devlooped / SponsorLink

SponsorLink: an attempt at OSS sustainability
https://www.devlooped.com/SponsorLink
MIT License
40 stars 4 forks source link

Bump the azure group across 1 directory with 3 updates #378

Closed dependabot[bot] closed 1 month ago

dependabot[bot] commented 1 month ago

Bumps the azure group with 3 updates in the / directory: Azure.Core, Azure.Identity and Microsoft.Azure.Functions.Worker.Sdk.

Updates Azure.Core from 1.43.0 to 1.44.1

Release notes

Sourced from Azure.Core's releases.

Azure.Core_1.44.1

1.44.1 (2024-10-09)

Other Changes

  • Upgraded System.Text.Json package dependency to 6.0.10 for security fix (#46134).

Azure.Core_1.44.0

1.44.0 (2024-10-03)

Features Added

  • TokenRequestContext added the IsProofOfPossessionEnabled, ResourceRequestMethod, and ResourceRequestUri properties to support Proof of Possession tokens (45134).
  • AccessToken added the TokenType property to support distinguishing Bearer tokens from Proof of Possession (PoP) tokens (45134).
  • Moved implementation of Azure.AzureKeyCredential into System.ClientModel.ApiKeyCredential and made ApiKeyCredential the base type for AzureKeyCredential (#46128).
  • BearerTokenAuthenticationPolicy now will attempt to handle Continuous Access Evaluation (CAE) challenges, if present, by default (#46277).

Other Changes

  • Upgraded System.Memory.Data package dependency to 6.0.0 (#46134).
Commits


Updates Azure.Identity from 1.12.1 to 1.13.0

Release notes

Sourced from Azure.Identity's releases.

Azure.Identity_1.13.0

1.13.0 (2024-10-14)

Features Added

  • ManagedIdentityCredential now supports specifying a user-assigned managed identity by object ID.

Bugs Fixed

  • If DefaultAzureCredential attempts to authenticate with the MangagedIdentityCredential and it receives either a failed response that is not json, it will now fall through to the next credential in the chain. #45184
  • Fixed the request sent in AzurePipelinesCredential so it doesn't result in a redirect response when an invalid system access token is provided.
  • Updated to version 4.65.0 of Microsoft.Identity.Client to address a bug preventing the use of alternate authority types such as dStS (4927) .

Other Changes

  • The logging level passed to MSAL now correlates to the log level configured on your configured AzureEventSourceListener. Previously, the log level was always set to Microsoft.Identity.Client.LogLevel.Info.
  • AzurePowerShellCredential now utilizes the AsSecureString parameter to Get-AzAccessToken for version 2.17.0 and greater of the Az.Accounts module.
  • Improved error logging for AzurePipelinesCredential.
Commits


Updates Azure.Core from 1.43.0 to 1.44.1

Release notes

Sourced from Azure.Core's releases.

Azure.Core_1.44.1

1.44.1 (2024-10-09)

Other Changes

  • Upgraded System.Text.Json package dependency to 6.0.10 for security fix (#46134).

Azure.Core_1.44.0

1.44.0 (2024-10-03)

Features Added

  • TokenRequestContext added the IsProofOfPossessionEnabled, ResourceRequestMethod, and ResourceRequestUri properties to support Proof of Possession tokens (45134).
  • AccessToken added the TokenType property to support distinguishing Bearer tokens from Proof of Possession (PoP) tokens (45134).
  • Moved implementation of Azure.AzureKeyCredential into System.ClientModel.ApiKeyCredential and made ApiKeyCredential the base type for AzureKeyCredential (#46128).
  • BearerTokenAuthenticationPolicy now will attempt to handle Continuous Access Evaluation (CAE) challenges, if present, by default (#46277).

Other Changes

  • Upgraded System.Memory.Data package dependency to 6.0.0 (#46134).
Commits


Updates Microsoft.Azure.Functions.Worker.Sdk from 1.18.0 to 1.18.1

Release notes

Sourced from Microsoft.Azure.Functions.Worker.Sdk's releases.

Microsoft.Azure.Functions.Worker.Sdk 1.18.1

What's Changed

Microsoft.Azure.Functions.Worker.Sdk 1.18.1

  • Updated Microsoft.Azure.Functions.Worker.Sdk.Generators reference to 1.3.4.

Microsoft.Azure.Functions.Worker.Sdk.Generators 1.3.4

  • Changed FunctionExecutorGenerator to avoid generation of long if/else chains for apps with a large number of functions.
Commits
  • 0f345be Generators package version update (#2755)
  • a98b271 Updating FunctionExecutorGenerator to avoid long if/else chains.
  • 903be9c Update EntityFramework sample pkg versions (#2742)
  • 39cb965 Updating packages dependencies to the latest (#2729)
  • 24cd553 Function App (Flex Cosumption) ZipDeploy publish support (#2712)
  • 1ee6449 Adding project name to task display names
  • 228f838 Fixing project structure for ASP.NET Core Analyzers
  • dc09a2d Updating ASP.NET Core integration extension version
  • 3c4d5b4 DefaultHttpCoordinator SetHttpContextAsync should use async/await to make the...
  • feb9472 Opting out of central package management in extensions inner build
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions