Skip to content

[build] update download-artifact to v8#17493

Merged
titusfortner merged 2 commits into
trunkfrom
download_action
May 18, 2026
Merged

[build] update download-artifact to v8#17493
titusfortner merged 2 commits into
trunkfrom
download_action

Conversation

@titusfortner

@titusfortner titusfortner commented May 17, 2026

Copy link
Copy Markdown
Member

Didn't originally do this since there were a number of open issues about partial downloads, but looks like they are likely related to @actions/toolkit not v8

digest-mismatch was ignored in previous versions. Setting to warn for this so we can evaluate it and see if there is a problem instead of getting error messages when things seem to be working for us as it is. Agent is right, we want to error for these.

@selenium-ci selenium-ci added the B-build Includes scripting, bazel and CI integrations label May 17, 2026
@qodo-code-review

Copy link
Copy Markdown
Contributor

Review Summary by Qodo

Update download-artifact action to v8 with digest-mismatch warning

✨ Enhancement

Grey Divider

Walkthroughs

Description
• Update actions/download-artifact from v7 to v8 across all workflows
• Add digest-mismatch: warn configuration to handle digest validation
• Enables evaluation of potential digest mismatch issues without blocking
Diagram
flowchart LR
  A["download-artifact v7"] -- "upgrade to" --> B["download-artifact v8"]
  B -- "add configuration" --> C["digest-mismatch: warn"]
  C -- "applied to" --> D["10 workflow files"]
Loading

Grey Divider

File Changes

1. .github/workflows/ci-build-index.yml ⚙️ Configuration changes +2/-1

Update download-artifact to v8 with digest warning

.github/workflows/ci-build-index.yml


2. .github/workflows/ci-rust.yml ⚙️ Configuration changes +2/-1

Update download-artifact to v8 with digest warning

.github/workflows/ci-rust.yml


3. .github/workflows/ci.yml ⚙️ Configuration changes +2/-1

Update download-artifact to v8 with digest warning

.github/workflows/ci.yml


View more (6)
4. .github/workflows/commit-changes.yml ⚙️ Configuration changes +2/-1

Update download-artifact to v8 with digest warning

.github/workflows/commit-changes.yml


5. .github/workflows/nightly.yml ⚙️ Configuration changes +2/-1

Update download-artifact to v8 with digest warning

.github/workflows/nightly.yml


6. .github/workflows/pin-browsers.yml ⚙️ Configuration changes +2/-1

Update download-artifact to v8 with digest warning

.github/workflows/pin-browsers.yml


7. .github/workflows/pre-release.yml ⚙️ Configuration changes +2/-1

Update download-artifact to v8 with digest warning

.github/workflows/pre-release.yml


8. .github/workflows/release.yml ⚙️ Configuration changes +6/-3

Update download-artifact to v8 with digest warning in three steps

.github/workflows/release.yml


9. .github/workflows/update-documentation.yml ⚙️ Configuration changes +2/-1

Update download-artifact to v8 with digest warning

.github/workflows/update-documentation.yml


Grey Divider

Qodo Logo

@qodo-code-review

qodo-code-review Bot commented May 17, 2026

Copy link
Copy Markdown
Contributor

Code Review by Qodo

🐞 Bugs (0) 📘 Rule violations (1) 📎 Requirement gaps (0)

Grey Divider


Action required

1. CI may skip all tests ✓ Resolved 🐞 Bug ☼ Reliability
Description
ci.yml downloads the check-targets artifact with digest-mismatch: warn and then treats a
missing/unreadable bazel-targets.txt as an empty string, which can cause every language job to be
skipped. The final ci-success gate only fails on failures/cancellations, so a run with all test
jobs skipped can still pass.
Code

.github/workflows/ci.yml[R68-72]

      - name: Download targets
-        uses: actions/download-artifact@v7
+        uses: actions/download-artifact@v8
        with:
          name: check-targets
+          digest-mismatch: warn
Evidence
After downloading the artifact with digest-mismatch: warn, the workflow reads bazel-targets.txt
using cat ... || echo "", so missing/unreadable input becomes an empty target set. All language
jobs are conditionally executed based on those outputs, and the ci-success job does not treat
skipped jobs as a failure condition.

.github/workflows/ci.yml[68-92]
.github/workflows/ci.yml[130-141]

Agent prompt
The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

### Issue description
The Read Targets job can succeed while effectively selecting zero test jobs if `bazel-targets.txt` is missing/unreadable (it falls back to an empty string). Combined with `digest-mismatch: warn`, this makes it more likely for a corrupted/invalid artifact to allow the workflow to proceed and still report overall success.

### Issue Context
Downstream test jobs are guarded by `if: needs.read-targets.outputs.<lang> != ''`, and `ci-success` only checks for failures/cancellations (skipped jobs do not fail the workflow).

### Fix Focus Areas
- .github/workflows/ci.yml[68-92]
- .github/workflows/ci.yml[130-141]

### Suggested fix
Make the Read Targets job fail (or fall back to running a safe default like the full test suite) when `bazel-targets.txt` is missing/empty/unparseable. Also consider making digest mismatch fatal for the `check-targets` artifact specifically, since it drives which tests run.

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools



Remediation recommended

2. download-artifact@v8 not SHA pinned 📘 Rule violation ⛨ Security
Description
Multiple workflows reference actions/download-artifact@v8 using a moving tag, so the exact code
executed by CI/release can change over time without any PR review. This reduces determinism and
reproducibility, weakening CI hardening guarantees and increasing supply-chain risk—especially in
release/publish flows that download artifacts and then ship or upload them.
Code

.github/workflows/ci.yml[69]

+        uses: actions/download-artifact@v8
Evidence
PR Compliance ID 15 requires hardened, deterministic CI behavior, but the cited workflow changes set
uses: to actions/download-artifact@v8, which is a mutable, floating tag rather than an immutable
commit SHA. Because @v8 can be retargeted upstream, the referenced workflows (including
release/publish contexts where downloaded artifacts are subsequently published/uploaded) could run
different action code over time without any change in this repository, undermining reproducibility
and increasing supply-chain exposure.

.github/workflows/ci.yml[69-72]
.github/workflows/release.yml[170-207]
.github/workflows/commit-changes.yml[47-52]
.github/workflows/ci.yml[66-72]
.github/workflows/ci-rust.yml[239-248]
Best Practice: Learned patterns

Agent prompt
The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
Workflows use a floating GitHub Action ref (`actions/download-artifact@v8`), which can move over time and cause CI/release behavior to change without review, reducing determinism and increasing supply-chain risk.

## Issue Context
PR Compliance (ID 15) requires hardened, deterministic CI behavior. This PR upgraded `actions/download-artifact` across several workflows (including release/publish pipelines) but kept the reference as a mutable tag; pinning `uses:` to an immutable commit SHA (optionally with an inline comment noting the corresponding v8.x.y release) improves reproducibility and reduces risk.

## Fix Focus Areas
- .github/workflows/ci.yml[66-72]
- .github/workflows/ci-build-index.yml[24-30]
- .github/workflows/ci-rust.yml[239-248]
- .github/workflows/commit-changes.yml[42-53]
- .github/workflows/nightly.yml[86-93]
- .github/workflows/pin-browsers.yml[29-38]
- .github/workflows/pre-release.yml[255-264]
- .github/workflows/release.yml[170-207]
- .github/workflows/update-documentation.yml[93-103]

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools


3. digest-mismatch set to warn ✓ Resolved 📘 Rule violation ⛨ Security
Description
Multiple CI workflows configure actions/download-artifact@v8 with digest-mismatch: warn,
allowing artifact integrity mismatches to proceed without failing the job and weakening determinism.
In release/publish flows this is especially risky because the workflows can immediately publish or
upload the downloaded artifacts, potentially distributing corrupted outputs despite a detected
mismatch.
Code

.github/workflows/ci.yml[R69-72]

+        uses: actions/download-artifact@v8
        with:
          name: check-targets
+          digest-mismatch: warn
Evidence
PR Compliance ID 14 calls for hardening CI by avoiding masked failures, yet the workflows explicitly
set digest-mismatch: warn on artifact downloads, downgrading what should be an integrity-failing
condition into a warning. The cited release/publish pipelines (notably release.yml, as well as
nightly.yml and ci-rust.yml) download artifacts with this warning behavior and then proceed
directly into PyPI publishing and GitHub release uploads/tagging without any additional
post-download integrity validation, meaning a detected digest mismatch would not block distribution.

.github/workflows/ci.yml[69-72]
.github/workflows/release.yml[171-175]
.github/workflows/pre-release.yml[260-264]
.github/workflows/release.yml[160-178]
.github/workflows/release.yml[191-229]
.github/workflows/nightly.yml[80-102]
.github/workflows/ci-rust.yml[238-277]
Best Practice: Learned patterns

Agent prompt
The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
Workflows set `digest-mismatch: warn` when downloading artifacts via `actions/download-artifact@v8`, allowing digest mismatches to pass without failing the workflow; in release/publish jobs, this can result in publishing or releasing artifacts even when an integrity mismatch was detected.

## Issue Context
The PR updates `actions/download-artifact` to `v8` and explicitly configures digest mismatch handling to warning; per build hardening guidance (PR Compliance ID 14), integrity mismatches should fail deterministically rather than be downgraded. This is particularly important for jobs that publish to PyPI or upload assets to GitHub releases (and other release-like flows), because they use the downloaded artifacts for distribution without any subsequent integrity check.

## Fix Focus Areas
- .github/workflows/ci-build-index.yml[27-30]
- .github/workflows/ci-rust.yml[238-277]
- .github/workflows/ci-rust.yml[245-248]
- .github/workflows/ci.yml[69-72]
- .github/workflows/commit-changes.yml[49-52]
- .github/workflows/nightly.yml[80-102]
- .github/workflows/nightly.yml[89-93]
- .github/workflows/pin-browsers.yml[35-38]
- .github/workflows/pre-release.yml[260-264]
- .github/workflows/release.yml[160-229]
- .github/workflows/release.yml[171-175]
- .github/workflows/release.yml[198-203]
- .github/workflows/release.yml[206-210]
- .github/workflows/update-documentation.yml[99-103]

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools


Grey Divider

Qodo Logo

Comment thread .github/workflows/ci.yml Outdated
@qodo-code-review

qodo-code-review Bot commented May 17, 2026

Copy link
Copy Markdown
Contributor

Persistent review updated to latest commit 7c847f5

@titusfortner titusfortner changed the title [build] update download-artifact to v8 with digest-mismatch warn [build] update download-artifact to v8 May 18, 2026
@titusfortner titusfortner merged commit 4c5f8a7 into trunk May 18, 2026
27 of 28 checks passed
@titusfortner titusfortner deleted the download_action branch May 18, 2026 11:31
This was referenced Jun 16, 2026
PhilipWoulfe pushed a commit to PhilipWoulfe/F1Competition that referenced this pull request Jul 5, 2026
Updated
[coverlet.collector](https://github.com/coverlet-coverage/coverlet) from
10.0.0 to 10.0.1.

<details>
<summary>Release notes</summary>

_Sourced from [coverlet.collector's
releases](https://github.com/coverlet-coverage/coverlet/releases)._

## 10.0.1

### Improvements

- Coverlet with MTP 2 doesn't show test coverage statistic in console
[#​1907](https://github.com/coverlet-coverage/coverlet/issues/1907)
- Avoid unnecessary testhost restarts
[#​1912](https://github.com/coverlet-coverage/coverlet/issues/1912) by
<https://github.com/mawosoft>

### Fixed

- Fix inconsistent paths in cobertura reports
[#​1723](https://github.com/coverlet-coverage/coverlet/issues/1723)
- Fix when using "is" with "and" in pattern matching, branch coverage is
lower than normal
[#​1313](https://github.com/coverlet-coverage/coverlet/issues/1313)
- Fix Coverlet flagging a branch for an async functions finally block
where none exists
[#​1337](https://github.com/coverlet-coverage/coverlet/issues/1337)
- Fix Coverlet Tracker Missing CompilerGeneratedAttribute
[#​1828](https://github.com/coverlet-coverage/coverlet/issues/1828)

### Maintenance

- Add architecture docs and diagrams for all integrations
[#​1927](https://github.com/coverlet-coverage/coverlet/pull/1927)
- Update NuGet packages and .NET SDK versions
[#​1933](https://github.com/coverlet-coverage/coverlet/pull/1933)

[Diff between 10.0.0 and
10.0.1](https://github.com/coverlet-coverage/coverlet/compare/v10.0.0...v10.0.1)

Commits viewable in [compare
view](https://github.com/coverlet-coverage/coverlet/compare/v10.0.0...v10.0.1).
</details>

Updated
[coverlet.msbuild](https://github.com/coverlet-coverage/coverlet) from
10.0.0 to 10.0.1.

<details>
<summary>Release notes</summary>

_Sourced from [coverlet.msbuild's
releases](https://github.com/coverlet-coverage/coverlet/releases)._

## 10.0.1

### Improvements

- Coverlet with MTP 2 doesn't show test coverage statistic in console
[#​1907](https://github.com/coverlet-coverage/coverlet/issues/1907)
- Avoid unnecessary testhost restarts
[#​1912](https://github.com/coverlet-coverage/coverlet/issues/1912) by
<https://github.com/mawosoft>

### Fixed

- Fix inconsistent paths in cobertura reports
[#​1723](https://github.com/coverlet-coverage/coverlet/issues/1723)
- Fix when using "is" with "and" in pattern matching, branch coverage is
lower than normal
[#​1313](https://github.com/coverlet-coverage/coverlet/issues/1313)
- Fix Coverlet flagging a branch for an async functions finally block
where none exists
[#​1337](https://github.com/coverlet-coverage/coverlet/issues/1337)
- Fix Coverlet Tracker Missing CompilerGeneratedAttribute
[#​1828](https://github.com/coverlet-coverage/coverlet/issues/1828)

### Maintenance

- Add architecture docs and diagrams for all integrations
[#​1927](https://github.com/coverlet-coverage/coverlet/pull/1927)
- Update NuGet packages and .NET SDK versions
[#​1933](https://github.com/coverlet-coverage/coverlet/pull/1933)

[Diff between 10.0.0 and
10.0.1](https://github.com/coverlet-coverage/coverlet/compare/v10.0.0...v10.0.1)

Commits viewable in [compare
view](https://github.com/coverlet-coverage/coverlet/compare/v10.0.0...v10.0.1).
</details>

Updated
[Microsoft.AspNetCore.Components.Authorization](https://github.com/dotnet/aspnetcore)
from 8.0.27 to 8.0.28.

<details>
<summary>Release notes</summary>

_Sourced from [Microsoft.AspNetCore.Components.Authorization's
releases](https://github.com/dotnet/aspnetcore/releases)._

## 8.0.28

[Release](https://github.com/dotnet/core/releases/tag/v8.0.28)

## What's Changed
* Update branding to 8.0.28 by @​vseanreesermsft in
https://github.com/dotnet/aspnetcore/pull/66589
* [release/8.0] Update dependencies from dotnet/arcade by
@​dotnet-maestro[bot] in https://github.com/dotnet/aspnetcore/pull/66556
* [release/8.0] Update dependencies from dotnet/source-build-assets by
@​dotnet-maestro[bot] in https://github.com/dotnet/aspnetcore/pull/66471
* [release/8.0] Update dependencies from dotnet/source-build-externals
by @​dotnet-maestro[bot] in
https://github.com/dotnet/aspnetcore/pull/66344
* [release/8.0] Strip UTF-8 BOM from template localization files and
remove version override by @​wtgodbe in
https://github.com/dotnet/aspnetcore/pull/66427
* Merging internal commits for release/8.0 by @​vseanreesermsft in
https://github.com/dotnet/aspnetcore/pull/66662


**Full Changelog**:
https://github.com/dotnet/aspnetcore/compare/v8.0.27...v8.0.28

Commits viewable in [compare
view](https://github.com/dotnet/aspnetcore/compare/v8.0.27...v8.0.28).
</details>

Updated
[Microsoft.AspNetCore.Components.WebAssembly](https://github.com/dotnet/aspnetcore)
from 8.0.27 to 8.0.28.

<details>
<summary>Release notes</summary>

_Sourced from [Microsoft.AspNetCore.Components.WebAssembly's
releases](https://github.com/dotnet/aspnetcore/releases)._

## 8.0.28

[Release](https://github.com/dotnet/core/releases/tag/v8.0.28)

## What's Changed
* Update branding to 8.0.28 by @​vseanreesermsft in
https://github.com/dotnet/aspnetcore/pull/66589
* [release/8.0] Update dependencies from dotnet/arcade by
@​dotnet-maestro[bot] in https://github.com/dotnet/aspnetcore/pull/66556
* [release/8.0] Update dependencies from dotnet/source-build-assets by
@​dotnet-maestro[bot] in https://github.com/dotnet/aspnetcore/pull/66471
* [release/8.0] Update dependencies from dotnet/source-build-externals
by @​dotnet-maestro[bot] in
https://github.com/dotnet/aspnetcore/pull/66344
* [release/8.0] Strip UTF-8 BOM from template localization files and
remove version override by @​wtgodbe in
https://github.com/dotnet/aspnetcore/pull/66427
* Merging internal commits for release/8.0 by @​vseanreesermsft in
https://github.com/dotnet/aspnetcore/pull/66662


**Full Changelog**:
https://github.com/dotnet/aspnetcore/compare/v8.0.27...v8.0.28

Commits viewable in [compare
view](https://github.com/dotnet/aspnetcore/compare/v8.0.27...v8.0.28).
</details>

Updated
[Microsoft.AspNetCore.Components.WebAssembly.DevServer](https://github.com/dotnet/dotnet)
from 10.0.8 to 10.0.9.

<details>
<summary>Release notes</summary>

_Sourced from [Microsoft.AspNetCore.Components.WebAssembly.DevServer's
releases](https://github.com/dotnet/dotnet/releases)._

No release notes found for this version range.

Commits viewable in [compare
view](https://github.com/dotnet/dotnet/commits).
</details>

Updated
[Microsoft.AspNetCore.Http.Abstractions](https://github.com/dotnet/aspnetcore)
from 2.3.10 to 2.3.11.

<details>
<summary>Release notes</summary>

_Sourced from [Microsoft.AspNetCore.Http.Abstractions's
releases](https://github.com/dotnet/aspnetcore/releases)._

No release notes found for this version range.

Commits viewable in [compare
view](https://github.com/dotnet/aspnetcore/commits).
</details>

Updated
[Microsoft.AspNetCore.Mvc.Testing](https://github.com/dotnet/aspnetcore)
from 8.0.27 to 8.0.28.

<details>
<summary>Release notes</summary>

_Sourced from [Microsoft.AspNetCore.Mvc.Testing's
releases](https://github.com/dotnet/aspnetcore/releases)._

## 8.0.28

[Release](https://github.com/dotnet/core/releases/tag/v8.0.28)

## What's Changed
* Update branding to 8.0.28 by @​vseanreesermsft in
https://github.com/dotnet/aspnetcore/pull/66589
* [release/8.0] Update dependencies from dotnet/arcade by
@​dotnet-maestro[bot] in https://github.com/dotnet/aspnetcore/pull/66556
* [release/8.0] Update dependencies from dotnet/source-build-assets by
@​dotnet-maestro[bot] in https://github.com/dotnet/aspnetcore/pull/66471
* [release/8.0] Update dependencies from dotnet/source-build-externals
by @​dotnet-maestro[bot] in
https://github.com/dotnet/aspnetcore/pull/66344
* [release/8.0] Strip UTF-8 BOM from template localization files and
remove version override by @​wtgodbe in
https://github.com/dotnet/aspnetcore/pull/66427
* Merging internal commits for release/8.0 by @​vseanreesermsft in
https://github.com/dotnet/aspnetcore/pull/66662


**Full Changelog**:
https://github.com/dotnet/aspnetcore/compare/v8.0.27...v8.0.28

Commits viewable in [compare
view](https://github.com/dotnet/aspnetcore/compare/v8.0.27...v8.0.28).
</details>

Updated
[Microsoft.AspNetCore.OpenApi](https://github.com/dotnet/aspnetcore)
from 8.0.27 to 8.0.28.

<details>
<summary>Release notes</summary>

_Sourced from [Microsoft.AspNetCore.OpenApi's
releases](https://github.com/dotnet/aspnetcore/releases)._

## 8.0.28

[Release](https://github.com/dotnet/core/releases/tag/v8.0.28)

## What's Changed
* Update branding to 8.0.28 by @​vseanreesermsft in
https://github.com/dotnet/aspnetcore/pull/66589
* [release/8.0] Update dependencies from dotnet/arcade by
@​dotnet-maestro[bot] in https://github.com/dotnet/aspnetcore/pull/66556
* [release/8.0] Update dependencies from dotnet/source-build-assets by
@​dotnet-maestro[bot] in https://github.com/dotnet/aspnetcore/pull/66471
* [release/8.0] Update dependencies from dotnet/source-build-externals
by @​dotnet-maestro[bot] in
https://github.com/dotnet/aspnetcore/pull/66344
* [release/8.0] Strip UTF-8 BOM from template localization files and
remove version override by @​wtgodbe in
https://github.com/dotnet/aspnetcore/pull/66427
* Merging internal commits for release/8.0 by @​vseanreesermsft in
https://github.com/dotnet/aspnetcore/pull/66662


**Full Changelog**:
https://github.com/dotnet/aspnetcore/compare/v8.0.27...v8.0.28

Commits viewable in [compare
view](https://github.com/dotnet/aspnetcore/compare/v8.0.27...v8.0.28).
</details>

Updated
[Microsoft.EntityFrameworkCore](https://github.com/dotnet/efcore) from
9.0.16 to 9.0.17.

<details>
<summary>Release notes</summary>

_Sourced from [Microsoft.EntityFrameworkCore's
releases](https://github.com/dotnet/efcore/releases)._

## 9.0.17

[Release](https://github.com/dotnet/core/releases/tag/v9.0.17)

## What's Changed
* [release/8.0] Update dependencies from dotnet/arcade by
@​dotnet-maestro[bot] in https://github.com/dotnet/efcore/pull/38204
* Update branding to 8.0.28 by @​vseanreesermsft in
https://github.com/dotnet/efcore/pull/38227
* Update branding to 9.0.17 by @​vseanreesermsft in
https://github.com/dotnet/efcore/pull/38228
* [automated] Merge branch 'release/8.0' => 'release/9.0' by
@​github-actions[bot] in https://github.com/dotnet/efcore/pull/38230
* Merging internal commits for release/9.0 by @​vseanreesermsft in
https://github.com/dotnet/efcore/pull/38262
* Merging internal commits for release/8.0 by @​vseanreesermsft in
https://github.com/dotnet/efcore/pull/38263
* [automated] Merge branch 'release/8.0' => 'release/9.0' by
@​github-actions[bot] in https://github.com/dotnet/efcore/pull/38266


**Full Changelog**:
https://github.com/dotnet/efcore/compare/v9.0.16...v9.0.17

Commits viewable in [compare
view](https://github.com/dotnet/efcore/compare/v9.0.16...v9.0.17).
</details>

Updated
[Microsoft.EntityFrameworkCore.Design](https://github.com/dotnet/efcore)
from 9.0.16 to 9.0.17.

<details>
<summary>Release notes</summary>

_Sourced from [Microsoft.EntityFrameworkCore.Design's
releases](https://github.com/dotnet/efcore/releases)._

## 9.0.17

[Release](https://github.com/dotnet/core/releases/tag/v9.0.17)

## What's Changed
* [release/8.0] Update dependencies from dotnet/arcade by
@​dotnet-maestro[bot] in https://github.com/dotnet/efcore/pull/38204
* Update branding to 8.0.28 by @​vseanreesermsft in
https://github.com/dotnet/efcore/pull/38227
* Update branding to 9.0.17 by @​vseanreesermsft in
https://github.com/dotnet/efcore/pull/38228
* [automated] Merge branch 'release/8.0' => 'release/9.0' by
@​github-actions[bot] in https://github.com/dotnet/efcore/pull/38230
* Merging internal commits for release/9.0 by @​vseanreesermsft in
https://github.com/dotnet/efcore/pull/38262
* Merging internal commits for release/8.0 by @​vseanreesermsft in
https://github.com/dotnet/efcore/pull/38263
* [automated] Merge branch 'release/8.0' => 'release/9.0' by
@​github-actions[bot] in https://github.com/dotnet/efcore/pull/38266


**Full Changelog**:
https://github.com/dotnet/efcore/compare/v9.0.16...v9.0.17

Commits viewable in [compare
view](https://github.com/dotnet/efcore/compare/v9.0.16...v9.0.17).
</details>

Updated
[Microsoft.EntityFrameworkCore.InMemory](https://github.com/dotnet/efcore)
from 9.0.16 to 9.0.17.

<details>
<summary>Release notes</summary>

_Sourced from [Microsoft.EntityFrameworkCore.InMemory's
releases](https://github.com/dotnet/efcore/releases)._

## 9.0.17

[Release](https://github.com/dotnet/core/releases/tag/v9.0.17)

## What's Changed
* [release/8.0] Update dependencies from dotnet/arcade by
@​dotnet-maestro[bot] in https://github.com/dotnet/efcore/pull/38204
* Update branding to 8.0.28 by @​vseanreesermsft in
https://github.com/dotnet/efcore/pull/38227
* Update branding to 9.0.17 by @​vseanreesermsft in
https://github.com/dotnet/efcore/pull/38228
* [automated] Merge branch 'release/8.0' => 'release/9.0' by
@​github-actions[bot] in https://github.com/dotnet/efcore/pull/38230
* Merging internal commits for release/9.0 by @​vseanreesermsft in
https://github.com/dotnet/efcore/pull/38262
* Merging internal commits for release/8.0 by @​vseanreesermsft in
https://github.com/dotnet/efcore/pull/38263
* [automated] Merge branch 'release/8.0' => 'release/9.0' by
@​github-actions[bot] in https://github.com/dotnet/efcore/pull/38266


**Full Changelog**:
https://github.com/dotnet/efcore/compare/v9.0.16...v9.0.17

Commits viewable in [compare
view](https://github.com/dotnet/efcore/compare/v9.0.16...v9.0.17).
</details>

Updated
[Microsoft.EntityFrameworkCore.Relational](https://github.com/dotnet/efcore)
from 9.0.16 to 9.0.17.

<details>
<summary>Release notes</summary>

_Sourced from [Microsoft.EntityFrameworkCore.Relational's
releases](https://github.com/dotnet/efcore/releases)._

## 9.0.17

[Release](https://github.com/dotnet/core/releases/tag/v9.0.17)

## What's Changed
* [release/8.0] Update dependencies from dotnet/arcade by
@​dotnet-maestro[bot] in https://github.com/dotnet/efcore/pull/38204
* Update branding to 8.0.28 by @​vseanreesermsft in
https://github.com/dotnet/efcore/pull/38227
* Update branding to 9.0.17 by @​vseanreesermsft in
https://github.com/dotnet/efcore/pull/38228
* [automated] Merge branch 'release/8.0' => 'release/9.0' by
@​github-actions[bot] in https://github.com/dotnet/efcore/pull/38230
* Merging internal commits for release/9.0 by @​vseanreesermsft in
https://github.com/dotnet/efcore/pull/38262
* Merging internal commits for release/8.0 by @​vseanreesermsft in
https://github.com/dotnet/efcore/pull/38263
* [automated] Merge branch 'release/8.0' => 'release/9.0' by
@​github-actions[bot] in https://github.com/dotnet/efcore/pull/38266


**Full Changelog**:
https://github.com/dotnet/efcore/compare/v9.0.16...v9.0.17

Commits viewable in [compare
view](https://github.com/dotnet/efcore/compare/v9.0.16...v9.0.17).
</details>

Updated
[Microsoft.Extensions.Caching.Abstractions](https://github.com/dotnet/dotnet)
from 10.0.8 to 10.0.9.

<details>
<summary>Release notes</summary>

_Sourced from [Microsoft.Extensions.Caching.Abstractions's
releases](https://github.com/dotnet/dotnet/releases)._

No release notes found for this version range.

Commits viewable in [compare
view](https://github.com/dotnet/dotnet/commits).
</details>

Updated
[Microsoft.Extensions.Configuration](https://github.com/dotnet/dotnet)
from 10.0.8 to 10.0.9.

<details>
<summary>Release notes</summary>

_Sourced from [Microsoft.Extensions.Configuration's
releases](https://github.com/dotnet/dotnet/releases)._

No release notes found for this version range.

Commits viewable in [compare
view](https://github.com/dotnet/dotnet/commits).
</details>

Updated
[Microsoft.Extensions.Configuration.Binder](https://github.com/dotnet/dotnet)
from 10.0.8 to 10.0.9.

<details>
<summary>Release notes</summary>

_Sourced from [Microsoft.Extensions.Configuration.Binder's
releases](https://github.com/dotnet/dotnet/releases)._

No release notes found for this version range.

Commits viewable in [compare
view](https://github.com/dotnet/dotnet/commits).
</details>

Updated [Microsoft.Extensions.Hosting](https://github.com/dotnet/dotnet)
from 10.0.8 to 10.0.9.

<details>
<summary>Release notes</summary>

_Sourced from [Microsoft.Extensions.Hosting's
releases](https://github.com/dotnet/dotnet/releases)._

No release notes found for this version range.

Commits viewable in [compare
view](https://github.com/dotnet/dotnet/commits).
</details>

Updated [Microsoft.Extensions.Http](https://github.com/dotnet/dotnet)
from 10.0.8 to 10.0.9.

<details>
<summary>Release notes</summary>

_Sourced from [Microsoft.Extensions.Http's
releases](https://github.com/dotnet/dotnet/releases)._

No release notes found for this version range.

Commits viewable in [compare
view](https://github.com/dotnet/dotnet/commits).
</details>

Updated
[Microsoft.Extensions.Options.DataAnnotations](https://github.com/dotnet/dotnet)
from 10.0.8 to 10.0.9.

<details>
<summary>Release notes</summary>

_Sourced from [Microsoft.Extensions.Options.DataAnnotations's
releases](https://github.com/dotnet/dotnet/releases)._

No release notes found for this version range.

Commits viewable in [compare
view](https://github.com/dotnet/dotnet/commits).
</details>

Updated
[Microsoft.IdentityModel.Tokens](https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet)
from 8.18.0 to 8.19.1.

<details>
<summary>Release notes</summary>

_Sourced from [Microsoft.IdentityModel.Tokens's
releases](https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/releases)._

## 8.19.1

## Bug Fixes
- Update `JwtSecurityTokenHandler` for
`IssuerSigningKeyResolverUsingConfiguration` to take priority over
`IssuerSigningKeyResolver`, matching the documented contract and the
correct behavior already present in `JsonWebTokenHandler`. See [PR
#​3519](https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3519).

## 8.19.0

## New Features
- Add ML-DSA (FIPS 204) post-quantum signature support. See [PR
#​3479](https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3479).
- Cache custom crypto providers in CryptoProviderFactory. See [PR
#​3489](https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3489).

## Bug Fixes
- Disable automatic redirects on default HttpClient for JKU retrieval.
See [PR
#​3494](https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3494).
- Adjust rented buffer handling in claim set parsing. See [PR
#​3493](https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3493).
- Tidy null handling in SAML conditions validation. See [PR
#​3491](https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3491).
- Improve validation of `jku` claim. See [PR
#​3481](https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3481).
- Limit telemetry algorithm dimension cardinality. See [PR
#​3490](https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3490).
- Add defensive copy of collections in ValidationParameters. See [PR
#​3492](https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3492).
- Update TokenValidationParameter copy constructor to make a deep copy.
See [PR
#​3488](https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3488).
- Update to fail-closed when replay protection isn't configured and
other DPoP hardening. See [PR
#​3505](https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3505).
- Apply RFC 3986 section 6.2.2 normalization to DPoP `htu` comparison.
See [PR
#​3509](https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3509).

Commits viewable in [compare
view](https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/compare/8.18.0...8.19.1).
</details>

Updated [Microsoft.NET.Test.Sdk](https://github.com/microsoft/vstest)
from 18.5.1 to 18.7.0.

<details>
<summary>Release notes</summary>

_Sourced from [Microsoft.NET.Test.Sdk's
releases](https://github.com/microsoft/vstest/releases)._

## 18.7.0

## What's Changed
* Add ARM64 msdia140.dll support to test platform packages by
@​jamesmcroft in https://github.com/microsoft/vstest/pull/15689
* Update System.Memory from 4.5.5 to 4.6.3 by @​nohwnd in
https://github.com/microsoft/vstest/pull/15706

## New Contributors
* @​jamesmcroft made their first contribution in
https://github.com/microsoft/vstest/pull/15689

**Full Changelog**:
https://github.com/microsoft/vstest/compare/v18.6.0...v18.7.0

## 18.6.0

## What's Changed
* Revert removal of Video Recorder by @​nohwnd in
https://github.com/microsoft/vstest/pull/15336
* Speed up blame by filtering non-.NET processes from dump collection by
@​nohwnd in https://github.com/microsoft/vstest/pull/15518
* Add README.md to NuGet packages by @​nohwnd in
https://github.com/microsoft/vstest/pull/15550
* Report child process info on connection timeout by @​nohwnd in
https://github.com/microsoft/vstest/pull/15603


### Changes to tests and infra
* Brand as 18.6 by @​nohwnd in
https://github.com/microsoft/vstest/pull/15423
* Upgrading code coverage version to 18.5.1, by @​fhnaseer in
https://github.com/microsoft/vstest/pull/15422
* Updating System.Collections.Immutable to 9.0.11 by @​MSLukeWest in
https://github.com/microsoft/vstest/pull/15425
* Fix attachVS when used for debugging integration tests by @​nohwnd in
https://github.com/microsoft/vstest/pull/15451
* Replace dotnet.config, with global.json by @​nohwnd in
https://github.com/microsoft/vstest/pull/15449
* Document debugging integration tests with AttachVS by @​Copilot in
https://github.com/microsoft/vstest/pull/15452
* Fix stack overflow tests by @​nohwnd in
https://github.com/microsoft/vstest/pull/15461
* Make TestAssets.sln buildable locally by @​Youssef1313 in
https://github.com/microsoft/vstest/pull/15466
* Try filtering out tests by @​nohwnd in
https://github.com/microsoft/vstest/pull/15463
* Build just once when tfms run in parallel by @​nohwnd in
https://github.com/microsoft/vstest/pull/15465
* Review simplify compatibility sources, deduplicate tests by @​nohwnd
in https://github.com/microsoft/vstest/pull/15472
* Cleanup dead TRX code by @​Youssef1313 in
https://github.com/microsoft/vstest/pull/15474
* Update .NET runtimes to 8.0.25, 9.0.14, and 10.0.4 by @​nohwnd in
https://github.com/microsoft/vstest/pull/15481
* Compat matrix checker by @​nohwnd in
https://github.com/microsoft/vstest/pull/15480
* Add trx analysis skill by @​nohwnd in
https://github.com/microsoft/vstest/pull/15486
* Split integration tests to single tfm and multi tfm project by
@​nohwnd in https://github.com/microsoft/vstest/pull/15484
* Update matrix by @​nohwnd in
https://github.com/microsoft/vstest/pull/15477
* Break infinite restore loop in VS by @​nohwnd in
https://github.com/microsoft/vstest/pull/15503
* Use global package cache for build, and local for running integration
tests by @​nohwnd in https://github.com/microsoft/vstest/pull/15500
* Update contributing by @​nohwnd in
https://github.com/microsoft/vstest/pull/15505
* Reduce test wall-clock time by increasing minThreads by @​drognanar in
https://github.com/microsoft/vstest/pull/15502
* Indicator flakiness by @​nohwnd in
https://github.com/microsoft/vstest/pull/15513
* Fix ci build by @​nohwnd in
https://github.com/microsoft/vstest/pull/15515
* Fix thread safety issues by @​Evangelink in
https://github.com/microsoft/vstest/pull/15512
* Optimize DotnetSDKSimulation_PostProcessing test (163s → 61s) by
@​nohwnd in https://github.com/microsoft/vstest/pull/15516
* Build isolated test assets for single TFM instead of 7 by @​nohwnd in
https://github.com/microsoft/vstest/pull/15517
* Remove unused dependencies from Library.IntegrationTests by @​nohwnd
in https://github.com/microsoft/vstest/pull/15527
* Remove printing _attachments content to console by @​nohwnd in
https://github.com/microsoft/vstest/pull/15520
* Add Linux/macOS test filtering guide to CONTRIBUTING.md by @​nohwnd in
https://github.com/microsoft/vstest/pull/15521
* Change integration test parallelization from ClassLevel to MethodLevel
by @​nohwnd in https://github.com/microsoft/vstest/pull/15526
* Unify target framework checks with IsNetFrameworkTarget/IsNetTarget by
@​nohwnd in https://github.com/microsoft/vstest/pull/15523
* Add unattended work instructions to copilot-instructions.md by
@​nohwnd in https://github.com/microsoft/vstest/pull/15531
* Reduce code style rule severity from warning to suggestion by @​nohwnd
in https://github.com/microsoft/vstest/pull/15522
* Remove Debug/Release line number branching from tests by @​nohwnd in
https://github.com/microsoft/vstest/pull/15519
* Revise unattended work instructions in copilot-instructions.md by
@​nohwnd in https://github.com/microsoft/vstest/pull/15532
* Improve CompatibilityRowsBuilder error message with diagnostic details
by @​nohwnd in https://github.com/microsoft/vstest/pull/15529
* docs: add git worktree and upstream sync workflow to
copilot-instructions.md by @​nohwnd in
https://github.com/microsoft/vstest/pull/15538
* Add VSIX runner to smoke tests by @​nohwnd in
https://github.com/microsoft/vstest/pull/15541
* Remove deprecated WebTest and TMI test methods by @​nohwnd in
https://github.com/microsoft/vstest/pull/15525
* Fix compatibility test failures for legacy vstest.console and MSTest
adapter by @​nohwnd in https://github.com/microsoft/vstest/pull/15534
* Convert TestPlatform.sln to slnx format by @​nohwnd in
https://github.com/microsoft/vstest/pull/15551
* Convert test/TestAssets .sln files to .slnx format by @​nohwnd in
https://github.com/microsoft/vstest/pull/15557
 ... (truncated)

Commits viewable in [compare
view](https://github.com/microsoft/vstest/compare/v18.5.1...v18.7.0).
</details>

Updated [Selenium.Support](https://github.com/SeleniumHQ/selenium) from
4.44.0 to 4.45.0.

<details>
<summary>Release notes</summary>

_Sourced from [Selenium.Support's
releases](https://github.com/SeleniumHQ/selenium/releases)._

## 4.45.0

## Detailed Changelogs by Component

<img src="https://www.selenium.dev/images/programming/java.svg"
width="20" height="20">
**[Java](https://github.com/SeleniumHQ/selenium/blob/trunk/java/CHANGELOG)**
&nbsp;&nbsp;&nbsp; | &nbsp;&nbsp;&nbsp;<img
src="https://www.selenium.dev/images/programming/python.svg" width="20"
height="20">
**[Python](https://github.com/SeleniumHQ/selenium/blob/trunk/py/CHANGES)**
&nbsp;&nbsp;&nbsp; | &nbsp;&nbsp;&nbsp;<img
src="https://www.selenium.dev/images/programming/dotnet.svg" width="20"
height="20">
**[DotNet](https://github.com/SeleniumHQ/selenium/blob/trunk/dotnet/CHANGELOG)**
&nbsp;&nbsp;&nbsp; | &nbsp;&nbsp;&nbsp;<img
src="https://www.selenium.dev/images/programming/ruby.svg" width="20"
height="20">
**[Ruby](https://github.com/SeleniumHQ/selenium/blob/trunk/rb/CHANGES)**
&nbsp;&nbsp;&nbsp; | &nbsp;&nbsp;&nbsp;<img
src="https://www.selenium.dev/images/programming/javascript.svg"
width="20" height="20">
**[JavaScript](https://github.com/SeleniumHQ/selenium/blob/trunk/javascript/selenium-webdriver/CHANGES.md)**
<br>


<!-- Release notes generated using configuration in .github/release.yml
at selenium-4.45.0 -->

## What's Changed
* [build] derive PR diff base from HEAD^1 instead of trunk tip by
@​titusfortner in https://github.com/SeleniumHQ/selenium/pull/17438
* [build] setup trusted publishing from Github to npmrc by
@​titusfortner in https://github.com/SeleniumHQ/selenium/pull/17445
* [build] generate release notes from previous minor release tag by
@​titusfortner in https://github.com/SeleniumHQ/selenium/pull/17449
* [build] fix when to update lock files during the release process by
@​titusfortner in https://github.com/SeleniumHQ/selenium/pull/17450
* [java] remove deprecated logging classes by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17453
* [grid] Close pre-handshake race in WebSocket proxy by @​shs96c in
https://github.com/SeleniumHQ/selenium/pull/17435
* [JavaScript] Correct handling for older browsers and missing casing by
@​AutomatedTester in https://github.com/SeleniumHQ/selenium/pull/17451
* Use pyproject for Python runtime deps lock input by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17452
* [rb] deprecate curb http client support by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17443
* [javascript] Migrate find-elements atom from Closure to TypeScript by
@​AutomatedTester in https://github.com/SeleniumHQ/selenium/pull/17458
* [py] replace rules_python sphinxdocs with local sphinx_docs rule by
@​titusfortner in https://github.com/SeleniumHQ/selenium/pull/17461
* [build] Configure Renovate dashboard approval by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17464
* [js] update vulnerable dependency with a range by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17466
* [build] remove duplicated grid ui tests by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17468
* [build] update java graphpql dependency by filtering out bad reference
by @​titusfortner in https://github.com/SeleniumHQ/selenium/pull/17469
* [rb] upgrade to steep 2.0 by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17470
* [rust] update dependencies by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17472
* [build] update GitHub Actions to latest major versions by
@​titusfortner in https://github.com/SeleniumHQ/selenium/pull/17475
* [dotnet] update dev dependencies by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17474
* [dotnet] fix template caching by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17476
* [dotnet] update system.text.json to 8.0.6 by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17477
* [js] update dev dependencies by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17479
* [dotnet] upgrade paket from v9 to v10 by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17481
* [build] bump bazel version to 9.1 by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17480
* [rust] update zip to v8 by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17485
* [js] update eslint to v10 with fixes by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17482
* [rb] Update ruby to 3.3.9 by @​aguspe in
https://github.com/SeleniumHQ/selenium/pull/17484
* [dotnet] include snupkg files when packaging things up and allow the
use of sourcelink by @​AutomatedTester in
https://github.com/SeleniumHQ/selenium/pull/17467
* [build] update download-artifact to v8 by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17493
* [dotnet] run format against slnx instead of looping csproj by
@​titusfortner in https://github.com/SeleniumHQ/selenium/pull/17483
* [build] bump low-risk Bazel module dependencies by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17494
* [rust] update reqwest to 0.13 by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17488
* [dotnet] [build] Fix remote linkage in SourceLink by @​nvborisenko in
https://github.com/SeleniumHQ/selenium/pull/17495
* [build] remove renovate update requests pending work done in #​17427
by @​titusfortner in https://github.com/SeleniumHQ/selenium/pull/17498
* [dotnet] [build] Support deterministic build output by @​nvborisenko
in https://github.com/SeleniumHQ/selenium/pull/17497
* [build] bump ruby versions to latest patch releases by @​titusfortner
in https://github.com/SeleniumHQ/selenium/pull/17496
* [js] remove npm dependency by using bazel for everything by
@​titusfortner in https://github.com/SeleniumHQ/selenium/pull/17499
* [build] bump rules_jvm_external by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17501
* [build] bump rules_closure version by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17500
* [build] clarify dependency pin and update tasks by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17463
* [build] simplify commit-changes workflow by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17503
 ... (truncated)

Commits viewable in [compare
view](https://github.com/SeleniumHQ/selenium/compare/selenium-4.44.0...selenium-4.45.0).
</details>

Updated [Selenium.WebDriver](https://github.com/SeleniumHQ/selenium)
from 4.44.0 to 4.45.0.

<details>
<summary>Release notes</summary>

_Sourced from [Selenium.WebDriver's
releases](https://github.com/SeleniumHQ/selenium/releases)._

## 4.45.0

## Detailed Changelogs by Component

<img src="https://www.selenium.dev/images/programming/java.svg"
width="20" height="20">
**[Java](https://github.com/SeleniumHQ/selenium/blob/trunk/java/CHANGELOG)**
&nbsp;&nbsp;&nbsp; | &nbsp;&nbsp;&nbsp;<img
src="https://www.selenium.dev/images/programming/python.svg" width="20"
height="20">
**[Python](https://github.com/SeleniumHQ/selenium/blob/trunk/py/CHANGES)**
&nbsp;&nbsp;&nbsp; | &nbsp;&nbsp;&nbsp;<img
src="https://www.selenium.dev/images/programming/dotnet.svg" width="20"
height="20">
**[DotNet](https://github.com/SeleniumHQ/selenium/blob/trunk/dotnet/CHANGELOG)**
&nbsp;&nbsp;&nbsp; | &nbsp;&nbsp;&nbsp;<img
src="https://www.selenium.dev/images/programming/ruby.svg" width="20"
height="20">
**[Ruby](https://github.com/SeleniumHQ/selenium/blob/trunk/rb/CHANGES)**
&nbsp;&nbsp;&nbsp; | &nbsp;&nbsp;&nbsp;<img
src="https://www.selenium.dev/images/programming/javascript.svg"
width="20" height="20">
**[JavaScript](https://github.com/SeleniumHQ/selenium/blob/trunk/javascript/selenium-webdriver/CHANGES.md)**
<br>


<!-- Release notes generated using configuration in .github/release.yml
at selenium-4.45.0 -->

## What's Changed
* [build] derive PR diff base from HEAD^1 instead of trunk tip by
@​titusfortner in https://github.com/SeleniumHQ/selenium/pull/17438
* [build] setup trusted publishing from Github to npmrc by
@​titusfortner in https://github.com/SeleniumHQ/selenium/pull/17445
* [build] generate release notes from previous minor release tag by
@​titusfortner in https://github.com/SeleniumHQ/selenium/pull/17449
* [build] fix when to update lock files during the release process by
@​titusfortner in https://github.com/SeleniumHQ/selenium/pull/17450
* [java] remove deprecated logging classes by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17453
* [grid] Close pre-handshake race in WebSocket proxy by @​shs96c in
https://github.com/SeleniumHQ/selenium/pull/17435
* [JavaScript] Correct handling for older browsers and missing casing by
@​AutomatedTester in https://github.com/SeleniumHQ/selenium/pull/17451
* Use pyproject for Python runtime deps lock input by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17452
* [rb] deprecate curb http client support by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17443
* [javascript] Migrate find-elements atom from Closure to TypeScript by
@​AutomatedTester in https://github.com/SeleniumHQ/selenium/pull/17458
* [py] replace rules_python sphinxdocs with local sphinx_docs rule by
@​titusfortner in https://github.com/SeleniumHQ/selenium/pull/17461
* [build] Configure Renovate dashboard approval by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17464
* [js] update vulnerable dependency with a range by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17466
* [build] remove duplicated grid ui tests by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17468
* [build] update java graphpql dependency by filtering out bad reference
by @​titusfortner in https://github.com/SeleniumHQ/selenium/pull/17469
* [rb] upgrade to steep 2.0 by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17470
* [rust] update dependencies by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17472
* [build] update GitHub Actions to latest major versions by
@​titusfortner in https://github.com/SeleniumHQ/selenium/pull/17475
* [dotnet] update dev dependencies by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17474
* [dotnet] fix template caching by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17476
* [dotnet] update system.text.json to 8.0.6 by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17477
* [js] update dev dependencies by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17479
* [dotnet] upgrade paket from v9 to v10 by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17481
* [build] bump bazel version to 9.1 by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17480
* [rust] update zip to v8 by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17485
* [js] update eslint to v10 with fixes by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17482
* [rb] Update ruby to 3.3.9 by @​aguspe in
https://github.com/SeleniumHQ/selenium/pull/17484
* [dotnet] include snupkg files when packaging things up and allow the
use of sourcelink by @​AutomatedTester in
https://github.com/SeleniumHQ/selenium/pull/17467
* [build] update download-artifact to v8 by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17493
* [dotnet] run format against slnx instead of looping csproj by
@​titusfortner in https://github.com/SeleniumHQ/selenium/pull/17483
* [build] bump low-risk Bazel module dependencies by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17494
* [rust] update reqwest to 0.13 by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17488
* [dotnet] [build] Fix remote linkage in SourceLink by @​nvborisenko in
https://github.com/SeleniumHQ/selenium/pull/17495
* [build] remove renovate update requests pending work done in #​17427
by @​titusfortner in https://github.com/SeleniumHQ/selenium/pull/17498
* [dotnet] [build] Support deterministic build output by @​nvborisenko
in https://github.com/SeleniumHQ/selenium/pull/17497
* [build] bump ruby versions to latest patch releases by @​titusfortner
in https://github.com/SeleniumHQ/selenium/pull/17496
* [js] remove npm dependency by using bazel for everything by
@​titusfortner in https://github.com/SeleniumHQ/selenium/pull/17499
* [build] bump rules_jvm_external by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17501
* [build] bump rules_closure version by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17500
* [build] clarify dependency pin and update tasks by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17463
* [build] simplify commit-changes workflow by @​titusfortner in
https://github.com/SeleniumHQ/selenium/pull/17503
 ... (truncated)

Commits viewable in [compare
view](https://github.com/SeleniumHQ/selenium/compare/selenium-4.44.0...selenium-4.45.0).
</details>

Updated
[Serilog.Settings.Configuration](https://github.com/serilog/serilog-settings-configuration)
from 10.0.0 to 10.0.1.

<details>
<summary>Release notes</summary>

_Sourced from [Serilog.Settings.Configuration's
releases](https://github.com/serilog/serilog-settings-configuration/releases)._

## 10.0.1

## What's Changed
* Support LevelAlias names in configuration parsing by @​mohammed-saalim
in https://github.com/serilog/serilog-settings-configuration/pull/465
* Fix: Update ConditionalSink expression syntax in sample app by
@​gyurebalint in
https://github.com/serilog/serilog-settings-configuration/pull/470
* issue-468: Fix empty/whitespace string converting to array type by
@​gyurebalint-CID in
https://github.com/serilog/serilog-settings-configuration/pull/469
* Add WriteTo.FallbackChain and WriteTo.Fallible support in
configuration by @​ArieGato in
https://github.com/serilog/serilog-settings-configuration/pull/474
* Fix/issue 441 by @​gyurebalint in
https://github.com/serilog/serilog-settings-configuration/pull/471
* Support C# 13 params collections (IEnumerable<T>, List<T>) by
@​gyurebalint in
https://github.com/serilog/serilog-settings-configuration/pull/478

## New Contributors
* @​mohammed-saalim made their first contribution in
https://github.com/serilog/serilog-settings-configuration/pull/465
* @​gyurebalint made their first contribution in
https://github.com/serilog/serilog-settings-configuration/pull/470
* @​gyurebalint-CID made their first contribution in
https://github.com/serilog/serilog-settings-configuration/pull/469
* @​ArieGato made their first contribution in
https://github.com/serilog/serilog-settings-configuration/pull/474

**Full Changelog**:
https://github.com/serilog/serilog-settings-configuration/compare/v10.0.0...v10.0.1

Commits viewable in [compare
view](https://github.com/serilog/serilog-settings-configuration/compare/v10.0.0...v10.0.1).
</details>

Updated
[Swashbuckle.AspNetCore](https://github.com/domaindrivendev/Swashbuckle.AspNetCore)
from 10.1.7 to 10.2.3.

<details>
<summary>Release notes</summary>

_Sourced from [Swashbuckle.AspNetCore's
releases](https://github.com/domaindrivendev/Swashbuckle.AspNetCore/releases)._

## 10.2.3

## What's Changed

* Bump swagger-ui-dist to 5.32.7 by @​dependabot in
https://github.com/domaindrivendev/Swashbuckle.AspNetCore/pull/4015

**Full Changelog**:
https://github.com/domaindrivendev/Swashbuckle.AspNetCore/compare/v10.2.2...v10.2.3

## 10.2.2

## What's Changed

* Update NuGet packages by @​martincostello in
https://github.com/domaindrivendev/Swashbuckle.AspNetCore/pull/3990
* Set `SOURCE_DATE_EPOCH` by @​martincostello in
https://github.com/domaindrivendev/Swashbuckle.AspNetCore/pull/3997
* Fix `InvalidOperationException` if no route matches by
@​martincostello in
https://github.com/domaindrivendev/Swashbuckle.AspNetCore/pull/3999
* Fix empty parameter example not generated by @​dldl-cmd in
https://github.com/domaindrivendev/Swashbuckle.AspNetCore/pull/3932
* Map `[MinLength]`/`[MaxLength]` on dictionary properties to
`minProperties`/`maxProperties` by @​KitKeen in
https://github.com/domaindrivendev/Swashbuckle.AspNetCore/pull/3922
* Fix conflicting required+nullable schema when only NonNullableReferen…
by @​KitKeen in
https://github.com/domaindrivendev/Swashbuckle.AspNetCore/pull/3912
* Fix `ExposeSwaggerDocumentUrlsRoute` behaviour by @​martincostello in
https://github.com/domaindrivendev/Swashbuckle.AspNetCore/pull/4000
* Use `NUGET_API_KEY` by @​martincostello in
https://github.com/domaindrivendev/Swashbuckle.AspNetCore/pull/4006

## New Contributors

* @​KitKeen made their first contribution in
https://github.com/domaindrivendev/Swashbuckle.AspNetCore/pull/3922

**Full Changelog**:
https://github.com/domaindrivendev/Swashbuckle.AspNetCore/compare/v10.2.1...v10.2.2


## 10.2.1

## What's Changed

* Update Microsoft.OpenApi to 2.7.5 to pick up fix for
GHSA-v5pm-xwqc-g5wc by @​martincostello in
https://github.com/domaindrivendev/Swashbuckle.AspNetCore/pull/3974

**Full Changelog**:
https://github.com/domaindrivendev/Swashbuckle.AspNetCore/compare/v10.2.0...v10.2.1


## 10.2.0

## What's Changed

* Add `MapSwaggerUI` and `MapReDoc` to support endpoint routing by
@​Strepto in
https://github.com/domaindrivendev/Swashbuckle.AspNetCore/pull/3822
* Bump version to 10.2.0 by @​martincostello in
https://github.com/domaindrivendev/Swashbuckle.AspNetCore/pull/3872
* Bump swagger-ui-dist from 5.32.1 to 5.32.2 by @​dependabot in
https://github.com/domaindrivendev/Swashbuckle.AspNetCore/pull/3883
* Support `HEAD` requests by @​snebjorn in
https://github.com/domaindrivendev/Swashbuckle.AspNetCore/pull/3887
* Use `IAsyncSwaggerProvider` in CLI `tofile` command by @​bt-Knodel in
https://github.com/domaindrivendev/Swashbuckle.AspNetCore/pull/3910
* Pin runner images by @​martincostello in
https://github.com/domaindrivendev/Swashbuckle.AspNetCore/pull/3944
* Disable npm install scripts by @​martincostello in
https://github.com/domaindrivendev/Swashbuckle.AspNetCore/pull/3946
* Bump redoc from 2.5.2 to 2.5.3 by @​dependabot in
https://github.com/domaindrivendev/Swashbuckle.AspNetCore/pull/3967

## New Contributors

* @​Strepto made their first contribution in
https://github.com/domaindrivendev/Swashbuckle.AspNetCore/pull/3822
* @​snebjorn made their first contribution in
https://github.com/domaindrivendev/Swashbuckle.AspNetCore/pull/3887
* @​bt-Knodel made their first contribution in
https://github.com/domaindrivendev/Swashbuckle.AspNetCore/pull/3910

**Full Changelog**:
https://github.com/domaindrivendev/Swashbuckle.AspNetCore/compare/v10.1.7...v10.2.0

Commits viewable in [compare
view](https://github.com/domaindrivendev/Swashbuckle.AspNetCore/compare/v10.1.7...v10.2.3).
</details>

Updated
[System.IdentityModel.Tokens.Jwt](https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet)
from 8.18.0 to 8.19.1.

<details>
<summary>Release notes</summary>

_Sourced from [System.IdentityModel.Tokens.Jwt's
releases](https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/releases)._

## 8.19.1

## Bug Fixes
- Update `JwtSecurityTokenHandler` for
`IssuerSigningKeyResolverUsingConfiguration` to take priority over
`IssuerSigningKeyResolver`, matching the documented contract and the
correct behavior already present in `JsonWebTokenHandler`. See [PR
#​3519](https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3519).

## 8.19.0

## New Features
- Add ML-DSA (FIPS 204) post-quantum signature support. See [PR
#​3479](https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3479).
- Cache custom crypto providers in CryptoProviderFactory. See [PR
#​3489](https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3489).

## Bug Fixes
- Disable automatic redirects on default HttpClient for JKU retrieval.
See [PR
#​3494](https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3494).
- Adjust rented buffer handling in claim set parsing. See [PR
#​3493](https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3493).
- Tidy null handling in SAML conditions validation. See [PR
#​3491](https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3491).
- Improve validation of `jku` claim. See [PR
#​3481](https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3481).
- Limit telemetry algorithm dimension cardinality. See [PR
#​3490](https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3490).
- Add defensive copy of collections in ValidationParameters. See [PR
#​3492](https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3492).
- Update TokenValidationParameter copy constructor to make a deep copy.
See [PR
#​3488](https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3488).
- Update to fail-closed when replay protection isn't configured and
other DPoP hardening. See [PR
#​3505](https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3505).
- Apply RFC 3986 section 6.2.2 normalization to DPoP `htu` comparison.
See [PR
#​3509](https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3509).

Commits viewable in [compare
view](https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/compare/8.18.0...8.19.1).
</details>

Updated
[Testcontainers.PostgreSql](https://github.com/testcontainers/testcontainers-dotnet)
from 4.11.0 to 4.13.0.

<details>
<summary>Release notes</summary>

_Sourced from [Testcontainers.PostgreSql's
releases](https://github.com/testcontainers/testcontainers-dotnet/releases)._

## 4.13.0

# What's Changed

Thank you to everyone who contributed and shared their feedback 🤜🤛.

The NuGet packages for this release have been attested for supply chain
security using [`actions/attest`](https://github.com/actions/attest).
This confirms the integrity and provenance of the artifacts and helps
ensure they can be trusted:
[#​33686956](https://github.com/testcontainers/testcontainers-dotnet/attestations/33686956).

## 🚀 Features

* feat: Add Aspire dashboard module (#​1194) @​NikiforovAll
* feat: Add image name substitution hook (#​1710) @​HofmeisterAn
* feat(CosmosDb): Add get method AccountEndpoint (#​1707) @​srollinet
* feat: Improve image build failure messages (#​1700) @​HofmeisterAn

## 🐛 Bug Fixes

* fix: Restore tar archive write performance regressed by padding trim
(#​1719) @​HofmeisterAn
* chore: Bump Docker.DotNet from 4.3.2 to 4.3.3 (#​1714) @​HofmeisterAn
* chore(AspireDashboard): Cover connection string provider (#​1713)
@​HofmeisterAn

## 📖 Documentation

* docs: Add missing TC languages and reorder docs navigation (#​1711)
@​mdelapenya
* docs: Add note about unsupported BuildKit Dockerfile features (#​1696)
@​HofmeisterAn
* docs: Explain immutable builder behavior (#​1693) @​HofmeisterAn

## 🧹 Housekeeping

* chore: Enable Dependabot cooldown (#​1716) @​HofmeisterAn
* chore: Add nuget.config (#​1715) @​Rob-Hague
* chore(AspireDashboard): Cover connection string provider (#​1713)
@​HofmeisterAn
* chore: Bump Docker.DotNet from 4.2.0 to 4.3.2 (#​1712) @​HofmeisterAn
* chore: Bump sshd-docker image from 1.3.0 to 1.4.0 (#​1709)
@​HofmeisterAn
* chore: Rename runtime label and add buildkit and stale labels (#​1703)
@​HofmeisterAn
* fix: Guard expensive argument evaluation when logging (#​1702)
@​HofmeisterAn
* chore: Defer container ID truncation in logging (#​1701)
@​HofmeisterAn
* chore: Migrate to LoggerMessageAttribute (#​1697) @​HofmeisterAn

## 📦 Dependency Updates

* chore(deps): Bump the actions group with 2 updates (#​1721)
@[dependabot[bot]](https://github.com/apps/dependabot)
* chore(deps): Bump the actions group with 7 updates (#​1717)
@[dependabot[bot]](https://github.com/apps/dependabot)
* chore: Bump Docker.DotNet from 4.3.2 to 4.3.3 (#​1714) @​HofmeisterAn
* chore: Bump Docker.DotNet from 4.2.0 to 4.3.2 (#​1712) @​HofmeisterAn
* chore(deps): Bump the actions group with 4 updates (#​1698)
@[dependabot[bot]](https://github.com/apps/dependabot)


## 4.12.0

# What's Changed

Thanks to all contributors 👏.

The NuGet packages for this release have been attested for supply chain
security using [`actions/attest`](https://github.com/actions/attest).
This confirms the integrity and provenance of the artifacts and helps
ensure they can be trusted:
[#​28009236](https://github.com/testcontainers/testcontainers-dotnet/attestations/28009236).

## ⚠️ Breaking Changes

* chore(deps): Bump Docker.DotNet from 3.131.1 to 4.0.2 (#​1665)
@​HofmeisterAn

## 🚀 Features

* feat: Add Floci module (#​1690) @​object
* feat: Ignore port-forwarding extra host in reuse hash (#​1689)
@​HofmeisterAn
* feat: Allow devs to override the reuse hash calculation (#​1688)
@​HofmeisterAn
* feat: Add connect to network API (#​1672) @​HofmeisterAn
* feat(LocalStack): Require auth token for 4.15 and onwards (#​1667)
@​HofmeisterAn
* chore(deps): Bump Docker.DotNet from 3.131.1 to 4.0.2 (#​1665)
@​HofmeisterAn

## 🐛 Bug Fixes

* fix: Trim tar record padding to avoid broken-pipe failure on Podman
(#​1684) @​artiomchi
* fix(Nats): Use healthz API for readiness probe (#​1679) @​eriblo01
* fix: Remove KeepAlive socket option (#​1671) @​Angelinsky7

## 📖 Documentation

* docs: Extend WithCommand(params string[]) documentation (#​1685)
@​HofmeisterAn

## 🧹 Housekeeping

* feat: Prepare next release cycle (4.12.0) (#​1664) @​HofmeisterAn

## 📦 Dependency Updates

* chore(deps): Bump the actions group with 5 updates (#​1687)
@[dependabot[bot]](https://github.com/apps/dependabot)
* chore(deps): Bump Docker.DotNet from 4.1.0 to 4.2.0 (#​1686)
@​HofmeisterAn
* chore(deps): Bump the actions group with 5 updates (#​1676)
@[dependabot[bot]](https://github.com/apps/dependabot)
* chore(deps): Bump Docker.DotNet from 4.0.2 to 4.1.0 (#​1674)
@​HofmeisterAn
* chore(deps): Bump Docker.DotNet from 3.131.1 to 4.0.2 (#​1665)
@​HofmeisterAn


Commits viewable in [compare
view](https://github.com/testcontainers/testcontainers-dotnet/compare/4.11.0...4.13.0).
</details>

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

B-build Includes scripting, bazel and CI integrations Compliance violation

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants