Update All dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence	Type	Update
Altinn.Authorization.ABAC	0.0.8 -> 0.1.0			nuget	minor
Altinn.Common.PEP	4.1.2 -> 4.2.1			nuget	minor
Azure.Identity (source)	1.14.2 -> 1.17.0			nuget	minor
Azure.ResourceManager.AppContainers (source)	1.4.0 -> 1.5.0			nuget	minor
Azure.ResourceManager.Network (source)	1.11.1 -> 1.13.0			nuget	minor
Azure.ResourceManager.Storage (source)	1.4.4 -> 1.6.0			nuget	minor
Azure.Storage.Blobs (source)	12.24.0 -> 12.26.0			nuget	minor
Hangfire.AspNetCore (source)	1.8.20 -> 1.8.21			nuget	patch
Hangfire.Core (source)	1.8.20 -> 1.8.21			nuget	patch
Markdig	0.41.3 -> 0.43.0			nuget	minor
Microsoft.AspNetCore.Authentication.JwtBearer (source)	9.0.7 -> 9.0.10			nuget	patch
Microsoft.AspNetCore.Authentication.OpenIdConnect (source)	9.0.7 -> 9.0.10			nuget	patch
Microsoft.AspNetCore.Mvc.Testing (source)	9.0.7 -> 9.0.10			nuget	patch
Microsoft.AspNetCore.OpenApi (source)	9.0.7 -> 9.0.10			nuget	patch
Microsoft.EntityFrameworkCore (source)	9.0.7 -> 9.0.10			nuget	patch
Microsoft.EntityFrameworkCore.Design (source)	9.0.7 -> 9.0.10			nuget	patch
Microsoft.EntityFrameworkCore.InMemory (source)	9.0.7 -> 9.0.10			nuget	patch
Microsoft.EntityFrameworkCore.Tools (source)	9.0.7 -> 9.0.10			nuget	patch
Microsoft.Extensions.Caching.Hybrid (source)	9.7.0 -> 9.10.0			nuget	minor
Microsoft.Extensions.Caching.StackExchangeRedis (source)	9.0.7 -> 9.0.10			nuget	patch
Microsoft.Extensions.Configuration.Abstractions (source)	9.0.7 -> 9.0.10			nuget	patch
Microsoft.Extensions.DependencyInjection.Abstractions (source)	9.0.7 -> 9.0.10			nuget	patch
Microsoft.Extensions.Hosting.Abstractions (source)	9.0.7 -> 9.0.10			nuget	patch
Microsoft.Extensions.Http.Polly (source)	9.0.7 -> 9.0.10			nuget	patch
Microsoft.Extensions.Logging.Abstractions (source)	9.0.7 -> 9.0.10			nuget	patch
Microsoft.Extensions.Options.ConfigurationExtensions (source)	9.0.7 -> 9.0.10			nuget	patch
Microsoft.Identity.Web	3.11.0 -> 3.14.1			nuget	minor
Newtonsoft.Json (source)	13.0.3 -> 13.0.4			nuget	patch
Npgsql.OpenTelemetry	9.0.3 -> 9.0.4			nuget	patch
OpenTelemetry (source)	1.12.0 -> 1.13.1			nuget	minor
OpenTelemetry.Api.ProviderBuilderExtensions (source)	1.12.0 -> 1.13.1			nuget	minor
OpenTelemetry.Exporter.Console (source)	1.12.0 -> 1.13.1			nuget	minor
OpenTelemetry.Extensions.Hosting (source)	1.12.0 -> 1.13.1			nuget	minor
OpenTelemetry.Instrumentation.AspNetCore (source)	1.12.0 -> 1.13.0			nuget	minor
OpenTelemetry.Instrumentation.Http (source)	1.12.0 -> 1.13.0			nuget	minor
Parquet.Net	5.0.2 -> 5.3.0			nuget	minor
Polly	8.6.2 -> 8.6.4			nuget	patch
ReverseMarkdown	4.7.0 -> 4.7.1			nuget	patch
StackExchange.Redis (source)	2.8.58 -> 2.9.32			nuget	minor
Swashbuckle.AspNetCore	9.0.3 -> 9.0.6			nuget	patch
System.IdentityModel.Tokens.Jwt	8.13.0 -> 8.14.0			nuget	minor
Testcontainers.PostgreSql (source)	4.6.0 -> 4.8.1			nuget	minor
UUIDNext	4.1.2 -> 4.2.2			nuget	minor
actions/checkout	v4.2.2 -> v4.3.0			action	minor
libphonenumber-csharp	9.0.10 -> 9.0.17			nuget	patch
mcr.microsoft.com/dotnet/aspnet	9.0.2-alpine3.20 -> 9.0.4-alpine3.20			final	patch
mcr.microsoft.com/dotnet/sdk	9.0.200-alpine3.20 -> 9.0.203-alpine3.20			stage	patch
xunit.runner.visualstudio	3.1.3 -> 3.1.5			nuget	patch

---

Release Notes

Altinn/altinn-authorization-tmp (Altinn.Authorization.ABAC)

v0.1.0: Altinn.Authorization.ABAC: v0.1.0

Features

• prepare for release (#​1261) (b0572fb)

Azure/azure-sdk-for-net (Azure.Identity)

v1.17.0

Compare Source

1.17.0 (2025-10-07)

Bugs Fixed

• TenantId is now configured via MSAL's WithTenantId instead of WithTenantIdFromAuthority to prevent malformed Uris to the authority.

Other Changes

• Deprecated BrowserCustomizationOptions.UseEmbeddedWebView property. This option requires additional dependencies on Microsoft.Identity.Client.Desktop and is no longer supported. Consider using brokered authentication instead.

v1.16.0

Compare Source

1.16.0 (2025-09-09)

Features Added

• Added a new DefaultAzureCredential constructor that accepts a custom environment variable name for credential configuration. This provides flexibility beyond the default AZURE_TOKEN_CREDENTIALS environment variable. The constructor accepts any environment variable name and uses the same credential selection logic as the existing AZURE_TOKEN_CREDENTIALS processing.
• Added DefaultAzureCredential.DefaultEnvironmentVariableName constant property that returns "AZURE_TOKEN_CREDENTIALS" for convenience when referencing the default environment variable name.
• AzureCliCredential, AzurePowerShellCredential, and AzureDeveloperCliCredential now throw an AuthenticationFailedException when the TokenRequestContext includes claims, as these credentials do not support claims challenges. The exception message includes guidance for handling such scenarios.
• When AZURE_TOKEN_CREDENTIALS or the equivalent custom environment variable is configured to ManagedIdentityCredential, the DefaultAzureCredential does not issue a probe request and performs retries with exponential backoff.

Bugs Fixed

• Fixed AzureDeveloperCliCredential hanging when the AZD_DEBUG environment variable is set by adding the --no-prompt flag to prevent interactive prompts (#​52005).
• BrokerCredential is now included in the chain when AZURE_TOKEN_CREDENTIALS is set to dev.
• Fixed an issue that prevented ManagedIdentityCredential from utilizing the token cache in Workload Identity Federation environments.
• Fixed a bug in DefaultAzureCredential that caused the credential chain to be constructed incorrectly when using AZURE_TOKEN_CREDENTIALS in combination with DefaultAzureCredentialOptions.

Other Changes

• The BrokerCredential is now always included in the DefaultAzureCredential chain. If the Azure.Identity.Broker package is not referenced, an exception will be thrown when GetToken is called, making its behavior consistent with the rest of the credentials in the chain.
• Updated Microsoft.Identity.Client dependency to version 4.76.0.
• Updated Microsoft.Identity.Client.Extensions.Msal dependency to version 4.76.0.

v1.15.0

Compare Source

1.15.0 (2025-08-07)

Breaking Changes

Behavioral Breaking Changes

• Deprecated SharedTokenCacheCredential. The supporting credential (SharedTokenCacheCredential) was a legacy mechanism for authenticating clients using credentials provided to Visual Studio. For brokered authentication, consider using InteractiveBrowserCredential instead. The following changes have been made:
  • SharedTokenCacheCredential class is marked as [Obsolete] and [EditorBrowsable(EditorBrowsableState.Never)]
  • SharedTokenCacheCredentialOptions class is marked as [Obsolete] and [EditorBrowsable(EditorBrowsableState.Never)]
  • DefaultAzureCredentialOptions.ExcludeSharedTokenCacheCredential property is marked as [Obsolete] and [EditorBrowsable(EditorBrowsableState.Never)]
  • SharedTokenCacheUsername property is marked as [Obsolete] and [EditorBrowsable(EditorBrowsableState.Never)]
  • SharedTokenCacheCredential is no longer included in the DefaultAzureCredential authentication flow

Bugs Fixed

• Tenant ID comparisons in credential options are now case-insensitive. This affects AdditionallyAllowedTenants values which will now be matched against tenant IDs without case sensitivity, making the authentication more resilient to case differences in tenant IDs returned from WWW-Authenticate challenges (#​51693).

Other Changes

• BrokerAuthenticationCredential has been renamed as BrokerCredential.

• Added the EditorBrowsable(Never) attribute to property VisualStudioCodeTenantId as TenantId is preferred. The VisualStudioCodeTenantId property exists only to provide backwards compatibility.

HangfireIO/Hangfire (Hangfire.AspNetCore)

v1.8.21: 1.8.21

Release Notes

Hangfire.Core

• Added – FailedState.IncludeFileInfo to optionally show/hide line numbers in exceptions in Failed state.
• Changed – Include line numbers for exceptions by default when available.
• Fixed – Portuguese (Brazil) translations in Strings.pt-BR.resx (by @​pedro-cons).
• Fixed – Static BackgroundJob class always acquires the most current JobStorage.Current instance.
• Fixed – Static RecurringJob class always acquires the most current JobStorage.Current instance.

Hangfire.SqlServer

• Added – SqlServerStorageOptions.DisableTransactionScope option for .NET Framework targets.
• Project – Port Monitoring API tests from the Hangfire.InMemory storage for better coverage.
• Project – Run tests for different targets in parallel with different databases.

xoofx/markdig (Markdig)

v0.43.0

Compare Source

Changes

✨ New Features

• Add a basic fuzzing project (PR #​903) by @​MihaZupan

🐛 Bug Fixes

• Fix for table depth error when cell contains backticks (PR #​891) by @​phillip-haydon
• Fix issue where an inline code block that spans multiple lines doesn't parse correctly (PR #​893) by @​phillip-haydon
• Remove leading newline in block attributes (PR #​896) by @​Asttear
• Fix IndexOutOfRangeException in CodeInlineParser (PR #​900) by @​MihaZupan
• Fix build warnings (PR #​899) by @​MihaZupan
• Fix edge cases in EmphasisInlineParser (PR #​902) by @​MihaZupan
• Fix pipe table parsing with a leading paragraph (PR #​905) by @​MihaZupan

🚀 Enhancements

• add options for link inline (PR #​894) by @​danielklecha
• Move sln to slnx (PR #​901) by @​MihaZupan
• Lazily allocate storage for ProcessInlinesBegin/End delegates on Blocks (PR #​906) by @​MihaZupan
• Add another test for pipe tables (PR #​907) by @​MihaZupan

Full Changelog: 0.42.0...0.43.0

_{Published with dotnet-releaser}

v0.42.0

Compare Source

Changes

🐛 Bug Fixes

• Fixes issue #​845 (PR #​888) by @​prozolic

🚀 Enhancements

• Add support for a table without an extra new line before it (PR #​885) by @​dannyp32
• Add source position tracking for grid tables (PR #​883) by @​messani

Full Changelog: 0.41.3...0.42.0

_{Published with dotnet-releaser}

dotnet/aspnetcore (Microsoft.AspNetCore.Authentication.JwtBearer)

v9.0.10: .NET 9.0.10

Release

What's Changed

• Update branding to 9.0.10 by @​vseanreesermsft in #​63510
• [9.0] Make duplicate deb/rpm packages so we can sign them with the new PMC key by @​jkoritzinsky in #​63249
• [release/9.0] Extend Unofficial 1ES template in IdentityModel nightly tests job by @​github-actions[bot] in #​63465
• [release/9.0] (deps): Bump src/submodules/googletest from 373af2e to eb2d85e by @​dependabot[bot] in #​63501
• [release/9.0] Quarantine ResponseBody_WriteContentLength_PassedThrough by @​wtgodbe in #​63533
• [release/9.0] Update dependencies from dotnet/arcade by @​dotnet-maestro[bot] in #​63304
• [release/9.0] [OpenAPI] Use invariant culture for TextWriter by @​martincostello in #​62239
• [release/9.0] Update dependencies from dotnet/extensions by @​dotnet-maestro[bot] in #​63303
• Unquarantine RadioButtonGetsResetAfterSubmittingEnhancedForm by @​ilonatommy in #​63556
• [release/9.0] Update dependencies from dotnet/extensions by @​dotnet-maestro[bot] in #​63577
• Merging internal commits for release/9.0 by @​vseanreesermsft in #​63604
• [release/9.0] Update dependencies from dotnet/arcade by @​dotnet-maestro[bot] in #​63648
• backport(9.0): Fix runtime architecture detection logic in ANCM. by @​DeagleGross in #​63707

Full Changelog: dotnet/aspnetcore@v9.0.9...v9.0.10

v9.0.9: .NET 9.0.9

Release

What's Changed

• Update branding to 9.0.9 by @​vseanreesermsft in #​63107
• [release/9.0] (deps): Bump src/submodules/googletest from c67de11 to 373af2e by @​dependabot[bot] in #​63035
• [release/9.0] Dispose the certificate chain elements with the chain by @​github-actions[bot] in #​62992
• [release/9.0] Update dependencies from dotnet/extensions by @​dotnet-maestro[bot] in #​62702
• [release/9.0] Update Microsoft.Build versions by @​wtgodbe in #​62505
• [release/9.0] Update dependencies from dotnet/arcade by @​dotnet-maestro[bot] in #​62832
• [release/9.0] Update SignalR Redis tests to use internal Docker Hub mirror by @​github-actions[bot] in #​63116
• [release/9.0] [SignalR] Don't throw for message headers in Java client by @​github-actions[bot] in #​62783
• Merging internal commits for release/9.0 by @​vseanreesermsft in #​63151
• [release/9.0] Update dependencies from dotnet/arcade by @​dotnet-maestro[bot] in #​63190
• [release/9.0] Update dependencies from dotnet/extensions by @​dotnet-maestro[bot] in #​63214

Full Changelog: dotnet/aspnetcore@v9.0.8...v9.0.9

v9.0.8

dotnet/efcore (Microsoft.EntityFrameworkCore)

v9.0.10: .NET 9.0.10

Release

What's Changed

• [release/8.0-staging] Merge release/8.0 to release/8.0-staging by @​cincuranet in #​36540
• [release/9.0-staging] Merge release/9.0 to release/9.0-staging by @​cincuranet in #​36541
• [release/9.0] Update dependencies from dotnet/arcade by @​dotnet-maestro[bot] in #​36690
• Update branding to 9.0.10 by @​vseanreesermsft in #​36697
• Update branding to 8.0.21 by @​vseanreesermsft in #​36696
• [automated] Merge branch 'release/8.0' => 'release/9.0' by @​github-actions[bot] in #​36699
• Merging internal commits for release/8.0 by @​vseanreesermsft in #​36727
• Merging internal commits for release/9.0 by @​vseanreesermsft in #​36728
• [automated] Merge branch 'release/8.0' => 'release/9.0' by @​github-actions[bot] in #​36734
• [release/9.0] Update dependencies from dotnet/arcade by @​dotnet-maestro[bot] in #​36753
• [release/8.0] Update dependencies from dotnet/arcade by @​dotnet-maestro[bot] in #​36765
• [release/9.0] Update dependencies from dotnet/arcade by @​dotnet-maestro[bot] in #​36782
• [release/8.0] Disable Guardian Dotnet Analyzers by @​AndriySvyryd in #​36776
• [release/9.0] Disable Guardian Dotnet Analyzers by @​AndriySvyryd in #​36777
• [8.0] Resolve query logger from QueryContext in shaper generation (#​36758) by @​roji in #​36779
• [9.0] Resolve query logger from QueryContext in shaper generation (#​36758) by @​roji in #​36778
• [release/8.0] Merge release/8.0-staging to release/8.0 by @​cincuranet in #​36788
• [release/9.0] Merge release/9.0-staging to release/9.0 by @​cincuranet in #​36789
• [automated] Merge branch 'release/8.0' => 'release/9.0' by @​github-actions[bot] in #​36784
• [release/9.0] Update dependencies from dotnet/arcade by @​dotnet-maestro[bot] in #​36833
• [release/8.0] Remove OSX.13.ARM64 from HelixTargetQueues by @​AndriySvyryd in #​36838
• [automated] Merge branch 'release/8.0' => 'release/9.0' by @​github-actions[bot] in #​36841
• [release/9.0] Update dependencies from dotnet/arcade by @​dotnet-maestro[bot] in #​36852
• [release/8.0] Update dependencies from dotnet/arcade by @​dotnet-maestro[bot] in #​36853
• [release/8.0] Remove OSX.13.Amd64 target from HelixTargetQueues by @​AndriySvyryd in #​36855
• [automated] Merge branch 'release/8.0' => 'release/9.0' by @​github-actions[bot] in #​36860
• [release/9.0] Update dependencies from dotnet/arcade by @​dotnet-maestro[bot] in #​36867

Full Changelog: dotnet/efcore@v9.0.9...v9.0.10

v9.0.9: .NET 9.0.9

Release

What's Changed

• [release/8.0] Merge release/8.0 => release/8.0-staging by @​cincuranet in #​36197
• [release/9.0] Merge release/9.0 => release/9.0-staging by @​cincuranet in #​36201
• [release/9.0] Update dependencies from dotnet/arcade by @​dotnet-maestro[bot] in #​36398
• [release/9.0] Update dependencies from dotnet/arcade by @​dotnet-maestro[bot] in #​36495
• Update branding to 9.0.9 by @​vseanreesermsft in #​36498
• Update branding to 8.0.20 by @​vseanreesermsft in #​36497
• [release/9.0] Dispose related readers in GroupBySplitQueryingEnumerable (#​36484) by @​roji in #​36490
• [release/8.0] Dispose related readers in GroupBySplitQueryingEnumerable (#​36484) by @​roji in #​36489
• [automated] Merge branch 'release/8.0' => 'release/9.0' by @​github-actions[bot] in #​36500
• Merging internal commits for release/8.0 by @​vseanreesermsft in #​36512
• Merging internal commits for release/9.0 by @​vseanreesermsft in #​36511
• [automated] Merge branch 'release/8.0' => 'release/9.0' by @​github-actions[bot] in #​36514
• [release/8.0] Update dependencies from dotnet/arcade by @​dotnet-maestro[bot] in #​36533
• [release/8.0] Merge release/8.0-staging to release/8.0 by @​cincuranet in #​36531
• [release/9.0] Merge release/9.0-staging to release/9.0 by @​cincuranet in #​36532
• [release/9.0] Update dependencies from dotnet/arcade by @​dotnet-maestro[bot] in #​36534
• [automated] Merge branch 'release/8.0' => 'release/9.0' by @​github-actions[bot] in #​36537
• [release/9.0] Update dependencies from dotnet/arcade by @​dotnet-maestro[bot] in #​36592

Full Changelog: dotnet/efcore@v9.0.8...v9.0.9

v9.0.8

dotnet/extensions (Microsoft.Extensions.Caching.Hybrid)

v9.10.0

What's Changed

• Branding updates for 9.10 by @​Copilot in #​6769
• Doc improvements by @​gewarren in #​6794
• Bump vite from 6.3.5 to 6.3.6 in /src/Libraries/Microsoft.Extensions.AI.Evaluation.Reporting/TypeScript by @​dependabot[bot] in #​6793
• Updated changelogs for AI libs by @​stephentoub in #​6787
• Update MCP server template by @​jeffkl in #​6772
• Add support for using ConversationID for AzureOpenAI and OpenAI by @​ViveliDuCh in #​6770
• Merging internal commits by @​joperezr in #​6801
• Merge changes from release/9.9 branch by @​joperezr in #​6803
• Support keyed HybridCache with keyed DistributedCaches and named options by @​kelly-yinn in #​6694
• Inventory as code by @​wtgodbe in #​6820
• Increase output token limit for EquivalenceEvaluator by @​shyamnamboodiripad in #​6835
• Fix KeyNotFoundException on HttpRequestLatencyListener.OnEventWritten for uknown event sources by @​ssmelov in #​6821
• Add project name normalization to match aspire's code generator logic by @​ViveliDuCh in #​6818
• Disable really noisy analyzers, part 1 by @​stephentoub in #​6837
• Fix KeyNotFoundException in HttpRequestLatencyListener.OnEventWritten by @​pentp in #​6823
• Update global.json to use .NET 9.0.0 stable instead of RC 1 by @​Copilot in #​6846
• Add measures and tags with mediator object to the HttpClientLatencyLogEnricher by @​rainsxng in #​6783
• Add comprehensive .github/copilot-instructions.md for dotnet/extensions repository by @​Copilot in #​6792
• Update to .NET 10 SDK by @​eerhardt in #​6863
• Update Microsoft.Extensions.AI changelog files with current NuGet versions by @​Copilot in #​6849
• Fix GenerateImagesAsync_SingleImageGeneration integration test by @​stephentoub in #​6843
• Re-enable IDE0032 by @​stephentoub in #​6866
• Add OpenTelemetrySpeechToTextClient and friends by @​stephentoub in #​6845
• Update ModelContextProtocol version in MCP template by @​MackinnonBuck in #​6870
• Scope Ollama resilience settings to Web/Program.cs and restore ServiceDefaults by @​ViveliDuCh in #​6850
• Update Aspire by @​Varorbc in #​6858
• Update MCP template for new registry specification by @​Copilot in #​6796
• Add support for HostApplicationBuilder in AmbientMetadata extension by @​eduherminio in #​6867
• Fix mcpserver test baselines by @​jeffhandley in #​6874
• Move Microsoft.Extensions.ServiceDiscovery to dotnet/extensions by @​eerhardt in #​6868
• Add copy constructors to option types (ChatOptions, etc.) by @​stephentoub in #​6882
• Fix ChatMessage.CreatedAt being always overwritten by the latest timestamp. by @​Copilot in #​6885
• Small doc fixes by @​gewarren in #​6887
• Update AI changelogs with some recent additions by @​stephentoub in [#​6886](https://github.com/dotnet/extensions/pu

---

Configuration

📅 Schedule: Branch creation - "before 7am on Monday,before 7am on Friday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}