Bump Microsoft.Identity.Web.UI and Microsoft.Identity.Web in /src/ServiceAssessmentService

Bumps Microsoft.Identity.Web.UI and Microsoft.Identity.Web. These dependencies needed to be updated together. Updates Microsoft.Identity.Web.UI from 2.20.0 to 3.0.0

Release notes

Sourced from Microsoft.Identity.Web.UI's releases.

3.0.0

CVE package updates

CVE-2024-30105

See PR #2929 for details.

Updated to Microsoft.IdentityModel.* 8.0.0, Microsoft.Identity.Lab API 1.0.2, Microsoft.Identity.Abstractions 6.0.0

See rel/v2 changelog for full list of added features to 3.0.0.

Fundamentals:

Update lab cert and lab version. See PR #2923 for details.

Changelog

Sourced from Microsoft.Identity.Web.UI's changelog.

3.0.0

CVE package updates

CVE-2024-30105

See PR #2929 for details.

Updated to Microsoft.IdentityModel.* 8.0.0, Microsoft.Identity.Lab API 1.0.2, Microsoft.Identity.Abstractions 6.0.0

See rel/v2 changelog for full list of added features to 3.0.0.

Fundamentals:

Update lab cert and lab version. See PR #2923 for details.

3.0.0-preview3

Updated to Microsoft.IdentityModel.* 8.0.0-preview3

3.0.0-preview2

Updated MSAL .Net to 4.61.3

Updated Azure.Identity to 1.11.4

New features:

Change GetSignedAssertion public API. See issue #2853 for details.

Update to latest .NET 9 preview 4. See issue #2877 for details.

3.0.0-preview1

Breaking changes

Remove netcoreapp3.1 support, see issue #2262 for details.

Remove net5.0 support from Microsoft.Identity.Web.UI, see issue #2711 for details.

New features

Microsoft.Identity.Web can be conditionally built on .net9.0-preview, see issue #2702 for details.

Microsoft.Identity.Web nows processes the AcceptHeader and ContentType if provided, see issue #2806 for details.

Target Microsoft.IdentityModel 7x in OWIN targets, see issue #2785 for details.

========

See rel/v2 changelog for full list of added features to 3.0.0.

========

2.19.0

Updated to Microsoft.IdentityModel.* 7.6.0

New features

Id Web now provides a .WithUser() modifier to the Microsoft Graph queries (like WithAppOnly()). See issue #2855 for details.

Id Web now provides a base class for implementing a custom IAuthorizationHeaderProvider. See issue #2856 for details.

... (truncated)

Commits

1e6f70f update build to 9.0.100-preview.6.24328.19 (#2940)
e6fe2d8 fix blazor test (#2939)
9863535 cve fixes (#2938)
f6c19af fix .net 9 package issue (#2937)
5a67761 Lozensky/update deps for CVE (#2936)
756e5fb update to M.IM 8 (#2934)
8975ae2 3.0.0 changelog (#2932)
a53065d updated dependency versions for b2c webapp (#2933)
bf48d7a fix CVEs (#2929)
f5b443e update lab API to 1.0.2 (#2926)
Additional commits viewable in compare view

Updates Microsoft.Identity.Web from 2.20.0 to 3.0.0

Release notes

Sourced from Microsoft.Identity.Web's releases.

3.0.0

CVE package updates

CVE-2024-30105

See PR #2929 for details.

Updated to Microsoft.IdentityModel.* 8.0.0, Microsoft.Identity.Lab API 1.0.2, Microsoft.Identity.Abstractions 6.0.0

See rel/v2 changelog for full list of added features to 3.0.0.

Fundamentals:

Update lab cert and lab version. See PR #2923 for details.

Changelog

Sourced from Microsoft.Identity.Web's changelog.

3.0.0

CVE package updates

CVE-2024-30105

See PR #2929 for details.

Updated to Microsoft.IdentityModel.* 8.0.0, Microsoft.Identity.Lab API 1.0.2, Microsoft.Identity.Abstractions 6.0.0

See rel/v2 changelog for full list of added features to 3.0.0.

Fundamentals:

Update lab cert and lab version. See PR #2923 for details.

3.0.0-preview3

Updated to Microsoft.IdentityModel.* 8.0.0-preview3

3.0.0-preview2

Updated MSAL .Net to 4.61.3

Updated Azure.Identity to 1.11.4

New features:

Change GetSignedAssertion public API. See issue #2853 for details.

Update to latest .NET 9 preview 4. See issue #2877 for details.

3.0.0-preview1

Breaking changes

Remove netcoreapp3.1 support, see issue #2262 for details.

Remove net5.0 support from Microsoft.Identity.Web.UI, see issue #2711 for details.

New features

Microsoft.Identity.Web can be conditionally built on .net9.0-preview, see issue #2702 for details.

Microsoft.Identity.Web nows processes the AcceptHeader and ContentType if provided, see issue #2806 for details.

Target Microsoft.IdentityModel 7x in OWIN targets, see issue #2785 for details.

========

See rel/v2 changelog for full list of added features to 3.0.0.

========

2.19.0

Updated to Microsoft.IdentityModel.* 7.6.0

New features

Id Web now provides a .WithUser() modifier to the Microsoft Graph queries (like WithAppOnly()). See issue #2855 for details.

Id Web now provides a base class for implementing a custom IAuthorizationHeaderProvider. See issue #2856 for details.

... (truncated)

Commits

1e6f70f update build to 9.0.100-preview.6.24328.19 (#2940)
e6fe2d8 fix blazor test (#2939)
9863535 cve fixes (#2938)
f6c19af fix .net 9 package issue (#2937)
5a67761 Lozensky/update deps for CVE (#2936)
756e5fb update to M.IM 8 (#2934)
8975ae2 3.0.0 changelog (#2932)
a53065d updated dependency versions for b2c webapp (#2933)
bf48d7a fix CVEs (#2929)
f5b443e update lab API to 1.0.2 (#2926)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

DFE-Digital / service-assessment-service

Bump Microsoft.Identity.Web.UI and Microsoft.Identity.Web in /src/ServiceAssessmentService #338

3.0.0

CVE package updates

Fundamentals:

3.0.0

CVE package updates

Fundamentals:

3.0.0-preview3

3.0.0-preview2

New features:

3.0.0-preview1

Breaking changes

New features

2.19.0

New features

3.0.0

CVE package updates

Fundamentals:

3.0.0

CVE package updates

Fundamentals:

3.0.0-preview3

3.0.0-preview2

New features:

3.0.0-preview1

Breaking changes

New features

2.19.0

New features

Quality Gate passed