Closed dependabot[bot] closed 3 months ago
Bumps the microsoftidentity group with 5 updates in the / directory:
4.63.0
4.64.0
8.0.1
8.0.2
Updates Microsoft.Identity.Client from 4.63.0 to 4.64.0
Microsoft.Identity.Client
Sourced from Microsoft.Identity.Client's releases.
4.64.0 New Features Added managed identity support for Azure ARC on Linux. See [Issue #4358](AzureAD/microsoft-authentication-library-for-dotnet#4358) Added Username and password support for confidential clients. See [Issue #3774](AzureAD/microsoft-authentication-library-for-dotnet#3774) Bug Fixes Resolved SHA2 issues that break custom claims during authentication flows. See [Issue #4868](AzureAD/microsoft-authentication-library-for-dotnet#4868)
8fe46a8
867f5cf
4ad6276
c7eb345
5ff5d21
6956f26
adf5dab
Updates Microsoft.Identity.Client.Extensions.Msal from 4.63.0 to 4.64.0
Microsoft.Identity.Client.Extensions.Msal
Sourced from Microsoft.Identity.Client.Extensions.Msal's releases.
Updates Microsoft.IdentityModel.Abstractions from 8.0.1 to 8.0.2
Microsoft.IdentityModel.Abstractions
Sourced from Microsoft.IdentityModel.Abstractions's releases.
8.0.2 Security fundamentals Add BannedApiAnalyzers to prevent use of ClaimsIdentity constructors. See PR #2778 for details. Bug fixes IdentityModel now allows the JWT payload to be an empty string. See issue #2656 for details. Cache UseRfcDefinitionOfEpkAndKid switch. See PR #2747 for details. Method was named DoNotFailOnMissingTid in 7x and DontFailOnMissingTid in 8x, adding the method for back compat. See issue #2750 for details. Metadata is now updated on a background thread. See #2780 for details. JsonWebKeySet stores the original string it was created with. See PR #2755 for details. Restore AOT compatibility. See #2711. Fix OpenIdConnect parsing bug. See #2772 for details. Remove the lock on creating a SignatureProvider. See #2788 for details. Fundamentals Test clean up #2742. Use only FxCop in .NET framework targets #2693. Add rule to add file headers automatically #2748. Code analysis updates #2746. Include README packages in NuGet #2752. Update projects inside WilsonUnix solution #2768. Code style enforced in build #2603. CodeQL update #2767. Update build pipeline to new one release build format #2777. Update GitHub actions to 9.0.100-preview.7.24407.12 and add <NoWarn>$(NoWarn);SYSLIB0057</NoWarn> due to breaking changes in preview7. #2786. Work relating to #2711 #2725, #2729, #2753, #2758, #2759, #2757, #2759, #2764, #2759, #2771, #2759, and #2779. What's Changed Remove old 6x tests used that are not needed anymore by @brentschmaltz in AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2742 Only use fxcop in netfw by @keegan-caruso in AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2693 Allow Jwt payload to be the empty string. by @brentschmaltz in AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2745 Add rule to add file headers automatically. by @pmaytak in AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2748 Remove Delegate Checks in Multiple Validators and Prevents Null Setting of Delegates by @FuPingFranco in AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2725 Fix CodeQL by @pmaytak in AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2746 Cache UseRfcDefinitionOfEpkAndKid switch. by @pmaytak in AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2747 Decrypt token: Remove exceptions + use new ValidationParameters by @iNinja in AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2729 Include README packages in NuGet by @localden in AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2752 Remove internals for new work. by @brentschmaltz in AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2753 Add property named differently in 7x. by @brentschmaltz in AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2756 Remove SlimLock when updating metadata. by @brentschmaltz in AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2751 Revert "Remove SlimLock when updating metadata. (#2751)" by @keegan-caruso in AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2762 Remove Delegate Checks Audience Validator and Prevents Null Setting of Delegate by @FuPingFranco in AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2758 Re-factor Issuer Validator to Follow New Validation Model by @FuPingFranco in AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2759 Update projects inside WilsonUnix solution by @iNinja in AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2768 JsonWebKeySet stores the String it was created with by @westin-m in AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2755
BannedApiAnalyzers
ClaimsIdentity
UseRfcDefinitionOfEpkAndKid
DoNotFailOnMissingTid
DontFailOnMissingTid
JsonWebKeySet
SignatureProvider
9.0.100-preview.7.24407.12
<NoWarn>$(NoWarn);SYSLIB0057</NoWarn>
@brentschmaltz
@keegan-caruso
@pmaytak
@FuPingFranco
@iNinja
@localden
@westin-m
... (truncated)
Sourced from Microsoft.IdentityModel.Abstractions's changelog.
8.0.2 Security fundamentals Add BannedApiAnalyzers to prevent use of ClaimsIdentity constructors. See PR #2778 for details. Bug fixes IdentityModel now allows the JWT payload to be an empty string. See issue #2656 for details. Cache UseRfcDefinitionOfEpkAndKid switch. See PR #2747 for details. Method was named DoNotFailOnMissingTid in 7x and DontFailOnMissingTid in 8x, adding the method for back compat. See issue #2750 for details. Metadata is now updated on a background thread. See #2780 for details. JsonWebKeySet stores the original string it was created with. See PR #2755 for details. Restore AOT compatibility. See #2711. Fix OpenIdConnect parsing bug. See #2772 for details. Remove the lock on creating a SignatureProvider. See #2788 for details. Fundamentals Test clean up #2742. Use only FxCop in .NET framework targets #2693. Add rule to add file headers automatically #2748. Code analysis updates #2746. Include README packages in NuGet #2752. Update projects inside WilsonUnix solution #2768. Code style enforced in build #2603. CodeQL update #2767. Update build pipeline to new one release build format #2777. Update GitHub actions to 9.0.100-preview.7.24407.12 and add <NoWarn>$(NoWarn);SYSLIB0057</NoWarn> due to breaking changes in preview7. #2786. Work relating to #2711 #2725, #2729, #2753, #2758, #2759, #2757, #2759, #2764, #2759, #2771, #2759, and #2779.
1e23cef
7c7d1c1
2f4f9e6
a120bde
34a421f
eb4df8f
68ff8df
7841666
5853e4c
d2632a7
Updates Microsoft.IdentityModel.JsonWebTokens from 8.0.1 to 8.0.2
Microsoft.IdentityModel.JsonWebTokens
Sourced from Microsoft.IdentityModel.JsonWebTokens's releases.
Sourced from Microsoft.IdentityModel.JsonWebTokens's changelog.
8.0.2 Security fundamentals Add BannedApiAnalyzers to prevent use of ClaimsIdentity constructors. See PR #2778 for details. Bug fixes IdentityModel now allows the JWT payload to be an empty string. See issue #2656 for details. Cache UseRfcDefinitionOfEpkAndKid switch. See PR #2747 for details. Method was named DoNotFailOnMissingTid in 7x and DontFailOnMissingTid in 8x, adding the method for back compat. See issue #2750 for details. Metadata is now updated on a background thread. See #2780 for details. JsonWebKeySet stores the original string it was created with. See PR #2755 for details. Restore AOT compatibility. See #2711. Fix OpenIdConnect parsing bug. See #2772 for details. Remove the lock on creating a SignatureProvider. See #2788 for details. Fundamentals Test clean up #2742. Use only FxCop in .NET framework targets #2693. Add rule to add file headers automatically #2748. Code analysis updates #2746. Include README packages in NuGet #2752. Update projects inside WilsonUnix solution #2768. Code style enforced in build #2603. CodeQL update #2767. Update build pipeline to new one release build format #2777. Update GitHub actions to 9.0.100-preview.7.24407.12 and add <NoWarn>$(NoWarn);SYSLIB0057</NoWarn> due to breaking changes in preview7. #2786. Work relating to #2711 #2725, #2729, #2753, #2758, #2759, #2757, #2759, #2764, #2759, #2771, #2759, and #2779. What's Changed Remove old 6x tests used that are not needed anymore by @brentschmaltz in AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2742 Only use fxcop in netfw by @keegan-caruso in AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2693 Allow Jwt payload to be the empty string. by @brentschmaltz in AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2745 Add rule to add file headers automatically. by @pmaytak in AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2748 Remove Delegate Checks in Multiple Validators and Prevents Null Setting of Delegates by @FuPingFranco in AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2725 Fix CodeQL by @pmaytak in AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2746 Cache UseRfcDefinitionOfEpkAndKid switch. by @pmaytak in AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2747 Decrypt token: Remove exceptions + use new ValidationParameters by @iNinja in AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2729 Include README packages in NuGet by @localden in AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2752 Remove internals for new work. by @brentschmaltz in AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2753 Add property named differently in 7x. by @brentschmaltz in AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2756 Remove SlimLock when updating metadata. by @brentschmaltz in AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2751 Revert "Remove SlimLock when updating metadata. (#2751)" by @keegan-caruso in AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2762
Bumps the microsoftidentity group with 5 updates in the / directory:
4.63.04.64.04.63.04.64.04.63.04.64.08.0.18.0.28.0.18.0.28.0.18.0.28.0.18.0.28.0.18.0.28.0.18.0.2Updates
Microsoft.Identity.Clientfrom 4.63.0 to 4.64.0Release notes
Sourced from Microsoft.Identity.Client's releases.
Commits
8fe46a8Changing the handling of client claims to use JSON (#4886)867f5cfDisabling arlinton test case for "WithSecret_TestAsync" (#4906)4ad6276Update interop package to 0.16.2 (#4903)c7eb345Changed consent handler to find element by name instead of ID (#4897)5ff5d21Remove the links to Azure SDK for managed identity since these will be update...6956f26Update the logic to add file based detection for azure arc for linux env (#4856)adf5dabEnabling ROPC on CCA (#4799)Updates
Microsoft.Identity.Client.Extensions.Msalfrom 4.63.0 to 4.64.0Release notes
Sourced from Microsoft.Identity.Client.Extensions.Msal's releases.
Commits
8fe46a8Changing the handling of client claims to use JSON (#4886)867f5cfDisabling arlinton test case for "WithSecret_TestAsync" (#4906)4ad6276Update interop package to 0.16.2 (#4903)c7eb345Changed consent handler to find element by name instead of ID (#4897)5ff5d21Remove the links to Azure SDK for managed identity since these will be update...6956f26Update the logic to add file based detection for azure arc for linux env (#4856)adf5dabEnabling ROPC on CCA (#4799)Updates
Microsoft.Identity.Clientfrom 4.63.0 to 4.64.0Release notes
Sourced from Microsoft.Identity.Client's releases.
Commits
8fe46a8Changing the handling of client claims to use JSON (#4886)867f5cfDisabling arlinton test case for "WithSecret_TestAsync" (#4906)4ad6276Update interop package to 0.16.2 (#4903)c7eb345Changed consent handler to find element by name instead of ID (#4897)5ff5d21Remove the links to Azure SDK for managed identity since these will be update...6956f26Update the logic to add file based detection for azure arc for linux env (#4856)adf5dabEnabling ROPC on CCA (#4799)Updates
Microsoft.IdentityModel.Abstractionsfrom 8.0.1 to 8.0.2Release notes
Sourced from Microsoft.IdentityModel.Abstractions's releases.
... (truncated)
Changelog
Sourced from Microsoft.IdentityModel.Abstractions's changelog.
Commits
1e23cefRemove lock when creating a SignatureProvider (#2788)7c7d1c1update to 9.0.100-preview.7.24407.12 (#2786)2f4f9e6updates for one build (#2777)a120bdeAdding benchmark for new ValidateTokenAsync model vs old (#2779)34a421fAdd BannedApiAnalyzers to prevent use of ClaimsIdentity constructors (#2778)eb4df8fAdd lock when configuration is null (#2780)68ff8dfValidateTokenAsync: New code path (#2771)7841666Fix Open Id connect parsing bug. (#2776)5853e4ctry to fix codeQL (#2767)d2632a7Restore AOT compatibility for IdentityModel (#2773)Updates
Microsoft.IdentityModel.JsonWebTokensfrom 8.0.1 to 8.0.2Release notes
Sourced from Microsoft.IdentityModel.JsonWebTokens's releases.
... (truncated)
Changelog
Sourced from Microsoft.IdentityModel.JsonWebTokens's changelog.
Commits
1e23cefRemove lock when creating a SignatureProvider (#2788)7c7d1c1update to 9.0.100-preview.7.24407.12 (#2786)2f4f9e6updates for one build (#2777)a120bdeAdding benchmark for new ValidateTokenAsync model vs old (#2779)34a421fAdd BannedApiAnalyzers to prevent use of ClaimsIdentity constructors (#2778)eb4df8fAdd lock when configuration is null (#2780)68ff8dfValidateTokenAsync: New code path (#2771)7841666Fix Open Id connect parsing bug. (#2776)5853e4ctry to fix codeQL (#2767)d2632a7Restore AOT compatibility for IdentityModel (#2773)Updates
Microsoft.IdentityModel.Abstractionsfrom 8.0.1 to 8.0.2Release notes
Sourced from Microsoft.IdentityModel.Abstractions's releases.