Skip to content

chore(deps): update dotnet-azure-ad-identitymodel-extensions monorepo to 8.19.1#226

Merged
descope[bot] merged 1 commit into
mainfrom
renovate/dotnet-azure-ad-identitymodel-extensions-monorepo
Jun 25, 2026
Merged

chore(deps): update dotnet-azure-ad-identitymodel-extensions monorepo to 8.19.1#226
descope[bot] merged 1 commit into
mainfrom
renovate/dotnet-azure-ad-identitymodel-extensions-monorepo

Conversation

@descope

@descope descope Bot commented Jun 22, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

This PR contains the following updates:

Package Type Update Change OpenSSF
Microsoft.IdentityModel.Protocols.OpenIdConnect nuget minor 8.18.08.19.1 OpenSSF Scorecard
System.IdentityModel.Tokens.Jwt nuget minor 8.18.08.19.1 OpenSSF Scorecard

Release Notes

AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet (Microsoft.IdentityModel.Protocols.OpenIdConnect)

v8.19.1

Compare Source

====

Bug Fixes

  • Update JwtSecurityTokenHandler for IssuerSigningKeyResolverUsingConfiguration to take priority over IssuerSigningKeyResolver, matching the documented contract and the correct behavior already present in JsonWebTokenHandler. See PR #​3519.

v8.19.0

Compare Source

====

New Features

  • Add ML-DSA (FIPS 204) post-quantum signature support. See PR #​3479.
  • Cache custom crypto providers in CryptoProviderFactory. See PR #​3489.

Bug Fixes

  • Disable automatic redirects on default HttpClient for JKU retrieval. See PR #​3494.
  • Adjust rented buffer handling in claim set parsing. See PR #​3493.
  • Tidy null handling in SAML conditions validation. See PR #​3491.
  • Improve validation of jku claim. See PR #​3481.
  • Limit telemetry algorithm dimension cardinality. See PR #​3490.
  • Add defensive copy of collections in ValidationParameters. See PR #​3492.
  • Update TokenValidationParameter copy constructor to make a deep copy. See PR #​3488.
  • Update to fail-closed when replay protection isn't configured and other DPoP hardening. See PR #​3505.
  • Apply RFC 3986 section 6.2.2 normalization to DPoP htu comparison. See PR #​3509.

Configuration

📅 Schedule: (in timezone Asia/Jerusalem)

  • Branch creation
    • At any time (no schedule defined)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate.

@descope descope Bot added the renovate label Jun 22, 2026
@descope descope Bot enabled auto-merge (squash) June 22, 2026 22:25
@descope descope Bot force-pushed the renovate/dotnet-azure-ad-identitymodel-extensions-monorepo branch from a28c293 to 7b1e973 Compare June 23, 2026 16:02
descope-approve[bot]
descope-approve Bot previously approved these changes Jun 23, 2026
View reviewed changes
@descope descope Bot force-pushed the renovate/dotnet-azure-ad-identitymodel-extensions-monorepo branch from 7b1e973 to 5f1d193 Compare June 24, 2026 04:00
@descope descope Bot changed the title chore(deps): update dependency microsoft.identitymodel.protocols.openidconnect to 8.19.0 chore(deps): update dependency microsoft.identitymodel.protocols.openidconnect to 8.19.1 Jun 24, 2026
descope-approve[bot]
descope-approve Bot previously approved these changes Jun 24, 2026
View reviewed changes
@descope descope Bot force-pushed the renovate/dotnet-azure-ad-identitymodel-extensions-monorepo branch from 5f1d193 to b96aeef Compare June 25, 2026 09:08
@descope descope Bot changed the title chore(deps): update dependency microsoft.identitymodel.protocols.openidconnect to 8.19.1 chore(deps): update dotnet-azure-ad-identitymodel-extensions monorepo to 8.19.1 Jun 25, 2026
@descope descope Bot merged commit 4f6a2c5 into main Jun 25, 2026
12 checks passed
@descope descope Bot deleted the renovate/dotnet-azure-ad-identitymodel-extensions-monorepo branch June 25, 2026 09:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@descope-approve descope-approve[bot] descope-approve[bot] approved these changes

Assignees

No one assigned

Labels

renovate

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants