Bump the dependencies group with 6 updates by dependabot[bot] · Pull Request #21 · guibranco/grimoire-api

dependabot · 2026-05-14T01:09:08Z

Updated coverlet.collector from 6.0.4 to 10.0.0.

Release notes

Sourced from coverlet.collector's releases.

10.0.0 Improvements

Unique Report Filenames (coverlet.MTP and AzDO) #1866
Add --coverlet-file-prefix option for unique report files #1869
Introduce .NET 10 support #1823

Fixed

Fix [BUG] Wrong branch rate on IAsyncEnumerable for generic type #1836
Fix [BUG] Missing Coverage after moving to MTP #1843
Fix [BUG] No coverage reported when targeting .NET Framework with 8.0.1 #1842
Fix [BUG] Behavior changes between MTP and Legacy (msbuild) #1878
Fix [BUG] Coverlet.MTP - Unable to load coverlet.mtp.appsettings.json #1880
Fix [BUG] Coverlet.Collector produces empty report when Mediator.SourceGenerator is referenced #1718 by https://github.com/yusyd
Fix [BUG] Crash during instrumentation (Methods using LibraryImport/DllImport have no body) #1762

Maintenance

Add comprehensive async method tests and documentation for issue #1864
Replace Tmds.ExecFunction Package in coverlet.core.coverage.tests #1833
Add net9.0 and net10.0 targets #1822

Diff between 8.0.1 and 10.0.0

8.0.1

Fixed

Fix [BUG] TypeInitializationException when targeting .NET Framework #1818
Fix [BUG] coverlet.MTP build fails with CS0400 due to developmentDependency=true #1827

Improvements

Additional improvements needed for .NET Framework instrumentation type import #1825

Diff between 8.0.0 and 8.0.1

8.0.0

Special Thanks: A huge thank you to @Bertk for driving the majority of the work in this release! 🎉

Fixed

Fix System.CommandLine 2.0 release is available #1776
Fix Excluding From Coverage bad defaults from given example #1764
Fix branchpoint exclusion for sdk 8.0.407 #1741
Fix missing copyright information in NuGet #1794
Fix bad default values in documentation #1764 by https://github.com/cboudereau

Improvements

Coverlet MTP extension feature #1788
Generate SBOM for nuget packages #1752
Use multi targets projects for coverlet.collector, coverlet.msbuild.tasks packages #1742
Use .NET 8.0 target framework for coverlet.core and remove Newtonsoft.Json #1733
Use latest System.CommandLine version #1660
Upgraded minimum required .NET SDK and runtime to .NET 8.0 LTS (Long Term Support) (Breaking Change)
Use xunit.v3 for tests and example code

Diff between 6.0.4 and 8.0.0

Commits viewable in compare view.

Updated Mapster from 7.4.0 to 10.0.7.

Release notes

Sourced from Mapster's releases.

10.0.7 What's Changed

Fix: regression when update required property by @DocSvartz in Fix: regression when update required property MapsterMapper/Mapster#902
Add ctor null propagation by @DocSvartz in Add ctor null propagation MapsterMapper/Mapster#903
Fix bug in #903 and Fix #858 by @DocSvartz in Fix bug in #903 and Fix #858 MapsterMapper/Mapster#905
Fix regression when abstract destination type have required properties by @DocSvartz in Fix regression when abstract destination type have required properties MapsterMapper/Mapster#907
fix: IgnoreNullValues regression from MapToTarget cases in #905 by @DocSvartz in fix: IgnoreNullValues regression from MapToTarget cases in #905 MapsterMapper/Mapster#908
Restore behavior for types cannot be instantiated from itselves by @DocSvartz in Restore behavior for types cannot be instantiated from itselves MapsterMapper/Mapster#912
Bump version to 10.0.7 - Release by @DocSvartz in Bump version to 10.0.7 - Release MapsterMapper/Mapster#913

Full Changelog: MapsterMapper/Mapster@v10.0.6...10.0.7

10.0.7-pre04

What's Changed

fix: IgnoreNullValues regression from MapToTarget cases in #905 by @DocSvartz in fix: IgnoreNullValues regression from MapToTarget cases in #905 MapsterMapper/Mapster#908

Full Changelog: MapsterMapper/Mapster@v10.0.7-pre03...10.0.7-pre04

10.0.7-pre03

What's Changed

Fix regression when abstract destination type have required properties by @DocSvartz in Fix regression when abstract destination type have required properties MapsterMapper/Mapster#907

Full Changelog: MapsterMapper/Mapster@v10.0.7-pre02...v10.0.7-pre03

10.0.7-pre02

What's Changed

Fix bug in #903 and Fix #858 by @DocSvartz in Fix bug in #903 and Fix #858 MapsterMapper/Mapster#905

Full Changelog: MapsterMapper/Mapster@v10.0.7-pre01...v10.0.7-pre02

10.0.7-pre01

What's Changed

Fix: regression when update required property by @DocSvartz in Fix: regression when update required property MapsterMapper/Mapster#902
Added ctor null propagation by @DocSvartz in Add ctor null propagation MapsterMapper/Mapster#903

Full Changelog: MapsterMapper/Mapster@v10.0.6...v10.0.7-pre01

10.0.6 Breaking change in v10.0+ and new feature

New feature:

Fix #883 - Add class ctor using default value for param

In version 7.4.0 this feature was only available for record types

If you encountered this mapping behavior in 7.4.0, it is possible that your class was recognized as a record type, or was mistakenly recognized as a record type See more.

If you need the mapping behavior as for Record, in v10.0+ you can use - [AdaptWith(AdaptDirectives.DestinationAsRecord)] .
If you need the ability to set this setting without using attributes, open issue on this topic.

Example:

[AdaptWith(AdaptDirectives.DestinationAsRecord)]
public class SimpleRecord
{
    public int Id { get; private set; }
    public string Name { get; private set; }

    public SimpleRecord(int id, string name)
    {
        this.Id = id;
        this.Name = name;
    }
}

What's Changed

fix: #893 by @DocSvartz in fix: #893 MapsterMapper/Mapster#894
fix: Regression in v10 - disabled ConstructUsing and MapToConstructor if have public parameterless constructor by @DocSvartz in fix: Regression in v10 - disabled ConstructUsing and MapToConstructor if have public parameterless constructor MapsterMapper/Mapster#896

Full Changelog: MapsterMapper/Mapster@v10.0.4...v10.0.6

10.0.4 Breaking change in v10.0+ and new feature

New feature:

Fix #883 - Add class ctor using default value for param by @DocSvartz in Fix #883 - Add class ctor using default value for param MapsterMapper/Mapster#885

In version 7.4.0 this feature was only available for record types

If you encountered this mapping behavior in 7.4.0, it is possible that your class was recognized as a record type, or was mistakenly recognized as a record type See more.

If you need the mapping behavior as for Record, in v10.0+ you can use - [AdaptWith(AdaptDirectives.DestinationAsRecord)] .
If you need the ability to set this setting without using attributes, open issue on this topic.

Example:

[AdaptWith(AdaptDirectives.DestinationAsRecord)]
public class SimpleRecord
{
    public int Id { get; private set; }
    public string Name { get; private set; }

    public SimpleRecord(int id, string name)
    {
        this.Id = id;
        this.Name = name;
    }
}

What's Changed

fix: Restore PackageLicense by @DocSvartz in fix: Restore PackageLicense MapsterMapper/Mapster#870
Fix #875 - ProjectToType regression in v10 by @DocSvartz in Fix #875 - ProjectToType regression in v10 MapsterMapper/Mapster#876
Feature : add simplification UseDestinationValue configuration method by @DocSvartz in Feature : add simplification UseDestinationValue configuration method MapsterMapper/Mapster#886
Fix #883 - Add class ctor using default value for param by @DocSvartz in Fix #883 - Add class ctor using default value for param MapsterMapper/Mapster#885
Fix: Restore v7.4.0 behavior for property without setter in class by @DocSvartz in Fix: Restore v7.4.0 behavior for property without setter in class MapsterMapper/Mapster#887
Fix #881 - ProjectToType record regression by @DocSvartz in Fix #881 - ProjectToType record regression MapsterMapper/Mapster#888
Improvement build - part 1 by @DocSvartz in Improvement build - part 1 MapsterMapper/Mapster#889
fix: Typo in Data-types.md by @NLHaarP in fix: Typo in Data-types.md MapsterMapper/Mapster#891

New Contributors

@NLHaarP made their first contribution in fix: Typo in Data-types.md MapsterMapper/Mapster#891

Full Changelog: MapsterMapper/Mapster@v10.0.0...v10.0.4

10.0.0 What's Changed

Add support for .NET 8.0 by @andrerav in Add support for .NET 8.0 MapsterMapper/Mapster#631
New Record detection - Adapt To Class not create new instance by @DocSvartz in New Record detection - Adapt To Class not create new instance MapsterMapper/Mapster#634
Fix #656 by @SimTsai in Fix #656 MapsterMapper/Mapster#745
Introduce support for .NET 9 TFM by @SonnyRR in Introduce support for .NET 9 TFM MapsterMapper/Mapster#744
Use assembly loading context to isolate loaded assemblies from AppDomain #714 by @boylec in Use assembly loading context to isolate loaded assemblies from AppDomain #714 MapsterMapper/Mapster#716
Add support for primitive types in custom mapping by @DocSvartz in Add support for primitive types in custom mapping MapsterMapper/Mapster#650
Added ValidateAndAdapt Methods for Property Validation by @haritha99ch in Added ValidateAndAdapt Methods for Property Validation MapsterMapper/Mapster#641
Fix issue #640 - Nullable enum to nullable destination (class or param) by @DocSvartz in Fix issue #640 - Nullable enum to nullable destination (class or param) MapsterMapper/Mapster#643
Fix issue #537 - Step 2 - Add support Extended Record Function + Attribute from support used current record definitions by @DocSvartz in Fix issue #537 - Step 2 - Add support Extended Record Function + Attribute from support used current record definitions MapsterMapper/Mapster#646
FIx Issue #537 - Step 3 - Separate Adapter for Interface with readolny props from RecordTypeAdapter by @DocSvartz in FIx Issue #537 - Step 3 - Separate Adapter for Interface with readolny props from RecordTypeAdapter MapsterMapper/Mapster#649
Fix issue #524 - Add support for working with types packed into an object to the standard adapter by @DocSvartz in Fix issue #524 - Add support for working with types packed into an object to the standard adapter MapsterMapper/Mapster#645
Fix issue #672 - AmbiguousMatchException by @DocSvartz in Fix issue #672 - AmbiguousMatchException MapsterMapper/Mapster#753
Fix issue #755 - Regression in interfaces mapping introduced by #649 by @lofcz in Fix issue #755 - Regression in interfaces mapping introduced by #649 MapsterMapper/Mapster#756
Fix null map to target regression by @DocSvartz in Fix null map to target regression MapsterMapper/Mapster#759
Fix issue #755 - Revert to behavior from 7.4.0 and new features by @DocSvartz in Fix issue #755 - Revert to behavior from 7.4.0 and new features MapsterMapper/Mapster#758
Alpha 9.1.0 by @DocSvartz in Alpha 9.1.0 MapsterMapper/Mapster#814
Bump all PR by @DocSvartz in Bump all PR MapsterMapper/Mapster#815
Improvements to Ignore() processing and Fix MapToTarget behavior for RecordTypes by @DocSvartz in Improvements to Ignore() processing and Fix MapToTarget behavior for RecordTypes MapsterMapper/Mapster#769
Fix #554 - Fix required Property mapping by @DocSvartz in Fix #554 - Fix required Property mapping MapsterMapper/Mapster#778
Fix #794 - Polymorphic MapToTarget mapping to null value property is work by @DocSvartz in Fix #794 - Polymorphic MapToTarget mapping to null value property is work MapsterMapper/Mapster#798
Fix test: Use actual types for mapping when configuring by @JMolenkamp in Fix test: Use actual types for mapping when configuring MapsterMapper/Mapster#779
Allow mapping to a dictionary with a key containing periods by @JMolenkamp in Allow mapping to a dictionary with a key containing periods MapsterMapper/Mapster#780
Feat map members containing periods by @JMolenkamp in Feat map members containing periods MapsterMapper/Mapster#781
Improve nullability annotations on the Adapt extension method by @hmoratopcs in Improve nullability annotations on the Adapt extension method MapsterMapper/Mapster#800
Fix #681 - update fix from SetValueByReflection (member init) by @DocSvartz in Fix #681 - update fix from SetValueByReflection (member init) MapsterMapper/Mapster#808
Fix MapWith and MapToTargetWith using applySettings: true when mapping to a primitive type by @DocSvartz in Fix MapWith and MapToTargetWith using applySettings: true when mapping to a primitive type MapsterMapper/Mapster#799
Fix #811 - Add Constructor param source null checker by @DocSvartz in Fix #811 - Add Constructor param source null checker MapsterMapper/Mapster#817
Update version numbers to 9.0.0-pre01 by @andrerav in Update version numbers to 9.0.0-pre01 MapsterMapper/Mapster#818
Disabled NullableEnumFix #643 from MapToProjection cases by @DocSvartz in Disabled NullableEnumFix #643 from MapToProjection cases MapsterMapper/Mapster#822
Mapster.EF.Core: Add type check for IAsyncEnumerable<> by @ScarletKuro in Mapster.EF.Core: Add type check for IAsyncEnumerable<> MapsterMapper/Mapster#823
refactoring support .Inherits() and .Include() to map OpenGenerics by @DocSvartz in refactoring support .Inherits() and .Include() to map OpenGenerics MapsterMapper/Mapster#824
Update to fix #811 by @DocSvartz in Update to fix #811 MapsterMapper/Mapster#825
Add Adapt extensions with temporary TypeAdapterConfig and TypeAdapter… by @roohial57 in Add Adapt extensions with temporary TypeAdapterConfig and TypeAdapter… MapsterMapper/Mapster#828
Docs: add docfx docs from wiki by @DevTKSS in Docs: add docfx docs from wiki MapsterMapper/Mapster#834
Add benchmark to development by @DocSvartz in Add benchmark to development MapsterMapper/Mapster#837
fix Map To Target Null regression by @DocSvartz in fix Map To Target Null regression MapsterMapper/Mapster#838
Add in benchmark reference to dev mapster by @DocSvartz in Add in benchmark reference to dev mapster MapsterMapper/Mapster#840
Updated version numbers to 10.0.0-pre01. + net 10 by @DocSvartz in Updated version numbers to 10.0.0-pre01. + net 10 MapsterMapper/Mapster#841
Add class with custom Ctor AutoMapping by default by @DocSvartz in Add class with custom Ctor AutoMapping by default MapsterMapper/Mapster#844
Merge Development to Master - For work on documentation by @DocSvartz in Merge Development to Master - For work on documentation MapsterMapper/Mapster#845
Restore netstandard2.0 support for Mapster by @asp2286 in Restore netstandard2.0 support for Mapster MapsterMapper/Mapster#849
Updated version numbers to 10.0.0-pre02 by @DocSvartz in Updated version numbers to 10.0.0-pre02 MapsterMapper/Mapster#855
Restore nullable annotations to TypeAdapter by @DocSvartz in Restore nullable annotations to TypeAdapter MapsterMapper/Mapster#859
Updated version numbers to 10.0.0 release by @DocSvartz in Updated version numbers to 10.0.0 release MapsterMapper/Mapster#860
Fix(docs) : fix Readme links and local build script by @DocSvartz in Fix(docs) : fix Readme links and local build script MapsterMapper/Mapster#862
Fix docs - Records type description to Mapster v10 by @DocSvartz in Fix docs - Records type description to Mapster v10 MapsterMapper/Mapster#856
Drop Automapper from Benchmark by @DocSvartz in Drop Automapper from Benchmark MapsterMapper/Mapster#868
Replace TFM for Mapster.EF6 by @DocSvartz in Replace TFM for Mapster.EF6 MapsterMapper/Mapster#867
Merge Development to Master - Release v10.0.0 by @DocSvartz in Merge Development to Master - Release v10.0.0 MapsterMapper/Mapster#861
... (truncated)

Commits viewable in compare view.

Updated Microsoft.NET.Test.Sdk from 17.14.1 to 18.5.1.

Release notes

Sourced from Microsoft.NET.Test.Sdk's releases.

18.5.1 What's Changed

Fix System.Collections.Immutable binding mismatch in Common.dll (rel/18.5) by @nohwnd in Fix System.Collections.Immutable binding mismatch in Common.dll (rel/18.5) microsoft/vstest#15720
Port verify-binding-redirects.ps1 to rel/18.5 by @nohwnd in Port verify-binding-redirects.ps1 to rel/18.5 microsoft/vstest#15719
Bump to 18.5.1 by @nohwnd in Bump to 18.5.1 microsoft/vstest#15721

Full Changelog: microsoft/vstest@v18.5.0...v18.5.1

18.5.0

⚠️ Unlisted on Nuget, because of #15718

What's Changed

Add runtime configs by @nohwnd in Add runtime configs microsoft/vstest#15377
Add net8.0 target for TranslationLayer by @nohwnd in Add net8.0 target for TranslationLayer microsoft/vstest#15375
Determine architecture of remote process on windows by @nohwnd in Determine architecture of remote process on windows microsoft/vstest#15396
Updating System.Collections.Immutable package reference to version 9.0.0 by @MSLukeWest in Updating System.Collections.Immutable package reference to version 9.0.0 microsoft/vstest#15392
Dump via netcore tool on windows by @nohwnd in Dump via netcore tool on windows microsoft/vstest#15397
Fix answer file splitting by @nohwnd in Fix answer file splitting microsoft/vstest#15381
Run tests against vsix runner by @nohwnd in Run tests against vsix runner microsoft/vstest#15419

Full Changelog: microsoft/vstest@v18.4.0...v18.5.0

18.4.0 What's Changed

Add LoongArch64 support by @stdmnpkg in Add LoongArch64 support microsoft/vstest#15359
Refactor Condition evaluation by @Youssef1313 in Refactor Condition evaluation microsoft/vstest#15357
Adding info on extensions points part 1 by @nohwnd in Adding info on extensions points part 1 microsoft/vstest#15360
Add option to ask for uploading code QL before the standard window ends by @nohwnd in Add option to ask for uploading code QL before the standard window ends microsoft/vstest#15373
Update runtime versions by @nohwnd in Update runtime versions microsoft/vstest#15372
Fix .NET 10 regression for traits by @Youssef1313 in Fix .NET 10 regression for traits microsoft/vstest#15370
Update target frameworks to net10.0 and net11.0 by @dotnet-maestro[bot] in Update target frameworks to net10.0 and net11.0 microsoft/vstest#15349
Fix names in pipeline matrix so we don't have to align them by @nohwnd in Fix names in pipeline matrix so we don't have to align them microsoft/vstest#15365
Update SECURITY.md by @Youssef1313 in Update SECURITY.md microsoft/vstest#15342

New Contributors

@stdmnpkg made their first contribution in Add LoongArch64 support microsoft/vstest#15359

Full Changelog: microsoft/vstest@v18.3.0...v18.4.0

18.3.0 What's Changed

Fix answer file splitting by @nohwnd in Fix answer file splitting microsoft/vstest#15306

Internal fixes and updates

Bump branding to 18.1 by @nohwnd in Bump branding to 18.1 microsoft/vstest#15286
Remove stale copy of S.ComponentModel.Composition from testplatform packages by @ViktorHofer in Remove stale copy of S.ComponentModel.Composition from testplatform packages microsoft/vstest#15287
Update codeflow metadata to fix backflow by @premun in Update codeflow metadata to fix backflow microsoft/vstest#15291
[main] Update dependencies from devdiv/DevDiv/vs-code-coverage by @dotnet-maestro[bot] in [main] Update dependencies from devdiv/DevDiv/vs-code-coverage microsoft/vstest#15283
Update Microsoft.Build.Utilities.Core by @Youssef1313 in Update Microsoft.Build.Utilities.Core microsoft/vstest#15300
Disable DynamicNative instrumentation by default by @nohwnd in Disable DynamicNative instrumentation by default microsoft/vstest#15299
[main] Source code updates from dotnet/dotnet by @dotnet-maestro[bot] in [main] Source code updates from dotnet/dotnet microsoft/vstest#15293
[main] Source code updates from dotnet/dotnet by @dotnet-maestro[bot] in [main] Source code updates from dotnet/dotnet microsoft/vstest#15302
[main] Source code updates from dotnet/dotnet by @dotnet-maestro[bot] in [main] Source code updates from dotnet/dotnet microsoft/vstest#15314
Delete sha1 custom implementation we are not using for a long time by @nohwnd in Delete sha1 custom implementation we are not using for a long time microsoft/vstest#15313
[main] Source code updates from dotnet/dotnet by @dotnet-maestro[bot] in [main] Source code updates from dotnet/dotnet microsoft/vstest#15315
Update branding to 18.3.0 by @nohwnd in Update branding to 18.3.0 microsoft/vstest#15321
[main] Update dependencies from devdiv/DevDiv/vs-code-coverage by @dotnet-maestro[bot] in [main] Update dependencies from devdiv/DevDiv/vs-code-coverage microsoft/vstest#15325
[main] Update dependencies from dotnet/arcade by @dotnet-maestro[bot] in [main] Update dependencies from dotnet/arcade microsoft/vstest#15264
Revert adding dotnet_host_path workaround by @nohwnd in Revert adding dotnet_host_path workaround microsoft/vstest#15328
[main] Update dependencies from dotnet/arcade by @dotnet-maestro[bot] in [main] Update dependencies from dotnet/arcade microsoft/vstest#15338
[main] Source code updates from dotnet/dotnet by @dotnet-maestro[bot] in [main] Source code updates from dotnet/dotnet microsoft/vstest#15322
[main] Update dependencies from dotnet/arcade by @dotnet-maestro[bot] in [main] Update dependencies from dotnet/arcade microsoft/vstest#15343
Change PreReleaseVersionLabel from 'preview' to 'release' by @nohwnd in Change PreReleaseVersionLabel from 'preview' to 'release' microsoft/vstest#15352
[rel/18.3] Update dependencies from devdiv/DevDiv/vs-code-coverage by @dotnet-maestro[bot] in [rel/18.3] Update dependencies from devdiv/DevDiv/vs-code-coverage microsoft/vstest#15354
[rel/18.3] Update dependencies from dotnet/arcade by @dotnet-maestro[bot] in [rel/18.3] Update dependencies from dotnet/arcade microsoft/vstest#15389
[rel/18.3] Update dependencies from dotnet/arcade by @dotnet-maestro[bot] in [rel/18.3] Update dependencies from dotnet/arcade microsoft/vstest#15400
Update build tools to 17.11.48 to be source buildable by @nohwnd in Update build tools to 17.11.48 to be source buildable microsoft/vstest#15310
Disable publishing on RTM by @nohwnd in Disable publishing on RTM microsoft/vstest#15296
Don't access nuget.org for package feeds by @nohwnd in Don't access nuget.org for package feeds microsoft/vstest#15316
No nuget access fix tests by @nohwnd in No nuget access fix tests microsoft/vstest#15317
Disable Dependabot updates in dependabot.yml by @mmitche in Disable Dependabot updates in dependabot.yml microsoft/vstest#15324

New Contributors

@premun made their first contribution in Update codeflow metadata to fix backflow microsoft/vstest#15291

18.0.1 What's Changed

Fixing an issue with loading covrun64.dll on systems that have .NET 10 SDK installed: https://learn.microsoft.com/en-us/dotnet/core/compatibility/sdk/10.0/code-coverage-dynamic-native-instrumentation

Disable DynamicNative instrumentation by default by @nohwnd in [rel/18.0] Disable DynamicNative instrumentation by default microsoft/vstest#15298
Update MicrosoftInternalCodeCoveragePackageVersion to 18.0.6 by @nohwnd in Update MicrosoftInternalCodeCoveragePackageVersion to 18.0.6 microsoft/vstest#15312

Internal changes

Update VersionPrefix to 18.0.1 by @nohwnd in Update VersionPrefix to 18.0.1 microsoft/vstest#15301
Update build tools to 17.8.43 by @nohwnd in Update build tools to 17.8.43 microsoft/vstest#15305

Full Changelog: microsoft/vstest@v18.0.0...v18.0.1

18.0.0 What's Changed

Update reporting formatting by @martincostello in Update reporting formatting microsoft/vstest#15082
Fix stack trace for Trace.Fail and Debug.Fail by @nohwnd in Fix stack trace for Trace.Fail and Debug.Fail microsoft/vstest#15103
Add documentation of environment variables by @Copilot in Add documentation of environment variables microsoft/vstest#15095
IFrameworkHandle.LaunchProcessWithDebuggerAttached allows null for workingDirectory in signature but throws by @Copilot in [WIP] IFrameworkHandle.LaunchProcessWithDebuggerAttached allows null for workingDirectory in signature but throws microsoft/vstest#15091
Add Dependabot configuration for .NET SDK updates by @JamieMagee in Add Dependabot configuration for .NET SDK updates microsoft/vstest#15114
Handle dotnet_root in testhost version aware way by @nohwnd in Handle dotnet_root in testhost version aware way microsoft/vstest#15184
Add magic bytes validation for Mach-O binaries in DotnetHostHelper by @Copilot in Add magic bytes validation for Mach-O binaries in DotnetHostHelper microsoft/vstest#15230
using globbing pattern doesn't work on windows with forward slashes by @Copilot in using globbing pattern doesn't work on windows with forward slashes microsoft/vstest#15088
Remove tpv0 by @nohwnd in Remove tpv0 microsoft/vstest#15247
Cache AssemblyName in ManagedNameHelper by @Youssef1313 in Cache AssemblyName in ManagedNameHelper microsoft/vstest#15259
Add ARM64 support to GetArchitectureForSource methods by @Copilot in Add ARM64 support to GetArchitectureForSource methods microsoft/vstest#15278

Internal fixes and updates

Fix formatting in two files by @ViktorHofer in Fix formatting in two files microsoft/vstest#15047
Build TestPlatform packages in VMR by @ViktorHofer in Build TestPlatform packages in VMR microsoft/vstest#15055
Condition property on .NET FX MSBuild by @jaredpar in Condition property on .NET FX MSBuild microsoft/vstest#15054
Migrate to awesome assertions by @nohwnd in Migrate to awesome assertions microsoft/vstest#15056
Revert "Build TestPlatform packages in VMR" by @ViktorHofer in Revert "Build TestPlatform packages in VMR" microsoft/vstest#15057
Update package Category by @ViktorHofer in Update package Category microsoft/vstest#15058
Revert "Write props of tests into trx" by @nohwnd in Revert "Write props of tests into trx" microsoft/vstest#15080
Error on unsupported tfms (#15072) by @nohwnd in Error on unsupported tfms (#15072) microsoft/vstest#15073
Use policies from testfx to align by @nohwnd in Use policies from testfx to align microsoft/vstest#15085
Update enable-auto-merge.yml by @nohwnd in Update enable-auto-merge.yml microsoft/vstest#15102
Revert ignoring environment test by @Copilot in [WIP] Revert ignoring environment test microsoft/vstest#15094
unignore tests by @Copilot in [WIP] unignore tests microsoft/vstest#15093
Update MSTest by @Youssef1313 in Update MSTest microsoft/vstest#15108
Bump dotnet-sdk from 9.0.106 to 9.0.301 by @dependabot[bot] in Bump dotnet-sdk from 9.0.106 to 9.0.301 microsoft/vstest#15179
Use Assert.Equals by @nohwnd in Use Assert.Equals microsoft/vstest#15181
Run VSTest tests with MTP by @Youssef1313 in Run VSTest tests with MTP microsoft/vstest#15079
Use the standard sdk for architecture switch test by @nohwnd in Use the standard sdk for architecture switch test microsoft/vstest#15188
Remove CUIT (Coded UI Test) from NuGet packages and test projects by @Copilot in Remove CUIT (Coded UI Test) from NuGet packages and test projects microsoft/vstest#15177
dump-logs? by @nohwnd in dump-logs? microsoft/vstest#15187
Moving to version 18 by @nohwnd in Moving to version 18 microsoft/vstest#15209
Update fakes version by @drognanar in Update fakes version microsoft/vstest#15227
Microsoft.Intellitrace.Core should be taken from nuget by @nohwnd in Microsoft.Intellitrace.Core should be taken from nuget microsoft/vstest#15229
Remove MSTest.Assert.Extensions by @Youssef1313 in Remove MSTest.Assert.Extensions microsoft/vstest#15178
Sourcebuild fix by @nohwnd in Sourcebuild fix microsoft/vstest#15239
Set dotnet_root_ only when the architecture of dotnet in the path is the same by @nohwnd in Set dotnet_root_<arch> only when the architecture of dotnet in the path is the same microsoft/vstest#15250
Remove fakes v1 from FakesUtilities by @drognanar in Remove fakes v1 from FakesUtilities microsoft/vstest#15251
Update fakes dependencies by @drognanar in Update fakes dependencies microsoft/vstest#15254
Do half the work in GetManagedName by @Youssef1313 in Do half the work in GetManagedName microsoft/vstest#15255
check Vsix only when produced by @nohwnd in check Vsix only when produced microsoft/vstest#15261
Set dotnet_root_ always by @nohwnd in Set dotnet_root_<arch> always microsoft/vstest#15266
Don't hardcode old vswhere version in global.json by @akoeplinger in Don't hardcode old vswhere version in global.json microsoft/vstest#15267
Revert dowgrade of fakes by @nohwnd in Revert dowgrade of fakes microsoft/vstest#15263
Update VSSDK to version with code flow guard by @nohwnd in Update VSSDK to version with code flow guard microsoft/vstest#15279
Update Fakes to version with code flow guard by @nohwnd in Update Fakes to version with code flow guard microsoft/vstest#15273
... (truncated)

Commits viewable in compare view.

Updated Swashbuckle.AspNetCore from 6.9.0 to 10.1.7.

Release notes

Sourced from Swashbuckle.AspNetCore's releases.

10.1.7 What's Changed

Support custom data type for DataTypeAttribute by @tayfunyuksel in Support custom data type for DataTypeAttribute domaindrivendev/Swashbuckle.AspNetCore#3868

New Contributors

@tayfunyuksel made their first contribution in Support custom data type for DataTypeAttribute domaindrivendev/Swashbuckle.AspNetCore#3868

Full Changelog: domaindrivendev/Swashbuckle.AspNetCore@v10.1.6...v10.1.7

10.1.6 What's Changed

Fix handling of duplicate enum values for dictionaries by @martincostello in Fix handling of duplicate enum values for dictionaries domaindrivendev/Swashbuckle.AspNetCore#3839
Log exception when app fails to start in CLI by @ODukhno in Log exception when app fails to start in CLI domaindrivendev/Swashbuckle.AspNetCore#3853
Fix missing OpenAPI 3.1 $ref properties by @martincostello in Fix missing OpenAPI 3.1 $ref properties domaindrivendev/Swashbuckle.AspNetCore#3859
Add description for OpenAPI schema references by @martincostello in Add description for OpenAPI schema references domaindrivendev/Swashbuckle.AspNetCore#3860

New Contributors

@ODukhno made their first contribution in Log exception when app fails to start in CLI domaindrivendev/Swashbuckle.AspNetCore#3853

Full Changelog: domaindrivendev/Swashbuckle.AspNetCore@v10.1.5...v10.1.6

10.1.5 What's Changed

Bump swagger-ui-dist from 5.31.1 to 5.32.0 in /src/Swashbuckle.AspNetCore.SwaggerUI by @dependabot in Bump swagger-ui-dist from 5.31.1 to 5.32.0 in /src/Swashbuckle.AspNetCore.SwaggerUI domaindrivendev/Swashbuckle.AspNetCore#3814
Migrate to actions/attest by @martincostello in Migrate to actions/attest domaindrivendev/Swashbuckle.AspNetCore#3815
Disable secrets-outside-env audit by @martincostello in Disable secrets-outside-env audit domaindrivendev/Swashbuckle.AspNetCore#3823
Update zizmor to 1.23.1 by @martincostello in Update zizmor to 1.23.1 domaindrivendev/Swashbuckle.AspNetCore#3825
Fix null examples by @jgarciadelanoceda in Fix nullExamples domaindrivendev/Swashbuckle.AspNetCore#3803
Bump dependencies by @martincostello in Bump dependencies domaindrivendev/Swashbuckle.AspNetCore#3835

Full Changelog: domaindrivendev/Swashbuckle.AspNetCore@v10.1.4...v10.1.5

10.1.4 What's Changed

Bump swagger-ui-dist from 5.31.0 to 5.31.1 in /src/Swashbuckle.AspNetCore.SwaggerUI by @dependabot in Bump swagger-ui-dist from 5.31.0 to 5.31.1 in /src/Swashbuckle.AspNetCore.SwaggerUI domaindrivendev/Swashbuckle.AspNetCore#3792
Return null on example, as it was with OpenApiNull before by @jgarciadelanoceda in Return null on example, as it was with OpenApiNull before domaindrivendev/Swashbuckle.AspNetCore#3793

Full Changelog: domaindrivendev/Swashbuckle.AspNetCore@v10.1.3...v10.1.4

10.1.3 What's Changed

Fix null examples being represented as the string "null" by @jgarciadelanoceda in Fix null examples being represented as the string null domaindrivendev/Swashbuckle.AspNetCore#3788

Full Changelog: domaindrivendev/Swashbuckle.AspNetCore@v10.1.2...v10.1.3

10.1.2 What's Changed

Fix browser caching behaviour by @martincostello in Fix browser caching behaviour domaindrivendev/Swashbuckle.AspNetCore#3772
Fix document URL serialization by @martincostello in Fix document URL serialization domaindrivendev/Swashbuckle.AspNetCore#3773

Full Changelog: domaindrivendev/Swashbuckle.AspNetCore@v10.1.1...v10.1.2

10.1.1 What's Changed

Add cache headers to document URLs endpoint by @Copilot and @martincostello in Add cache headers to document URLs endpoint domaindrivendev/Swashbuckle.AspNetCore#3766

New Contributors

@Copilot made their first contribution in Add cache headers to document URLs endpoint domaindrivendev/Swashbuckle.AspNetCore#3766

Full Changelog:

domaindrivendev/Swashbuckle.AspNetCore@v10.1.0...v10.1.1

10.1.0 What's Changed

New Contributors

@markuspalme made their first contribution in Add clarifying example in migration guide to v10 domaindrivendev/Swashbuckle.AspNetCore#3672
@John-Paul-R made their first contribution in fix(SchemaGenerator): exclude inherited properties only when base add… domaindrivendev/Swashbuckle.AspNetCore#3692

Full Changelog: domaindrivendev/Swashbuckle.AspNetCore@v10.0.1...v10.1.0

10.0.1 What's Changed

Prepare for OpenAPI.NET 3.0 by @martincostello in Prepare for OpenAPI.NET 3.0 domaindrivendev/Swashbuckle.AspNetCore#3647
Fix exception sorting operation tags by @martincostello in Fix exception sorting operation tags domaindrivendev/Swashbuckle.AspNetCore#3652
Improve version table by @martincostello in Improve version table domaindrivendev/Swashbuckle.AspNetCore#3653
Update migration guide by @martincostello in Update migration guide domaindrivendev/Swashbuckle.AspNetCore#3654

Full Changelog: domaindrivendev/Swashbuckle.AspNetCore@v10.0.0...v10.0.1

10.0.0

Swashbuckle.AspNetCore v10.0.0

[!IMPORTANT]
This release contains major breaking changes.

Read our v10 migration guide for further information.

With this release, Swashbuckle.AspNetCore adds support for generating OpenAPI 3.1 documents and for ASP.NET Core 10.

Swashbuckle.AspNetCore v10 depends on OpenAPI.NET v2.3 which introduces many breaking changes to the public API surface. More information can be found in their OpenAPI.NET v2 Upgrade Guide.

To reduce the number of breaking behavioural changes in Swashbuckle.AspNetCore v10, generation of OpenAPI 3.1 documents is opt-in.
To generate OpenAPI 3.1 documents, change the OpenAPI version as shown in the code snippet below:

app.UseSwagger(options =>
{
    options.OpenApiVersion = OpenApiSpecVersion.OpenApi3_1;
});

[!TIP]
It is strongly recommended that you upgrade to Swashbuckle.AspNetCore v9.0.6 before upgrading to v10.

[!IMPORTANT]
Use of Swashbuckle.AspNetCore with the ASP.NET Core WithOpenApi() method is no longer supported.

What's Changed

Update README badges by @martincostello in Update README badges domaindrivendev/Swashbuckle.AspNetCore#3597
Extend NuGet package validation by @martincostello in Extend NuGet package validation domaindrivendev/Swashbuckle.AspNetCore#3602
Support .NET 10 by @martincostello in Support .NET 10 domaindrivendev/Swashbuckle.AspNetCore#3283

Full Changelog: domaindrivendev/Swashbuckle.AspNetCore@v9.0.6...v10.0.0

9.0.6 What's Changed

Bump redoc from 2.5.0 to 2.5.1 by @dependabot in Bump redoc from 2.5.0 to 2.5.1 in /src/Swashbuckle.AspNetCore.ReDoc domaindrivendev/Swashbuckle.AspNetCore#3587
Bump swagger-ui from 5.29.1 to 5.29.2 by @dependabot in Bump swagger-ui-dist from 5.29.1 to 5.29.2 in /src/Swashbuckle.AspNetCore.SwaggerUI domaindrivendev/Swashbuckle.AspNetCore#3595

Full Changelog: domaindrivendev/Swashbuckle.AspNetCore@v9.0.5...v9.0.6

9.0.5 What's Changed

.NET 10 preparation by @martincostello in .NET 10 preparation domaindrivendev/Swashbuckle.AspNetCore#3565
Update NuGet packages by @martincostello in Update NuGet packages domaindrivendev/Swashbuckle.AspNetCore#3573
Fix anchors by @martincostello in Fix anchors domaindrivendev/Swashbuckle.AspNetCore#3577
Bump swagger-ui-dist from 5.27.1 to 5.29.1

Full Changelog: domaindrivendev/Swashbuckle.AspNetCore@v9.0.4...v9.0.5

9.0.4 What's Changed

Fix incorrect ETag values by @martincostello in Fix incorrect ETag values domaindrivendev/Swashbuckle.AspNetCore#3490
Fix Accept-Encoding parsing by @martincostello in Fix Accept-Encoding parsing domaindrivendev/Swashbuckle.AspNetCore#3492
Check Accept-Encoding quality by @martincostello in Check Accept-Encoding quality domaindrivendev/Swashbuckle.AspNetCore#3493
Update xunit packages by @martincostello in Update xunit packages domaindrivendev/Swashbuckle.AspNetCore#3500
Add release notes configuration by @martincostello in Add release notes configuration domaindrivendev/Swashbuckle.AspNetCore#3502
Simplify release workflow by @martincostello in Simplify release workflow domaindrivendev/Swashbuckle.AspNetCore#3503
Bump xunit dependencies by @martincostello in Bump xunit dependencies domaindrivendev/Swashbuckle.AspNetCore#3508
Update NuGet dependencies by @martincostello in Update NuGet dependencies domaindrivendev/Swashbuckle.AspNetCore#3513
Remove WebHost usage from tests by @martincostello in Remove WebHost usage domaindrivendev/Swashbuckle.AspNetCore#3517
Fix typos by @martincostello in Fix typos domaindrivendev/Swashbuckle.AspNetCore#3520
Sign-off commits by @martincostello in Sign-off commits domaindrivendev/Swashbuckle.AspNetCore#3526
Add zizmor by @martincostello in Add zizmor domaindrivendev/Swashbuckle.AspNetCore#3528
Fix permissions by @martincostello in Fix permissions domaindrivendev/Swashbuckle.AspNetCore#3529
Bump zizmor by @martincostello in Bump zizmor domaindrivendev/Swashbuckle.AspNetCore#3535
Add default $type discriminator for [JsonPolymorphic] by @lilinus in Default discriminator "$type" for JsonPolymorphicAttribute (annotations) domaindrivendev/Swashbuckle.AspNetCore#3496
Update NuGet dependencies by @martincostello in Update NuGet dependencies domaindrivendev/Swashbuckle.AspNetCore#3545

New Contributors

@lilinus made their first contribution in Default discriminator "$type" for JsonPolymorphicAttribute (annotations) domaindrivendev/Swashbuckle.AspNetCore#3496

Full Changelog: domaindrivendev/Swashbuckle.AspNetCore@v9.0.3...v9.0.4

9.0.3 What's Changed

Fix incorrect Content-Length for swagger-ui and Redoc static assets by @martincostello in Fix incorrect Content-Length for swagger-ui and Redoc static assets domaindrivendev/Swashbuckle.AspNetCore#3488

Full Changelog: domaindrivendev/Swashbuckle.AspNetCore@v9.0.2...v9.0.3

9.0.2 What's Changed

Generate SBOM by @martincostello in Generate SBOM domaindrivendev/Swashbuckle.AspNetCore#3468
Compress swagger-ui and Redoc files in embedded resources with GZip by @stratosblue in Using GZip to compress swagger-ui-dist files in embedded resource to reduce the output dll size domaindrivendev/Swashbuckle.AspNetCore#3399
Refactor GZip compression by @martincostello in Refactor GZip compression domaindrivendev/Swashbuckle.AspNetCore#3480

New Contributors

@stratosblue made their first contribution in Using GZip to compress swagger-ui-dist files in embedded resource to reduce the output dll size domaindrivendev/Swashbuckle.AspNetCore#3399

Full Changelog: domaindrivendev/Swashbuckle.AspNetCore@v9.0.1...v9.0.2

9.0.1 What's Changed

Fix missing Swashbuckle.AspNetCore metapackage dependencies by @martincostello in Fix Swashbuckle.AspNetCore dependencies domaindrivendev/Swashbuckle.AspNetCore#3460

Full Changelog: domaindrivendev/Swashbuckle.AspNetCore@v9.0.0...v9.0.1

9.0.0

📣 This release contains the following breaking changes:

Drops support for netstandard2.0 and thus .NET Framework - now only net8.0 and net9.0 are supported.
Removes all public members annotated as [Obsolete] in previous releases.
Removes the deprecated --serializeasv2 option from Swashbuckle.AspNetCore.Cli, which was superseded by --openapiversion from version 8.0.0.

What's Changed

Add tests for [Range] and respect ParseLimitsInInvariantCulture property by @martincostello in Add tests for RangeAttribute and respect ParseLimitsInInvariantCulture property domaindrivendev/Swashbuckle.AspNetCore#3448
Fix [Range] behaviour by @martincostello in Fix RangeAttribute behaviour domaindrivendev/Swashbuckle.AspNetCore#3449
Refactor sample websites by @martincostello in Refactor sample websites domaindrivendev/Swashbuckle.AspNetCore#3450
Drop netstandard support by @martincostello in Drop netstandard support domaindrivendev/Swashbuckle.AspNetCore#3422

Full Changelog: domaindrivendev/Swashbuckle.AspNetCore@v8.1.4...v9.0.0

8.1.4 What's Changed

Avoid ArgumentNullException being thrown generating examples by @skironDotNet in Avoid ArgumentNullException being thrown generating examples domaindrivendev/Swashbuckle.AspNetCore#3444

Full Changelog: domaindrivendev/Swashbuckle.AspNetCore@v8.1.3...v8.1.4

8.1.3 What's Changed

Re-enable MyGet publishing by @martincostello in Re-enable MyGet publishing domaindrivendev/Swashbuckle.AspNetCore#3421
Improve test reliability by @martincostello in Improve test reliability domaindrivendev/Swashbuckle.AspNetCore#3423
Fix conflicting Git/EditorConfig settings by @martincostello in Fix conflicting settings domaindrivendev/Swashbuckle.AspNetCore#3430
Add integration test logging by @martincostello in Add integration test logging domaindrivendev/Swashbuckle.AspNetCore#3431
Disable Static Web Assets by @martincostello in Disable Static Web Assets domaindrivendev/Swashbuckle.AspNetCore#3432
Typo fixes by @martincostello in Typo fixes domaindrivendev/Swashbuckle.AspNetCore#3433
Fix HumanizeHrefTags not working when see tag spans over multiple lines by @Focus1337 in Fix HumanizeHrefTags not working when see tag spans over multiple lines domaindrivendev/Swashbuckle.AspNetCore#3435
Revert #3377 by @martincostello in Revert #3377 domaindrivendev/Swashbuckle.AspNetCore#3436

New Contributors

@Focus1337 made their first contribution in Fix HumanizeHrefTags not working when see tag spans over multiple lines domaindrivendev/Swashbuckle.AspNetCore#3435

Full Changelog: domaindrivendev/Swashbuckle.AspNetCore@v8.1.2...v8.1.3

8.1.2 What's Changed

Update to fix Lists/Arrays of nullables not getting marked as nullable by @Scarecrow7250 in Update to fix Lists/Arrays of nullables not getting marked as nullable domaindrivendev/Swashbuckle.AspNetCore#3364
Add build timeout by @martincostello in Add build timeout domaindrivendev/Swashbuckle.AspNetCore#3370
Bump redoc to 2.5.0 by @dependabot in Bump redoc from 2.4.0 to 2.5.0 in /src/Swashbuckle.AspNetCore.ReDoc domaindrivendev/Swashbuckle.AspNetCore#3374
Add test analytics by @martincostello in Add test analytics domaindrivendev/Swashbuckle.AspNetCore#3376
Fix schema for nullable enums by @ItsVeryWindy in fix schema for nullable enums domaindrivendev/Swashbuckle.AspNetCore#3377
[Docs] Split readme md by @peter-csala in [Docs] Split readme md domaindrivendev/Swashbuckle.AspNetCore#3405
[Docs] Improve the formatting of documentation files by @peter-csala in [Docs] Improve the formatting of documentation files domaindrivendev/Swashbuckle.AspNetCore#3409
Spruce-up the READMEs by @martincostello in Spruce-up the READMEs domaindrivendev/Swashbuckle.AspNetCore#3410
Migrate to slnx by @martincostello in Migrate to slnx domaindrivendev/Swashbuckle.AspNetCore#3411
Documentation refresh by @martincostello in Documentation refresh domaindrivendev/Swashbuckle.AspNetCore#3412
Bump swagger-ui to 5.22.0 by @dependabot in Bump swagger-ui-dist from 5.21.0 to 5.22.0 in /src/Swashbuckle.AspNetCore.SwaggerUI domaindrivendev/Swashbuckle.AspNetCore#3417

New Contributors

@Scarecrow7250 made their first contribution in Update to fix Lists/Arrays of nullables not getting marked as nullable domaindrivendev/Swashbuckle.AspNetCore#3364
@ItsVeryWindy made their first contribution in fix schema for nullable enums domaindrivendev/Swashbuckle.AspNetCore#3377
@peter-csala made their first contribution in [Docs] Split readme md domaindrivendev/Swashbuckle.AspNetCore#3405

Full Changelog: domaindrivendev/Swashbuckle.AspNetCore@v8.1.1...v8.1.2

8.1.1 What's Changed

Bump swagger-ui to 5.20.8 by @dependabot in Bump swagger-ui-dist from 5.20.7 to 5.20.8 in /src/Swashbuckle.AspNetCore.SwaggerUI domaindrivendev/Swashbuckle.AspNetCore#3359

Full Changelog: domaindrivendev/Swashbuckle.AspNetCore@v8.1.0...v8.1.1

8.1.0 What's Changed

Adopt File-scoped namespaces by @martincostello in Adopt File-scoped namespaces domaindrivendev/Swashbuckle.AspNetCore#3331
Apply analyzer suggestions by @martincostello in Apply analyzer suggestions domaindrivendev/Swashbuckle.AspNetCore#3334
Add cache headers for ReDoc and SwaggerUI by @martincostello in Add cache headers for ReDoc and SwaggerUI domaindrivendev/Swashbuckle.AspNetCore#3341

Full Changelog: domaindrivendev/Swashbuckle.AspNetCore@v8.0.0...v8.1.0

8.0.0

[!IMPORTANT]
Swashbuckle.AspNetCore drops support for .NET 6.

Swashbuckle.AspNetCore v8.0.0 makes the following notable changes:

Drops support for net6.0.
The netstandard2.0 TFM now depends on ASP.NET Core 2.3 instead of ASP.NET Core 2.1.
Updates Microsoft.OpenApi to v1.6.23. This update requires the use of swagger-ui v5.19.0 or later (v5.20.1 is included in the Swashbuckle.AspNetCore.SwaggerUI NuGet package). You may need to clear your browser's cache to pick up the latest JavaScript files for swagger-ui.

To prepare for future support for OpenAPI 3.1 documents, deprecates the SerializeAsV2 property by marking it as [Obsolete]. Users should update their code as illustrated below, depending on their use case:

- options.SerializeAsV2 = true;
+ options.OpenApiVersion = Microsoft.OpenApi.OpenApiSpecVersion.OpenApi2_0;

// or if explicitly disabling (the same as the default behaviour)
- options.SerializeAsV2 = false;
+ options.OpenApiVersion = Microsoft.OpenApi.OpenApiSpecVersion.OpenApi3_0;

To prepare for future support for OpenAPI 3.1 documents, the Swashbuckle.AspNetCore.Cli tool has deprecated the --serializeasv2 option and logs a warning to the console. Users should update their usage as illustrated below, depending on their use case:
```
- swagger tofile --output [output] [startupassembly] [swaggerdoc] --serializeasv2
+ swagger tofile --output [output] [startupassembly] [swaggerdoc] --openapiversion "2.0"
```

What's Changed

More reliable coverage by @martincostello in More reliable coverage domaindrivendev/Swashbuckle.AspNetCore#3294
Apply IDE refactoring suggestions by @martincostello in Apply IDE refactoring suggestions domaindrivendev/Swashbuckle.AspNetCore#3254
.NET 10 preparation by @martincostello in .NET 10 preparation domaindrivendev/Swashbuckle.AspNetCore#3285
Move snapshots by @martincostello in Move snapshots domaindrivendev/Swashbuckle.AspNetCore#3314
Snapshot OpenApiDocument as JSON by @martincostello in Snapshot OpenApiDocument as JSON domaindrivendev/Swashbuckle.AspNetCore#3315
Enable implicit usings by @martincostello in Enable implicit usings domaindrivendev/Swashbuckle.AspNetCore#3316
Drop .NET 6 by @martincostello in Drop .NET 6 domaindrivendev/Swashbuckle.AspNetCore#3183
Deprecate SerializeAsV2 by @martincostello in Deprecate SerializeAsV2 domaindrivendev/Swashbuckle.AspNetCore#3286
Improve release automation by @martincostello in Improve release automation domaindrivendev/Swashbuckle.AspNetCore#3317
Bump NuGet packages by @martincostello in Bump NuGet packages domaindrivendev/Swashbuckle.AspNetCore#3319

Full Changelog: domaindrivendev/Swashbuckle.AspNetCore@v7.3.2...v8.0.0

7.3.2 What's Changed

Fix humanize for multiline code and <para> tags by @EvgeniyZ in fix humanize for multiline code and <para> tag domaindrivendev/Swashbuckle.AspNetCore#3295
Fix DescribeAllParametersInCamelCase usage for parameters by @maksim-sovkov in Fix DescribeAllParametersInCamelCase usage in GenerateOpenApiOperationFromMetadataAsync domaindrivendev/Swashbuckle.AspNetCore#3309

New Contributors

@maksim-sovkov made their first contribution in Fix DescribeAllParametersInCamelCase usage in GenerateOpenApiOperationFromMetadataAsync domaindrivendev/Swashbuckle.AspNetCore#3309

Full Changelog: domaindrivendev/Swashbuckle.AspNetCore@v7.3.1...v7.3.2

7.3.1 What's Changed

Fix for ApiDescriptionProvider throws NRE by @EvgeniyZ in Fix for ApiDescriptionProvider throws NRE domaindrivendev/Swashbuckle.AspNetCore#3280
Bump swagger-ui-dist from 5.19.0 to 5.20.0 by @dependabot in Bump swagger-ui-dist from 5.19.0 to 5.20.0 in /src/Swashbuckle.AspNetCore.SwaggerUI domaindrivendev/Swashbuckle.AspNetCore#3279

Full Changelog: domaindrivendev/Swashbuckle.AspNetCore@v7.3.0...v7.3.1

7.3.0 What's Changed

Add CreateFromJson options overload by @martincostello in Add CreateFromJson options overload domaindrivendev/Swashbuckle.AspNetCore#3218
Stop testing with .NET 6 by @martincostello in Stop testing with .NET 6 domaindrivendev/Swashbuckle.AspNetCore#3219
Replace IdentityServer4 with Duende.IdentityServer (#3008) by @pseudometalhead in Replace IdentityServer4 with Duende.IdentityServer (#3008) domaindrivendev/Swashbuckle.AspNetCore#3184
Fix JWT version for .NET 9 by @Saibamen in Fix #3184 - fix JWT version for .NET 9 domaindrivendev/Swashbuckle.AspNetCore#3227
Adjust readme for issue #1014 by @EvgeniyZ in adjust readme for #1014 issue domaindrivendev/Swashbuckle.AspNetCore#3233
Humanize multiline para tag by @EvgeniyZ in Humanize multiline para tag domaindrivendev/Swashbuckle.AspNetCore#3234
Humanize multi line code tag by @EvgeniyZ in Humanize multi line code tag domaindrivendev/Swashbuckle.AspNetCore#3239
Fix JsonSerializerDataContractResolver so that it handles jagged arrays correctly by @ozziepeeps in Fix JsonSerializerDataContractResolver so that it handles square arrays correctly domaindrivendev/Swashbuckle.AspNetCore#3245
Use DeepObject parameter style for dictionary by @EvgeniyZ in Use DeepObject parameter style for dictionary domaindrivendev/Swashbuckle.AspNetCore#3241
Remove MvcOptions from SchemaGenerator by @EvgeniyZ in Remove MvcOptions from SchemaGenerator domaindrivendev/Swashbuckle.AspNetCore#3242
Optional EOL for XML comments (#2947) by @RainDance74 in Optional EOL for XmlComments (#2947) domaindrivendev/Swashbuckle.AspNetCore#3255
Add support for listing available OpenAPI documents by @rassilon in Add support for listing available OpenAPI documents domaindrivendev/Swashbuckle.AspNetCore#3263
Bump swagger-ui-dist from 5.18.3 to 5.19.0 by @dependabot in Bump swagger-ui-dist from 5.18.3 to 5.19.0 in /src/Swashbuckle.AspNetCore.SwaggerUI domaindrivendev/Swashbuckle.AspNetCore#3266

New Contributors

@pseudometalhead made their first contribution in Replace IdentityServer4 with Duende.IdentityServer (#3008) domaindrivendev/Swashbuckle.AspNetCore#3184
@RainDance74 made their first contribution in Optional EOL for XmlComments (#2947) domaindrivendev/Swashbuckle.AspNetCore#3255
@rassilon made their first contribution in Add support for listing available OpenAPI documents domaindrivendev/Swashbuckle.AspNetCore#3263

Full Changelog: domaindrivendev/Swashbuckle.AspNetCore@v7.2.0...v7.3.0

7.2.0 What's Changed

Path grouping strategy by @Saibamen in Path grouping strategy domaindrivendev/Swashbuckle.AspNetCore#3152
Add package README by @martincostello in Add package README domaindrivendev/Swashbuckle.AspNetCore#3178
Allow no match to be found to avoid throwing an exception by @moni-dips in Allow no match to be found to avoid throwing an exception domaindrivendev/Swashbuckle.AspNetCore#3188

New Contributors

@moni-dips made their first contribution in Allow no match to be found to avoid throwing an exception domaindrivendev/Swashbuckle.AspNetCore#3188

Full Changelog: domaindrivendev/Swashbuckle.AspNetCore@v7.1.0...v7.2.0

7.1.0 What's Changed

Update some nugets by @Saibamen in Update some nugets domaindrivendev/Swashbuckle.AspNetCore#3143
Recreate package lock files by @Saibamen in Recreate package lock files domaindrivendev/Swashbuckle.AspNetCore#3146
More asserts for SwaggerGeneratorTests by @Saibamen in More asserts for SwaggerGeneratorTests domaindrivendev/Swashbuckle.AspNetCore#3147
Add more HTTP codes to ResponseDescriptionMap by @Saibamen in Add more HTTP codes to ResponseDescriptionMap domaindrivendev/Swashbuckle.AspNetCore#3148
Test more WebAPI examples by @Saibamen in Test more WebAPI examples domaindrivendev/Swashbuckle.AspNetCore#3149
Fix issue with [FromForm] and enums for Controllers by @jgarciadelanoceda in Fix issue with FromForm and enums for Controllers domaindrivendev/Swashbuckle.AspNetCore#3164
Support [Description] and [ReadOnly] by @jgarciadelanoceda in Support DescriptionAttribute and ReadOnlyAttribute domaindrivendev/Swashbuckle.AspNetCore#3162
Second level inheritance for UseOneOfForPolymorphism by @k0ka in second level inheritance for UseOneOfForPolymorphism domaindrivendev/Swashbuckle.AspNetCore#3155
Avoid exception checking nullability by @martincostello in Avoid exception checking nullability domaindrivendev/Swashbuckle.AspNetCore#3119
Fix NotSupportedException in AoT test project by @martincostello in Fix NotSupportedException in AoT test project domaindrivendev/Swashbuckle.AspNetCore#3171
Create snupkg files by @martincostello in Create snupkg files domaindrivendev/Swashbuckle.AspNetCore#3168
Support of [JsonPolymorphic] and [JsonDerivedType] attributes by @k0ka in Support of JsonPolymorphic and JsonDerivedType attributes domaindrivendev/Swashbuckle.AspNetCore#3170

New Contributors

@k0ka made their first contribution in second level inheritance for UseOneOfForPolymorphism domaindrivendev/Swashbuckle.AspNetCore#3155

Full Changelog: domaindrivendev/Swashbuckle.AspNetCore@v7.0.0...v7.1.0

7.0.0 What's Changed

Refactor filter descriptor type checks in SwaggerGen by @iskandersierra in Refactor filter descriptor type checks in SwaggerGen domaindrivendev/Swashbuckle.AspNetCore#3125
Apply SwaggerIgnore on Newtonsoft by @jgarciadelanoceda in Apply SwaggerIgnore on Newtonsoft domaindrivendev/Swashbuckle.AspNetCore#3134
Support .NET 9 by @martincostello in Support .NET 9 domaindrivendev/Swashbuckle.AspNetCore#3007
Drop support for .NET (Core) versions prior to 8 (except 6) by @martincostello in Support .NET 9 domaindrivendev/Swashbuckle.AspNetCore#3007
Fix FromForm without WithOpenApi schemas by @jgarciadelanoceda in Fix FromForm without WithOpenApi schemas domaindrivendev/Swashbuckle.AspNetCore#3133

New Contributors

@iskandersierra made their first contribution in Refactor filter descriptor type checks in SwaggerGen domaindrivendev/Swashbuckle.AspNetCore#3125

Full Changelog: domaindrivendev/Swashbuckle.AspNetCore@v6.9.0...v7.0.0

Commits viewable in compare view.

Updated Testcontainers from 3.10.0 to 4.11.0.

Release notes

Sourced from Testcontainers's releases.

4.11.0

What's Changed

Thanks to all contributors. Once again, really great contributions from everyone 🤝.

The NuGet packages for this release have been attested for supply chain security using actions/attest. This confirms the integrity and provenance of the artifacts and helps ensure they can be trusted: #21198535.

Please be aware that we have changed the supported and underlying image used for the Cosmos DB module. The latest tag only supports certain environments and provides a limited set of features. Microsoft has introduced a new implementation, vnext-preview, which receives more updates and features. Due to the limitations of the latest tag, we decided to replace it with vnext-preview. You find more information about the image here: https://github.com/Azure/azure-cosmos-db-emulator-docker.

⚠️ Breaking Changes

feat(CosmosDb): Update base image from latest to vnext-preview (#1324) @NelsonBN

🚀 Features

feat(CosmosDb): Update base image from latest to vnext-preview (#1324) @NelsonBN
feat: Add typed WithResourceMapping(...) overloads (#1497) @cimnine
feat: Add Seq module (#1276) @montanehamilton
feat(PostgreSql): Add WithSsl builder API (#1529) @ozkanpakdil
feat: Add Temporal module (#1635) @bgener
feat: Add module connection string provider (#1632) @HofmeisterAn
fead: Add default container connection string provider (#1630) @HofmeisterAn
feat(ServiceBus): Add method to get HTTP connection string (#1622) @NelsonBN

🐛 Bug Fixes

fix(MongoDb): Wait for post-init startup readiness before replica set initiation (#1656) @HofmeisterAn
fix(Seq): Assert connection string provider (#1645) @HofmeisterAn
fix(EventHubs): Ignore runtime property to support reuse (#1644) @franciscosamuel
fix(ServiceBus): Ignore runtime property to support reuse (#1643) @franciscosamuel
fix(ResourceReaper): Set wait strategy (#1634) @HofmeisterAn
fix(ServiceBus): Workaround health API timeout (#1625) @HofmeisterAn
fix: Do not set console buffer width (ConsoleLogger) (#1623) @HofmeisterAn
fix(EventHubs): Workaround health API timeout (#1624) @HofmeisterAn

📖 Documentation

docs(CosmosDb): Replace unsupported tag 'latest' with 'vnext-preview' (#1660) @HofmeisterAn
docs(Redis): Add example (#1641) @HofmeisterAn

🧹 Housekeeping

chore(examples): Enable NuGet restore lock mode (#1659) @HofmeisterAn
chore: Pin image digest (#1658) @HofmeisterAn
fix: Run OpenSSF Scorecard only on default branch (#1657) @HofmeisterAn
chore: Remove Git LFS tracking for .snk (#1655) @HofmeisterAn
feat: Enable Dependabot for NuGet (repo) (#1654) @HofmeisterAn
feat: Enable Dependabot for NuGet (src) (#1653) @HofmeisterAn
fix: Replace branch protection with ruleset (#1652) @HofmeisterAn
fix: Do not enforce policies for admins (#1651) @HofmeisterAn
fix: Remove missing labels from Dependabot (#1650) @HofmeisterAn
... (truncated)

4.10.0

What's Changed

Happy New Year, everyone! 🎉

Please note that going forward, we expect developers to explicitly pin the image version (testcontainers/testcontainers-dotnet#1470). We consider this a best practice and it aligns with other language implementations.

Also, due to the recent Docker Engine v29 release, TC for .NET pins the Docker Engine API version to 1.44 (see the previous release notes). You can override this default and set it to the version you're using, ideally 1.52, which corresponds to v29, if you're already running it.

⚠️ Breaking Changes

feat: Add Docker Engine v29 support (#1609) @HofmeisterAn
chore: Remove EventStoreDb module (#1599) @HofmeisterAn

🚀 Features

feat: Require explicit container image in Testcontainers.Xunit (#1612) @0xced
feat: Add Platform property to IImage interface (#1610) @HofmeisterAn
feat: Add Docker Engine v29 support (#1609) @HofmeisterAn
feat: Require explicit container image when creating container builder (#1584) @digital88
feat: Add connection string provider (#1588) @HofmeisterAn

🐛 Bug Fixes

fix(Kafka): Bump image version to prevent container crash on startup (#1604) @HofmeisterAn
fix(Elasticsearch): Use HTTP wait strategy (#1593) @digital88
fix(Milvus): Use healthcheck wait strategy (#1585) @verdie-g

📖 Documentation

docs: Pin the image version explicitly (#1605) @HofmeisterAn

🧹 Housekeeping

chore: Remove Sonar findings (#1611) @HofmeisterAn
chore: Pin Docker Engine API for GH workflow to 1.47 (#1608) @HofmeisterAn
chore: Set remaining container image explicit (#1606) @digital88
fix(Kafka): Bump image version to prevent container crash on startup (#1604) @HofmeisterAn
chore: Remove EventStoreDb test project from SLNX file (#1603) @0xced
chore: Skip unnecessary work for empty or null sequences (#1601) @HofmeisterAn
chore: Delegate container builder ctor string to IImage (#1600) @HofmeisterAn
chore: Remove EventStoreDb module (#1599) @HofmeisterAn
feat: Prepare next release cycle (4.10.0) (#1586) @HofmeisterAn

4.9.0

What's Changed

This release adds a new configuration (DOCKER_API_VERSION) that lets you pin and downgrade the Docker Engine API version. This was needed because Docker Engine v29 introduced breaking changes that affect Docker.DotNet and Testcontainers for .NET. This release pins the API version to 1.44. So far, no issues or negative side effects have been observed.

I am also working on updating Docker.DotNet to make it fully compatible with Docker Engine v29. There is already a work-in-progress PR.

Thanks to all the contributors who helped with this release 👍.

⚠️ Breaking Changes

feat: Add KurrentDb module (#1583) @diegosasw

🚀 Features

feat: Add KurrentDb module (#1583) @diegosasw
chore: Bump NuGet dependencies (#1578) @HofmeisterAn
feat: Add .NET 10 support (#1572) @HofmeisterAn
feat: Support configuring Docker API version (#1576) @HofmeisterAn
feat: Add Mosquitto module (#1522) @EtherZa
feat: Add Toxiproxy module (#1454) @iltertaha
feat: Add Grafana module (#1509) @thomhurst
feat: Add Playwright module (#1288) @alimahboubi

🐛 Bug Fixes

fix(Milvus): Set DEPLOY_MODE=STANDALONE (necessary for v2.6+) (#1569) @verdie-g
fix: Set Kusto wait strategy encoding to UTF-8 (#1567) @MattKotsenas
fix: Split ALL_CHANGED_FILES on any whitespace (#1566) @HofmeisterAn

📖 Documentation

docs: Use correct comment characters for C# language (#1564) @HofmeisterAn

🧹 Housekeeping

feat: Add SLNX file (#1579) @HofmeisterAn
chore: Update Toxiproxy NuGet dependency to a .NET compatible version (#1568) @HofmeisterAn
chore: Add script to detect which tests to run in CI (#1563) @HofmeisterAn
chore: Make the continuous delivery job fork-friendly (#1559) @0xced
feat: Prepare next release cycle (4.9.0) (#1561) @HofmeisterAn

4.8.1

What's Changed

🐛 Bug Fixes

fix: Compute correct relative Dockerfile file path (#1558) @HofmeisterAn

4.8.0

What's Changed

Thank you to all the contributors 🙌.

In version 4.7.0, we noticed that the reuse hash could change depending on the order of dictionary values. This has been fixed to ensure that dictionary values are processed in a consistent order when generating the reuse hash. As a result, the reuse hash will likely change again with 4.8.0.

Wait strategies now default to the Running mode. This mode expects the container to remain running throughout startup. If the container exits unexpectedly, Testcontainers will throw a ContainerNotRunningException that includes the exit code and container logs.

The container startup callback now includes an additional overload that provides the actual container configuration. If you implement IContainerBuilder<TBuilderEntity, TContainerEntity>, you need to add the container configuration (e.g., IContainerConfiguration) as a third generic type constraint to IContainerBuilder.

IContainerBuilder.WithResourceMapping and IContainer.CopyAsync now include two new optional arguments: uid and gid. If you do not need to specify those, u...

_Description h...

Description has been truncated

Bumps coverlet.collector from 6.0.4 to 10.0.0 Bumps Mapster from 7.4.0 to 10.0.7 Bumps Microsoft.NET.Test.Sdk from 17.14.1 to 18.5.1 Bumps Swashbuckle.AspNetCore from 6.9.0 to 10.1.7 Bumps Testcontainers from 3.10.0 to 4.11.0 Bumps xunit.runner.visualstudio from 2.8.2 to 3.1.5 --- updated-dependencies: - dependency-name: coverlet.collector dependency-version: 10.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: coverlet.collector dependency-version: 10.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: coverlet.collector dependency-version: 10.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: Mapster dependency-version: 10.0.7 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: Microsoft.NET.Test.Sdk dependency-version: 18.5.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: Microsoft.NET.Test.Sdk dependency-version: 18.5.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: Microsoft.NET.Test.Sdk dependency-version: 18.5.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: Swashbuckle.AspNetCore dependency-version: 10.1.7 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: Testcontainers dependency-version: 4.11.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: xunit.runner.visualstudio dependency-version: 3.1.5 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: xunit.runner.visualstudio dependency-version: 3.1.5 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: xunit.runner.visualstudio dependency-version: 3.1.5 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2026-05-14T01:09:10Z

Labels

The following labels could not be found: .NET, dependencies, nuget, packages. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

guibranco

Automatically approved by gstraccini[bot]

github-actions · 2026-05-14T01:09:42Z

Infisical secrets check: ✅ No secrets leaked!

💻 Scan logs

2026-05-14T01:09:40Z INF scanning for exposed secrets...
1:09AM INF 20 commits scanned.
2026-05-14T01:09:40Z INF scan completed in 81.8ms
2026-05-14T01:09:40Z INF no leaks found

socket-security · 2026-05-14T01:09:42Z

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	coverlet.collector@6.0.4 ⏵ 10.0.0	⁺⁵
	mapster@7.4.0 ⏵ 10.0.7	⁺¹
	swashbuckle.aspnetcore@6.9.0 ⏵ 10.1.7
	microsoft.net.test.sdk@17.14.1 ⏵ 18.5.1
	testcontainers@3.10.0 ⏵ 4.11.0	^-5
	xunit.runner.visualstudio@2.8.2 ⏵ 3.1.5	⁺⁴

View full report

socket-security · 2026-05-14T01:09:45Z

Caution

Review the following alerts detected in dependencies.

According to your organization's Security Policy, you must resolve all "Block" alerts before proceeding. Learn more about Socket for GitHub.

Action	Severity	Alert (click "▶" to expand/collapse)
Block		Network access: nuget `bouncycastle.cryptography` Location: Package overview From: tests/Grimoire.E2eTests/Grimoire.E2eTests.csproj → `nuget/testcontainers@4.11.0` → `nuget/bouncycastle.cryptography@2.6.2` ℹ Read more on: This package \| This alert \| What is network access? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should remove all network access that is functionally unnecessary. Consumers should audit network access to ensure legitimate use. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore nuget/bouncycastle.cryptography@2.6.2`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Dynamic code execution: nuget `bouncycastle.cryptography` Location: Package overview From: tests/Grimoire.E2eTests/Grimoire.E2eTests.csproj → `nuget/testcontainers@4.11.0` → `nuget/bouncycastle.cryptography@2.6.2` ℹ Read more on: This package \| This alert \| What is dynamic code execution? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Avoid packages that use dynamic code execution like eval(), since this could potentially execute any code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore nuget/bouncycastle.cryptography@2.6.2`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Network access: nuget `docker.dotnet.enhanced.x509` Location: Package overview From: tests/Grimoire.E2eTests/Grimoire.E2eTests.csproj → `nuget/testcontainers@4.11.0` → `nuget/docker.dotnet.enhanced.x509@3.131.1` ℹ Read more on: This package \| This alert \| What is network access? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should remove all network access that is functionally unnecessary. Consumers should audit network access to ensure legitimate use. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore nuget/docker.dotnet.enhanced.x509@3.131.1`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Dynamic code execution: nuget `docker.dotnet.enhanced.x509` Location: Package overview From: tests/Grimoire.E2eTests/Grimoire.E2eTests.csproj → `nuget/testcontainers@4.11.0` → `nuget/docker.dotnet.enhanced.x509@3.131.1` ℹ Read more on: This package \| This alert \| What is dynamic code execution? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Avoid packages that use dynamic code execution like eval(), since this could potentially execute any code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore nuget/docker.dotnet.enhanced.x509@3.131.1`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Network access: nuget `docker.dotnet.enhanced` Location: Package overview From: tests/Grimoire.E2eTests/Grimoire.E2eTests.csproj → `nuget/testcontainers@4.11.0` → `nuget/docker.dotnet.enhanced@3.131.1` ℹ Read more on: This package \| This alert \| What is network access? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should remove all network access that is functionally unnecessary. Consumers should audit network access to ensure legitimate use. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore nuget/docker.dotnet.enhanced@3.131.1`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		System shell access: nuget `docker.dotnet.enhanced` Location: Package overview From: tests/Grimoire.E2eTests/Grimoire.E2eTests.csproj → `nuget/testcontainers@4.11.0` → `nuget/docker.dotnet.enhanced@3.131.1` ℹ Read more on: This package \| This alert \| What is shell access? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should avoid accessing the shell which can reduce portability, and make it easier for malicious shell access to be introduced. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore nuget/docker.dotnet.enhanced@3.131.1`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Dynamic code execution: nuget `docker.dotnet.enhanced` Location: Package overview From: tests/Grimoire.E2eTests/Grimoire.E2eTests.csproj → `nuget/testcontainers@4.11.0` → `nuget/docker.dotnet.enhanced@3.131.1` ℹ Read more on: This package \| This alert \| What is dynamic code execution? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Avoid packages that use dynamic code execution like eval(), since this could potentially execute any code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore nuget/docker.dotnet.enhanced@3.131.1`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Network access: nuget `microsoft.openapi` Location: Package overview From: src/Grimoire.Api/Grimoire.Api.csproj → `nuget/swashbuckle.aspnetcore@10.1.7` → `nuget/microsoft.openapi@2.4.1` ℹ Read more on: This package \| This alert \| What is network access? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should remove all network access that is functionally unnecessary. Consumers should audit network access to ensure legitimate use. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore nuget/microsoft.openapi@2.4.1`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		System shell access: nuget `system.text.json` Location: Package overview From: src/Grimoire.Api/Grimoire.Api.csproj → `nuget/swashbuckle.aspnetcore@10.1.7` → `nuget/system.text.json@8.0.5` ℹ Read more on: This package \| This alert \| What is shell access? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should avoid accessing the shell which can reduce portability, and make it easier for malicious shell access to be introduced. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore nuget/system.text.json@8.0.5`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Dynamic code execution: nuget `system.text.json` Location: Package overview From: src/Grimoire.Api/Grimoire.Api.csproj → `nuget/swashbuckle.aspnetcore@10.1.7` → `nuget/system.text.json@8.0.5` ℹ Read more on: This package \| This alert \| What is dynamic code execution? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Avoid packages that use dynamic code execution like eval(), since this could potentially execute any code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore nuget/system.text.json@8.0.5`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Network access: nuget `testcontainers` Location: Package overview From: tests/Grimoire.E2eTests/Grimoire.E2eTests.csproj → `nuget/testcontainers@4.11.0` ℹ Read more on: This package \| This alert \| What is network access? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should remove all network access that is functionally unnecessary. Consumers should audit network access to ensure legitimate use. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore nuget/testcontainers@4.11.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		System shell access: nuget `testcontainers` Location: Package overview From: tests/Grimoire.E2eTests/Grimoire.E2eTests.csproj → `nuget/testcontainers@4.11.0` ℹ Read more on: This package \| This alert \| What is shell access? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should avoid accessing the shell which can reduce portability, and make it easier for malicious shell access to be introduced. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore nuget/testcontainers@4.11.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Dynamic code execution: nuget `testcontainers` Location: Package overview From: tests/Grimoire.E2eTests/Grimoire.E2eTests.csproj → `nuget/testcontainers@4.11.0` ℹ Read more on: This package \| This alert \| What is dynamic code execution? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Avoid packages that use dynamic code execution like eval(), since this could potentially execute any code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore nuget/testcontainers@4.11.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Filesystem access: nuget `bouncycastle.cryptography` Location: Package overview From: tests/Grimoire.E2eTests/Grimoire.E2eTests.csproj → `nuget/testcontainers@4.11.0` → `nuget/bouncycastle.cryptography@2.6.2` ℹ Read more on: This package \| This alert \| What is filesystem access? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: If a package must read the file system, clarify what it will read and ensure it reads only what it claims to. If appropriate, packages can leave file system access to consumers and operate on data passed to it instead. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore nuget/bouncycastle.cryptography@2.6.2`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Filesystem access: nuget `docker.dotnet.enhanced.x509` Location: Package overview From: tests/Grimoire.E2eTests/Grimoire.E2eTests.csproj → `nuget/testcontainers@4.11.0` → `nuget/docker.dotnet.enhanced.x509@3.131.1` ℹ Read more on: This package \| This alert \| What is filesystem access? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: If a package must read the file system, clarify what it will read and ensure it reads only what it claims to. If appropriate, packages can leave file system access to consumers and operate on data passed to it instead. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore nuget/docker.dotnet.enhanced.x509@3.131.1`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Environment variable access: nuget `docker.dotnet.enhanced` Location: Package overview From: tests/Grimoire.E2eTests/Grimoire.E2eTests.csproj → `nuget/testcontainers@4.11.0` → `nuget/docker.dotnet.enhanced@3.131.1` ℹ Read more on: This package \| This alert \| What is environment variable access? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should be clear about which environment variables they access, and care should be taken to ensure they only access environment variables they claim to. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore nuget/docker.dotnet.enhanced@3.131.1`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Filesystem access: nuget `docker.dotnet.enhanced` Location: Package overview From: tests/Grimoire.E2eTests/Grimoire.E2eTests.csproj → `nuget/testcontainers@4.11.0` → `nuget/docker.dotnet.enhanced@3.131.1` ℹ Read more on: This package \| This alert \| What is filesystem access? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: If a package must read the file system, clarify what it will read and ensure it reads only what it claims to. If appropriate, packages can leave file system access to consumers and operate on data passed to it instead. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore nuget/docker.dotnet.enhanced@3.131.1`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Potential code anomaly (AI signal): nuget `microsoft.extensions.apidescription.server` is 100.0% likely to have a medium risk anomaly Notes: The code introduces a legitimate extensibility point for DataContractSerializer via a SurrogateProviderAdapter and reflection-based injection. While not inherently malicious, the capability to alter deserialization through a user-provided surrogate presents a noteworthy attack surface in supply-chain contexts. If an untrusted surrogate provider is introduced (e.g., via dependency chain), it could manipulate deserialization to achieve code execution or data exposure. The code itself is not malware, but warrants careful governance around surrogate providers and restricted usage in trusted environments. Confidence: 1.00 Severity: 0.60 From: src/Grimoire.Api/Grimoire.Api.csproj → `nuget/swashbuckle.aspnetcore@10.1.7` → `nuget/microsoft.extensions.apidescription.server@10.0.0` ℹ Read more on: This package \| This alert \| What is an AI-detected potential code anomaly? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: An AI system found a low-risk anomaly in this package. It may still be fine to use, but you should check that it is safe before proceeding. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore nuget/microsoft.extensions.apidescription.server@10.0.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Filesystem access: nuget `system.text.json` Location: Package overview From: src/Grimoire.Api/Grimoire.Api.csproj → `nuget/swashbuckle.aspnetcore@10.1.7` → `nuget/system.text.json@8.0.5` ℹ Read more on: This package \| This alert \| What is filesystem access? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: If a package must read the file system, clarify what it will read and ensure it reads only what it claims to. If appropriate, packages can leave file system access to consumers and operate on data passed to it instead. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore nuget/system.text.json@8.0.5`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Filesystem access: nuget `testcontainers` Location: Package overview From: tests/Grimoire.E2eTests/Grimoire.E2eTests.csproj → `nuget/testcontainers@4.11.0` ℹ Read more on: This package \| This alert \| What is filesystem access? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: If a package must read the file system, clarify what it will read and ensure it reads only what it claims to. If appropriate, packages can leave file system access to consumers and operate on data passed to it instead. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore nuget/testcontainers@4.11.0`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Environment variable access: nuget `xunit.runner.visualstudio` Location: Package overview From: tests/Grimoire.E2eTests/Grimoire.E2eTests.csproj → `nuget/xunit.runner.visualstudio@3.1.5` ℹ Read more on: This package \| This alert \| What is environment variable access? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Packages should be clear about which environment variables they access, and care should be taken to ensure they only access environment variables they claim to. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore nuget/xunit.runner.visualstudio@3.1.5`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

dependabot · 2026-05-17T11:56:53Z

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

dependabot Bot assigned guibranco May 14, 2026

This was referenced May 14, 2026

Bump coverlet.collector and 4 others #19

Closed

Bump the testing group with 3 updates #20

Closed

guibranco enabled auto-merge (squash) May 14, 2026 01:09

gstraccini Bot added the ☑️ auto-merge Automatic merging of pull requests (gstraccini-bot) label May 14, 2026

gstraccini Bot approved these changes May 14, 2026

View reviewed changes

guibranco approved these changes May 14, 2026

View reviewed changes

gstraccini Bot added the 🤖 bot Automated processes or integrations label May 14, 2026

guibranco closed this May 17, 2026

auto-merge was automatically disabled May 17, 2026 11:56
Pull request was closed

dependabot Bot deleted the dependabot/nuget/src/Grimoire.Api/dependencies-b9252a90e9 branch May 17, 2026 11:57

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the dependencies group with 6 updates#21

Bump the dependencies group with 6 updates#21
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/nuget/src/Grimoire.Api/dependencies-b9252a90e9

dependabot Bot commented on behalf of github May 14, 2026

Uh oh!

dependabot Bot commented on behalf of github May 14, 2026

Uh oh!

guibranco left a comment

Uh oh!

github-actions Bot commented May 14, 2026

Uh oh!

socket-security Bot commented May 14, 2026

Uh oh!

socket-security Bot commented May 14, 2026

Uh oh!

dependabot Bot commented on behalf of github May 17, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot Bot commented on behalf of github May 14, 2026

10.0.0

Improvements

Fixed

Maintenance

8.0.1

Fixed

Improvements

8.0.0

Fixed

Improvements

10.0.7

What's Changed

10.0.7-pre04

What's Changed

10.0.7-pre03

What's Changed

10.0.7-pre02

What's Changed

10.0.7-pre01

What's Changed

10.0.6

Breaking change in v10.0+ and new feature

New feature:

What's Changed

10.0.4

Breaking change in v10.0+ and new feature

New feature:

What's Changed

New Contributors

10.0.0

What's Changed

18.5.1

What's Changed

18.5.0

What's Changed

18.4.0

What's Changed

New Contributors

18.3.0

What's Changed

Internal fixes and updates

New Contributors

18.0.1

What's Changed

Internal changes

18.0.0

What's Changed

Internal fixes and updates

10.1.7

What's Changed

New Contributors

10.1.6

What's Changed

New Contributors

10.1.5

What's Changed

10.1.4

What's Changed

10.1.3

What's Changed

10.1.2

What's Changed

10.1.1

What's Changed

New Contributors

10.1.0

What's Changed

New Features

Bug Fixes

Miscellaneous

New Contributors

10.0.1

What's Changed

10.0.0

Swashbuckle.AspNetCore v10.0.0

What's Changed

9.0.6

What's Changed