Bump the major-minor-patch group with 6 updates

[dependabot]

Updated JsonSchema.Net from 7.4.0 to 9.2.2.

Release notes

Sourced from JsonSchema.Net's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Microsoft.Extensions.DependencyInjection from 10.0.8 to 10.0.9.

Release notes

Sourced from Microsoft.Extensions.DependencyInjection's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated OpenTelemetry from 1.15.3 to 1.16.0.

Release notes

Sourced from OpenTelemetry's releases.

1.16.0

For highlights and announcements pertaining to this release see: Release Notes > 1.16.0.

The following changes are from the previous release 1.16.0-rc.1.

• NuGet: OpenTelemetry v1.16.0

  No notable changes.

  See CHANGELOG for details.

• NuGet: OpenTelemetry.Api v1.16.0

  No notable changes.

  See CHANGELOG for details.

• NuGet: OpenTelemetry.Api.ProviderBuilderExtensions v1.16.0

  No notable changes.

  See CHANGELOG for details.

• NuGet: OpenTelemetry.Exporter.Console v1.16.0

  No notable changes.

  See CHANGELOG for details.

• NuGet: OpenTelemetry.Exporter.InMemory v1.16.0

  No notable changes.

  See CHANGELOG for details.

• NuGet: OpenTelemetry.Exporter.OpenTelemetryProtocol v1.16.0

  No notable changes.

  See CHANGELOG for details.

• NuGet: OpenTelemetry.Exporter.Zipkin v1.16.0

  No notable changes.

  See CHANGELOG for details.

• NuGet: OpenTelemetry.Extensions.Hosting v1.16.0

  No notable changes.

... (truncated)

1.16.0-rc.1

The following changes are from the previous release 1.15.3.

• NuGet: OpenTelemetry v1.16.0-rc.1

  • Stop validating View-provided metric stream Name against the instrument
    name syntax, per
    spec clarification.
    (#​7300)

  • Fix incorrect validation of OTEL_BSP_* and OTEL_BLRP_* environment
    variables.
    (#​7187)

  • Fix observable instrument callbacks running once per reader instead of
    once per collection cycle.
    (#​7188)

  • Added exception safety for user-supplied ExemplarReservoir implementations.
    Exceptions thrown from Offer are now caught and logged rather than propagating
    out of Counter.Add/Histogram.Record.
    (#​7277)

  • Update OpenTelemetrySdkEventSource to support the W3C randomness flag.
    (#​7301)

  • Added ObservedTimestamp property to LogRecord.
    (#​6979)

  • Breaking Change Explicit histogram boundaries no longer allow more than
    10 million values.
    (#​7165)

  • Fixed a circular reference which could cause a LoggerProvider to fail to
    resolve when one of its dependencies depends on ILogger or ILoggerFactory.
    As part of this fix the LoggerProvider resolved from dependency injection
    is now created lazily when the first logger is created rather than when
    ILoggerProvider or ILoggerFactory is resolved. A consequence is that any
    invalid configuration now surfaces when the first log record is written instead
    of when the logging services are resolved.
    (#​7308)

  See CHANGELOG for details.

• NuGet: OpenTelemetry.Api v1.16.0-rc.1

  • Experimental (pre-release builds only):
    Add support for using environment variables as context propagation carriers.
    (#​7174)

  • Fix BaggagePropagator to correctly follow Key and Value Encoding rules as per
    ... (truncated)

1.16.0-beta.1

The following changes are from the previous release 1.15.3-beta.1.

• NuGet: OpenTelemetry.Exporter.Prometheus.AspNetCore v1.16.0-beta.1

  • Fixed scrape response cache freshness using monotonic time so it is not
    affected by NTP system clock adjustments.
    (#​7253)

  • Breaking Change Removed DisableTimestamp property from
    PrometheusAspNetCoreOptions.
    (#​7176)

  • Fixed the serialization of NaN, PositiveInfinity, and NegativeInfinity
    values in Prometheus metrics to be compliant with the specification.
    (#​7179)

  • Fixed loss of precision when serializing double and float values in
    Prometheus metrics to be compliant with the specification by using 17
    significant digits to represent such values.
    (#​7179)

  • Fix non-ASCII characters in metric names and unit strings not being sanitized
    correctly during Prometheus serialization.
    (#​7184)

  • Fix case where reader tracking could be reset while readers were still active.
    (#​7190)

  • Improve Accept header handling for format negotiation so OpenMetrics is
    selected correctly by considering whitespace and q weights.
    (#​7208)

  • Emit OpenMetrics exemplars for counters and histogram buckets.
    (#​7222)

  • Fix incorrect handling of untyped metrics when using OpenMetrics format.
    (#​7219)

  • Fix Prometheus/OpenMetrics serialization to emit metric and label names
    containing _ instead of dropping them and prefixing leading digits.
    Invalid characters are replaced with _ instead of being dropped.
    (#​7209)

  • Add escaping=underscores to the Accept header handling for content
    negotiation so OpenMetrics are handled correctly.
    (#​7209)

  • Omit histogram _sum and _count in OpenMetrics when negative bucket
    thresholds are present.
    (#​7221)
    ... (truncated)

Commits viewable in compare view.

Updated OpenTelemetry.Exporter.OpenTelemetryProtocol from 1.15.3 to 1.16.0.

Release notes

Sourced from OpenTelemetry.Exporter.OpenTelemetryProtocol's releases.

1.16.0

For highlights and announcements pertaining to this release see: Release Notes > 1.16.0.

The following changes are from the previous release 1.16.0-rc.1.

• NuGet: OpenTelemetry v1.16.0

  No notable changes.

  See CHANGELOG for details.

• NuGet: OpenTelemetry.Api v1.16.0

  No notable changes.

  See CHANGELOG for details.

• NuGet: OpenTelemetry.Api.ProviderBuilderExtensions v1.16.0

  No notable changes.

  See CHANGELOG for details.

• NuGet: OpenTelemetry.Exporter.Console v1.16.0

  No notable changes.

  See CHANGELOG for details.

• NuGet: OpenTelemetry.Exporter.InMemory v1.16.0

  No notable changes.

  See CHANGELOG for details.

• NuGet: OpenTelemetry.Exporter.OpenTelemetryProtocol v1.16.0

  No notable changes.

  See CHANGELOG for details.

• NuGet: OpenTelemetry.Exporter.Zipkin v1.16.0

  No notable changes.

  See CHANGELOG for details.

• NuGet: OpenTelemetry.Extensions.Hosting v1.16.0

  No notable changes.

... (truncated)

1.16.0-rc.1

The following changes are from the previous release 1.15.3.

• NuGet: OpenTelemetry v1.16.0-rc.1

  • Stop validating View-provided metric stream Name against the instrument
    name syntax, per
    spec clarification.
    (#​7300)

  • Fix incorrect validation of OTEL_BSP_* and OTEL_BLRP_* environment
    variables.
    (#​7187)

  • Fix observable instrument callbacks running once per reader instead of
    once per collection cycle.
    (#​7188)

  • Added exception safety for user-supplied ExemplarReservoir implementations.
    Exceptions thrown from Offer are now caught and logged rather than propagating
    out of Counter.Add/Histogram.Record.
    (#​7277)

  • Update OpenTelemetrySdkEventSource to support the W3C randomness flag.
    (#​7301)

  • Added ObservedTimestamp property to LogRecord.
    (#​6979)

  • Breaking Change Explicit histogram boundaries no longer allow more than
    10 million values.
    (#​7165)

  • Fixed a circular reference which could cause a LoggerProvider to fail to
    resolve when one of its dependencies depends on ILogger or ILoggerFactory.
    As part of this fix the LoggerProvider resolved from dependency injection
    is now created lazily when the first logger is created rather than when
    ILoggerProvider or ILoggerFactory is resolved. A consequence is that any
    invalid configuration now surfaces when the first log record is written instead
    of when the logging services are resolved.
    (#​7308)

  See CHANGELOG for details.

• NuGet: OpenTelemetry.Api v1.16.0-rc.1

  • Experimental (pre-release builds only):
    Add support for using environment variables as context propagation carriers.
    (#​7174)

  • Fix BaggagePropagator to correctly follow Key and Value Encoding rules as per
    ... (truncated)

1.16.0-beta.1

The following changes are from the previous release 1.15.3-beta.1.

• NuGet: OpenTelemetry.Exporter.Prometheus.AspNetCore v1.16.0-beta.1

  • Fixed scrape response cache freshness using monotonic time so it is not
    affected by NTP system clock adjustments.
    (#​7253)

  • Breaking Change Removed DisableTimestamp property from
    PrometheusAspNetCoreOptions.
    (#​7176)

  • Fixed the serialization of NaN, PositiveInfinity, and NegativeInfinity
    values in Prometheus metrics to be compliant with the specification.
    (#​7179)

  • Fixed loss of precision when serializing double and float values in
    Prometheus metrics to be compliant with the specification by using 17
    significant digits to represent such values.
    (#​7179)

  • Fix non-ASCII characters in metric names and unit strings not being sanitized
    correctly during Prometheus serialization.
    (#​7184)

  • Fix case where reader tracking could be reset while readers were still active.
    (#​7190)

  • Improve Accept header handling for format negotiation so OpenMetrics is
    selected correctly by considering whitespace and q weights.
    (#​7208)

  • Emit OpenMetrics exemplars for counters and histogram buckets.
    (#​7222)

  • Fix incorrect handling of untyped metrics when using OpenMetrics format.
    (#​7219)

  • Fix Prometheus/OpenMetrics serialization to emit metric and label names
    containing _ instead of dropping them and prefixing leading digits.
    Invalid characters are replaced with _ instead of being dropped.
    (#​7209)

  • Add escaping=underscores to the Accept header handling for content
    negotiation so OpenMetrics are handled correctly.
    (#​7209)

  • Omit histogram _sum and _count in OpenMetrics when negative bucket
    thresholds are present.
    (#​7221)
    ... (truncated)

Commits viewable in compare view.

Updated OpenTelemetry.Extensions.Hosting from 1.15.3 to 1.16.0.

Release notes

Sourced from OpenTelemetry.Extensions.Hosting's releases.

1.16.0

For highlights and announcements pertaining to this release see: Release Notes > 1.16.0.

The following changes are from the previous release 1.16.0-rc.1.

• NuGet: OpenTelemetry v1.16.0

  No notable changes.

  See CHANGELOG for details.

• NuGet: OpenTelemetry.Api v1.16.0

  No notable changes.

  See CHANGELOG for details.

• NuGet: OpenTelemetry.Api.ProviderBuilderExtensions v1.16.0

  No notable changes.

  See CHANGELOG for details.

• NuGet: OpenTelemetry.Exporter.Console v1.16.0

  No notable changes.

  See CHANGELOG for details.

• NuGet: OpenTelemetry.Exporter.InMemory v1.16.0

  No notable changes.

  See CHANGELOG for details.

• NuGet: OpenTelemetry.Exporter.OpenTelemetryProtocol v1.16.0

  No notable changes.

  See CHANGELOG for details.

• NuGet: OpenTelemetry.Exporter.Zipkin v1.16.0

  No notable changes.

  See CHANGELOG for details.

• NuGet: OpenTelemetry.Extensions.Hosting v1.16.0

  No notable changes.

... (truncated)

1.16.0-rc.1

The following changes are from the previous release 1.15.3.

• NuGet: OpenTelemetry v1.16.0-rc.1

  • Stop validating View-provided metric stream Name against the instrument
    name syntax, per
    spec clarification.
    (#​7300)

  • Fix incorrect validation of OTEL_BSP_* and OTEL_BLRP_* environment
    variables.
    (#​7187)

  • Fix observable instrument callbacks running once per reader instead of
    once per collection cycle.
    (#​7188)

  • Added exception safety for user-supplied ExemplarReservoir implementations.
    Exceptions thrown from Offer are now caught and logged rather than propagating
    out of Counter.Add/Histogram.Record.
    (#​7277)

  • Update OpenTelemetrySdkEventSource to support the W3C randomness flag.
    (#​7301)

  • Added ObservedTimestamp property to LogRecord.
    (#​6979)

  • Breaking Change Explicit histogram boundaries no longer allow more than
    10 million values.
    (#​7165)

  • Fixed a circular reference which could cause a LoggerProvider to fail to
    resolve when one of its dependencies depends on ILogger or ILoggerFactory.
    As part of this fix the LoggerProvider resolved from dependency injection
    is now created lazily when the first logger is created rather than when
    ILoggerProvider or ILoggerFactory is resolved. A consequence is that any
    invalid configuration now surfaces when the first log record is written instead
    of when the logging services are resolved.
    (#​7308)

  See CHANGELOG for details.

• NuGet: OpenTelemetry.Api v1.16.0-rc.1

  • Experimental (pre-release builds only):
    Add support for using environment variables as context propagation carriers.
    (#​7174)

  • Fix BaggagePropagator to correctly follow Key and Value Encoding rules as per
    ... (truncated)

1.16.0-beta.1

The following changes are from the previous release 1.15.3-beta.1.

• NuGet: OpenTelemetry.Exporter.Prometheus.AspNetCore v1.16.0-beta.1

  • Fixed scrape response cache freshness using monotonic time so it is not
    affected by NTP system clock adjustments.
    (#​7253)

  • Breaking Change Removed DisableTimestamp property from
    PrometheusAspNetCoreOptions.
    (#​7176)

  • Fixed the serialization of NaN, PositiveInfinity, and NegativeInfinity
    values in Prometheus metrics to be compliant with the specification.
    (#​7179)

  • Fixed loss of precision when serializing double and float values in
    Prometheus metrics to be compliant with the specification by using 17
    significant digits to represent such values.
    (#​7179)

  • Fix non-ASCII characters in metric names and unit strings not being sanitized
    correctly during Prometheus serialization.
    (#​7184)

  • Fix case where reader tracking could be reset while readers were still active.
    (#​7190)

  • Improve Accept header handling for format negotiation so OpenMetrics is
    selected correctly by considering whitespace and q weights.
    (#​7208)

  • Emit OpenMetrics exemplars for counters and histogram buckets.
    (#​7222)

  • Fix incorrect handling of untyped metrics when using OpenMetrics format.
    (#​7219)

  • Fix Prometheus/OpenMetrics serialization to emit metric and label names
    containing _ instead of dropping them and prefixing leading digits.
    Invalid characters are replaced with _ instead of being dropped.
    (#​7209)

  • Add escaping=underscores to the Accept header handling for content
    negotiation so OpenMetrics are handled correctly.
    (#​7209)

  • Omit histogram _sum and _count in OpenMetrics when negative bucket
    thresholds are present.
    (#​7221)
    ... (truncated)

Commits viewable in compare view.

Updated Swashbuckle.AspNetCore from 10.2.1 to 10.2.2.

Release notes

Sourced from Swashbuckle.AspNetCore's releases.

10.2.2

What's Changed

• Update NuGet packages by @​martincostello in Update NuGet packages domaindrivendev/Swashbuckle.AspNetCore#3990
• Set SOURCE_DATE_EPOCH by @​martincostello in Set SOURCE_DATE_EPOCH domaindrivendev/Swashbuckle.AspNetCore#3997
• Fix InvalidOperationException if no route matches by @​martincostello in Fix InvalidOperationException if no route matches domaindrivendev/Swashbuckle.AspNetCore#3999
• Fix empty parameter example not generated by @​dldl-cmd in Fix empty parameter example not generated domaindrivendev/Swashbuckle.AspNetCore#3932
• Map [MinLength]/[MaxLength] on dictionary properties to minProperties/maxProperties by @​KitKeen in Map [MinLength]/[MaxLength] on dictionary properties to minProperties / maxProperties domaindrivendev/Swashbuckle.AspNetCore#3922
• Fix conflicting required+nullable schema when only NonNullableReferen… by @​KitKeen in Fix conflicting required+nullable schema when only NonNullableReferen… domaindrivendev/Swashbuckle.AspNetCore#3912
• Fix ExposeSwaggerDocumentUrlsRoute behaviour by @​martincostello in Fix ExposeSwaggerDocumentUrlsRoute behaviour domaindrivendev/Swashbuckle.AspNetCore#4000
• Use NUGET_API_KEY by @​martincostello in Use NUGET_API_KEY domaindrivendev/Swashbuckle.AspNetCore#4006

New Contributors

• @​KitKeen made their first contribution in Map [MinLength]/[MaxLength] on dictionary properties to minProperties / maxProperties domaindrivendev/Swashbuckle.AspNetCore#3922

Full Changelog: domaindrivendev/Swashbuckle.AspNetCore@v10.2.1...v10.2.2

Commits viewable in compare view.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 12 package(s) with unknown licenses.

See the Details below.

License Issues

source/AAS.TwinEngine.Plugin.RelationalDatabase/AAS.TwinEngine.Plugin.RelationalDatabase.csproj

Package	Version	License	Issue Type
JsonSchema.Net	9.2.2	Null	Unknown License
Microsoft.Extensions.DependencyInjection	10.0.9	Null	Unknown License
OpenTelemetry	1.16.0	Null	Unknown License
OpenTelemetry.Api	1.16.0	Null	Unknown License
OpenTelemetry.Api.ProviderBuilderExtensions	1.16.0	Null	Unknown License
OpenTelemetry.Exporter.OpenTelemetryProtocol	1.16.0	Null	Unknown License
OpenTelemetry.Extensions.Hosting	1.16.0	Null	Unknown License
Swashbuckle.AspNetCore	10.2.2	Null	Unknown License
Swashbuckle.AspNetCore.Swagger	10.2.2	Null	Unknown License
Swashbuckle.AspNetCore.SwaggerGen	10.2.2	Null	Unknown License
Swashbuckle.AspNetCore.SwaggerUI	10.2.2	Null	Unknown License
Humanizer.Core	3.0.10	Null	Unknown License

Allowed Licenses:

Apache-1.0, Apache-1.1, Apache-2.0, BSL-1.0, BSD-1-Clause, BSD-2-Clause, BSD-2-Clause-FreeBSD, BSD-2-Clause-NetBSD, BSD-3-Clause, BSD-3-Clause-Clear, BSD-3-Clause-No-Nuclear-License, BSD-3-Clause-No-Nuclear-License-2014, BSD-3-Clause-No-Nuclear-Warranty, BSD-3-Clause-Open-MPI, BSD-4-Clause, BSD-Protection, BSD-Source-Code, BSD-3-Clause-Attribution, 0BSD, BSD-2-Clause-Patent, BSD-4-Clause-UC, MIT-CMU, CC-BY-3.0, CC-BY-SA-1.0, CC-BY-SA-2.0, CC-BY-SA-2.5, CC-BY-SA-3.0, CC-BY-SA-4.0, CC0-1.0, WTFPL, MIT-enna, MIT-feh, ISC, JSON, BSD-3-Clause-LBNL, MITNFA, MIT, MIT-0, UPL-1.0, NCSA, X11, Xerox, BlueOak-1.0.0, CC-BY-4.0, MS-PL, PostgreSQL, Python-2.0, SSPL-1.0, OFL-1.1, Unlicense, Unicode-DFS-2016, Unicode-3.0

Excluded from license check:

pkg:nuget/AasCore.Aas3_0, pkg:nuget/AasCore.Aas3.Package

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
nuget/Humanizer.Core	3.0.10	🟢 5.2	Details Check Score Reason Code-Review 🟢 9 Found 27/30 approved changesets -- score normalized to 9 Maintained 🟢 10 30 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 License 🟢 9 license file detected Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected Branch-Protection ⚠️ 3 branch protection is not maximal on development and all release branches Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. SAST 🟢 10 SAST tool is run on all commits
nuget/Json.More.Net	3.0.1	Unknown	Unknown
nuget/JsonPointer.Net	7.0.1	Unknown	Unknown
nuget/JsonSchema.Net	9.2.2	Unknown	Unknown
nuget/Microsoft.Extensions.DependencyInjection	10.0.9	Unknown	Unknown
nuget/OpenTelemetry	1.16.0	🟢 8.3	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 10 30 commit(s) and 23 issue activity found in the last 90 days -- score normalized to 10 Dependency-Update-Tool 🟢 10 update tool detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices 🟢 5 badge detected: Passing Vulnerabilities 🟢 10 0 existing vulnerabilities detected Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection 🟢 5 branch protection is not maximal on development and all release branches Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 10 security policy file detected CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 38 contributing companies or organizations
nuget/OpenTelemetry.Api	1.16.0	🟢 8.3	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 10 30 commit(s) and 23 issue activity found in the last 90 days -- score normalized to 10 Dependency-Update-Tool 🟢 10 update tool detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices 🟢 5 badge detected: Passing Vulnerabilities 🟢 10 0 existing vulnerabilities detected Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection 🟢 5 branch protection is not maximal on development and all release branches Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 10 security policy file detected CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 38 contributing companies or organizations
nuget/OpenTelemetry.Api.ProviderBuilderExtensions	1.16.0	🟢 8.3	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 10 30 commit(s) and 23 issue activity found in the last 90 days -- score normalized to 10 Dependency-Update-Tool 🟢 10 update tool detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices 🟢 5 badge detected: Passing Vulnerabilities 🟢 10 0 existing vulnerabilities detected Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection 🟢 5 branch protection is not maximal on development and all release branches Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 10 security policy file detected CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 38 contributing companies or organizations
nuget/OpenTelemetry.Exporter.OpenTelemetryProtocol	1.16.0	🟢 8.3	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 10 30 commit(s) and 23 issue activity found in the last 90 days -- score normalized to 10 Dependency-Update-Tool 🟢 10 update tool detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices 🟢 5 badge detected: Passing Vulnerabilities 🟢 10 0 existing vulnerabilities detected Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection 🟢 5 branch protection is not maximal on development and all release branches Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 10 security policy file detected CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 38 contributing companies or organizations
nuget/OpenTelemetry.Extensions.Hosting	1.16.0	🟢 8.3	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 10 30 commit(s) and 23 issue activity found in the last 90 days -- score normalized to 10 Dependency-Update-Tool 🟢 10 update tool detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices 🟢 5 badge detected: Passing Vulnerabilities 🟢 10 0 existing vulnerabilities detected Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection 🟢 5 branch protection is not maximal on development and all release branches Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 10 security policy file detected CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 38 contributing companies or organizations
nuget/Swashbuckle.AspNetCore	10.2.2	Unknown	Unknown
nuget/Swashbuckle.AspNetCore.Swagger	10.2.2	Unknown	Unknown
nuget/Swashbuckle.AspNetCore.SwaggerGen	10.2.2	Unknown	Unknown
nuget/Swashbuckle.AspNetCore.SwaggerUI	10.2.2	Unknown	Unknown

Scanned Files

• source/AAS.TwinEngine.Plugin.RelationalDatabase/AAS.TwinEngine.Plugin.RelationalDatabase.csproj

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud