build(deps): bump the default group across 1 directory with 10 updates

[dependabot]

Bumps the default group with 10 updates in the /src directory:

Package	From	To
coverlet.collector	6.0.0	6.0.2
MimeKit	4.7.1	4.8.0
System.IdentityModel.Tokens.Jwt	7.4.1	7.7.1
JsonSchema.Net	6.0.5	6.1.2
Serilog.AspNetCore	8.0.1	8.0.3
Serilog.Settings.Configuration	8.0.2	8.0.4
Serilog.Settings.Configuration	8.0.2	8.0.4
SwashBuckle.AspNetCore	6.8.0	6.9.0
MailKit	4.3.0	4.8.0
MimeKit	4.7.1	4.8.0
Laraue.EfCoreTriggers.PostgreSql	8.0.3	8.1.2
Npgsql.EntityFrameworkCore.PostgreSQL	8.0.4	8.0.8

Updates coverlet.collector from 6.0.0 to 6.0.2

Release notes

Sourced from coverlet.collector's releases.

v6.0.2

Fixed

• Threshold-stat triggers error #1634
• Fixed coverlet collector 6.0.1 requires dotnet sdk 8 #1625
• Type initializer errors after updating from 6.0.0 to 6.0.1 #1629
• Exception when multiple exclude-by-attribute filters specified #1624

Improvements

• More concise options to specify multiple parameters in coverlet.console #1624

Diff between 6.0.1 and 6.0.2

v6.0.1

Fixed

• Uncovered lines in .NET 8 for inheriting records #1555
• Fix record constructors not covered when SkipAutoProps is true #1561
• Fix .NET 7 Method Group branch coverage issue #1447
• Fix ExcludeFromCodeCoverage does not exclude method in a partial class #1548
• Fix ExcludeFromCodeCoverage does not exclude F# task #1547
• Fix issues where ExcludeFromCodeCoverage ignored #1431
• Fix issues with ExcludeFromCodeCoverage attribute #1484
• Fix broken links in documentation #1514
• Fix problem with coverage for .net5 WPF application #1221 by https://github.com/lg2de
• Fix unable to instrument module for Microsoft.AspNetCore.Mvc.Razor #1459 by https://github.com/lg2de

Improvements

• Extended exclude by attribute feature to work with fully qualified name #1589
• Use System.CommandLine instead of McMaster.Extensions.CommandLineUtils #1474 by https://github.com/Bertk
• Fix deadlog in Coverlet.Integration.Tests.BaseTest #1541 by https://github.com/Bertk
• Add coverlet.msbuild.tasks unit tests #1534 by https://github.com/Bertk

Diff between 6.0.0 and 6.0.1

Commits

• 04ba205 new release (#1641)
• f61bbc7 Update docs on new source-mapping-file argument (#1632)
• 892d86e Fix TypeInitializer issue (#1636)
• 6bd8783 Remove usage of System.Text.Json for now (#1637)
• 813f36c Fix issue 1634 (#1635)
• 783c482 Add regex evaluation timeout (#1630)
• 9ee7b8f Broken exclude-by-attribute feature in coverlet.console (#1627)
• 59430c3 Fix issues for V6.0.1 nuget packages (collector, console) (#1628)
• aa1d224 remove current versions in release plan (#1623)
• 440a26a bumb preview version (#1622)
• Additional commits viewable in compare view

Updates MimeKit from 4.7.1 to 4.8.0

Changelog

Sourced from MimeKit's changelog.

MimeKit 4.8.0 (2024-09-29)

• Added TypeConverters for InternetAddress and InternetAddressList.

Commits

• e191351 Bumped version to 4.8.0
• b91bd22 Improved docs for MimeMessage.Sender
• 01a3ce5 Bump NUnit.ConsoleRunner from 3.18.1 to 3.18.2 (#1078)
• 8db3c29 Update main.yml
• 52b8800 Bump Microsoft.NET.Test.Sdk from 17.11.0 to 17.11.1 (#1074)
• f2eeaa0 Updated FAQ.md to add a Q/A for TypeLoadException issues
• ee34ac4 Bump nunit from 4.2.1 to 4.2.2 (#1073)
• 7a5aca9 more type converter test fixes
• 2479246 Fixed unit tests
• cd8ac20 minor code cleanup
• Additional commits viewable in compare view

Updates System.IdentityModel.Tokens.Jwt from 7.4.1 to 7.7.1

Release notes

Sourced from System.IdentityModel.Tokens.Jwt's releases.

7.7.1

Bug Fix

• Re-add JsonSerializerPrimitives.TryAllStringClaimsAsDateTime which was removed as it is in an internal class, but due to InternalsVisibleTo can lead to a MissingMethodException if IdentityModel versions are not aligned. See PR #2734 for details.

7.7.0

CVE package updates

CVE-2024-30105

• A derived ClaimsIdentity where claim retrieval is case-sensitive. The current ClaimsIdentity, in .NET, retrieves claims in a case-insensitive manner which is different than querying the underlying SecurityToken. The new CaseSensitiveClaimsIdentity class provides consistent retrieval logic with SecurityToken. Opt in to the new behavior via an AppContext switch. See PR #2715 for details.

Performance improvement

• AppContext.TryGetSwitch statically caches internally but takes out a lock. .NET almost always caches these values. They're not expected to change while the process is running unlike normal config. IdentityModel now caches the value. See issue #2722 for details.

7.6.2

Bug Fix:

• Revert reduced allocations in AadIssuerValidator by not using string.Replace where appropriate due to an index out-of-range error.

7.6.1

New Features:

• Add missing metadata parameters to OpenIdConnectConfiguration. See issue #2498 for details.

Bug Fixes:

• Fix over-reporting of IDX14100. See issue #2058 and PR #2618 for details.
• JwtRegisteredClaimNames now contains previously missing Standard OpenIdConnect claims. See issue #1598 for details.

Performance Improvements:

• Reduced allocations in AadIssuerValidator by not using string.Replace where appropriate. See issue #2595 and PR #2597 for more details.
• No longer for every string claim, calling DateTime.TryParse on each value, whether it is expected to be a DateTime or not. See issue #2615 for details.

7.6.0

New Features:

• Update JsonWebToken - extract and expose the method that reads the header/payload property values from the reader so it can be overridden in children classes to add any extra own logic. See issues #2581, #2583, and #2495 for details.

Bug Fixes:

• JWE header algorithm is now compliant to IANA document. See issue #2089 for details.

Performance Improvements:

• Reduce the number of internal array allocations that need to happen for each claim set, see PR #2596.

Fundamentals:

• Add an AOT compatibility check on each PR to ensure only AOT compatible code is checked-in. See PR #2598.
• Update perl scrip for OneBranch build. See PR #2602.
• Add langversion 12 to benchmark tests. See PR #2601.
• Removed unused build.cmd file. See PR #2605.

... (truncated)

Changelog

Sourced from System.IdentityModel.Tokens.Jwt's changelog.

7.7.1

Bug Fix

• Re-add JsonSerializerPrimitives.TryAllStringClaimsAsDateTime which was removed as it is in an internal class, but due to InternalsVisibleTo can lead to a MissingMethodException if IdentityModel versions are not aligned. See PR #2734 for details.

7.7.0

CVE package updates

CVE-2024-30105

• A derived ClaimsIdentity where claim retrieval is case-sensitive. The current ClaimsIdentity, in .NET, retrieves claims in a case-insensitive manner which is different than querying the underlying SecurityToken. The new CaseSensitiveClaimsIdentity class provides consistent retrieval logic with SecurityToken. Opt in to the new behavior via an AppContext switch. See PR #2715 for details.

7.6.3

Bug Fix

• Remove dependency on AadIssuerValidator.GetTenantIdFromToken in ValidateIssuerSigningKey, to only consider the tid. An AppContext switch enables fallbacking to the previous behavior, which should not be needed. See PR #2680 for details.

7.6.2

Bug Fix:

• Revert reduced allocations in AadIssuerValidator by not using string.Replace where appropriate due to an index out-of-range error.

7.6.1

New Features:

• Add missing metadata parameters to OpenIdConnectConfiguration. See issue #2498 for details.

Bug Fixes:

• Fix over-reporting of IDX14100. See issue #2058 and PR #2618 for details.
• JwtRegisteredClaimNames now contains previously missing Standard OpenIdConnect claims. See issue #1598 for details.

Performance Improvements:

• Reduced allocations in AadIssuerValidator by not using string.Replace where appropriate. See issue #2595 and PR #2597 for more details.
• No longer for every string claim, calling DateTime.TryParse on each value, whether it is expected to be a DateTime or not. See issue #2615 for details.

7.6.0

New Features:

• Update JsonWebToken - extract and expose the method that reads the header/payload property values from the reader so it can be overridden in children classes to add any extra own logic. See issues #2581, #2583, and #2495 for details.

Bug Fixes:

• JWE header algorithm is now compliant to IANA document. See issue #2089 for details.

Performance Improvements:

• Reduce the number of internal array allocations that need to happen for each claim set, see PR #2596.

Fundamentals:

• Add an AOT compatibility check on each PR to ensure only AOT compatible code is checked-in. See PR #2598.
• Update perl scrip for OneBranch build. See PR #2602.
• Add langversion 12 to benchmark tests. See PR #2601.

... (truncated)

Commits

• aea9c71 changelog for 7.7.1 (#2736)
• e65fcb2 Add JsonSerializerPrimitives.TryAllStringClaimsAsDateTime to 7x. (#2734)
• 74d8a82 Fix static tests (#2732)
• a75d614 Cherry pick Cache context switches (#2724) to 7x (#2726)
• 8405847 System.Text.Json CVE fix (#2721)
• 58f1f7f 7.7.0 change log (#2714)
• 6d6a22e Add CaseSensitiveClaimsIdentity to 7x (#2715)
• eaeb748 Remove dependency on AadIssuerValidator.GetTenantIdFromToken in ValidateIssue...
• a93b7f6 Update CHANGELOG.md (#2654)
• 4d3e5b9 Revert PR#2597 (#2650)
• Additional commits viewable in compare view

Updates JsonSchema.Net from 6.0.5 to 6.1.2

Commits

• 6493834 revert extension method return value change
• 2f0a7b5 Merge pull request #717 from gregsdennis/error-update
• 8ceb00f fixed versions and release noteses
• 3f073b3 missed type rename in error messages
• 76facda add active language label
• bb9ce5a update path cts
• fe87757 Merge pull request #715 from gregsdennis/jsone/update
• d850f93 update version and release notes
• b447356 Merge pull request #714 from mi25iw/fix/713-unknown-context-value
• 8b5db74 Do not evaluate untaken if and switch branches
• Additional commits viewable in compare view

Updates Serilog.AspNetCore from 8.0.1 to 8.0.3

Release notes

Sourced from Serilog.AspNetCore's releases.

v8.0.3

• #383 - update Serilog.Settings.Configuration dependency (@​Numpsy)

v8.0.2

• #376 - update Serilog.Settings.Configuration dependency to avoid transitive dependency on vulnerable System.Text.Json (@​nblumhardt)
• #364 - fix example code (@​RandomBuffer)
• #367 - clean up and format (@​sungam3r)
• #370 - README updates (@​nblumhardt)

Commits

• 4522f89 Merge pull request #385 from serilog/dev
• 533f475 Merge pull request #383 from Numpsy/conf_up
• de0a38f Update Serilog.Settings.Configuration to 8.0.4
• 680af2e Dev version bump [skip ci]
• 57d78d1 Merge pull request #378 from serilog/dev
• 1a88701 Merge pull request #377 from nblumhardt/dependency-update
• 77bd65c Update Serilog.Settings.Configuration dependency to avoid transitive dependen...
• 70808df Fix comment in sample code [skip ci]
• cd8662f Merge pull request #370 from nblumhardt/readme-updates
• 92bc15a README and sample updates to match recent .NET hosting models
• Additional commits viewable in compare view

Updates Serilog.Settings.Configuration from 8.0.2 to 8.0.4

Release notes

Sourced from Serilog.Settings.Configuration's releases.

v8.0.4

• #439 - update Microsoft.Extensions.DependencyModel to 8.0.2 (@​Numpsy)

v8.0.3

• #430 - use consistent binding logic for nested objects in argument values (@​nblumhardt)
• #432 - make string to enum conversion case-insensitive (@​0xced)
• #413 - prefer "MinimumLevel:Default" if "MinimumLevel" is an empty string (@​DavidAllardyce)

Commits

• 71ba0e3 Merge pull request #440 from serilog/dev
• 0c31659 Merge pull request #439 from Numpsy/mde_802
• b0db34c Update Microsoft.Extensions.DependencyModel to 8.0.2
• 77fcc2a Dev version bump [skip ci]
• 0714258 Merge pull request #438 from serilog/dev
• 9d920b7 Merge pull request #413 from DavidAllardyce/332-WebApplicationFactory-Default...
• 53f5717 Dev version bump [skip ci]
• 428ab69 Merge pull request #430 from nblumhardt/complex-props
• 296a8ba Merge pull request #432 from 0xced/string-to-enum-ignore-case
• 47f447a Make string to enum conversion case insensitive
• Additional commits viewable in compare view

Updates Serilog.Settings.Configuration from 8.0.2 to 8.0.4

Release notes

Sourced from Serilog.Settings.Configuration's releases.

v8.0.4

• #439 - update Microsoft.Extensions.DependencyModel to 8.0.2 (@​Numpsy)

v8.0.3

• #430 - use consistent binding logic for nested objects in argument values (@​nblumhardt)
• #432 - make string to enum conversion case-insensitive (@​0xced)
• #413 - prefer "MinimumLevel:Default" if "MinimumLevel" is an empty string (@​DavidAllardyce)

Commits

• 71ba0e3 Merge pull request #440 from serilog/dev
• 0c31659 Merge pull request #439 from Numpsy/mde_802
• b0db34c Update Microsoft.Extensions.DependencyModel to 8.0.2
• 77fcc2a Dev version bump [skip ci]
• 0714258 Merge pull request #438 from serilog/dev
• 9d920b7 Merge pull request #413 from DavidAllardyce/332-WebApplicationFactory-Default...
• 53f5717 Dev version bump [skip ci]
• 428ab69 Merge pull request #430 from nblumhardt/complex-props
• 296a8ba Merge pull request #432 from 0xced/string-to-enum-ignore-case
• 47f447a Make string to enum conversion case insensitive
• Additional commits viewable in compare view

Updates SwashBuckle.AspNetCore from 6.8.0 to 6.9.0

Release notes

Sourced from SwashBuckle.AspNetCore's releases.

v6.9.0

What's Changed

• Generate Properties whenever there are objects without schema(Not onl… by @​jgarciadelanoceda in domaindrivendev/Swashbuckle.AspNetCore#3095
• fix: Pass props to multi targeting by @​xC0dex in domaindrivendev/Swashbuckle.AspNetCore#3107
• Types with TryParse must be set with type string by @​jgarciadelanoceda in domaindrivendev/Swashbuckle.AspNetCore#3108
• Add native AoT support for ReDoc by @​martincostello in domaindrivendev/Swashbuckle.AspNetCore#3088

New Contributors

• @​xC0dex made their first contribution in domaindrivendev/Swashbuckle.AspNetCore#3107

Full Changelog: domaindrivendev/Swashbuckle.AspNetCore@v6.8.1...v6.9.0

v6.8.1

What's Changed

• Fix issue when applying filters for WithOpenApi extension by @​jgarciadelanoceda in domaindrivendev/Swashbuckle.AspNetCore#3085

Full Changelog: domaindrivendev/Swashbuckle.AspNetCore@v6.8.0...v6.8.1

Commits

• 92ba260 Bump version (#3110)
• 0abed87 Merge pull request #3088 from martincostello/redoc-native-aot
• 349ba38 Types with TryParse must be set with type string (#3108)
• a42d8c9 Pass props to multi-targeting (#3107)
• d11913e Update .NET SDK (#3104)
• 683b8ee Bump actions/checkout from 4.2.0 to 4.2.1 (#3101)
• fdc1ed4 Bump github/codeql-action from 3.26.10 to 3.26.12 (#3103)
• ee9b319 Bump actions/cache from 4.0.2 to 4.1.1 (#3102)
• 9693037 Bump actions/upload-artifact from 4.4.0 to 4.4.2 (#3100)
• c051ca6 Generate properties for objects without schema (#3095)
• Additional commits viewable in compare view

Updates MailKit from 4.3.0 to 4.8.0

Changelog

Sourced from MailKit's changelog.

MailKit 4.8.0 (2024-09-29)

• Added a UniqueIdRange.SortOrder property.
• Updated the protocol log help link for ProtocolExceptions. (issue #1800)
• Fix SmtpClient.Dispose() when telemetry is configured. (issue #1816)
• Added ProxyClient.SystemProxy as a convenience property that wraps the default system proxy (aka HttpClient.DefaultProxy) on net6.0+.

MailKit 4.7.1 (2024-07-12)

• Fixed ImapClient and Pop3Client.Connect/Async() when OTEL is enabled. (issue #1765)
• Bumped MimeKit dependency to 4.7.1 to fix a denial of service security issue in the System.Formats.Asn1 dependency.

MailKit 4.7.0 (2024-06-29)

• Added Activity/Metrics for Imap/Pop3/SmtpClient. (issue #1499)
• Bumped MimeKit dependency to 4.7.0.

MailKit 4.6.0 (2024-05-17)

• Swallow SMTP RSET exceptions. These obscure other Send/SendAsync exceptions. Fixes a regression introduced in 4.4.0. (issue #1748)
• Fixed ImapUtils.FormatInternalDate() to properly handle negative timezone offsets with non-zero minutes. (issue #1743)
• Bumped MimeKit dependency to 4.6.0.

MailKit 4.5.0 (2024-04-13)

• Added a new SmtpClient.RequireTLS property to fix sending mail via Strato.de. (issue #1737)
• Fixed SmtpClient to track the most recent response from the SMTP server in order to include it in SmtpProtocolExceptions caused by unexpected server disconnects to provide more context. (issue #1744)
• Bumped MimeKit dependency to 4.5.0.

MailKit 4.4.0 (2024-03-02)

• Added net8.0 targets
• Split more sync/async logic to reduce allocations made by async state machines when calling the synchronous public APIs instead of the async APIs. (issue #1335)
• Fixed logic for formatting IMAP FETCH HEADER.FIELDS.NOT corner case that was exposed by newly added unit tests.
• Fixed SmtpClient to disconnect during Authenticate/Async on socket errors.
• Fixed SmtpClient's re-EHLO logic to disconnect on errors.

... (truncated)

Commits

• 8fd2a69 Bumped version to 4.8.0
• c5ee1a3 Added ProxyClient.SystemProxy
• 09851bd Fixed ProxyClient.Connect/Async docs for host & port parameters
• e3790d9 Updated GMail SSL certificates
• a9214bb Explicitly depend on System.Runtime.CompilerServices.Unsafe 6.0.0
• 41ea9de Bump NUnit.ConsoleRunner from 3.18.1 to 3.18.2 (#1818)
• 6887154 Updated SSL certificates
• 7e6c440 Update main.yml
• 0fb7ad9 Fix SmtpClient.Dispose() when telemetry is configured
• 00a6dc2 Bump Microsoft.NET.Test.Sdk from 17.11.0 to 17.11.1 (#1813)
• Additional commits viewable in compare view

Updates MimeKit from 4.7.1 to 4.8.0

Changelog

Sourced from MimeKit's changelog.

MimeKit 4.8.0 (2024-09-29)

• Added TypeConverters for InternetAddress and InternetAddressList.

Commits

• e191351 Bumped version to 4.8.0
• b91bd22 Improved docs for MimeMessage.Sender
• 01a3ce5 Bump NUnit.ConsoleRunner from 3.18.1 to 3.18.2 (#1078)
• 8db3c29 Update main.yml
• 52b8800 Bump Microsoft.NET.Test.Sdk from 17.11.0 to 17.11.1 (#1074)
• f2eeaa0 Updated FAQ.md to add a Q/A for TypeLoadException issues
• ee34ac4 Bump nunit from 4.2.1 to 4.2.2 (#1073)
• 7a5aca9 more type converter test fixes
• 2479246 Fixed unit tests
• cd8ac20 minor code cleanup
• Additional commits viewable in compare view

Updates Laraue.EfCoreTriggers.PostgreSql from 8.0.3 to 8.1.2

Commits

• a0b3e30 add AddGenericTrigger method for ModelBuilder (#107)
• ba8f1f5 correct down sql server migrations + tests (#106)
• ccca2f9 update date translations (#103)
• See full diff in compare view

Updates Npgsql.EntityFrameworkCore.PostgreSQL from 8.0.4 to 8.0.8

Commits

• 55dd99e Properly escape constant regex patterns (#3299)
• 3ebe6f5 Bump some test dependencies to avoid CVE warnings
• 2b5d63e Test fixes for 8.0.x sync
• d856230 Bump version to 8.0.8
• aec0d1f Correct non-NodaTime date/time type mappings when NodaTime is configured (#3214)
• 8a4c25b Add ordering by ordinality column for primitive collections (#3209)
• 1292512 Add missing check for predicate in primitive collection simplifications (#3196)
• a2ce3ee Bump version to 8.0.5
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud