Bump Microsoft.IdentityModel.JsonWebTokens from 8.2.1 to 8.15.0
Closed
Number: #96
Type: Pull Request
State: Closed
Type: Pull Request
State: Closed
Author:
![dependabot[bot]](https://github.com/dependabot.png)
dependabot[bot]
Association: Unknown
Comments: 1
dependabot[bot]Association: Unknown
Comments: 1
Created:
November 20, 2025 at 02:02 AM UTC
(7 months ago)
(7 months ago)
Updated:
December 03, 2025 at 02:02 AM UTC
(7 months ago)
(7 months ago)
Closed:
December 03, 2025 at 02:02 AM UTC
(7 months ago)
(7 months ago)
Time to Close:
13 days
Labels:
dependencies .NET
dependencies .NET
Description:
Updated Microsoft.IdentityModel.JsonWebTokens from 8.2.1 to 8.15.0.
Release notes
Sourced from Microsoft.IdentityModel.JsonWebTokens's releases.
8.15.0
New Features
- Add ECDsa support in
X509SecurityKeyandJsonWebKeyConverter.ConvertFromX509SecurityKey
ExtendedX509SecurityKeyandJsonWebKeyConverter.ConvertFromX509SecurityKeyto support ECDSA keys.
See PR #2377 for details.
Bug Fixes
- Sanitize logs to avoid leaking sensitive data
Updated logging to sanitize sensitive values, reducing the risk of inadvertently exposing secrets or PII in logs.
See PR #3316 for details. - Optimize log sanitization with
SearchValues
Improved the performance of the log sanitization logic introduced earlier by usingSearchValues, making sanitization more efficient in high-throughput scenarios.
See PR #3341 for details. - Update test for
IDX10400
Adjusted theIDX10400test to align with the current behavior and error messaging.
See PR #3314 for details.
Fundamentals
- Add supported algorithm tests
Added new tests to validate the set of supported cryptographic algorithms, increasing confidence in algorithm coverage and compatibility.
See PR #3296 for details. - Migrate repository agent rules from
.clinerulestoagents.md
Moved repository agent/AI-assist rules into markdown documentation to make them more visible and easier to maintain.
See PR #3313 for details. - Migrate
Microsoft.IdentityModel.TestExtensionsfrom Newtonsoft.Json to System.Text.Json
UpdatedMicrosoft.IdentityModel.TestExtensionsto useSystem.Text.Jsoninstead ofNewtonsoft.Json, aligning tests with the runtime serialization stack.
See PR #3356 for details. - Disable code coverage comments
Turned off automated code coverage comments on PRs to reduce noise while retaining coverage data elsewhere.
See PR #3349 for details. - Fix CodeQL alerts
Addressed CodeQL-reported issues to improve security posture and static analysis cleanliness.
See PR #3364 for details.
.NET 10 / SDK and tooling updates
- Building with .NET 10 preview / RC 1
Updated the repository to build and test against .NET 10.0 preview/RC1, ensuring early compatibility with the upcoming runtime.
See PRs #3287, #3357, and #3358 for details. - Fix .NET 10 test execution consistency
Ensured consistent use of theTargetNetNextparameter across build, test, and pack phases so .NET 10.0 tests execute reliably.
See PR #3337 for details. - Update project files and workflows for .NET 10.0 compatibility
Adjusted project files and CI workflows to correctly target and run on .NET 10.0, including test and pack scenarios.
See PR #3363 for details. - Update .NET version to meet CG compliance
Updated the .NET version references to be compliant with corporate governance (CG) requirements.
See PR #3353 for details. - Update Coverlet collector and test SDK
- Bumped
CoverletCollectorVersionto 6.0.4.
See PR #3333 for details. - Upgraded
Microsoft.NET.Test.Sdkto a newer version for improved test reliability and tooling support.
... (truncated)
- Bumped
8.14.0
8.14.0
Bug Fixes
- Switch back to use
ValidationResultinstead ofOperationResultwhen validating a token in a new experimental validation flow. Additionally removed the dependency on Microsoft.IdentityModel.Abstractions. See #3299 for details.
8.13.1
8.13.1
Dependencies
Microsoft.IdentityModel now depends on Microsoft.Identity.Abstractions 9.3.0
Bug Fixes
- Fixed a decompression failure happening for large JWE payloads. See #3286 for details.
Work related to redesign of IdentityModel's token validation logic #2711
- Update the validation methods to return Microsoft.Identity.Abstractions.OperationResult. See #3284 for details.
8.13.0
8.13.0
8.13.0
Fundamentals
CaseSensitiveClaimsIdentity.SecurityTokensetter is now protected internal (was internal). See PR #3278 for details.- Update .NET SDK version to 9.0.108 used when building or running the code. See PR #3274 for details.
- Update RsaSecurityKey.cs to replace the Pkcs1 padding by Pss from HasPrivateKey check. See #3280 for details.
What's Changed
- Make CaseSensitiveClaimsIdentity.SecurityToken setter protected by @keegan-caruso in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3278
- Update .NET SDK version in global.json from 9.0.107 to 9.0.108 by @Copilot in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3274
- Update RsaSecurityKey.cs to remove Pkcs 1 by @keegan-caruso in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3280
- changelog for 8.13 by @jennyf19 in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3282
New Contributors
- @Copilot made their first contribution in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3274
Full Changelog: https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/compare/8.12.1...8.13.0
8.12.1
8.12.1
Fundamentals
- Update .NET SDK version to 9.0.107 used when building or running the code. See #3263 for details.
- To keep our experimental code separate from production code, all files associated with experimental features have been moved to the Experimental folders. See PR #3261 for details.
- Experimental code leaked into TokenValidationResult from early prototypes. See PR #3259 for details.
What's Changed
- Remove experimental code from TokenValidationResult by @brentschmaltz in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3259
- Moved files to experimental folder by @brentschmaltz in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3261
- Update global.json to latest by @jennyf19 in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3263
Full Changelog: https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/compare/8.12.0...8.12.1
8.12.0
8.12.0
New Features
- Enhance ConfigurationManager with event handling
Added event handling capabilities to theConfigurationManager, enabling consumers to subscribe to configuration change events. This enhancement improves extensibility and allows more responsive applications. For details see #3253
Bug Fixes
- Add expected Base64UrlEncoder.Decode overload for NET6 and 8
Introduced the expected overload ofBase64UrlEncoder.Decodefor .NET 6 and 8, ensuring compatibility and preventing missing method issues on these frameworks.
For details see #3249
Fundamentals
- Add AI assist rules
Incorporated AI assist rules to enhance AI agents effectiveness.
For details see #3255 - Update PublicApiAnalyzers and BannedApiAnalyzers to 4.14.0
Upgraded analyzer packages for improved diagnostics and code consistency (in particular delegates are added).
For details see #3256 - Move suppression of RS006 to csproj
Centralized suppression of RS006 warnings in project files for easier management.
For details see #3230
What's Changed
- Move suppression of RS006 to csproj. by @brentschmaltz in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3230
- Add expected Base64UrlEncoder.Decode overload for NET6 and 8 by @pmaytak in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3250
- add ai assist rules by @jennyf19 in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3255
- Enhance ConfigurationManager with event handling by @GeoK in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3254
- Update PublicApiAnalyzers and BannedApiAnalyzers to 4.14.0 by @pmaytak in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3256
- Update CHANGELOG.md for 8.12.0 by @jmprieur in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3258
Full Changelog: https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/compare/8.11.0...8.12.0
8.11.0
8.11.0
New Features:
- Microsoft.IdentityModel now exposes the AadIssuerValidator factory method publicly to enable caching functionality for AadIssuerValidator instances. See issue #3245 for details.
- Added a new public async API:
JsonWebTokenHandler.DecryptTokenWithConfigurationAsync, which decrypts a JWE token using keys from eitherTokenValidationParametersor, if not present, from configuration (such as via a ConfigurationManager). This enhancement improves developer experience by enabling asynchronous, cancellation-aware JWE decryption scenarios, aligning with modern .NET async patterns and making integration with external key/configuration sources more robust and observable. See PR #3243 for details.
What's Changed
- few updates by @jennyf19 in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3242
- Changelog for 8.10.0 by @sruke in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3241
- Exposes publicly override of AadIssuerValidator factory taking a delegate by @jmprieur in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3244
- update current version to 8.10.0 by @brentschmaltz in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3246
- Add DecryptTokenWithConfiguration API by @pmaytak in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3243
- changelog for 8.11 by @jennyf19 in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3248
Full Changelog: https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/compare/8.10.0...8.11.0
8.10.0
8.10.0
Bug Fixes
- Corrected casing of the Type attribute in SubjectConfirmationData. See #3206.
- Removed Microsoft.Bcl.Memory dependency for pre-.NET 9.0 targets. See #3220.
- Aligned Microsoft.Extensions.Logging.Abstractions version to 8.0.0 for .NET 9 to match other targets. See #3226.
Fundamentals
8.9.0
8.9.0
Bug Fixes
- syncAfter has been updated to preserve UTC information, addressing a bug where GetConfigurationAsync does not refresh configuration in ConfigurationManager. See https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3213.
- Fixed a null reference issue in KeyInfo. See https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3203.
New Features
- Introduced a new delegate for reading custom token payload values on JsonWebToken. See https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/2981.
- Added an overload for ReadJsonWebToken to take a ReadOnlyMemory. See https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3205.
Fundamentals
- Utilized IList to avoid enumerator allocation during audience validation. See https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3204.
8.8.0
8.8.0
New Features
- Adds the ability for the metadata refresh to be done as a blocking call, as per 8.0.1 behavior. This is done through the
Switch.Microsoft.IdentityModel.UpdateConfigAsBlockingswitch. If set, configuration calls will be blocking when metadata is updated, otherwise, if token arrive with a new signing keys, validation errors will be returned to the caller. See PR #3193 for details. - Identity.Model updates some log and error messages (IDX10214, IDX10215). If the information is needed for debugging purposes, it can be reverted via the
Switch.Microsoft.IdentityModel.DoNotScrubExceptionsAppContextSwitch. See PR #3195 and https://aka.ms/identitymodel/app-context-switches for details. - Change all plain object locks to
System.Thread.Lockobjects for .NET 9 or greater. See PRs #3185 and #3189 for details.
8.7.0
Bug Fixes
- Add back internal methods
IsRecoverableExceptionandIsRecoverableExceptionTypewhose signatures were changed in the previous version. See #3181.
New Features
- Make
Cnfclass public and move it to Microsoft.IdentityModel.Tokens package. See #3165.
What's Changed
- Post Release 8.6.1 cleanup by @mdchennu in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3160
- Updates CodeQL.yaml to exclude test files by @sruke in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3163
- Adds explanation for CodeQL warnings by @sruke in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3167
- Fix typo by @rstm-sf in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3175
- Need to change the locks by @JoshLozensky in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3171
- Move CNF from SHR to M.IM.Tokens by @keegan-caruso in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3168
- Add back IsRecoverableException methods. by @pmaytak in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3183
- Revert "Need to change the locks" by @pmaytak in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3186
- 8.7.0 changelog by @pmaytak in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3184
New Contributors
- @rstm-sf made their first contribution in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3175
Full Changelog: https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/compare/8.6.1...8.7.0
8.6.1
8.6.1
Bug fix
- Microsoft.IdentityModel now triggers a configuration refresh if token decryption fails. See issue #3148 for details.
- Fix a bug in
JsonWebTokenHandlerwhereJwtTokenDecryptionParameters'sAlgandEncwere not set during token decryption, causingIDX10611andIDX10619errors to show null values in the messages. See issue #3003 for details.
Fundamentals
- For development, IdentityModel now has a global.json file to specify the .NET SDK version. See issue #2995 for details.
What's Changed
- Update version.props to next version by @jennyf19 in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3145
- Update the public API shipped files by @jmprieur in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3146
- Add global.json file by @mdchennu in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3153
- Trigger metadata refresh for token decryption errors by @pmaytak in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3149
- Populate error messages correctly from JwtTokenUtilities.DecryptJwtToken by @ksaaf in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3152
- first changelog update by @jennyf19 in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3156
New Contributors
- @mdchennu made their first contribution in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3153
- @ksaaf made their first contribution in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3152
Full Changelog: https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/compare/8.6.0...8.6.1
8.6.0
8.6.0
New Features
- TokenValidationParameters has a new boolean property
TryAllDecryptionKeysthat let you choose whether to try all decrypt keys when no key matches the token decrypt key IDs. By default it's set to true (legacy behavior) but you can set it to false to avoid tyring all keys which is more performant. See #3128 - Promote KeyInfo.MatchesKey from internal to protected internal virtual to enable SAML extensibility (for CoreWcf). See #3140
Fundamentals
- Update dependency on Microsoft.Extensions.Logging.Abstractions from 9.0.0 to 8.0.2 to avoid package downgrade in apps on .NET 9 using a netstandard2.0 library referencing logging.abstractions. See 3143
- Add more tests for encrypted tokens. See #3139
What's Changed
- Update CHANGELOG.md by @jennyf19 in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3133
- Update version.props to next version by @jennyf19 in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3137
- Add TryAllDecryptionKeys flag to whether decrypt if no key IDs match by @pmaytak in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3128
- Change KeyInfo.MatchesKey from internal to protected internal virtual. by @brentschmaltz in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3140
- Fix #3112 by @jmprieur in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3143
- Add more auto-decryption related tests by @pmaytak in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3139
- Update changelog.md for 8.6.0 by @jmprieur in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3144
Full Changelog: https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/compare/8.5.0...8.6.0
8.5.0
8.5.0
Reverting previous breaking change
- The Configuration Manager has been reverted to version 8.3.1. The changes made in 8.4.0 assume the configuration manager is used as a singleton, which is similar to marking the type as disposable. We have since learned that adding IDisposable is a breaking change, so we are following semver guidance and reverting and releasing a minor version (8.5.0).
- Cherry-picked Changes: Included changes from PR #3022 and #3104.
What's Changed
- Update version.props by @jennyf19 in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3126
- fix formatting error by @jennyf19 in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3134
- Revert configuration manager to 8.3.1 by @keegan-caruso in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3132
Full Changelog: https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/compare/8.4.0...8.5.0
8.4.0
8.4.0
New Features
- App context switch allows blocking or non-blocking calls for configuration. See PR #3106 for details and issue #3082 for details. If you are not using the ConfigurationManager as a singleton and not using the blocking option, you may need to call ShutdownBackgroundTask() to stop the background task to avoid leaking Tasks.
- IdentityModel now enables symmetric and asymmetric keys to be created publicly with JWK. See #3094 for details.
- IdentityModel now allows specifying the HTTP protocol version and version policy. See #2808 for details.
Repair items
- Add request count and duration telemetry for configuration requests. See #3022 for details.
KeyIDshould be present in exception messages and is no longer PII. See #3104 for details.
Fundamentals
- Fix spelling issues in xml comments. See #3117 for details.
- Fix comment coverage in PR builds. See #3079 for details.
Work related to redesign of IdentityModel's token validation logic #2711
- See #3056. #3100, #3017, and #3111.
- Add internal virtual on TokenHandler. See #3084 for details.
- @prochnowc made their first contribution in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/2809
8.3.1
8.3.1
Bug Fixes
- Respect TVP.RequireAudience when set to false. See #3055
- For net4.6.2 select RSACng for PSS support. See #3097
- Fix package downgrade in consuming libraries. See#3062
- Fix integer overflow in
AuthenticationEncryptionProvider.cs. See #3063
Fundamentals
- Removed unused property on JsonWebToken ClaimsIdentity. See #3071 for details.
- Upgrade to C# 13. See #2998
- Use new Base64Url API. See #22817
- Add warning quality check. See #3067
- Update dotnet actions. see #3074
- Fix warnings. See #3081
- Test updates in JsonWebToken. See #3080.
Work related to redesign of IdentityModel's token validation logic #2711
What's Changed
- Update CHANGELOG.md by @jmprieur in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3053
- Extensibility tests: Audience - JWT, SAML and SAML2 by @iNinja in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3027
- Extensibility tests: Lifetime - JWT, SAML and SAML2 by @iNinja in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3028
- Implement lazy ClaimsIdentity creation from ValidatedToken on SAML and SAML2 on the new validation model by @iNinja in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3051
- Add logging to the new validation model by @iNinja in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3054
- update version by @brentschmaltz in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3057
- lower version to avoid downgrades. by @brentschmaltz in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3058
- Respect TVP.RequireAudience when set to false by @kllysng in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3055
- Fix package downgrade in consuming libraries by @jmprieur in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3062
- Add slnf for running perf and stress tests by @brentschmaltz in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3066
- Add Warning Quality Check Build Task 🔨 by @kllysng in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3067
- Update template-Build-run-tests-sign.yml by @ciaozhang in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3069
- Removed unused property on JsonWebToken by @keegan-caruso in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3072
- Update setup dotnet actions by @keegan-caruso in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3074
- fixed #2983 and re-add code coverage comments to PRs by @jennyf19 in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3076
- Remove duplicate keyid into var keysAttempted by @bdapoigny in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/2899
- Upgrade to C# 13 by @westin-m in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/2998
- Use new Base64Url API by @msbw2 in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/2817
- Update common.props by @ciaozhang in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3078
- fix warnings by @jennyf19 in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3081
- Fixed integer overflow in AuthenticatedEncryptionProvider.cs by @gparametr in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3063
- Test updates by @pmaytak in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3080
- For net4.6.2 select RSACng for PSS support. by @brentschmaltz in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3085
- changelog for 8.3.1 by @jennyf19 in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3098
New Contributors
- @bdapoigny made their first contribution in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/2899
- @gparametr made their first contribution in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3063
... (truncated)
8.3.0
New features
Work related to redesign of IdentityModel's token validation logic #2711
- SAML and SAML2 new model validation: Token Replay. See #2994
- Extensibility tests: Token Type - JWT (#3030), Issuer - SAML and SAML2 (#3026), Algorithm and Signature - JWT, SAML and SAML2 (#3034), Token Replay - JWT, SAML and SAML2 (#3032), Issuer signing key - JWT, SAML and SAML2 (#3029)
- Avoid code duplication in extensibility testing. See #3041
- Extensibility Testing: Refactor. See https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3011
- Remove duplicate code in extensibility tests. See https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3044
Bug fixes
- Fix bug with AadIssuerValidator. See https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3042
- Fixed SignedHttpRequest flaky test. See #3037
Fundamentals
- Install all .NET versions in pipeline to fix run tests task. See https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3018
- Changelog for 8.2.1. See https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3009
- Remove unnecessary AoT test project. See in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3045
- Fix powershell script for nuget update. See https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3046
- Update to next version. See https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3010
- Disable Coverage PR comments. See https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3048
- Updates GitHub Action to support long paths, See https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3049
- Stack parameters to improve reading of code. See https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3031
New Contributors
- @ssmelov made their first contribution in https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/3042
Full Changelog: https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/compare/8.2.1...8.3.0
Commits viewable in compare view.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Package Dependencies
Ecosystem:
nuget
nuget
Version Change:
8.2.1 → 8.15.0
Update Type:
Minor
Minor
Technical Details
| ID: | 11703152 |
| UUID: | 3645090615 |
| Node ID: | PR_kwDOECDtAs60epyp |
| Host: | GitHub |
| Repository: | NosCoreIO/NosCore.ParserInputGenerator |