Skip to content

chore(nuget): Bump the microsoft group with 6 updates#96

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/nuget/microsoft-47da3cc6c4
Open

chore(nuget): Bump the microsoft group with 6 updates#96
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/nuget/microsoft-47da3cc6c4

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 13, 2026

Updated Microsoft.Azure.Cosmos from 3.56.0 to 3.58.0.

Release notes

Sourced from Microsoft.Azure.Cosmos's releases.

3.58.0

3.58.0 - 2026-3-20

Added

  • 5447 Per Partition Automatic Failover: Adds Hub Region Processing Only While Routing Requests Failed with 404/1002 for single master accounts
  • 5551 HPK: Adds internal CosmosClientOptions flag UseLengthAwareRangeComparer for length aware range comparer rollout
  • 5582 Query: Adds ability to choose global vs local/focused statistics for FullTextScore
  • 5610 Refactors N-Region Synchronous Commit feature to use IServiceConfigurationReaderVNext interface.
  • 5693 ThinClient Integration: Adds Enable Multiple Http2 connection on SocketsHttpHandler
  • 5614 ThinClient Integration: Adds support for QueryPlan in thinclient mode

Fixed

  • 5597 CosmosClient: Fixes ObjectDisposedException message when client is disposed during request
  • 5613 CrossRegionHedgingAvailabilityStrategy: Fixes ArgumentNullException race condition in hedging cancellation
  • 5650 Batch: Fixes null ErrorMessage when promoting status from MultiStatus response
  • 5651 Serializer: Fixes unsafe stream cast in FromStream
  • 5697 ResourceThrottleRetryPolicy: Fixes cumulativeRetryDelay tracking when x-ms-retry-after-ms header is absent

3.58.0-preview.0

3.58.0-preview.0 - 2026-1-15

Added

  • 5511 Tracing: Adds tracing improvements for pkrange refresh calls
  • 5515 [FullTextPolicy]: Adds tests for full text policy multi-language support.
  • 5529 [Thin Client Integration]: Adds support for store procedure in thinclient mode.
  • 5535 [Thin Client Integration]: Adds thinclient header for refresh account data requests.

Fixed

  • 5512 ChangeFeed: Fixes crts field being nullable
  • 5517 SystemTextSerializer: Fixes serialization to preserve polymorphic serialization when base type is marked [JsonPolymorphic]
  • 5498 Query: Fixes hybrid search query plan optimization to be enabled by default
  • 5543 Query: Fixes GetItemQueryIterator to honor the supplied (optional) FeedRange
  • 5541 Upsert/Batch: Fixes bug where RequestOptions are not honored for Upsert requests in Bulk Mode
  • 5544 Query : Fixes LINQ API to support builtin functions - ARRAY_CONTAINS_ALL and ARRAY_CONTAINS_ANY

3.58.0-preivew.1

3.58.0-preview.1 - 2026-2-20

Fixed

  • 5613 CrossRegionHedgingAvailabilityStrategy: Fixes ArgumentNullException race condition in hedging cancellation

3.57.1

3.57.1 - 2026-2-20

Fixed

  • 5613 CrossRegionHedgingAvailabilityStrategy: Fixes ArgumentNullException race condition in hedging cancellation

3.57.0

3.57.0 - 2026-1-15

Added

  • 5511 Tracing: Adds tracing improvements for pkrange refresh calls
  • 5515 [FullTextPolicy]: Adds tests for full text policy multi-language support.
  • 5529 [Thin Client Integration]: Adds support for store procedure in thinclient mode.
  • 5535 [Thin Client Integration]: Adds thinclient header for refresh account data requests.

Fixed

  • 5512 ChangeFeed: Fixes crts field being nullable
  • 5517 SystemTextSerializer: Fixes serialization to preserve polymorphic serialization when base type is marked [JsonPolymorphic]
  • 5498 Query: Fixes hybrid search query plan optimization to be enabled by default
  • 5543 Query: Fixes GetItemQueryIterator to honor the supplied (optional) FeedRange
  • 5541 Upsert/Batch: Fixes bug where RequestOptions are not honored for Upsert requests in Bulk Mode
  • 5544 Query : Fixes LINQ API to support builtin functions - ARRAY_CONTAINS_ALL and ARRAY_CONTAINS_ANY

3.57.0-preview.1

3.57.0-preview.1 - 2025-12-16

Fixed

  • 5528 Semantic Reranking: Refactors RerankResult.Document to return string type

3.57.0-preview.0

3.57.0-preview.0 - 2025-11-25

Added

  • 5445 Semantic Rerank: Adds Semantic Rerank API

Commits viewable in compare view.

Updated Microsoft.Azure.Functions.Worker.Extensions.Storage.Queues from 5.5.3 to 5.5.4.

Release notes

Sourced from Microsoft.Azure.Functions.Worker.Extensions.Storage.Queues's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.Graph from 5.100.0 to 5.103.0.

Release notes

Sourced from Microsoft.Graph's releases.

5.103.0

5.103.0 (2026-02-19)

Features

  • generation: update request builders and models (bf1a051)

5.102.0

5.102.0 (2026-02-05)

Features

5.101.0

5.101.0 (2026-01-22)

Features

Commits viewable in compare view.

Updated Microsoft.Identity.Web from 4.3.0 to 4.7.0.

Release notes

Sourced from Microsoft.Identity.Web's releases.

4.7.0

4.7.0

Bug fixes

  • Updates to Microsoft.Identity.Abstractions 12.0.0 to revert breaking changes introduced in Abstractions 11.0.0. (On .NET 10 target, Certificate extension method in CredentialDescription was reverted to normal property.) See #​3767.

4.6.0

What's Changed

Full Changelog: AzureAD/microsoft-identity-web@4.5.0...4.6.0

4.5.0

New features

  • Add support for certificate store lookup by subject name. See #​3742.

Dependencies updates

  • Bump minimatch in /tests/DevApps/SidecarAdapter/typescript. See #​3739.
  • Bump rollup from 4.52.3 to 4.59.0 in /tests/DevApps/SidecarAdapter/typescript. See #​3740.

4.4.0

New features

  • Add AOT-compatible web API authentication for .NET 10+. See #​3705 and #​3664.
  • Propagate long-running web API session key back to callers in user token acquisition. See #​3728.
  • Add OBO event initialization for OBO APIs. See #​3724.
  • Add support for calling WithClientClaims flow for token acquisition. See #​3623.
  • Add OnBeforeTokenAcquisitionForOnBehalfOf event. See #​3680.

Bug fixes

  • Throw InvalidOperationException with actionable message when a custom credential is not registered. See #​3626.
  • Fix event firing for InvokeOnBeforeTokenAcquisitionForOnBehalfOfAsync. See #​3717.
  • Update OnBeforeTokenAcquisitionForOnBehalfOf to construct ClaimsPrincipal from token. See #​3714.
  • Add a retry counter for acquire token and updated tests with a fake secret. See #​3682.
  • Fix OBO user error handling. See #​3712.
  • Fix override merging for app token (and others). See #​3644.
  • Fix certificate reload logic to only trigger on certificate-specific errors. See #​3653.
  • Update ROPC flow CCA to pass SendX5C to MSAL. See #​3671.

Dependencies updates

  • Bump qs in /tests/DevApps/SidecarAdapter/typescript. See #​3725.
  • Downgrade Microsoft.Extensions.Configuration.Binder to 2.1.0 on .NET Framework. See #​3730.
  • Update .NET SDK to 10.0.103 to address DOTNET-Security-10.0 vulnerability. See #​3726.
  • Upgrade to Microsoft.Identity.Abstractions 11 for AoT compatibility. See #​3699.
  • Update to MSAL 4.81.0. See #​3665.

Documentation

  • Add documentation for auto-generated session key for long-running OBO session. See #​3729.
  • Improve the Aspire doc article and skills. See #​3695.
  • Add an article and agent skill to add Entra ID to an Aspire app. See #​3689.
  • Fix misleading comment in CertificatelessOptions.ManagedIdentityClientId. See #​3667.
  • Add Copilot explore tool functionality. See #​3694.

Fundamentals

  • Remove unnecessary warning suppression. See #​3715.
  • Migrate labs to Lab.API 2.x (first pass). See #​3710.
  • Update Sidecar E2E test constants. See #​3693.
  • Fix intermittent failures in CertificatesObserverTests. See #​3687.
  • Add validation baseline exclusions. See #​3684.
  • Add dSTS integration tests. See #​3677.
  • Fix FIC test. See #​3663.
  • Update IdentityWeb version, build logic, and validation. See #​3659.

New Contributors

4.4.0-preview.1

New features

  • Add AOT-compatible web API authentication for .NET 10+. See #​3705 and #​3664.
  • Propagate long-running web API session key back to callers in user token acquisition. See #​3728.
  • Add OBO event initialization for OBO APIs. See #​3724.
  • Add support for calling WithClientClaims flow for token acquisition. See #​3623.
  • Add OnBeforeTokenAcquisitionForOnBehalfOf event. See #​3680.

Bug fixes

  • Throw InvalidOperationException with actionable message when a custom credential is not registered. See #​3626.
  • Fix event firing for InvokeOnBeforeTokenAcquisitionForOnBehalfOfAsync. See #​3717.
  • Update OnBeforeTokenAcquisitionForOnBehalfOf to construct ClaimsPrincipal from token. See #​3714.
  • Add a retry counter for acquire token and updated tests with a fake secret. See #​3682.
  • Fix OBO user error handling. See #​3712.
  • Fix override merging for app token (and others). See #​3644.
  • Fix certificate reload logic to only trigger on certificate-specific errors. See #​3653.
  • Update ROPC flow CCA to pass SendX5C to MSAL. See #​3671.

Dependencies updates

  • Bump qs in /tests/DevApps/SidecarAdapter/typescript. See #​3725.
  • Downgrade Microsoft.Extensions.Configuration.Binder to 2.1.0 on .NET Framework. See #​3730.
  • Update .NET SDK to 10.0.103 to address DOTNET-Security-10.0 vulnerability. See #​3726.
  • Upgrade to Microsoft.Identity.Abstractions 11 for AoT compatibility. See #​3699.
  • Update to MSAL 4.81.0. See #​3665.

Documentation

  • Add documentation for auto-generated session key for long-running OBO session. See #​3729.
  • Improve the Aspire doc article and skills. See #​3695.
  • Add an article and agent skill to add Entra ID to an Aspire app. See #​3689.
  • Fix misleading comment in CertificatelessOptions.ManagedIdentityClientId. See #​3667.
  • Add Copilot explore tool functionality. See #​3694.

Fundamentals

  • Remove unnecessary warning suppression. See #​3715.
  • Migrate labs to Lab.API 2.x (first pass). See #​3710.
  • Update Sidecar E2E test constants. See #​3693.
  • Fix intermittent failures in CertificatesObserverTests. See #​3687.
  • Add validation baseline exclusions. See #​3684.
  • Add dSTS integration tests. See #​3677.
  • Fix FIC test. See #​3663.
  • Update IdentityWeb version, build logic, and validation. See #​3659.

Commits viewable in compare view.

Updated Microsoft.Identity.Web.GraphServiceClient from 4.3.0 to 4.7.0.

Release notes

Sourced from Microsoft.Identity.Web.GraphServiceClient's releases.

4.7.0

4.7.0

Bug fixes

  • Updates to Microsoft.Identity.Abstractions 12.0.0 to revert breaking changes introduced in Abstractions 11.0.0. (On .NET 10 target, Certificate extension method in CredentialDescription was reverted to normal property.) See #​3767.

4.6.0

What's Changed

Full Changelog: AzureAD/microsoft-identity-web@4.5.0...4.6.0

4.5.0

New features

  • Add support for certificate store lookup by subject name. See #​3742.

Dependencies updates

  • Bump minimatch in /tests/DevApps/SidecarAdapter/typescript. See #​3739.
  • Bump rollup from 4.52.3 to 4.59.0 in /tests/DevApps/SidecarAdapter/typescript. See #​3740.

4.4.0

New features

  • Add AOT-compatible web API authentication for .NET 10+. See #​3705 and #​3664.
  • Propagate long-running web API session key back to callers in user token acquisition. See #​3728.
  • Add OBO event initialization for OBO APIs. See #​3724.
  • Add support for calling WithClientClaims flow for token acquisition. See #​3623.
  • Add OnBeforeTokenAcquisitionForOnBehalfOf event. See #​3680.

Bug fixes

  • Throw InvalidOperationException with actionable message when a custom credential is not registered. See #​3626.
  • Fix event firing for InvokeOnBeforeTokenAcquisitionForOnBehalfOfAsync. See #​3717.
  • Update OnBeforeTokenAcquisitionForOnBehalfOf to construct ClaimsPrincipal from token. See #​3714.
  • Add a retry counter for acquire token and updated tests with a fake secret. See #​3682.
  • Fix OBO user error handling. See #​3712.
  • Fix override merging for app token (and others). See #​3644.
  • Fix certificate reload logic to only trigger on certificate-specific errors. See #​3653.
  • Update ROPC flow CCA to pass SendX5C to MSAL. See #​3671.

Dependencies updates

  • Bump qs in /tests/DevApps/SidecarAdapter/typescript. See #​3725.
  • Downgrade Microsoft.Extensions.Configuration.Binder to 2.1.0 on .NET Framework. See #​3730.
  • Update .NET SDK to 10.0.103 to address DOTNET-Security-10.0 vulnerability. See #​3726.
  • Upgrade to Microsoft.Identity.Abstractions 11 for AoT compatibility. See #​3699.
  • Update to MSAL 4.81.0. See #​3665.

Documentation

  • Add documentation for auto-generated session key for long-running OBO session. See #​3729.
  • Improve the Aspire doc article and skills. See #​3695.
  • Add an article and agent skill to add Entra ID to an Aspire app. See #​3689.
  • Fix misleading comment in CertificatelessOptions.ManagedIdentityClientId. See #​3667.
  • Add Copilot explore tool functionality. See #​3694.

Fundamentals

  • Remove unnecessary warning suppression. See #​3715.
  • Migrate labs to Lab.API 2.x (first pass). See #​3710.
  • Update Sidecar E2E test constants. See #​3693.
  • Fix intermittent failures in CertificatesObserverTests. See #​3687.
  • Add validation baseline exclusions. See #​3684.
  • Add dSTS integration tests. See #​3677.
  • Fix FIC test. See #​3663.
  • Update IdentityWeb version, build logic, and validation. See #​3659.

New Contributors

4.4.0-preview.1

New features

  • Add AOT-compatible web API authentication for .NET 10+. See #​3705 and #​3664.
  • Propagate long-running web API session key back to callers in user token acquisition. See #​3728.
  • Add OBO event initialization for OBO APIs. See #​3724.
  • Add support for calling WithClientClaims flow for token acquisition. See #​3623.
  • Add OnBeforeTokenAcquisitionForOnBehalfOf event. See #​3680.

Bug fixes

  • Throw InvalidOperationException with actionable message when a custom credential is not registered. See #​3626.
  • Fix event firing for InvokeOnBeforeTokenAcquisitionForOnBehalfOfAsync. See #​3717.
  • Update OnBeforeTokenAcquisitionForOnBehalfOf to construct ClaimsPrincipal from token. See #​3714.
  • Add a retry counter for acquire token and updated tests with a fake secret. See #​3682.
  • Fix OBO user error handling. See #​3712.
  • Fix override merging for app token (and others). See #​3644.
  • Fix certificate reload logic to only trigger on certificate-specific errors. See #​3653.
  • Update ROPC flow CCA to pass SendX5C to MSAL. See #​3671.

Dependencies updates

  • Bump qs in /tests/DevApps/SidecarAdapter/typescript. See #​3725.
  • Downgrade Microsoft.Extensions.Configuration.Binder to 2.1.0 on .NET Framework. See #​3730.
  • Update .NET SDK to 10.0.103 to address DOTNET-Security-10.0 vulnerability. See #​3726.
  • Upgrade to Microsoft.Identity.Abstractions 11 for AoT compatibility. See #​3699.
  • Update to MSAL 4.81.0. See #​3665.

Documentation

  • Add documentation for auto-generated session key for long-running OBO session. See #​3729.
  • Improve the Aspire doc article and skills. See #​3695.
  • Add an article and agent skill to add Entra ID to an Aspire app. See #​3689.
  • Fix misleading comment in CertificatelessOptions.ManagedIdentityClientId. See #​3667.
  • Add Copilot explore tool functionality. See #​3694.

Fundamentals

  • Remove unnecessary warning suppression. See #​3715.
  • Migrate labs to Lab.API 2.x (first pass). See #​3710.
  • Update Sidecar E2E test constants. See #​3693.
  • Fix intermittent failures in CertificatesObserverTests. See #​3687.
  • Add validation baseline exclusions. See #​3684.
  • Add dSTS integration tests. See #​3677.
  • Fix FIC test. See #​3663.
  • Update IdentityWeb version, build logic, and validation. See #​3659.

Commits viewable in compare view.

Updated Microsoft.NET.Test.Sdk from 18.0.1 to 18.4.0.

Release notes

Sourced from Microsoft.NET.Test.Sdk's releases.

18.4.0

What's Changed

New Contributors

Full Changelog: microsoft/vstest@v18.3.0...v18.4.0

18.3.0

What's Changed

Internal fixes and updates

New Contributors

Commits viewable in compare view.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(nuget): Bump the microsoft group with 6 updates
01b73d7 
Bumps Microsoft.Azure.Cosmos from 3.56.0 to 3.58.0
Bumps Microsoft.Azure.Functions.Worker.Extensions.Storage.Queues from 5.5.3 to 5.5.4
Bumps Microsoft.Graph from 5.100.0 to 5.103.0
Bumps Microsoft.Identity.Web from 4.3.0 to 4.7.0
Bumps Microsoft.Identity.Web.GraphServiceClient from 4.3.0 to 4.7.0
Bumps Microsoft.NET.Test.Sdk from 18.0.1 to 18.4.0

---
updated-dependencies:
- dependency-name: Microsoft.Azure.Cosmos
  dependency-version: 3.58.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: microsoft
- dependency-name: Microsoft.Azure.Functions.Worker.Extensions.Storage.Queues
  dependency-version: 5.5.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: microsoft
- dependency-name: Microsoft.Graph
  dependency-version: 5.103.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: microsoft
- dependency-name: Microsoft.Identity.Web
  dependency-version: 4.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: microsoft
- dependency-name: Microsoft.Identity.Web.GraphServiceClient
  dependency-version: 4.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: microsoft
- dependency-name: Microsoft.NET.Test.Sdk
  dependency-version: 18.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: microsoft
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot bot commented on behalf of github Apr 13, 2026

Labels

The following labels could not be found: nuget. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Apr 13, 2026
@dependabot dependabot bot requested review from Justw-MSFT and adthom as code owners April 13, 2026 19:52
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Apr 13, 2026
This was referenced Apr 13, 2026
Closed
Closed
Closed
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@adthom adthom Awaiting requested review from adthom adthom is a code owner

@Justw-MSFT Justw-MSFT Awaiting requested review from Justw-MSFT Justw-MSFT is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants