search

akkadotnet / Akka.Persistence.SqlServer

Akka.Persistence.SqlServer provider
Apache License 2.0
59 stars 49 forks source link

Bump Microsoft.Data.SqlClient from 5.1.4 to 5.1.5 #358

Closed dependabot[bot] closed 6 months ago

dependabot[bot] commented 7 months ago

Bumps Microsoft.Data.SqlClient from 5.1.4 to 5.1.5.

Release notes

Sourced from Microsoft.Data.SqlClient's releases.

Stable Release v5.1.5

[Stable release 5.1.5] - 2024-01-29

This update brings the below changes over the previous release:

Fixed

  • Fixed connection to unsubscribe from transaction completion events before returning it to the connection pool #2321
  • Fixed InvalidCastException when reading an Always Encrypted date or time column #2324

Changed

  • Changed Microsoft.IdentityModel.JsonWebTokens and Microsoft.IdentityModel.Protocols.OpenIdConnect version 6.24.0 to 6.35.0 #2320 to address CVE-2024-21319
Changelog

Sourced from Microsoft.Data.SqlClient's changelog.

[Stable release 5.1.5] - 2024-01-29

This update brings the below changes over the previous release:

Fixed

  • Fixed connection to unsubscribe from transaction completion events before returning it to the connection pool #2321
  • Fixed InvalidCastException when reading an Always Encrypted date or time column #2324

Changed

  • Changed Microsoft.IdentityModel.JsonWebTokens and Microsoft.IdentityModel.Protocols.OpenIdConnect version 6.24.0 to 6.35.0 #2320 to address CVE-2024-21319
Commits
  • 01a589e [5.1.5] Fix | Enable reading AE date as DateOnly (#2275) (#2324)
  • 759dc69 Fix | Minor fixes to support different test environments (#2045) (#2325)
  • f8520c7 Fix | Invalid transaction exception against the connections and distributed t...
  • b92637e [5.1.5] CVE | Version bump Microsoft.IdentityModel.JsonWebTokens to 6.35.0 (#...
  • See full diff in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 6 months ago

Superseded by #363.