Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the nuget group across 1 directories with 4 updates #899

Merged
merged 2 commits into from
Jan 17, 2024
Merged

Bump the nuget group across 1 directories with 4 updates #899

merged 2 commits into from
Jan 17, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 17, 2024

Bumps the nuget group with 4 updates in the /ch9_release/src/Tailwind.Traders.Web directory: Azure.Storage.Blobs, Microsoft.AspNetCore.Authentication.JwtBearer, MongoDB.Driver and System.Data.SqlClient.

Updates Azure.Storage.Blobs from 12.8.0 to 12.13.0

Commits

Updates Microsoft.AspNetCore.Authentication.JwtBearer from 5.0.2 to 5.0.9

Release notes

Sourced from Microsoft.AspNetCore.Authentication.JwtBearer's releases.

.NET 5.0.9

Release

.NET 5.0.8

Release

.NET 5.0.7

Release

.NET 5.0.6

Release

.NET 5.0.5

Release

.NET 5.0.4

Release

Commits
  • c663ade Merged PR 15469: Clean up logging
  • 3aeeedc [internal/release/5.0] Update dependencies from dnceng/internal/dotnet-efcore
  • adcf3c4 Merge in 'release/5.0' changes
  • 3f87303 Merge pull request #34308 from vseanreesermsft/internal-merge-5.0-2021-07-13-...
  • 45223e7 [release/5.0] Update package baselines
  • 81b0403 [release/5.0] Bump SiteExtension.3.1 version
  • 518c5b9 [release/5.0] Update to latest SDK and runtime
  • 41f3416 Merge commit 'ae2eabad0e49302d0632a7dde917fdc68d960dc4' into internal-merge-5...
  • b6532d4 [internal/release/5.0] Update dependencies from dnceng/internal/dotnet-runtime
  • 45a120e [internal/release/5.0] Update dependencies from dnceng/internal/dotnet-runtime
  • Additional commits viewable in compare view

Updates MongoDB.Driver from 2.11.6 to 2.19.0

Release notes

Sourced from MongoDB.Driver's releases.

NET Driver Version 2.19.0 Release Notes

.NET Driver Version 2.19.0 Release Notes

This is the general availability release for the 2.19.0 version of the driver.

The main new features in 2.19.0 include:

  • Atlas Search builders
  • Default LinqProvider changed to LINQ3
  • ObjectSerializer allowed types configuration
  • Bucket and BucketAuto stages support in LINQ3
  • Support Azure VM-assigned Managed Identity for Automatic KMS Credentials
  • Native support for AWS IAM Roles

This version addresses CVE-2022-48282.

ObjectSerializer allowed types configuration

The ObjectSerializer has been changed to only allow deserialization of types that are considered safe. What types are considered safe is determined by a new configurable AllowedTypes function (of type Func<Type, bool>). The default AllowedTypes function is ObjectSerializer.DefaultAllowedTypes which returns true for a number of well-known framework types that we have deemed safe. A typical example might be to allow all the default allowed types as well as your own types. This could be accomplished as follows:

var objectSerializer = new ObjectSerializer(type => ObjectSerializer.DefaultAllowedTypes(type) || type.FullName.StartsWith("MyNamespace"));
BsonSerializer.RegisterSerializer(objectSerializer);

More information about the ObjectSerializer is available in our FAQ.

Default LinqProvider changed to LINQ3

Default LinqProvider has been changed to LINQ3. LinqProvider can be changed back to LINQ2 in the following way:

var connectionString = "mongodb://localhost";
var clientSettings = MongoClientSettings.FromConnectionString(connectionString);
clientSettings.LinqProvider = LinqProvider.V2;
var client = new MongoClient(clientSettings);

If you encounter a bug in LINQ3 provider, please report it in CSHARP JIRA project.

An online version of these release notes is available here.

The full list of issues resolved in this release is available at CSHARP JIRA project.

Documentation on the .NET driver can be found here.

.NET Driver Version 2.18.0 Release Notes

... (truncated)

Commits
  • 3db6a36 Release notes for 2.19.0. (#1013)
  • 790f123 CSHARP-4475: Add an AllowedTypes filter to ObjectSerializer.
  • 8993daa CSHARP-4453: Support Bucket and BucketAuto stages in LINQ3.
  • ec46c34 CSHARP-4490: Fix tests related to asserting wildcardProjection output. (#1011)
  • 9ee046b CSHARP-4182: Support for Range Indexes. (#988)
  • 9189a58 CSHARP-4440: Incorporate MongoDB.Labs.Search library (#989)
  • 0bb42fa CSHARP-4255: Fix bug and some tests. (#993)
  • c0c521e CSHARP-4449: Implement Find projections in LINQ3.
  • 396830c CSHARP-4468: LINQ V3 SelectMany + GroupBy results with redundant $push within...
  • 70ed174 CSHARP-4463: Add aws auth connectivity examples. (#1004)
  • Additional commits viewable in compare view

Updates System.Data.SqlClient from 4.8.3 to 4.8.6

Release notes

Sourced from System.Data.SqlClient's releases.

.NET Core 2.1.0 RC1

Repos

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump the nuget group across 1 directories with 4 updates
21aad37 
Bumps the nuget group with 4 updates in the /ch9_release/src/Tailwind.Traders.Web directory: [Azure.Storage.Blobs](https://github.com/Azure/azure-sdk-for-net), [Microsoft.AspNetCore.Authentication.JwtBearer](https://github.com/dotnet/aspnetcore), [MongoDB.Driver](https://github.com/mongodb/mongo-csharp-driver) and [System.Data.SqlClient](https://github.com/dotnet/corefx).


Updates `Azure.Storage.Blobs` from 12.8.0 to 12.13.0
- [Release notes](https://github.com/Azure/azure-sdk-for-net/releases)
- [Commits](Azure/azure-sdk-for-net@Azure.Storage.Blobs_12.8.0...Azure.Storage.Blobs_12.13.0)

Updates `Microsoft.AspNetCore.Authentication.JwtBearer` from 5.0.2 to 5.0.9
- [Release notes](https://github.com/dotnet/aspnetcore/releases)
- [Changelog](https://github.com/dotnet/aspnetcore/blob/main/docs/ReleasePlanning.md)
- [Commits](dotnet/aspnetcore@v5.0.2...v5.0.9)

Updates `MongoDB.Driver` from 2.11.6 to 2.19.0
- [Release notes](https://github.com/mongodb/mongo-csharp-driver/releases)
- [Commits](mongodb/mongo-csharp-driver@v2.11.6...v2.19.0)

Updates `System.Data.SqlClient` from 4.8.3 to 4.8.6
- [Release notes](https://github.com/dotnet/corefx/releases)
- [Commits](https://github.com/dotnet/corefx/commits)

---
updated-dependencies:
- dependency-name: Azure.Storage.Blobs
  dependency-type: direct:production
  dependency-group: nuget-security-group
- dependency-name: Microsoft.AspNetCore.Authentication.JwtBearer
  dependency-type: direct:production
  dependency-group: nuget-security-group
- dependency-name: MongoDB.Driver
  dependency-type: direct:production
  dependency-group: nuget-security-group
- dependency-name: System.Data.SqlClient
  dependency-type: direct:production
  dependency-group: nuget-security-group
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot requested a review from wulfland as a code owner January 17, 2024 08:03
@dependabot dependabot bot added .NET Pull requests that update .net code dependencies Pull requests that update a dependency file labels Jan 17, 2024
@wulfland wulfland enabled auto-merge (squash) January 17, 2024 08:06
@wulfland wulfland merged commit 7d5384b into main Jan 17, 2024
5 checks passed
@wulfland wulfland deleted the dependabot/nuget/ch9_release/src/Tailwind.Traders.Web/nuget-security-group-fc17d7194d branch January 17, 2024 08:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wulfland wulfland wulfland approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file .NET Pull requests that update .net code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@wulfland