[deps]: Update nuget minor

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
AWSSDK.KeyManagementService	3.7.2.6 -> 3.7.302.5
Azure.Identity (source)	1.10.4 -> 1.11.2
Azure.Security.KeyVault.Certificates (source)	4.5.1 -> 4.6.0
Azure.Security.KeyVault.Keys (source)	4.5.0 -> 4.6.0
Azure.Security.KeyVault.Secrets (source)	4.5.0 -> 4.6.0
Google.Cloud.Kms.V1	3.7.0 -> 3.10.0
Microsoft.EntityFrameworkCore.Design (source)	8.0.2 -> 8.0.4
Microsoft.EntityFrameworkCore.Relational (source)	8.0.2 -> 8.0.4
Microsoft.EntityFrameworkCore.SqlServer (source)	8.0.2 -> 8.0.4
Microsoft.EntityFrameworkCore.Sqlite (source)	8.0.2 -> 8.0.4
MongoDB.Driver (source)	2.22.0 -> 2.25.0
Pomelo.EntityFrameworkCore.MySql	8.0.1 -> 8.0.2
VaultSharp	1.7.0 -> 1.13.0.1
dotnet-ef (source)	8.0.2 -> 8.0.4

---

Release Notes

aws/aws-sdk-net (AWSSDK.KeyManagementService)

v3.7.302

v3.7.301

v3.7.300

v3.7.200

v3.7.104

v3.7.102

v3.7.101

v3.7.4

v3.7.3

Azure/azure-sdk-for-net (Azure.Identity)

v1.11.2

1.11.2 (2024-04-19)

Bugs Fixed

• Fixed an issue which caused claims to be incorrectly added to confidential client credentials such as DeviceCodeCredential #​43468

v1.11.1

1.11.1 (2024-05-07)

Other Changes

• Updated Microsoft.Identity.Client and related dependencies to version 4.60.3

v1.11.0

1.11.0 (2024-04-09)

Bugs Fixed

• AzurePowerShellCredential now handles the case where it falls back to legacy PowerShell without relying on the error message string.

Breaking Changes

• DefaultAzureCredential now sends a probe request with no retries for IMDS managed identity environments to avoid excessive retry delays when the IMDS endpoint is not available. This should improve credential chain resolution for local development scenarios. See BREAKING_CHANGES.md.

googleapis/google-cloud-dotnet (Google.Cloud.Kms.V1)

v3.10.0: Google.Cloud.PubSub.V1 version 3.10.0

Compare Source

Changes in this release:

Documentation improvements

• Small fix in Pub/Sub ingestion comments (commit 663a29c)

v3.9.0: Google.Cloud.PubSub.V1 version 3.9.0

Compare Source

Changes in this release:

New features

• Add use_table_schema field to BigQueryConfig (commit c489a15)

v3.8.0: Google.Cloud.PubSub.V1 version 3.8.0

Compare Source

Changes in this release:

Bug fixes

• Set x-goog-request-params for streaming pull requests from SubscriberClient (commit 7b6ec74)

Documentation improvements

• Modified some descriptions (commit 1dd516c)

dotnet/efcore (Microsoft.EntityFrameworkCore.Design)

v8.0.4: EF Core 8.0.4

EF Core 8.0.4 is available on NuGet now. This is a patch release of EF Core 8 (EF8) containing only important bug fixes:

• Incorrect apply projection for complex properties
• The database default created by Migrations for primitive collections mapped to JSON is invalid
• Filtering by Contains with HierarchyId and AsSplitQuery is not working
• Unfulfillable nullable contraints are set for complex types with TPH entities
• OutOfMemoryException when creating migration using ef tool
• SQL Server: Should retry on 203

v8.0.3: EF Core 8.0.3

EF Core 8.0.3 is available on NuGet now. This is a patch release of EF Core 8 (EF8) containing only important bug fixes:

• Constructor calls when using inheritance with owned entities causes exceptions
• Missing package README file
• String properties with indexes are compared case insensitively on SQL Server
• Using SqliteConnection from an ASP.NET MVC (.NET Framework) application results in a few different exceptions
• Exception when using FromSql on entity with ComplexProperty
• IndexOutOfRange for EntityEntry.GetDatabaseValues() with complex type and TPH
• SQL Server Migrations - SqlOperation.Sql is stripped of all empty lines
• NullReferenceException in Get-Migration in EF Core 8
• Owned entity on genericly typed entity generates unwanted steps in new migrations
• Dotnet-ef mismatch causes apply Entity Framework migration fails when publishing an individual web app.
• Query never returns when DB value for column mapped to primitive collection is

mongodb/mongo-csharp-driver (MongoDB.Driver)

v2.25.0: .NET Driver Version 2.25.0 Release Notes

This is the general availability release for the 2.25.0 version of the driver.

NOTICE: MongoDB 3.6 reached end-of-life in April 2021. The .NET/C# Driver will be removing support for MongoDB 3.6 in an upcoming release.

The main new features in 2.25.0 include:

• Support of MONGODB-OIDC Authentication mechanism - CSHARP-4448
• MONGODB-OIDC: Automatic token acquisition for Azure Identity Provider - CSHARP-4474
• Improved error message when no matching constructor found - CSHARP-5007
• Driver Container and Kubernetes Awareness - CSHARP-4718
• Logging of executed MQL for a LINQ query - CSHARP-4684
• Allow custom service names with srvServiceName URI option - CSHARP-3745
• BulkWrite enumerates requests argument only once - CSHARP-1378
• Support of Range Explicit Encryption - CSHARP-5009
• Multiple bug fixes and improvements.

The full list of issues resolved in this release is available at CSHARP JIRA project.

Documentation on the .NET driver can be found here.

v2.24.0: .NET Driver Version 2.24.0 Release Notes

.NET Driver Version 2.24.0 Release Notes

This is the general availability release for the 2.24.0 version of the driver.

The main new features in 2.24.0 include:

• New DistinctMany method in IMongoCollection
• Support for latest $dateFromString optional arguments
• ExceededTimeLimit server error is now retryable for reads as well as writes
• Support sort by score in $search stage
• New custom method to test if a field exists or is missing in LINQ (Mql.Exists, Mql.IsMissing, Mql.IsNullOrMissing)
• Enable TLS 1.3 support
• Fix a GridFS error when attempting to upload a GridFS file with a duplicate id and the new file is smaller than the original file
• Add support for Atlas Search $in operator
• Add support for IComparable CompareTo method in LINQ queries
• Add VectorSearchScore builder for $vectorSearch stage
• Update libmongocrypt package version
• Support for nested AsQueryable in LINQ queries (not a common use case but legal, primarily added for use by the EF Core Provider)
• Updated authentication to occur over OP_MSG on supporting servers to improve MongoDB Atlas Serverless compatibility
• Use polling monitoring when running within a FaaS environment such as AWS Lambda
• Fixed segfault in Kerberos (libgssapi) on newer Linux distros

An online version of these release notes is available here.

The full list of issues resolved in this release is available at CSHARP JIRA project.

Documentation on the .NET driver can be found here.

v2.23.2: .NET Driver Version 2.23.2 Release Notes

This is a patch release that addresses some issues reported since 2.23.1 was released.

An online version of these release notes is available here.

The list of JIRA tickets resolved in this release is available at CSHARP JIRA project.

Documentation on the .NET driver can be found here.

Upgrading

There are no known backwards breaking changes in this release.

v2.23.1: .NET Driver Version 2.23.1 Release Notes

This is a patch release that addresses some issues reported since 2.23.0 was released.

An online version of these release notes is available here.

The list of JIRA tickets resolved in this release is available at CSHARP JIRA project.

Documentation on the .NET driver can be found here.

Upgrading

There are no known backwards breaking changes in this release.

v2.23.0: .NET Driver Version 2.23.0 Release Notes

This is the general availability release for the 2.23.0 version of the driver.

The main new features in 2.23.0 include:

• General driver bug fixes and improvements
• Support for bitwise operators in aggregation pipeline - CSHARP-4486
• Support for $out to Time-series collections - CSHARP-4706
• ChangeStreamSplitLargeEvent aggregation stage added - CSHARP-4633
• LINQ3 bug fixes and improvements
• Additional logging messages

An online version of these release notes is available here.

The full list of issues resolved in this release is available at CSHARP JIRA project.

Documentation on the .NET driver can be found here.

PomeloFoundation/Pomelo.EntityFrameworkCore.MySql (Pomelo.EntityFrameworkCore.MySql)

v8.0.2

Compare Source

This release is compatible with .NET 8.0, EF Core 8.0, MySQL 8.0, MariaDB 11.3/11.2/11.1/11.0/10.11/10.10/10.6/10.5/10.4 and MySqlConnector 2.3.5.

For all new features and bugfixes contained in this release, see related issues and pull requests.
The EF Core 8.0 release train is tracked by #​1746.

rajanadar/VaultSharp (VaultSharp)

v1.13.0.1

BUG FIXES:

• GH-312 Fix rotation_period deserialization issues in System.Text.Json. And all such duration fields that Vault allows in string and integer form.

v1.13.0

IMROVEMENTS:

• GH-309 identity/oidc/key: create, read, update and delete apis.
• GH-309 identity/oidc/role: create, read, update and delete apis.
• GH-309 auth/approle: ````PullNewSecretIdAsyncallows for reponse wrapping usingwrapTimeToLive``` parameter

v1.12.2.1

BREAKING CHANGES:

• secret/transit: Minor field changes across the apis to make it consistent with other backends. No functional changes.
• Backend APIs to tune mount config now take the NewBackendConfig object instead of BackendConfig object.
• auth/approle: PullSecretIdAsync method is renamed to PullNewSecretIdAsync
• auth/approle: ReadRoleAsync method uses a new type AppRoleRoleModel instead of AppRoleInfo.
• secret/alicloud: The GetCredentialsAsync method for assumed role changed the data type of Expiration field in AliCloudCredentials class from type string to DateTimeOffset
• secret/kv2: Minor field changes to FullSecretMetadata object. No functional changes.

FEATURES:

• secret/pki: Add new api to list revoked certificates
• secret/pki: Add new api to auto tidy certificates
• secret/pki: Add new api to get tidy status
• secret/pki: Add new api to cancel the tidy operation
• GH-293 secret/kv2: Add new api for create metadata
• GH-293 secret/kv2: Add new api for update metadata
• GH-294 secret/aws: All management apis
• auth/alicloud: All the AliCloud Auth apis.
• auth/approle: All the AppRole Auth apis.
• secret/alicloud: All the AliCloud Secret apis.
• secret/aws: Add new api to delete role
• secret/transit: All apis are now supported.
• secret/consul: All the apis
• secret/kv2: New apis to configure store wide settings

IMPROVEMENTS:

• GH-292 Add warning and other fields to seal status apis.
• GH-291 Add logger endpoints to System backend.
• Added several fields like plugin_version etc. to the Backend fetching System APIs.
• secret/pki: Added several new fields to the PKI Cert Tidy Request payload.
• secret/pki: Add revocation time rfc and issuer id fields to cert reads.
• GH-293 secret/kv2: Add new fields cas_required and custom_metadata in FullSecretMetadata class.

v1.12.2

BREAKING CHANGES:

• secret/transit: Minor field changes across the apis to make it consistent with other backends. No functional changes.
• Backend APIs to tune mount config now take the NewBackendConfig object instead of BackendConfig object.
• auth/approle: PullSecretIdAsync method is renamed to PullNewSecretIdAsync
• auth/approle: ReadRoleAsync method uses a new type AppRoleRoleModel instead of AppRoleInfo.
• secret/alicloud: The GetCredentialsAsync method for assumed role changed the data type of Expiration field in AliCloudCredentials class from type string to DateTimeOffset
• secret/kv2: Minor field changes to FullSecretMetadata object. No functional changes.

FEATURES:

• secret/pki: Add new api to list revoked certificates
• secret/pki: Add new api to auto tidy certificates
• secret/pki: Add new api to get tidy status
• secret/pki: Add new api to cancel the tidy operation
• GH-293 secret/kv2: Add new api for create metadata
• GH-293 secret/kv2: Add new api for update metadata
• GH-294 secret/aws: All management apis
• auth/alicloud: All the AliCloud Auth apis.
• auth/approle: All the AppRole Auth apis.
• secret/alicloud: All the AliCloud Secret apis.
• secret/aws: Add new api to delete role
• secret/transit: All apis are now supported.
• secret/consul: All the apis
• secret/kv2: New apis to configure store wide settings

IMPROVEMENTS:

• GH-292 Add warning and other fields to seal status apis.
• GH-291 Add logger endpoints to System backend.
• Added several fields like plugin_version etc. to the Backend fetching System APIs.
• secret/pki: Added several new fields to the PKI Cert Tidy Request payload.
• secret/pki: Add revocation time rfc and issuer id fields to cert reads.
• GH-293 secret/kv2: Add new fields cas_required and custom_metadata in FullSecretMetadata class.

v1.8.12

BREAKING CHANGES:

• secrets/gcp: Deprecated the /gcp/token/:roleset and /gcp/key/:roleset paths for generating secrets for rolesets. Use /gcp/roleset/:roleset/token and /gcp/roleset/:roleset/key instead.

FEATURES:

• secret/transit: Add entropy-source field to GenerateRandomBytes api.
• auth/okta: Adds support for Okta Verify TOTP MFA.

IMPROVEMENTS:

• Remove all references of whitelist/blacklist in code, docs etc.
• auth/okta: Okta login now supports the totp, provider and nonce fields.

v1.7.2.2

BREAKING CHANGES:

• [GH-288] Fix a ttl bug and use proper http verbs for aws credential generation.

IMPROVEMENTS:

• [GH-288] AWS Credentials supports role arn, role session name now.

v1.7.2.1

BUG FIXES:

• [GH-289] Fix InvalidOperationException related to Patch Content type for PatchSecretAsync method

v1.7.2

BREAKING CHANGES:

• [GH-288] Fix a ttl bug and use proper http verbs for aws credential generation.

IMPROVEMENTS:

• [GH-288] AWS Credentials supports role arn, role session name now.

v1.7.1

IMPROVEMENTS:

• [GH-243] Fix the framework issue with TargetMoniker

DOC IMPROVEMENTS:

• Real GH links on the Changelog file

v1.7.0.5

IMPROVEMENTS:

• [GH-223] Implemented support for Ed25519 Key type (Vault 1.9+ only)
• [GH-251] Implemented remaining Transit endpoints
• [GH-253] Update delete metadata async
• [GH-239] Ensure awaits are configured
• [GH-241] Enforce await configuration (CA2007)
• [GH-246] Added create, read, list & delete token role APIs

v1.7.0.4

BUG FIXES:

• [GH-235] Fix a deadlock when a particular internal path is chosen

DOC IMPROVEMENTS:

• [GH-236] Add section on Token-Renewal and DI Lifetime

v1.7.0.3

IMPROVEMENTS:

• .NET 6 Support

v1.7.0.2

IMPROVEMENTS:

• [GH-215] Certificate Auth now takes a chain of certificates.
• [GH-220] Improved the token initialization code by retrying when errors happen first time.
• Add support for AppRole Auth API endpoints
• Implemented AppRole auth endpoint to read role information by role name

v1.7.0.1

BREAKING CHANGES:

• The properties IssuingCACertificateContent and CAChainContent of the base class AbstractCertificateData has been moved to a subclass AbstractIssuedCertificateData.

FEATURES:

• Implemented PKI secret engine endpoint to read a certificate by key (serial number).
• Implemented PKI secret engine endpoint to retrieve a list of certificate keys (serial numbers).

IMPROVEMENTS:

• Changed type of property Expiration in CertificateCredentials from int to long.

---

Configuration

📅 Schedule: Branch creation - "every 2nd week starting on the 2 week of the year before 4am on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[bitwarden-bot]

Checkmarx One – Scan Summary & Details – cc06b052-712e-43a1-958d-acd13914cd4b

No New Or Fixed Issues Found

[renovate]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.