Bump AutoMapper from 11.0.1 to 16.1.1

[dependabot]

Updated AutoMapper from 11.0.1 to 16.1.1.

Release notes

Sourced from AutoMapper's releases.

16.1.1

What's Changed

• Better async handling of license validation; fixes #​4612 by @​jbogard in Better async handling of license validation; fixes #4612 LuckyPennySoftware/AutoMapper#4613
• More artifacts for builds (test results and SBOM) by @​jbogard in More artifacts for builds (test results and SBOM) LuckyPennySoftware/AutoMapper#4615
• Update Microsoft.Sbom.DotNetTool to 4.1.5 by @​jbogard in Update Microsoft.Sbom.DotNetTool to 4.1.5 LuckyPennySoftware/AutoMapper#4616

Security

Fixed an issue where certain cyclic or self-referential object graphs could trigger uncontrolled recursion during mapping, potentially resulting in stack exhaustion and denial of service.

Applications that process untrusted or attacker-controlled object graphs through affected mapping paths may be impacted.

Users should upgrade to this release.

Security advisory: GHSA-rvv3-g6hj-g44x

Thanks to @​bluefossa for responsibly disclosing this issue.

Full Changelog: LuckyPennySoftware/AutoMapper@v16.1.0...v16.1.1

16.1.0

What's Changed

• Add Debug and Release build configurations to slnx by @​Copilot in Add Debug and Release build configurations to slnx LuckyPennySoftware/AutoMapper#4590
• Migrating to slnx by @​jbogard in Migrating to slnx LuckyPennySoftware/AutoMapper#4589
• Allow disabling of polymorphic LINQ mapping by @​jbogard in Allow disabling of polymorphic LINQ mapping LuckyPennySoftware/AutoMapper#4596
• Fix duplicate BOM in ServiceCollectionExtensions.cs by @​Copilot in Fix duplicate BOM in ServiceCollectionExtensions.cs LuckyPennySoftware/AutoMapper#4600
• Fix review feedback: double semicolon, DI condition integration test, docs example by @​Copilot in Fix review feedback: double semicolon, DI condition integration test, docs example LuckyPennySoftware/AutoMapper#4601
• Adding DI-enabled conditions and pre-conditions; updated docs accordi… by @​jbogard in Adding DI-enabled conditions and pre-conditions; updated docs accordi… LuckyPennySoftware/AutoMapper#4599
• Adding support for DI-enabled destination factories. by @​jbogard in Adding support for DI-enabled destination factories. LuckyPennySoftware/AutoMapper#4603
• Correctly converting nullables for MapAtRuntime; fixes #​4597 by @​jbogard in Correctly converting nullables for MapAtRuntime; fixes #4597 LuckyPennySoftware/AutoMapper#4604
• Correctly handling consecutive uppercase characters; fixes #​4593 by @​jbogard in Correctly handling consecutive uppercase characters; fixes #4593 LuckyPennySoftware/AutoMapper#4605
• Wrapping the exception to provide better feedback to the user; fixes … by @​jbogard in Wrapping the exception to provide better feedback to the user; fixes … LuckyPennySoftware/AutoMapper#4606
• Fixing bug around order of open generic registration by @​jbogard in Fixing bug around order of open generic registration LuckyPennySoftware/AutoMapper#4607
• Adding perpetual licensing by @​jbogard in Adding perpetual licensing LuckyPennySoftware/AutoMapper#4608

New Contributors

• @​Copilot made their first contribution in Add Debug and Release build configurations to slnx LuckyPennySoftware/AutoMapper#4590

Full Changelog: LuckyPennySoftware/AutoMapper@v16.0.0...v16.1.0

16.0.0

What's Changed

• Fix release pipelines by @​jbogard in Fix release pipelines LuckyPennySoftware/AutoMapper#4583
• Adding support for .NET 10 by @​jbogard in Adding support for .NET 10 LuckyPennySoftware/AutoMapper#4586

Full Changelog: LuckyPennySoftware/AutoMapper@v15.1.0...v16.0.0

16.0.0-beta-1

What's Changed

• Fix release pipelines by @​jbogard in Fix release pipelines LuckyPennySoftware/AutoMapper#4583
• Adding support for .NET 10 by @​jbogard in Adding support for .NET 10 LuckyPennySoftware/AutoMapper#4586

Full Changelog: LuckyPennySoftware/AutoMapper@v15.1.0...v16.0.0-beta-1

This release is a beta release that introduces .NET 10 support and package signing. Signed packages means going forward packages can be validated against trusted authorities that the package has been published by Lucky Penny Software and not tampered with.

15.1.0

What's Changed

• remove Microsoft.SourceLink.GitHub by @​SimonCropp in remove Microsoft.SourceLink.GitHub LuckyPennySoftware/AutoMapper#4555
• Direct .NET 4.x support by @​jbogard in Direct .NET 4.x support LuckyPennySoftware/AutoMapper#4569
• Bumping the JsonWebTokens because of GHSA-8g4q-xg66-9fp4; fixes #​4575 by @​jbogard in Bumping the JsonWebTokens because of GHSA-8g4q-xg66-9fp4; fixes #4575 LuckyPennySoftware/AutoMapper#4576
• Provide better exceptions for errors when building the mapping plan by @​jbogard in Provide better exceptions for errors when building the mapping plan LuckyPennySoftware/AutoMapper#4577
• Adding docs for license configuration by @​jbogard in Adding docs for license configuration LuckyPennySoftware/AutoMapper#4581
• Updating refs to fix missing method issue by @​jbogard in Updating refs to fix missing method issue LuckyPennySoftware/AutoMapper#4582

New Contributors

• @​SimonCropp made their first contribution in remove Microsoft.SourceLink.GitHub LuckyPennySoftware/AutoMapper#4555

Full Changelog: LuckyPennySoftware/AutoMapper@v15.0.1...v15.1.0

15.0.1

What's Changed

• Removing public signing; fixes #​4545 by @​jbogard in Removing public signing; fixes #4545 LuckyPennySoftware/AutoMapper#4552
• Adding back missing overloads and reverting registering behavior by @​jbogard in Adding back missing overloads and reverting registering behavior LuckyPennySoftware/AutoMapper#4554

Full Changelog: LuckyPennySoftware/AutoMapper@v15.0.0...v15.0.1

This release supersedes the 15.0.0 release, reverting behavior and overloads so that the AddAutoMapper overloads separate the "scanning for maps" from the "scanning for dependencies". Unfortunately it's not really possible to combine these two together.

This also fixes a critical bug in #​4545 that does not work with .NET 4.x applications (as intended).

Because of this, the 15.0.0 will be delisted because of the breaking changes there.

15.0.0

Full Changelog: LuckyPennySoftware/AutoMapper@v14.0.0...v15.0.0

• Added support for .NET Standard 2.0
• Requiring license key
• Moving from MIT license to dual commercial/OSS license

To set your license key:

services.AddAutoMapper(cfg => {
    cfg.LicenseKey = "<License key here>";
});

This also introduced a breaking change with MapperConfiguration requiring an ILoggerFactory for logging purposes:

public MapperConfiguration(MapperConfigurationExpression configurationExpression, ILoggerFactory loggerFactory)

Registering AutoMapper with services.AddAutoMapper will automatically supply this parameter. Otherwise you'll need to supply the logger factory.

You can obtain your license key at AutoMapper.io

14.0.0

What's Changed

• Reverted the nullable annotations by @​lbargaoanu in Reverted the nullable annotations LuckyPennySoftware/AutoMapper#4390
• Fix polymorphic mapping when some derived types have explicit mappings and others do not by @​kev-andrews in Fix polymorphic mapping when some derived types have explicit mappings and others do not LuckyPennySoftware/AutoMapper#4402
• The default naming conventions for a profile should come from the glo… by @​lbargaoanu in The default naming conventions for a profile should come from the glo… LuckyPennySoftware/AutoMapper#4428
• Fix Issue #​4502 - Confusing exception when trying to map types with … by @​Biotronic in Fix Issue #4502 - Confusing exception when trying to map types with … LuckyPennySoftware/AutoMapper#4503
• Target .net 8 and seal more classes by @​lbargaoanu in Target .net 8 and seal more classes LuckyPennySoftware/AutoMapper#4474
• Target .Net 9 in tests by @​lbargaoanu in Target .Net 9 in tests LuckyPennySoftware/AutoMapper#4507
• Changed lock-threads parameters by @​lbargaoanu in Changed lock-threads parameters LuckyPennySoftware/AutoMapper#4516
• Don't throw and catch on validation by @​lbargaoanu in Don't throw and catch on validation LuckyPennySoftware/AutoMapper#4526

New Contributors

• @​kev-andrews made their first contribution in Fix polymorphic mapping when some derived types have explicit mappings and others do not LuckyPennySoftware/AutoMapper#4402
• @​Biotronic made their first contribution in Fix Issue #4502 - Confusing exception when trying to map types with … LuckyPennySoftware/AutoMapper#4503

Full Changelog: LuckyPennySoftware/AutoMapper@v13.0.1...v14.0.0

13.0.1

What's Changed

• Updating to latest template from readthedocs.io by @​jbogard in Updating to latest template from readthedocs.io LuckyPennySoftware/AutoMapper#4380
• Remove Microsoft.CSharp nuget dependency by @​Romfos in Remove Microsoft.CSharp nuget dependency LuckyPennySoftware/AutoMapper#4381
• We build for .net 6 now by @​lbargaoanu in We build for .net 6 now LuckyPennySoftware/AutoMapper#4382
• Revert "nullable annotations for the runtime public API" by @​jbogard in Revert "nullable annotations for the runtime public API" LuckyPennySoftware/AutoMapper#4388

New Contributors

• @​Romfos made their first contribution in Remove Microsoft.CSharp nuget dependency LuckyPennySoftware/AutoMapper#4381

Full Changelog: LuckyPennySoftware/AutoMapper@v13.0.0...v13.0.1

13.0.0

What's Changed

• Emphasized the ProjectTo method call location by @​jbogard in Emphasized the ProjectTo method call location LuckyPennySoftware/AutoMapper#4105
• Target .NET 6 by @​lbargaoanu in Target .NET 6 LuckyPennySoftware/AutoMapper#4202
• Add the DI code by @​lbargaoanu in Add the DI code LuckyPennySoftware/AutoMapper#4278
• Support mapping of polymorphic collection with abstract parent type by @​kvpt in Support mapping of polymorphic collection with abstract parent type LuckyPennySoftware/AutoMapper#4304
• Constructor mapping inheritance by @​rubengonzalezlodeiro in Constructor mapping inheritance LuckyPennySoftware/AutoMapper#4314
• Add integration test case by @​kvpt in Add integration test case LuckyPennySoftware/AutoMapper#4320
• add options to disable and override ExplicitExpansion by @​Angelinsky7 in add options to disable and override ExplicitExpansion LuckyPennySoftware/AutoMapper#4327
• ProjectTo runtime polymorphic mapping with Include/IncludeBase by @​lbargaoanu in ProjectTo runtime polymorphic mapping with Include/IncludeBase LuckyPennySoftware/AutoMapper#4280

New Contributors

• @​kvpt made their first contribution in Support mapping of polymorphic collection with abstract parent type LuckyPennySoftware/AutoMapper#4304
• @​rubengonzalezlodeiro made their first contribution in Constructor mapping inheritance LuckyPennySoftware/AutoMapper#4314
• @​Angelinsky7 made their first contribution in add options to disable and override ExplicitExpansion LuckyPennySoftware/AutoMapper#4327

Full Changelog: LuckyPennySoftware/AutoMapper@v12.0.1...v13.0.0

12.0.1

What's Changed

• Don't mention a specific upgrade guide anymore by @​lbargaoanu in Don't mention a specific upgrade guide anymore LuckyPennySoftware/AutoMapper#4078
• Null source member should overwrite existing destination member by @​lbargaoanu in Null source member should overwrite existing destination member LuckyPennySoftware/AutoMapper#4083
• Only consider explicitly included maps by @​lbargaoanu in Only consider explicitly included maps LuckyPennySoftware/AutoMapper#4097
• Only dotnet test is needed by @​lbargaoanu in Only dotnet test is needed LuckyPennySoftware/AutoMapper#4197

Full Changelog: LuckyPennySoftware/AutoMapper@v12.0.0...v12.0.1

12.0.0

What's Changed

• Prefer derived interfaces by @​lbargaoanu in Prefer derived interfaces LuckyPennySoftware/AutoMapper#3887
• Converting integration tests to EF Core by @​jbogard in Converting integration tests to EF Core LuckyPennySoftware/AutoMapper#3881
• Use TypePair.ContainsGenericParameters by @​lbargaoanu in Use TypePair.ContainsGenericParameters LuckyPennySoftware/AutoMapper#3918
• allow building on Linux (and probably macOS) by @​adamralph in allow building on Linux (and probably macOS) LuckyPennySoftware/AutoMapper#3938
• Continue chaining after AsProxy by @​korser1 in Continue chaining after AsProxy LuckyPennySoftware/AutoMapper#3895
• chore: Set permissions for GitHub actions by @​naveensrinivasan in chore: Set permissions for GitHub actions LuckyPennySoftware/AutoMapper#3987
• Suppress generic constraint exceptions in GetPublicNoArgExtensionMethods by @​stephentoub in Suppress generic constraint exceptions in GetPublicNoArgExtensionMethods LuckyPennySoftware/AutoMapper#3999
• Default implementation for GetSubQueryMarker by @​lbargaoanu in Default implementation for GetSubQueryMarker LuckyPennySoftware/AutoMapper#3920
• install command from cli is added in README.md by @​nameson2672 in install command from cli is added in README.md LuckyPennySoftware/AutoMapper#3982
• Consider member value resolvers and value converters for source valid… by @​lbargaoanu in Consider member value resolvers and value converters for source valid… LuckyPennySoftware/AutoMapper#4011
• Use Enum.Parse by @​lbargaoanu in Use Enum.Parse<TEnum> LuckyPennySoftware/AutoMapper#4032

New Contributors

• @​naveensrinivasan made their first contribution in chore: Set permissions for GitHub actions LuckyPennySoftware/AutoMapper#3987
• @​stephentoub made their first contribution in Suppress generic constraint exceptions in GetPublicNoArgExtensionMethods LuckyPennySoftware/AutoMapper#3999
• @​nameson2672 made their first contribution in install command from cli is added in README.md LuckyPennySoftware/AutoMapper#3982

Full Changelog: LuckyPennySoftware/AutoMapper@v11.0.1...v12.0.0
Upgrade Guide: https://docs.automapper.org/en/latest/12.0-Upgrade-Guide.html

Commits viewable in compare view.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.