Bump the dotnet group with 2 updates #48424

dependabot · 2025-09-10T12:11:13Z

Updated Azure.Identity from 1.14.2 to 1.16.0.

Release notes

Sourced from Azure.Identity's releases.

1.16.0 1.16.0 (2025-09-09)

Features Added

Added a new DefaultAzureCredential constructor that accepts a custom environment variable name for credential configuration. This provides flexibility beyond the default AZURE_TOKEN_CREDENTIALS environment variable. The constructor accepts any environment variable name and uses the same credential selection logic as the existing AZURE_TOKEN_CREDENTIALS processing.
Added DefaultAzureCredential.DefaultEnvironmentVariableName constant property that returns "AZURE_TOKEN_CREDENTIALS" for convenience when referencing the default environment variable name.
AzureCliCredential, AzurePowerShellCredential, and AzureDeveloperCliCredential now throw an AuthenticationFailedException when the TokenRequestContext includes claims, as these credentials do not support claims challenges. The exception message includes guidance for handling such scenarios.
When AZURE_TOKEN_CREDENTIALS or the equivalent custom environment variable is configured to ManagedIdentityCredential, the DefaultAzureCredential does not issue a probe request and performs retries with exponential backoff.

Bugs Fixed

Fixed AzureDeveloperCliCredential hanging when the AZD_DEBUG environment variable is set by adding the --no-prompt flag to prevent interactive prompts (#52005).
BrokerCredential is now included in the chain when AZURE_TOKEN_CREDENTIALS is set to dev.
Fixed an issue that prevented ManagedIdentityCredential from utilizing the token cache in Workload Identity Federation environments.
Fixed a bug in DefaultAzureCredential that caused the credential chain to be constructed incorrectly when using AZURE_TOKEN_CREDENTIALS in combination with DefaultAzureCredentialOptions.

Other Changes

The BrokerCredential is now always included in the DefaultAzureCredential chain. If the Azure.Identity.Broker package is not referenced, an exception will be thrown when GetToken is called, making its behavior consistent with the rest of the credentials in the chain.
Updated Microsoft.Identity.Client dependency to version 4.76.0.
Updated Microsoft.Identity.Client.Extensions.Msal dependency to version 4.76.0.

1.15.0 1.15.0 (2025-08-07)

Breaking Changes

Behavioral Breaking Changes

Deprecated SharedTokenCacheCredential. The supporting credential (SharedTokenCacheCredential) was a legacy mechanism for authenticating clients using credentials provided to Visual Studio. For brokered authentication, consider using InteractiveBrowserCredential instead. The following changes have been made:
- SharedTokenCacheCredential class is marked as [Obsolete] and [EditorBrowsable(EditorBrowsableState.Never)]
- SharedTokenCacheCredentialOptions class is marked as [Obsolete] and [EditorBrowsable(EditorBrowsableState.Never)]
- DefaultAzureCredentialOptions.ExcludeSharedTokenCacheCredential property is marked as [Obsolete] and [EditorBrowsable(EditorBrowsableState.Never)]
- SharedTokenCacheUsername property is marked as [Obsolete] and [EditorBrowsable(EditorBrowsableState.Never)]
- SharedTokenCacheCredential is no longer included in the DefaultAzureCredential authentication flow

Bugs Fixed

Tenant ID comparisons in credential options are now case-insensitive. This affects AdditionallyAllowedTenants values which will now be matched against tenant IDs without case sensitivity, making the authentication more resilient to case differences in tenant IDs returned from WWW-Authenticate challenges (#51693).

Other Changes

BrokerAuthenticationCredential has been renamed as BrokerCredential.
Added the EditorBrowsable(Never) attribute to property VisualStudioCodeTenantId as TenantId is preferred. The VisualStudioCodeTenantId property exists only to provide backwards compatibility.

Commits viewable in compare view.

Updated Microsoft.Extensions.AI from 9.7.1 to 9.9.0.

Release notes

Sourced from Microsoft.Extensions.AI's releases.

9.9.0 Highlights

AI

Abstractions for remote MCP servers; response/approval flow support via new experimental types
Function approvals via new experimental types (e.g., ApprovalRequiredAIFunction, user input/approval request & response content).
Reasoning text streaming for OpenAI Responses ChatClient streaming.
AIFunction split into a base class to improve extensibility.
IChatReducer moved to Microsoft.Extensions.AI.Abstractions.
Updated to OpenAI 2.4.0 and genai standard convention 1.37.
Coalescing logic now treats ChatMessage.Role changes as new messages.
GetResponseAsync<T> now reads only the last message (bug fix).
OpenTelemetry ChatClient/EmbeddingGenerator logs raw additional properties (no key mangling).
Fixed empty annotated text chunk handling in streaming with OpenAI Assistants.

Telemetry & Diagnostics

HTTP diagnostics log query string params with proper redaction (emitted on url.query).
server.address telemetry emits host only (per OpenTelemetry semantic conventions).
Heuristics added to detect well-known model hosts.
Resource monitoring can consider Environment.CpuUsage.

New Contributors

@ykumashev made their first contribution in Consider using Environment.CpuUsage in ResourceMonitoring extensions#6696

Full Changelog: dotnet/extensions@v9.8.0...v9.9.0

9.8.0 What's Changed

Align EventId generation with M.E.Logging source-gen by @xakep139 in Align EventId generation with M.E.Logging source-gen extensions#6566
Add resiliency mechanism to CPU and memory utilization checks by @amadeuszl in Add resiliency mechanism to CPU and memory utilization checks extensions#6528
Suppress flaky test until fixed by @joelverhagen in Suppress flaky test until fixed extensions#6568
Create a project template for an MCP server by @joelverhagen in Create a project template for an MCP server extensions#6547
Use dnx instead of dotnet tool exec in MCP server template README by @joelverhagen in Use dnx instead of dotnet tool exec in MCP server template README extensions#6571
Add reporting tests that show NLP results. by @peterwald in Add reporting tests that show NLP results. extensions#6574
Branding updates for 9.8.0 by @joperezr in Branding updates for 9.8.0 extensions#6573
Fix ConfigureEvaluationTests.ps1 script when $ConfigRoot is not supplied by @peterwald in Fix ConfigureEvaluationTests.ps1 script when $ConfigRoot is not supplied extensions#6575
Refactor Resource Monitoring by @evgenyfedorov2 in Refactor Resource Monitoring extensions#6554
Update McpServer template for 0.3.0-preview.2 by @stephentoub in Update McpServer template for 0.3.0-preview.2 extensions#6578
Add container.cpu.time metric by @evgenyfedorov2 in Add container.cpu.time metric extensions#5806
Add netstandard2.0 compatibility to Microsoft.Extensions.Diagnostics.Testing and dependencies by @bdovaz in Add netstandard2.0 compatibility to Microsoft.Extensions.Diagnostics.Testing and dependencies extensions#6219
Add netstandard2.0 compatibility to Microsoft.Extensions.Telemetry and dependencies by @bdovaz in Add netstandard2.0 compatibility to Microsoft.Extensions.Telemetry and dependencies extensions#6218
Simplify Http.Diagnostics by @pentp in Simplify Http.Diagnostics extensions#6174
Add netstandard2.0 compatibility to Microsoft.Extensions.Http.Resilience and dependencies by @bdovaz in Add netstandard2.0 compatibility to Microsoft.Extensions.Http.Resilience and dependencies extensions#6582
Ingore null loggers returned by LogProviders in ELoggerFactory by @petrroll in Ingore null loggers returned by LogProviders in ELoggerFactory extensions#6585
Merging changes from internal by @joperezr in Merging changes from internal extensions#6588
[Logging] Fixes LogProperties and LogPropertyIgnore attributes to work if an object being logged resides in a different assembly than the logging method by @iliar-turdushev in [Logging] Fixes LogProperties and LogPropertyIgnore attributes to work if an object being logged resides in a different assembly than the logging method extensions#6600
Add memory usage metric by @evgenyfedorov2 in Add memory usage metric extensions#6586
Add schema version to server.json in MCP template by @joelverhagen in Add schema version to server.json in MCP template extensions#6606
Merge release/9.7 into main by @joperezr in Merge release/9.7 into main extensions#6589
Update MCP server template readme to show both VS Code and Visual Studio notes by @Copilot in Update MCP server template readme to show both VS Code and Visual Studio notes extensions#6591
Update Azure Open AI package referenced by eval integration tests by @shyamnamboodiripad in Update Azure Open AI package referenced by eval integration tests extensions#6609
Target .NET 8 for more stable runtime requirement by @joelverhagen in Target .NET 8 for more stable runtime requirement extensions#6617
Add support for new Azure AI Foundry project type for Safety evals by @shyamnamboodiripad in Add support for new Azure AI Foundry project type for Safety evals extensions#6621
M.E.AI.AzureAIInference - Azure.AI.Inference Package Bump by @rogerbarreto in M.E.AI.AzureAIInference - Azure.AI.Inference Package Bump extensions#6624
Add DataContent.Name property by @stephentoub in Add DataContent.Name property extensions#6616
Fix handling of multiple responses messages by @stephentoub in Fix handling of multiple responses messages extensions#6627
Expose additional chat model conversion helpers by @stephentoub in Expose additional chat model conversion helpers extensions#6629
[main] Update dependencies from dotnet/arcade by @dotnet-maestro[bot] in [main] Update dependencies from dotnet/arcade extensions#6633
[Http.Resilience] The DisableFor method should try to retrieve the request object from the resilience context by @iliar-turdushev in [Http.Resilience] The DisableFor method should try to retrieve the request object from the resilience context extensions#6618
Bump Package validation baseline version to 9.7.0 by @Copilot in Bump Package validation baseline version to 9.7.0 extensions#6650
Fix internal package version detection for project templates by @MackinnonBuck in Fix internal package version detection for project templates extensions#6651
Remove Microsoft.Extensions.AI.Ollama by @MackinnonBuck in Remove Microsoft.Extensions.AI.Ollama extensions#6655
Fix M.E.AI package refs by @stephentoub in Fix M.E.AI package refs extensions#6654
Add [Description] to DataContent.Uri by @stephentoub in Add [Description] to DataContent.Uri extensions#6615
Fix duplicate solution file when creating an AI Chat Web app from VS by @MackinnonBuck in Fix duplicate solution file when creating an AI Chat Web app from VS extensions#6653
Add ChatMessage.CreatedAt by @stephentoub in Add ChatMessage.CreatedAt extensions#6657
Add TextContent.Annotations by @stephentoub in Add TextContent.Annotations extensions#6619
Add FunctionInvokingChatClient.AdditionalTools by @stephentoub in Add FunctionInvokingChatClient.AdditionalTools extensions#6661
Fix unintentional test env var change by @stephentoub in Fix unintentional test env var change extensions#6660
Add more openai conversion helpers by @stephentoub in Add more openai conversion helpers extensions#6662
Add OriginalRepoCommitHash to assemblies by @BrennanConroy in Add OriginalRepoCommitHash to assemblies extensions#6667
Include a trivial items keyword if missing. by @eiriktsarpalis in Include a trivial items keyword if missing. extensions#6669
Add resolution of function parameter level data annotation attributes. by @eiriktsarpalis in Add resolution of function parameter level data annotation attributes. extensions#6671
Fix issue with NetSourceIndexStage1 for dependency conflict versions by @joperezr in Fix issue with NetSourceIndexStage1 for dependency conflict versions extensions#6672
Expose streaming conversion utility methods by @stephentoub in Expose streaming conversion utility methods extensions#6636
Couple of fixes for MEAI.Evaluation by @shyamnamboodiripad in Couple of fixes for MEAI.Evaluation extensions#6673
Fix one more version conflict on the docs transport package by @joperezr in Fix one more version conflict on the docs transport package extensions#6675
... (truncated)

9.7.2 Packages Released

Microsoft.Extensions.AI.Templates 9.7.2-preview.3.25366.2

What's Changed

Target .NET 8 for more stable runtime requirement by @joelverhagen in #6617

Full Changelog: dotnet/extensions@v9.7.1...v9.7.2

Commits viewable in compare view.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps Azure.Identity from 1.14.2 to 1.16.0 Bumps Microsoft.Extensions.AI from 9.7.1 to 9.9.0 --- updated-dependencies: - dependency-name: Azure.Identity dependency-version: 1.16.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dotnet - dependency-name: Microsoft.Extensions.AI dependency-version: 9.9.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dotnet ... Signed-off-by: dependabot[bot] <[email protected]>

dotnet-policy-service

Approved; this PR will merge when all status checks pass.

dependabot · 2025-09-10T12:14:31Z

Superseded by #48431.

dependabot bot added .NET Pull requests that update .net code dependencies Pull requests that update a dependency file labels Sep 10, 2025

dependabot bot force-pushed the dependabot/nuget/docs/ai/quickstarts/snippets/mcp-client/dotnet-58345ff164 branch from 038b367 to 39daccd Compare September 10, 2025 12:11

dependabot bot requested a review from gewarren as a code owner September 10, 2025 12:11

dependabot bot added the dependencies Pull requests that update a dependency file label Sep 10, 2025

dependabot bot requested a review from a team as a code owner September 10, 2025 12:11

dependabot bot added the .NET Pull requests that update .net code label Sep 10, 2025

dotnet-policy-service bot added auto-merge community-contribution Indicates PR is created by someone from the .NET community. labels Sep 10, 2025

dotnet-policy-service bot enabled auto-merge (squash) September 10, 2025 12:11

dotnet-policy-service bot approved these changes Sep 10, 2025

View reviewed changes

dependabot bot closed this Sep 10, 2025

auto-merge was automatically disabled September 10, 2025 12:14
Pull request was closed

dependabot bot deleted the dependabot/nuget/docs/ai/quickstarts/snippets/mcp-client/dotnet-58345ff164 branch September 10, 2025 12:14

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump the dotnet group with 2 updates #48424

Bump the dotnet group with 2 updates #48424

Uh oh!

dependabot bot commented on behalf of github Sep 10, 2025

Uh oh!

dotnet-policy-service bot left a comment

Uh oh!

dependabot bot commented on behalf of github Sep 10, 2025

Uh oh!

Uh oh!

Bump the dotnet group with 2 updates #48424

Bump the dotnet group with 2 updates #48424

Uh oh!

Conversation

dependabot bot commented on behalf of github Sep 10, 2025

1.16.0

1.16.0 (2025-09-09)

Features Added

Bugs Fixed

Other Changes

1.15.0

1.15.0 (2025-08-07)

Breaking Changes

Behavioral Breaking Changes

Bugs Fixed

Other Changes

9.9.0

Highlights

AI

Telemetry & Diagnostics

New Contributors

9.8.0

What's Changed

9.7.2

Packages Released

What's Changed

Uh oh!

dotnet-policy-service bot left a comment

Choose a reason for hiding this comment

Uh oh!

dependabot bot commented on behalf of github Sep 10, 2025

Uh oh!

Uh oh!