Bump FluentAssertions and 21 others#3119
Closed
dependabot[bot] wants to merge 1 commit into
Closed
Conversation
Bumps FluentAssertions from 6.12.0 to 6.12.2 Bumps JsonSchema.Net from 9.2.1 to 9.2.2 Bumps Microsoft.Data.SqlClient from 5.2.2 to 5.2.3 Bumps Microsoft.Diagnostics.Tracing.TraceEvent from 3.1.3 to 3.2.4 Bumps Microsoft.Extensions.Configuration.EnvironmentVariables from 3.1.2 to 3.1.32 Bumps Microsoft.Extensions.Configuration.Json from 3.1.2 to 3.1.32 Bumps Microsoft.Extensions.FileSystemGlobbing from 3.1.9 to 3.1.32 Bumps Microsoft.Extensions.Logging.Abstractions from 3.1.2 to 3.1.32 Bumps Microsoft.Extensions.Logging.ApplicationInsights from 2.20.0 to 2.23.0 Bumps Microsoft.Extensions.Logging.Console from 3.1.2 to 3.1.32 Bumps Microsoft.Json.Pointer from 2.1.0 to 2.3.0 Bumps Microsoft.Json.Schema from 2.1.0 to 2.3.0 Bumps Microsoft.Json.Schema.Validation from 2.1.0 to 2.3.0 Bumps Microsoft.TeamFoundationServer.Client from 16.170.0 to 16.205.3 Bumps Moq from 4.18.4 to 4.20.72 Bumps Newtonsoft.Json from 13.0.3 to 13.0.4 Bumps System.Collections.Immutable from 5.0.0 to 9.0.8 Bumps System.Composition from 5.0.0 to 5.0.1 Bumps System.Data.SqlClient from 4.8.6 to 4.9.1 Bumps System.Text.Encoding.CodePages to 4.7.1, 6.0.1 Bumps System.Text.Encodings.Web from 6.0.0 to 6.0.1 Bumps YamlDotNet from 11.2.0 to 11.2.1 --- updated-dependencies: - dependency-name: FluentAssertions dependency-version: 6.12.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: JsonSchema.Net dependency-version: 9.2.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: Microsoft.Data.SqlClient dependency-version: 5.2.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: System.Collections.Immutable dependency-version: 9.0.8 dependency-type: direct:production update-type: version-update:semver-major dependency-group: minor-and-patch - dependency-name: Microsoft.Diagnostics.Tracing.TraceEvent dependency-version: 3.2.4 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: Microsoft.Extensions.Configuration.EnvironmentVariables dependency-version: 3.1.32 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: Microsoft.Extensions.Configuration.Json dependency-version: 3.1.32 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: Microsoft.Extensions.FileSystemGlobbing dependency-version: 3.1.32 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: Microsoft.Extensions.Logging.Abstractions dependency-version: 3.1.32 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: Microsoft.Extensions.Logging.ApplicationInsights dependency-version: 2.23.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: Microsoft.Extensions.Logging.Console dependency-version: 3.1.32 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: Microsoft.Json.Pointer dependency-version: 2.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: Microsoft.Json.Schema dependency-version: 2.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: Microsoft.Json.Schema.Validation dependency-version: 2.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: Microsoft.TeamFoundationServer.Client dependency-version: 16.205.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: Moq dependency-version: 4.20.72 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: Newtonsoft.Json dependency-version: 13.0.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: System.Composition dependency-version: 5.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: System.Data.SqlClient dependency-version: 4.9.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: System.Text.Encoding.CodePages dependency-version: 4.7.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: System.Text.Encoding.CodePages dependency-version: 6.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: System.Text.Encodings.Web dependency-version: 6.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: YamlDotNet dependency-version: 11.2.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch ... Signed-off-by: dependabot[bot] <[email protected]>
This was referenced Jul 1, 2026
michaelcfanning
added a commit
that referenced
this pull request
Jul 1, 2026
…lease 5.5.0 Retarget the in-solution .NET Framework projects (net461/net462/net48/net472) to net481 so the four previously-held bumps in the minor-and-patch group can be adopted, completing the takeover of Dependabot group #3119 (all 22 packages). net481 is the highest targetable .NET Framework TFM; 4.8.2 is a runtime servicing update with no distinct TFM or reference-assembly package, and code built for net481 runs on a 4.8.2 runtime. This satisfies the Microsoft-internal 4.8.2 runtime floor while remaining buildable. Held bumps now adopted: Microsoft.Diagnostics.Tracing.TraceEvent 3.2.4, System.Collections.Immutable 9.0.8, System.Reflection.Metadata 9.0.8, System.Data.SqlClient 4.9.1. The newer System.* (9.x) packages pull facade assemblies that forward System.Net.Http / System.IO.Compression types and displace the built-in framework references, and CsvHelper drags in an older Microsoft.Bcl.HashCode. Reference the framework facades explicitly and pin Microsoft.Bcl.HashCode 6.0.0 centrally in build.props for .NETFramework targets so the assembly graph unifies. Also update the packaging framework lists (scripts/Projects.psm1) and the Multitool nuspec Publish/Signing folder references from net462 to net481. The net481 floor drops support for consumers on .NET Framework < 4.8.1, a breaking change; bump the release to 5.5.0 and record the BRK in ReleaseHistory. Co-authored-by: Copilot <[email protected]>
Contributor
Contributor
Author
|
This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests. To ignore these dependencies, configure ignore rules in dependabot.yml |
michaelcfanning
added a commit
that referenced
this pull request
Jul 1, 2026
…elease 5.5.0) (#3120) * Take over Dependabot group #3119 with a descoped, buildable bump set Dependabot group PR #3119 failed CI: the Microsoft.Extensions.Logging.ApplicationInsights 2.20.0 -> 2.23.0 bump marks the InstrumentationKey-based AddApplicationInsights overload [Obsolete], and Release builds treat warnings as errors, so ServiceProviderFactory could no longer compile (this also failed the npm publish job). Migrate ServiceProviderFactory to the non-obsolete AddApplicationInsights overload that accepts an Action<TelemetryConfiguration>: prefer an explicit connection string, and express a legacy instrumentation key as one so both configuration shapes route to the same ingestion. Update the sample appsettings.json to model ConnectionString. Adopt 19 of the 22 group bumps (all green under warnings-as-errors, WorkItems tests pass on net8.0 and net48). Hold four bumps that drag the modern System.* 9.x graph (Microsoft.Bcl.HashCode 6.0) or drop net461 support, which the repo's legacy target frameworks cannot absorb without a net461 -> net462+ migration: - Microsoft.Diagnostics.Tracing.TraceEvent 3.2.4 - System.Collections.Immutable 9.0.8 - System.Reflection.Metadata 9.0.8 - System.Data.SqlClient 4.9.1 Co-authored-by: Copilot <[email protected]> * Raise .NET Framework floor to net481, adopt full dependency group, release 5.5.0 Retarget the in-solution .NET Framework projects (net461/net462/net48/net472) to net481 so the four previously-held bumps in the minor-and-patch group can be adopted, completing the takeover of Dependabot group #3119 (all 22 packages). net481 is the highest targetable .NET Framework TFM; 4.8.2 is a runtime servicing update with no distinct TFM or reference-assembly package, and code built for net481 runs on a 4.8.2 runtime. This satisfies the Microsoft-internal 4.8.2 runtime floor while remaining buildable. Held bumps now adopted: Microsoft.Diagnostics.Tracing.TraceEvent 3.2.4, System.Collections.Immutable 9.0.8, System.Reflection.Metadata 9.0.8, System.Data.SqlClient 4.9.1. The newer System.* (9.x) packages pull facade assemblies that forward System.Net.Http / System.IO.Compression types and displace the built-in framework references, and CsvHelper drags in an older Microsoft.Bcl.HashCode. Reference the framework facades explicitly and pin Microsoft.Bcl.HashCode 6.0.0 centrally in build.props for .NETFramework targets so the assembly graph unifies. Also update the packaging framework lists (scripts/Projects.psm1) and the Multitool nuspec Publish/Signing folder references from net462 to net481. The net481 floor drops support for consumers on .NET Framework < 4.8.1, a breaking change; bump the release to 5.5.0 and record the BRK in ReleaseHistory. Co-authored-by: Copilot <[email protected]> * Hold Microsoft.Json.* dependencies at 2.1.0 Microsoft.Json.Schema.Validation 2.3.0 tightens format: uri enforcement, which surfaces that several SARIF Uri properties (ToolComponent.DownloadUri / InformationUri, TranslationMetadata's) lack a [JsonConverter(typeof(UriConverter))] attribute and therefore serialize a raw OriginalString rather than a percent-encoded URI. This is a genuine latent gap that warrants its own focused change (take 2.3.0 + add the missing converter attributes), so hold Microsoft.Json.Pointer / Schema / Schema.Validation at 2.1.0 for this release and keep the remaining dependency-group bumps and the net481 floor. Co-authored-by: Copilot <[email protected]> --------- Co-authored-by: Copilot <[email protected]>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Updated FluentAssertions from 6.12.0 to 6.12.2.
Release notes
Sourced from FluentAssertions's releases.
6.12.2
What's Changed
Others
Full Changelog: fluentassertions/fluentassertions@6.12.1...6.12.2
6.12.1
What's Changed
Improvements
BeEmpty()andBeNullOrEmpty()performance forIEnumerable<T>, by materializing only the first item - #2530Fixes
DateTimeOffsetwithBeWithin(...).Before(...)- #2312BeEquivalentTowill now find and can map subject properties that are implemented through an explicitly-implemented interface - #2152becauseandbecauseArgswere not passed down the equivalency tree - #2318BeEquivalentTocan again compare a non-genericIDictionarywith a generic one - #2358FormattingOptionswere not respected in innerAssertionScope- #2329trueandfalsein failure messages and make them formattable to a customBooleanFormatter- #2390, #2393NotBeOfTypewhen wrapped in anAssertionScopeand the subject is null - #2399BeWritable/BeReadablewhen wrapped in anAssertionScopeand the subject is read-only/write-only - #2399ThrowExactly[Async]when wrapped in anAssertionScopeand no exception is thrown - #2398[Not]HaveExplicitPropertywhen wrapped in anAssertionScopeand not implementing the interface - #2403[Not]HaveExplicitMethodwhen wrapped in anAssertionScopeand not implementing the interface - #2403BeEquivalentToto excludeprivate protectedmembers from the comparison - #2417BeEquivalentToon an emptyArraySegment- #2445, #2511BeEquivalentTowith a custom comparer can now handle null values - #2489AssertionScope(context)create a chained context - #2607AssertionScopeconstructor would not create an actual scope associated with the thread - #2607ThrowWithinAsyncnot respectingOperationCanceledException- #2614BeEquivalentTowith anIEqualityComparertargeting nullable types - #2648Full Changelog: fluentassertions/fluentassertions@6.12.0...6.12.1
Commits viewable in compare view.
Updated JsonSchema.Net from 9.2.1 to 9.2.2.
Release notes
Sourced from JsonSchema.Net's releases.
No release notes found for this version range.
Commits viewable in compare view.
Updated Microsoft.Data.SqlClient from 5.2.2 to 5.2.3.
Release notes
Sourced from Microsoft.Data.SqlClient's releases.
5.2.3
This update brings the following changes since the 5.2.2 release:
Fixed
NullPointerExceptionduring socket receive (PR #3284)Changed
Commits viewable in compare view.
Pinned Microsoft.Diagnostics.Tracing.TraceEvent at 3.2.4.
Release notes
Sourced from Microsoft.Diagnostics.Tracing.TraceEvent's releases.
3.2.4
Security
This release contains security hardening fixes for a number of malformed-input parsing and path-traversal vulnerabilities:
What's Changed
Full Changelog: microsoft/perfview@v3.2.3...v3.2.4
3.2.3
What's Changed
New Contributors
Full Changelog: microsoft/perfview@v3.2.2...v3.2.3
3.2.2
What's Changed
Full Changelog: microsoft/perfview@v3.2.1...v3.2.2
3.2.1
Native and R2R Symbol Download and Parsing Now Available
As of this release, if you capture a trace using
dotnet-trace collect-linuxorrecord-trace, native and R2R symbols can now be downloaded and resolved at analysis time. All .NET symbols (both native and R2R) are available on the Microsoft Symbol Server. Additionally, many Azure Linux symbol files are available on the Microsoft Symbol Server. For those targeting other distros, PerfView and TraceEvent are capable of pulling those symbol files from local directories by adding a local symbol path pointing to the files.Most of the work for this was completed in PerfView and TraceEvent 3.2.1 with the final required fixes present in this release.
What's Changed
Full Changelog: microsoft/perfview@v3.2.0...v3.2.1
3.2.0
What's Changed
New Contributors
Full Changelog: microsoft/perfview@v3.1.30...v3.2.0
3.1.30
What's Changed
New Contributors
Full Changelog: microsoft/perfview@v3.1.29...v3.1.30
3.1.29
What's Changed
Full Changelog: microsoft/perfview@v3.1.28...v3.1.29
3.1.28
What's Changed
Full Changelog: microsoft/perfview@v3.1.26...v3.1.28
3.1.26
Roll-up through 2025/10/10.
ETWTraceEventSource#2291NettraceUniversalConverter#2292PATH#22963.1.24
Roll-up through 2025/08/26.
3.1.23
Roll-up through 2025/07/11.
3.1.22
Roll-up through 2025/06/04.
3.1.21
Roll-up through 2025/05/02.
3.1.20
Roll-up through 2025/04/01.
3.1.19
Roll-up through 2025/01/30.
3.1.18
Roll-up through 2024/12/11.
perfcollectinstall script on Azure Linux 3.System.Text.Jsonto address Microsoft Security Advisory CVE-2024-43485 | .NET Denial of Service Vulnerability dotnet/announcements#329.3.1.17
Roll-up through 2024/11/08.
3.1.16
Roll-up through 2024/10/11.
3.1.15
/buildLayoutresulted in an error when the user hadn't previously run PerfView on the machine.3.1.14
Roll-up through 2024/08/26.
Microsoft.Diagnostics.NETCore.Clientdependency to the TraceEvent./QSpectre./buildLayout <path>to PerfView. This allows users to build a self-contained fully-extracted version of PerfView that doesn't depend on%appdata%. This is useful for certain deployment mechanisms where the deployed PerfView shouldn't impact PerfView in%appdata%.3.1.13
Roll-up through 2024/07/15.
3.1.12
Roll-up through 2024/06/13.
3.1.11
Roll-up through 2024/06/10.
3.1.10
Roll-up through 2024/05/02.
3.1.9
Roll-up through 2024/03/07.
3.1.8
Roll-up through 2024/01/31.
ETWTraceEventSource.DispatchBehaviorto control whether theTaskIDis fetched from the event header, or consumed from the hardcoded value in the parser. Used for scenarios where theTaskIDis modified by a trace processing tool or when theTaskIDotherwise varies.RelatedActivityIDin real-time sessions.3.1.7
Roll-up through 2023/12/05.
3.1.6
Roll-up through 2023/10/20.
3.1.5
Roll-up through 2023/08/24.
3.1.4
Roll-up through 2023/07/31.
Commits viewable in compare view.
Pinned Microsoft.Extensions.Configuration.EnvironmentVariables at 3.1.32.
Release notes
Sourced from Microsoft.Extensions.Configuration.EnvironmentVariables's releases.
3.1.32
Release
3.1.31
Release
3.1.30
Release
3.1.29
3.1.28
Release
3.1.27
Release
3.1.26
Release
3.1.25
Release
3.1.24
Release
3.1.22
https://github.com/dotnet/core/releases/tag/v3.1.22
3.1.20
Release
3.1.19
Release
3.1.18
Release
3.1.17
Release
3.1.16
Release
3.1.15
Release
3.1.14
Release
3.1.13
Release
3.1.12
Repos
3.1.11
Repos
3.1.10
Repos
3.1.9
Repos
3.1.8
Repos
3.1.7
Repos
3.1.6
Repos
3.1.5
Repos
3.1.4
Repos
3.1.3
Release Notes
Install Instructions
Repos
Release Notes
Install Instructions
Commits viewable in compare view.
Pinned Microsoft.Extensions.Configuration.Json at 3.1.32.
Release notes
Sourced from Microsoft.Extensions.Configuration.Json's releases.
3.1.32
Release
3.1.31
Release
3.1.30
Release
3.1.29
3.1.28
Release
3.1.27
Release
3.1.26
Release
3.1.25
Release
3.1.24
Release
3.1.22
https://github.com/dotnet/core/releases/tag/v3.1.22
3.1.20
Release
3.1.19
Release
3.1.18
Release
3.1.17
Release
3.1.16
Release
3.1.15
Release
3.1.14
Release
3.1.13
Release
3.1.12
Repos
3.1.11
Repos
3.1.10
Repos
3.1.9
Repos
3.1.8
Repos
3.1.7
Repos
3.1.6
Repos
3.1.5
Repos
3.1.4
Repos
3.1.3
Release Notes
Install Instructions
Repos
Release Notes
Install Instructions
Commits viewable in compare view.
Updated Microsoft.Extensions.FileSystemGlobbing from 3.1.9 to 3.1.32.
Release notes
Sourced from Microsoft.Extensions.FileSystemGlobbing's releases.
3.1.32
Release
3.1.31
Release
3.1.30
Release
3.1.29
3.1.28
Release
3.1.27
Release
3.1.26
Release
3.1.25
Release
3.1.24
Release
3.1.22
https://github.com/dotnet/core/releases/tag/v3.1.22
3.1.20
Release
3.1.19
Release
3.1.18
Release
3.1.17
Release
3.1.16
Release
3.1.15
Release
3.1.14
Release
3.1.13
Release
3.1.12
Repos
3.1.11
Repos
3.1.10
Repos
Commits viewable in compare view.
Pinned Microsoft.Extensions.Logging.Abstractions at 3.1.32.
Release notes
Sourced from Microsoft.Extensions.Logging.Abstractions's releases.
3.1.32
Release
3.1.31
Release
3.1.30
Release
3.1.29
3.1.28
Release
3.1.27
Release
3.1.26
Release
3.1.25
Release
3.1.24
Release
3.1.22
https://github.com/dotnet/core/releases/tag/v3.1.22
3.1.20
Release
3.1.19
Release
3.1.18
Release
3.1.17
Release
3.1.16
Release
3.1.15
Release
3.1.14
Release
3.1.13
Release
3.1.12
Repos
3.1.11
Repos
3.1.10
Repos
3.1.9
Repos
3.1.8
Repos
3.1.7
Repos
3.1.6
Repos
3.1.5
Repos
3.1.4
Repos
3.1.3
Release Notes
Install Instructions
Repos
Release Notes
Install Instructions
Commits viewable in compare view.
Pinned Microsoft.Extensions.Logging.ApplicationInsights at 2.23.0.
Release notes
Sourced from Microsoft.Extensions.Logging.ApplicationInsights's releases.
2.23.0
2.23.0-beta1
2.22.0
2.22.0-beta4
2.22.0-beta3
ActivityRecorded flags were modified externally, when enabled side-by-side with OpenTelemetry or other solutions.2.22.0-beta2
2.22.0-beta1
2.21.0
2.21.0-beta3
Newtonsoft.Json(GHSA-5crp-9r3c-p9vr).Mitigation is to upgrade dependencies in
Microsoft.ApplicationInsights.AspNetCore(#2615)Microsoft.Extensions.Configuration.Jsonfrom v2.1.0 to v3.1.0.System.Text.Encodings.Webfrom 4.5.1 to 4.7.2.2.21.0-beta2
SharedtoMicrosoftnamespaceMitigation for TelemetryClient.Flush deadlocks (#1186)
2.21.0-beta1
Commits viewable in compare view.
Pinned Microsoft.Extensions.Logging.Console at 3.1.32.
Release notes
Sourced from Microsoft.Extensions.Logging.Console's releases.
3.1.32
Release
3.1.31
Release
3.1.30
Release
3.1.29
3.1.28
Release
3.1.27
Release
3.1.26
Release
3.1.25
Release
3.1.24
Release
3.1.22
https://github.com/dotnet/core/releases/tag/v3.1.22
3.1.20
Release
3.1.19
Release
3.1.18
Release
3.1.17
Release
3.1.16
Release
3.1.15
Release
3.1.14
Release
3.1.13
Release
3.1.12
Description has been truncated