221)
  • [KeyBot] docs: improve XML documentation in PoliciesBuilderExtensions and KeycloakAuthorizationServerOptions by @​github-actions (#​237)
  • feat(authorization): add Audience override for per-resource UMA ticket exchange by @​NikiforovAll (#​246)
  • [KeyBot] eng: add startup validators for Keycloak SDK client options by @​github-actions (#​239)
  • feat: add client_secret_jwt sample by @​NikiforovAll (#​245)
  • [KeyBot] test: add WebAppAuthenticationRegistrationTests for OIDC/Cookie options by @​github-actions (#​240)
  • fix: add support cookie-based Web App token retrieval (#​104) by @​github-actions (#​223)
  • chore(docs): update dependencies to fix security vulnerabilities by @​NikiforovAll (#​231)
  • [KeyBot] fix: correct nameof() in requirement handler log messages and add missing XML docs by @​github-actions (#​228)
  • fix(keybot): use correct template variables in status messages by @​NikiforovAll (#​222)
  • fix(keybot): use explicit --repo flag in pre-step gh commands by @​NikiforovAll (#​219)
  • Add agentic workflow repo-assist by @​NikiforovAll (#​217)

🚀 New Features

  • [KeyBot] feat: add AdditionalAudiences to KeycloakAuthenticationOptions by @​github-actions (#​235)

🐛 Bug Fixes

  • [KeyBot] fix: handle non-JSON error bodies in EnsureResponseAsync by @​github-actions (#​244)
  • [KeyBot] fix: robustify RptRequirementHandler JSON parsing by @​github-actions (#​225)
  • [KeyBot] fix: correct nameof() references in DecisionRequirementHandler by @​github-actions (#​241)

🧰 Maintenance

  • [KeyBot] perf: single-pass org claims scan and avoid ToArray in VerificationPlan by @​github-actions (#​238)
  • [KeyBot] fix: robustify RptRequirementHandler JSON parsing by @​github-actions (#​225)
  • [KeyBot] fix: correct nameof() references in DecisionRequirementHandler by @​github-actions (#​241)
  • [KeyBot] refactor: improve VerificationPlan enumerator and clear logic by @​github-actions (#​226)

👨🏼‍💻 Contributors

@​NikiforovAll, @​github-actions and @​github-actions[bot]

Commits viewable in compare view.

Updated Keycloak.AuthServices.Authorization from 2.9.0 to 3.0.0.

Release notes

Sourced from Keycloak.AuthServices.Authorization's releases.

3.0.0

  • feat(aspire): external DB support, issuer pinning, version bumps by @​NikiforovAll (#​253)
  • [KeyBot] fix: propagate RequestAborted in UmaAuthorizationMiddlewareResultHandler by @​github-actions (#​250)
  • [KeyBot] fix: propagate CancellationToken in UmaTokenHandler.CloneRequestAsync by @​github-actions (#​252)
  • [KeyBot] fix: propagate HttpContext.RequestAborted in authorization handlers by @​github-actions (#​249)

👨🏼‍💻 Contributors

@​NikiforovAll, @​github-actions and @​github-actions[bot]

3.0.0-rc.1

  • feat: UMA Support by @​NikiforovAll (#​248)
  • feat!: 3.0.0 release preparation by @​NikiforovAll (#​247)

👨🏼‍💻 Contributors

@​NikiforovAll

2.10.0-rc.1

  • [KeyBot] perf: avoid HashSet allocation in role requirement handlers by @​github-actions (#​221)
  • [KeyBot] docs: improve XML documentation in PoliciesBuilderExtensions and KeycloakAuthorizationServerOptions by @​github-actions (#​237)
  • feat(authorization): add Audience override for per-resource UMA ticket exchange by @​NikiforovAll (#​246)
  • [KeyBot] eng: add startup validators for Keycloak SDK client options by @​github-actions (#​239)
  • feat: add client_secret_jwt sample by @​NikiforovAll (#​245)
  • [KeyBot] test: add WebAppAuthenticationRegistrationTests for OIDC/Cookie options by @​github-actions (#​240)
  • fix: add support cookie-based Web App token retrieval (#​104) by @​github-actions (#​223)
  • chore(docs): update dependencies to fix security vulnerabilities by @​NikiforovAll (#​231)
  • [KeyBot] fix: correct nameof() in requirement handler log messages and add missing XML docs by @​github-actions (#​228)
  • fix(keybot): use correct template variables in status messages by @​NikiforovAll (#​222)
  • fix(keybot): use explicit --repo flag in pre-step gh commands by @​NikiforovAll (#​219)
  • Add agentic workflow repo-assist by @​NikiforovAll (#​217)

🚀 New Features

  • [KeyBot] feat: add AdditionalAudiences to KeycloakAuthenticationOptions by @​github-actions (#​235)

🐛 Bug Fixes

  • [KeyBot] fix: handle non-JSON error bodies in EnsureResponseAsync by @​github-actions (#​244)
  • [KeyBot] fix: robustify RptRequirementHandler JSON parsing by @​github-actions (#​225)
  • [KeyBot] fix: correct nameof() references in DecisionRequirementHandler by @​github-actions (#​241)

🧰 Maintenance

  • [KeyBot] perf: single-pass org claims scan and avoid ToArray in VerificationPlan by @​github-actions (#​238)
  • [KeyBot] fix: robustify RptRequirementHandler JSON parsing by @​github-actions (#​225)
  • [KeyBot] fix: correct nameof() references in DecisionRequirementHandler by @​github-actions (#​241)
  • [KeyBot] refactor: improve VerificationPlan enumerator and clear logic by @​github-actions (#​226)

👨🏼‍💻 Contributors

@​NikiforovAll, @​github-actions and @​github-actions[bot]

Commits viewable in compare view.

Updated Keycloak.AuthServices.Common from 2.9.0 to 3.0.0.

Release notes

Sourced from Keycloak.AuthServices.Common's releases.

3.0.0

  • feat(aspire): external DB support, issuer pinning, version bumps by @​NikiforovAll (#​253)
  • [KeyBot] fix: propagate RequestAborted in UmaAuthorizationMiddlewareResultHandler by @​github-actions (#​250)
  • [KeyBot] fix: propagate CancellationToken in UmaTokenHandler.CloneRequestAsync by @​github-actions (#​252)
  • [KeyBot] fix: propagate HttpContext.RequestAborted in authorization handlers by @​github-actions (#​249)

👨🏼‍💻 Contributors

@​NikiforovAll, @​github-actions and @​github-actions[bot]

3.0.0-rc.1

  • feat: UMA Support by @​NikiforovAll (#​248)
  • feat!: 3.0.0 release preparation by @​NikiforovAll (#​247)

👨🏼‍💻 Contributors

@​NikiforovAll

2.10.0-rc.1

  • [KeyBot] perf: avoid HashSet allocation in role requirement handlers by @​github-actions (#​221)
  • [KeyBot] docs: improve XML documentation in PoliciesBuilderExtensions and KeycloakAuthorizationServerOptions by @​github-actions (#​237)
  • feat(authorization): add Audience override for per-resource UMA ticket exchange by @​NikiforovAll (#​246)
  • [KeyBot] eng: add startup validators for Keycloak SDK client options by @​github-actions (#​239)
  • feat: add client_secret_jwt sample by @​NikiforovAll (#​245)
  • [KeyBot] test: add WebAppAuthenticationRegistrationTests for OIDC/Cookie options by @​github-actions (#​240)
  • fix: add support cookie-based Web App token retrieval (#​104) by @​github-actions (#​223)
  • chore(docs): update dependencies to fix security vulnerabilities by @​NikiforovAll (#​231)
  • [KeyBot] fix: correct nameof() in requirement handler log messages and add missing XML docs by @​github-actions (#​228)
  • fix(keybot): use correct template variables in status messages by @​NikiforovAll (#​222)
  • fix(keybot): use explicit --repo flag in pre-step gh commands by @​NikiforovAll (#​219)
  • Add agentic workflow repo-assist by @​NikiforovAll (#​217)

🚀 New Features

  • [KeyBot] feat: add AdditionalAudiences to KeycloakAuthenticationOptions by @​github-actions (#​235)

🐛 Bug Fixes

  • [KeyBot] fix: handle non-JSON error bodies in EnsureResponseAsync by @​github-actions (#​244)
  • [KeyBot] fix: robustify RptRequirementHandler JSON parsing by @​github-actions (#​225)
  • [KeyBot] fix: correct nameof() references in DecisionRequirementHandler by @​github-actions (#​241)

🧰 Maintenance

  • [KeyBot] perf: single-pass org claims scan and avoid ToArray in VerificationPlan by @​github-actions (#​238)
  • [KeyBot] fix: robustify RptRequirementHandler JSON parsing by @​github-actions (#​225)
  • [KeyBot] fix: correct nameof() references in DecisionRequirementHandler by @​github-actions (#​241)
  • [KeyBot] refactor: improve VerificationPlan enumerator and clear logic by @​github-actions (#​226)

👨🏼‍💻 Contributors

@​NikiforovAll, @​github-actions and @​github-actions[bot]

Commits viewable in compare view.

Updated Keycloak.AuthServices.Sdk from 2.9.0 to 3.0.0.

Release notes

Sourced from Keycloak.AuthServices.Sdk's releases.

3.0.0

  • feat(aspire): external DB support, issuer pinning, version bumps by @​NikiforovAll (#​253)
  • [KeyBot] fix: propagate RequestAborted in UmaAuthorizationMiddlewareResultHandler by @​github-actions (#​250)
  • [KeyBot] fix: propagate CancellationToken in UmaTokenHandler.CloneRequestAsync by @​github-actions (#​252)
  • [KeyBot] fix: propagate HttpContext.RequestAborted in authorization handlers by @​github-actions (#​249)

👨🏼‍💻 Contributors

@​NikiforovAll, @​github-actions and @​github-actions[bot]

3.0.0-rc.1

  • feat: UMA Support by @​NikiforovAll (#​248)
  • feat!: 3.0.0 release preparation by @​NikiforovAll (#​247)

👨🏼‍💻 Contributors

@​NikiforovAll

2.10.0-rc.1

  • [KeyBot] perf: avoid HashSet allocation in role requirement handlers by @​github-actions (#​221)
  • [KeyBot] docs: improve XML documentation in PoliciesBuilderExtensions and KeycloakAuthorizationServerOptions by @​github-actions (#​237)
  • feat(authorization): add Audience override for per-resource UMA ticket exchange by @​NikiforovAll (#​246)
  • [KeyBot] eng: add startup validators for Keycloak SDK client options by @​github-actions (#​239)
  • feat: add client_secret_jwt sample by @​NikiforovAll (#​245)
  • [KeyBot] test: add WebAppAuthenticationRegistrationTests for OIDC/Cookie options by @​github-actions (#​240)
  • fix: add support cookie-based Web App token retrieval (#​104) by @​github-actions (#​223)
  • chore(docs): update dependencies to fix security vulnerabilities by @​NikiforovAll (#​231)
  • [KeyBot] fix: correct nameof() in requirement handler log messages and add missing XML docs by @​github-actions (#​228)
  • fix(keybot): use correct template variables in status messages by @​NikiforovAll (#​222)
  • fix(keybot): use explicit --repo flag in pre-step gh commands by @​NikiforovAll (#​219)
  • Add agentic workflow repo-assist by @​NikiforovAll (#​217)

🚀 New Features

  • [KeyBot] feat: add AdditionalAudiences to KeycloakAuthenticationOptions by @​github-actions (#​235)

🐛 Bug Fixes

  • [KeyBot] fix: handle non-JSON error bodies in EnsureResponseAsync by @​github-actions (#​244)
  • [KeyBot] fix: robustify RptRequirementHandler JSON parsing by @​github-actions (#​225)
  • [KeyBot] fix: correct nameof() references in DecisionRequirementHandler by @​github-actions (#​241)

🧰 Maintenance

  • [KeyBot] perf: single-pass org claims scan and avoid ToArray in VerificationPlan by @​github-actions (#​238)
  • [KeyBot] fix: robustify RptRequirementHandler JSON parsing by @​github-actions (#​225)
  • [KeyBot] fix: correct nameof() references in DecisionRequirementHandler by @​github-actions (#​241)
  • [KeyBot] refactor: improve VerificationPlan enumerator and clear logic by @​github-actions (#​226)

👨🏼‍💻 Contributors

@​NikiforovAll, @​github-actions and @​github-actions[bot]

Commits viewable in compare view.

Updated Microsoft.AspNetCore.Authentication.JwtBearer from 10.0.5 to 10.0.7.

Release notes

Sourced from Microsoft.AspNetCore.Authentication.JwtBearer's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.AspNetCore.Mvc.Testing from 10.0.5 to 10.0.7.

Release notes

Sourced from Microsoft.AspNetCore.Mvc.Testing's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.EntityFrameworkCore.InMemory from 10.0.5 to 10.0.7.

Release notes

Sourced from Microsoft.EntityFrameworkCore.InMemory's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.Extensions.Configuration.Abstractions from 10.0.5 to 10.0.7.

Release notes

Sourced from Microsoft.Extensions.Configuration.Abstractions's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.Extensions.Configuration.Json from 10.0.5 to 10.0.7.

Release notes

Sourced from Microsoft.Extensions.Configuration.Json's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.Extensions.DependencyInjection.Abstractions from 10.0.5 to 10.0.7.

Release notes

Sourced from Microsoft.Extensions.DependencyInjection.Abstractions's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.Extensions.Hosting.Abstractions from 10.0.5 to 10.0.7.

Release notes

Sourced from Microsoft.Extensions.Hosting.Abstractions's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.Extensions.Http.Resilience from 10.4.0 to 10.5.0.

Release notes

Sourced from Microsoft.Extensions.Http.Resilience's releases.

10.5.0

HTTP Logging Middleware APIs in Microsoft.AspNetCore.Diagnostics.Middleware are now stable. This release also transfers Microsoft.Extensions.VectorData.Abstractions and Microsoft.Extensions.VectorData.ConformanceTests from the Semantic Kernel repository into dotnet/extensions, jumping from 10.1.0 to 10.5.0 for consistent versioning. The release also delivers fixes across the AI libraries, AI Evaluation, and Service Discovery.

Breaking Changes

  1. Rename VectorStoreVectorAttribute constructor parameter #​7460
    • The Dimensions parameter was renamed to dimensions (lowercase). This is a source-breaking change only — binary compatibility is preserved.
    • If you use the named argument syntax new VectorStoreVectorAttribute(Dimensions: 1536), update it to new VectorStoreVectorAttribute(dimensions: 1536).

Experimental API Changes

Now Stable

  • HTTP Logging Middleware APIs are now stable (previously EXTEXP0013): AddHttpLogEnricher<T>, IHttpLogEnricher, and RequestHeadersLogEnricherOptions.HeadersDataClasses #​7380

What's Changed

AI

  • Fix OpenAIResponsesChatClient to respect "store":false in responses #​7417 by @​stephentoub
  • Fix InvalidOperationException in CoalesceWebSearchToolCallContent #​7419 by @​stephentoub
  • Handle F# optional parameters in AIFunctionFactory schema generation #​7439 by @​eiriktsarpalis
  • Fix ComputerCallResponseItem using Item.Id instead of CallId #​7446 by @​jozkee
  • Fix HostedFileContent with image MIME type sent as input_file instead of input_image #​7438 by @​stephentoub (co-authored by @​copilot)
  • Guard Activity.Current restore with null check in OpenTelemetry streaming clients #​7443 by @​stephentoub (co-authored by @​copilot)
  • Enable stateless mode in remote MCP server template (released as v1.2.0 on 2026-04-01) #​7441 by @​jeffhandley

Vector Data

  • Move Microsoft.Extensions.VectorData.Abstractions over from Semantic Kernel #​7434 by @​roji
  • Rename VectorStoreVectorAttribute dimensions constructor parameter #​7460 by @​roji

AI Evaluation

  • Add Path Validation for DiskBasedResponseCache and DiskBasedResultStore #​7397 by @​peterwald
  • Update brace-expansion for CVE-2026-33750 #​7457 by @​SamMonoRT

ASP.NET Core Extensions

  • Removing experimental attribute from Http logging middleware #​7380 by @​mariamgerges

Service Discovery

  • Implement RFC6761 reserved DNS names handling #​6924 by @​rzikm

Documentation Updates

  • Remove per-library CHANGELOG.md files #​7413 by @​jeffhandley

Test Improvements

... (truncated)

10.4.1

This release of the Microsoft.Extensions.AI packages adds new experimental APIs for Realtime client sessions and Text-to-Speech, along with OpenTelemetry and middleware improvements.

Packages in this release

Package Version
Microsoft.Extensions.AI.Abstractions 10.4.1
Microsoft.Extensions.AI 10.4.1
Microsoft.Extensions.AI.OpenAI 10.4.1

Experimental API Changes

New Experimental APIs

  • New experimental API: Realtime Client Sessions #​7285 and #​7399
  • New experimental API: Text-to-Speech Client #​7381

Changes to Experimental APIs

  • Hosted File Download Stream: write-path methods now explicitly throw NotSupportedException #​7394

What's Changed

AI

  • Add ITextToSpeechClient abstraction, middleware, and OpenAI implementation #​7381 by @​stephentoub
  • Realtime Client Proposal #​7285 by @​tarekgh
  • Add VoiceActivityDetection options to realtime session abstractions #​7399 by @​tarekgh
  • Make UriContent mediaType parameter optional with inference from URI file extension #​7398 by @​stephentoub (co-authored by @​Copilot)
  • Emit gen_ai.client.operation.exception via ILogger LoggerMessage on OpenTelemetry instrumentation classes #​7379 by @​stephentoub (co-authored by @​Copilot)
  • Support invoke_workflow as an equivalent parent span to invoke_agent in FunctionInvokingChatClient #​7382 by @​stephentoub (co-authored by @​Copilot)
  • Make HostedFileDownloadStream explicitly read-only #​7394 by @​stephentoub (co-authored by @​Copilot)

Documentation Updates

  • Document JSON schema derivation for return types in AIFunctionFactory #​7400 by @​stephentoub (co-authored by @​Copilot)

Test Improvements

  • Fix test warnings #​7369 by @​jozkee
  • Add tests for JSON deserialization of serializable types #​7373 by @​stephentoub (co-authored by @​Copilot)

Repository Infrastructure Updates

  • Update Package Validation Baseline to 10.4.0 #​7389 by @​jeffhandley (co-authored by @​Copilot)
  • Update ModelContextProtocol libraries to version 1.0.0 #​7340 by @​stephentoub (co-authored by @​Copilot)

Acknowledgements

  • @​eiriktsarpalis @​ericstj @​CodeBlanch @​lmolkova @​adamsitnik @​joperezr reviewed pull requests
    ... (truncated)

Commits viewable in compare view.

Updated Microsoft.Extensions.Logging.Abstractions from 10.0.5 to 10.0.7.

Release notes

Sourced from Microsoft.Extensions.Logging.Abstractions's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.Extensions.Options from 10.0.5 to 10.0.7.

Release notes

Sourced from Microsoft.Extensions.Options's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.Extensions.Options.ConfigurationExtensions from 10.0.5 to 10.0.7.

Release notes

Sourced from Microsoft.Extensions.Options.ConfigurationExtensions's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.Extensions.Options.DataAnnotations from 10.0.5 to 10.0.7.

Release notes

Sourced from Microsoft.Extensions.Options.DataAnnotations's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.Extensions.ServiceDiscovery from 10.4.0 to 10.5.0.

Release notes

Sourced from Microsoft.Extensions.ServiceDiscovery's releases.

10.5.0

HTTP Logging Middleware APIs in Microsoft.AspNetCore.Diagnostics.Middleware are now stable. This release also transfers Microsoft.Extensions.VectorData.Abstractions and Microsoft.Extensions.VectorData.ConformanceTests from the Semantic Kernel repository into dotnet/extensions, jumping from 10.1.0 to 10.5.0 for consistent versioning. The release also delivers fixes across the AI libraries, AI Evaluation, and Service Discovery.

Breaking Changes

  1. Rename VectorStoreVectorAttribute constructor parameter #​7460
    • The Dimensions parameter was renamed to dimensions (lowercase). This is a source-breaking change only — binary compatibility is preserved.
    • If you use the named argument syntax new VectorStoreVectorAttribute(Dimensions: 1536), update it to new VectorStoreVectorAttribute(dimensions: 1536).

Experimental API Changes

Now Stable

  • HTTP Logging Middleware APIs are now stable (previously EXTEXP0013): AddHttpLogEnricher<T>, IHttpLogEnricher, and RequestHeadersLogEnricherOptions.HeadersDataClasses #​7380

What's Changed

AI

  • Fix OpenAIResponsesChatClient to respect "store":false in responses #​7417 by @​stephentoub
  • Fix InvalidOperationException in CoalesceWebSearchToolCallContent #​7419 by @​stephentoub
  • Handle F# optional parameters in AIFunctionFactory schema generation #​7439 by @​eiriktsarpalis
  • Fix ComputerCallResponseItem using Item.Id instead of CallId #​7446 by @​jozkee
  • Fix HostedFileContent with image MIME type sent as input_file instead of input_image #​7438 by @​stephentoub (co-authored by @​copilot)
  • Guard Activity.Current restore with null check in OpenTelemetry streaming clients #​7443 by @​stephentoub (co-authored by @​copilot)
  • Enable stateless mode in remote MCP server template (released as v1.2.0 on 2026-04-01) #​7441 by @​jeffhandley

Vector Data

  • Move Microsoft.Extensions.VectorData.Abstractions over from Semantic Kernel #​7434 by @​roji
  • Rename VectorStoreVectorAttribute dimensions constructor parameter #​7460 by @​roji

AI Evaluation

  • Add Path Validation for DiskBasedResponseCache and DiskBasedResultStore #​7397 by @​peterwald
  • Update brace-expansion for CVE-2026-33750 #​7457 by @​SamMonoRT

ASP.NET Core Extensions

  • Removing experimental attribute from Http logging middleware #​7380 by @​mariamgerges

Service Discovery

  • Implement RFC6761 reserved DNS names handling #​6924 by @​rzikm

Documentation Updates

  • Remove per-library CHANGELOG.md files #​7413 by @​jeffhandley

Test Improvements

... (truncated)

10.4.1

This release of the Microsoft.Extensions.AI packages adds new experimental APIs for Realtime client sessions and Text-to-Speech, along with OpenTelemetry and middleware improvements.

Packages in this release

Package Version
Microsoft.Extensions.AI.Abstractions 10.4.1
Microsoft.Extensions.AI 10.4.1
Microsoft.Extensions.AI.OpenAI 10.4.1

Experimental API Changes

New Experimental APIs

  • New experimental API: Realtime Client Sessions #​7285 and #​7399
  • New experimental API: Text-to-Speech Client #​7381

Changes to Experimental APIs

  • Hosted File Download Stream: write-path methods now explicitly throw NotSupportedException #​7394

What's Changed

AI

  • Add ITextToSpeechClient abstraction, middleware, and OpenAI implementation #​7381 by @​stephentoub
  • Realtime Client Proposal #​7285 by @​tarekgh
  • Add VoiceActivityDetection options to realtime session abstractions #​7399 by @​tarekgh
  • Make UriContent mediaType parameter optional with inference from URI file extension #​7398 by @​stephentoub (co-authored by @​Copilot)
  • Emit gen_ai.client.operation.exception via ILogger LoggerMessage on OpenTelemetry instrumentation classes #​7379 by @​stephentoub (co-authored by @​Copilot)
  • Support invoke_workflow as an equivalent parent span to invoke_agent in FunctionInvokingChatClient #​7382 by @​stephentoub (co-authored by @​Copilot)
  • Make HostedFileDownloadStream explicitly read-only #​7394 by @​stephentoub (co-authored by @​Copilot)

Documentation Updates

  • Document JSON schema derivation for return types in AIFunctionFactory #​7400 by @​stephentoub (co-authored by @​Copilot)

Test Improvements

  • Fix test warnings #​7369 by @​jozkee
  • Add tests for JSON deserialization of serializable types #​7373 by @​stephentoub (co-authored by @​Copilot)

Repository Infrastructure Updates

  • Update Package Validation Baseline to 10.4.0 #​7389 by @​jeffhandley (co-authored by @​Copilot)
  • Update ModelContextProtocol libraries to version 1.0.0 #​7340 by @​stephentoub (co-authored by @​Copilot)

Acknowledgements

  • @​eiriktsarpalis @​ericstj @​CodeBlanch @​lmolkova @​adamsitnik @​joperezr reviewed pull requests
    ... (truncated)

Commits viewable in compare view.

Updated Microsoft.NET.Test.Sdk from 18.4.0 to 18.5.1.

Release notes

Sourced from Microsoft.NET.Test.Sdk's releases.

18.5.1

What's Changed

Full Changelog: microsoft/vstest@v18.5.0...v18.5.1

18.5.0

⚠️ Unlisted on Nuget, because of #​15718

What's Changed

Full Changelog: microsoft/vstest@v18.4.0...v18.5.0

Commits viewable in compare view.

Updated OpenTelemetry.Exporter.OpenTelemetryProtocol from 1.15.1 to 1.15.3.

Release notes

Sourced from OpenTelemetry.Exporter.OpenTelemetryProtocol's releases.

1.15.3

For highlights and announcements pertaining to this release see: Release Notes > 1.15.3.

The following changes are from the previous release 1.15.2.

  • NuGet: OpenTelemetry v1.15.3

    • Fix resource leak in batch and periodic exporting task workers for Blazor/WASM.
      (#​7069)

    • Fixed LogRecord.LogLevel to preserve LogLevel.None and handle
      unspecified or out-of-range severities without returning invalid enum values.
      (#​7092)

    • Fixed OTEL_TRACES_SAMPLER_ARG handling to treat out-of-range, NaN, and
      infinite values as invalid and fall back to the default ratio when using
      traceidratio and parentbased_traceidratio samplers.
      (#​7103)

    See CHANGELOG for details.

  • NuGet: OpenTelemetry.Api v1.15.3

    • Fix baggage and trace headers not respecting the maximum length in some cases.
      (#​7061)

    • Improve efficiency of parsing of baggage and B3 propagation headers.
      (#​7061)

    • Breaking change: Fixed tracestate parsing to reject keys that do not
      begin with a lowercase letter, including keys beginning with digits, to
      align with the W3C Trace Context specification.
      (#​7065)

    • Fixed BaggagePropagator to trim optional whitespace (OWS) around =
      separators when parsing the baggage header, as required by the
      W3C Baggage specification.
      (#​7009)

    • Fixed BaggagePropagator to strip baggage properties (e.g. ;metadata)
      from values when parsing the baggage header.
      (#​7009)

    See CHANGELOG for details.

  • NuGet: OpenTelemetry.Api.ProviderBuilderExtensions v1.15.3

    No notable changes.

    See CHANGELOG for details.

... (truncated)

1.15.3-beta.1

The following changes are from the previous release 1.15.2-beta.1.

Description has been truncated

Dependabo...

Description has been truncated

@dependabot
Bump coverlet.collector and 29 others
179d969 
Bumps coverlet.collector from 8.0.1 to 10.0.0
Bumps coverlet.msbuild from 8.0.1 to 10.0.0
Bumps Grpc.AspNetCore from 2.76.0 to 2.80.0
Bumps Grpc.Core.Api from 2.76.0 to 2.80.0
Bumps Grpc.Net.Client from 2.76.0 to 2.80.0
Bumps Grpc.Net.ClientFactory from 2.76.0 to 2.80.0
Bumps Keycloak.AuthServices.Authentication from 2.9.0 to 3.0.0
Bumps Keycloak.AuthServices.Authorization from 2.9.0 to 3.0.0
Bumps Keycloak.AuthServices.Common from 2.9.0 to 3.0.0
Bumps Keycloak.AuthServices.Sdk from 2.9.0 to 3.0.0
Bumps Microsoft.AspNetCore.Authentication.JwtBearer from 10.0.5 to 10.0.7
Bumps Microsoft.AspNetCore.Mvc.Testing from 10.0.5 to 10.0.7
Bumps Microsoft.EntityFrameworkCore.InMemory from 10.0.5 to 10.0.7
Bumps Microsoft.Extensions.Configuration.Abstractions from 10.0.5 to 10.0.7
Bumps Microsoft.Extensions.Configuration.Json from 10.0.5 to 10.0.7
Bumps Microsoft.Extensions.DependencyInjection.Abstractions from 10.0.5 to 10.0.7
Bumps Microsoft.Extensions.Hosting.Abstractions from 10.0.5 to 10.0.7
Bumps Microsoft.Extensions.Http.Resilience from 10.4.0 to 10.5.0
Bumps Microsoft.Extensions.Logging.Abstractions from 10.0.5 to 10.0.7
Bumps Microsoft.Extensions.Options from 10.0.5 to 10.0.7
Bumps Microsoft.Extensions.Options.ConfigurationExtensions from 10.0.5 to 10.0.7
Bumps Microsoft.Extensions.Options.DataAnnotations from 10.0.5 to 10.0.7
Bumps Microsoft.Extensions.ServiceDiscovery from 10.4.0 to 10.5.0
Bumps Microsoft.NET.Test.Sdk from 18.4.0 to 18.5.1
Bumps OpenTelemetry.Exporter.OpenTelemetryProtocol from 1.15.1 to 1.15.3
Bumps OpenTelemetry.Extensions.Hosting from 1.15.1 to 1.15.3
Bumps OpenTelemetry.Instrumentation.AspNetCore from 1.15.1 to 1.15.2
Bumps OpenTelemetry.Instrumentation.Http from 1.15.0 to 1.15.1
Bumps OpenTelemetry.Instrumentation.Runtime from 1.15.0 to 1.15.1
Bumps System.IdentityModel.Tokens.Jwt from 8.17.0 to 8.18.0

---
updated-dependencies:
- dependency-name: Grpc.AspNetCore
  dependency-version: 2.80.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: Grpc.AspNetCore
  dependency-version: 2.80.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: Grpc.Core.Api
  dependency-version: 2.80.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: Keycloak.AuthServices.Authentication
  dependency-version: 3.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all
- dependency-name: Keycloak.AuthServices.Authorization
  dependency-version: 3.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all
- dependency-name: Keycloak.AuthServices.Authorization
  dependency-version: 3.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all
- dependency-name: Keycloak.AuthServices.Common
  dependency-version: 3.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all
- dependency-name: Keycloak.AuthServices.Sdk
  dependency-version: 3.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all
- dependency-name: Microsoft.AspNetCore.Authentication.JwtBearer
  dependency-version: 10.0.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: Microsoft.Extensions.Configuration.Abstractions
  dependency-version: 10.0.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: Microsoft.Extensions.Configuration.Abstractions
  dependency-version: 10.0.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: Microsoft.Extensions.Configuration.Abstractions
  dependency-version: 10.0.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: Microsoft.Extensions.Configuration.Abstractions
  dependency-version: 10.0.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: Microsoft.Extensions.Configuration.Json
  dependency-version: 10.0.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: Microsoft.Extensions.Configuration.Json
  dependency-version: 10.0.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: Microsoft.Extensions.DependencyInjection.Abstractions
  dependency-version: 10.0.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: Microsoft.Extensions.DependencyInjection.Abstractions
  dependency-version: 10.0.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: Microsoft.Extensions.DependencyInjection.Abstractions
  dependency-version: 10.0.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: Microsoft.Extensions.DependencyInjection.Abstractions
  dependency-version: 10.0.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: Microsoft.Extensions.DependencyInjection.Abstractions
  dependency-version: 10.0.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: Microsoft.Extensions.Hosting.Abstractions
  dependency-version: 10.0.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: Microsoft.Extensions.Hosting.Abstractions
  dependency-version: 10.0.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: Microsoft.Extensions.Hosting.Abstractions
  dependency-version: 10.0.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: Microsoft.Extensions.Hosting.Abstractions
  dependency-version: 10.0.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: Microsoft.Extensions.Http.Resilience
  dependency-version: 10.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: Microsoft.Extensions.Logging.Abstractions
  dependency-version: 10.0.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: Microsoft.Extensions.Options.ConfigurationExtensions
  dependency-version: 10.0.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: Microsoft.Extensions.Options.ConfigurationExtensions
  dependency-version: 10.0.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: Microsoft.Extensions.Options.ConfigurationExtensions
  dependency-version: 10.0.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: Microsoft.Extensions.Options.DataAnnotations
  dependency-version: 10.0.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: Microsoft.Extensions.ServiceDiscovery
  dependency-version: 10.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: OpenTelemetry.Exporter.OpenTelemetryProtocol
  dependency-version: 1.15.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: OpenTelemetry.Extensions.Hosting
  dependency-version: 1.15.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: OpenTelemetry.Instrumentation.AspNetCore
  dependency-version: 1.15.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: OpenTelemetry.Instrumentation.Http
  dependency-version: 1.15.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: OpenTelemetry.Instrumentation.Runtime
  dependency-version: 1.15.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: System.IdentityModel.Tokens.Jwt
  dependency-version: 8.18.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: Grpc.Net.Client
  dependency-version: 2.80.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: Grpc.Net.ClientFactory
  dependency-version: 2.80.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: Microsoft.Extensions.Options
  dependency-version: 10.0.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: Microsoft.AspNetCore.Mvc.Testing
  dependency-version: 10.0.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: Microsoft.EntityFrameworkCore.InMemory
  dependency-version: 10.0.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: Microsoft.Extensions.DependencyInjection.Abstractions
  dependency-version: 10.0.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: System.IdentityModel.Tokens.Jwt
  dependency-version: 8.18.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: coverlet.collector
  dependency-version: 10.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all
- dependency-name: coverlet.msbuild
  dependency-version: 10.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all
- dependency-name: Microsoft.NET.Test.Sdk
  dependency-version: 18.5.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 8, 2026

Labels

The following labels could not be found: area-codeflow. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

This was referenced May 8, 2026
Closed
Closed
Closed
Closed
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants