chore(deps): aggregate dependabot dependency updates#1027
Open
gavinbarron wants to merge 16 commits intomainfrom
Open
chore(deps): aggregate dependabot dependency updates#1027gavinbarron wants to merge 16 commits intomainfrom
gavinbarron wants to merge 16 commits intomainfrom
Conversation
Bumps [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) from 2.4.0 to 2.5.0. - [Release notes](https://github.com/dependabot/fetch-metadata/releases) - [Commits](dependabot/fetch-metadata@v2.4.0...v2.5.0) --- updated-dependencies: - dependency-name: dependabot/fetch-metadata dependency-version: 2.5.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
…entityModel.Validators Bumps Microsoft.IdentityModel.Protocols.OpenIdConnect from 8.15.0 to 8.16.0 Bumps Microsoft.IdentityModel.Validators from 8.6.1 to 8.16.0 --- updated-dependencies: - dependency-name: Microsoft.IdentityModel.Protocols.OpenIdConnect dependency-version: 8.16.0 dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: Microsoft.IdentityModel.Validators dependency-version: 8.16.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
--- updated-dependencies: - dependency-name: System.Net.Http.WinHttpHandler dependency-version: 9.0.14 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
--- updated-dependencies: - dependency-name: Microsoft.SourceLink.GitHub dependency-version: 10.0.201 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 2 to 3. - [Release notes](https://github.com/actions/create-github-app-token/releases) - [Commits](actions/create-github-app-token@v2...v3) --- updated-dependencies: - dependency-name: actions/create-github-app-token dependency-version: '3' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps coverlet.collector from 6.0.4 to 8.0.1 Bumps coverlet.msbuild from 6.0.4 to 8.0.1 --- updated-dependencies: - dependency-name: coverlet.collector dependency-version: 8.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: coverlet - dependency-name: coverlet.msbuild dependency-version: 8.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: coverlet ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps Microsoft.Kiota.Abstractions from 1.21.1 to 1.22.1 Bumps Microsoft.Kiota.Authentication.Azure from 1.21.1 to 1.22.1 Bumps Microsoft.Kiota.Http.HttpClientLibrary from 1.21.1 to 1.22.1 Bumps Microsoft.Kiota.Serialization.Form from 1.21.1 to 1.22.1 Bumps Microsoft.Kiota.Serialization.Json from 1.21.1 to 1.22.1 Bumps Microsoft.Kiota.Serialization.Multipart from 1.21.1 to 1.22.1 Bumps Microsoft.Kiota.Serialization.Text from 1.21.1 to 1.22.1 --- updated-dependencies: - dependency-name: Microsoft.Kiota.Abstractions dependency-version: 1.22.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: kiota-dependencies - dependency-name: Microsoft.Kiota.Authentication.Azure dependency-version: 1.22.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: kiota-dependencies - dependency-name: Microsoft.Kiota.Http.HttpClientLibrary dependency-version: 1.22.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: kiota-dependencies - dependency-name: Microsoft.Kiota.Serialization.Form dependency-version: 1.22.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: kiota-dependencies - dependency-name: Microsoft.Kiota.Serialization.Json dependency-version: 1.22.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: kiota-dependencies - dependency-name: Microsoft.Kiota.Serialization.Multipart dependency-version: 1.22.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: kiota-dependencies - dependency-name: Microsoft.Kiota.Serialization.Text dependency-version: 1.22.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: kiota-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>
….Graph.DotnetCore.Core.Test/coverlet-4bb5c90d9e' into chore/aggregate-dependabot-updates
…raph.Core/Microsoft.SourceLink.GitHub-10.0.201' into chore/aggregate-dependabot-updates # Conflicts: # src/Microsoft.Graph.Core/Microsoft.Graph.Core.csproj
…raph.Core/System.Net.Http.WinHttpHandler-9.0.14' into chore/aggregate-dependabot-updates
…raph.Core/multi-0346be7704' into chore/aggregate-dependabot-updates # Conflicts: # src/Microsoft.Graph.Core/Microsoft.Graph.Core.csproj
…s/create-github-app-token-3' into chore/aggregate-dependabot-updates
…abot/fetch-metadata-2.5.0' into chore/aggregate-dependabot-updates
…et462/netstandard2.0)
ramsessanchez
approved these changes
Apr 18, 2026
ramsessanchez
requested changes
Apr 18, 2026
Contributor
ramsessanchez
left a comment
ramsessanchez
left a comment
There was a problem hiding this comment.
Looks like we may need more changes to ensure we target the correct version in tests. Tests failing, errors state it is searching for 8.0.0
coverlet.collector and coverlet.msbuild v8.0.1 only ship build assets for net8.0, causing 'XPlat Code Coverage' data collector not found errors when running tests on the net6.0 test project. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Combines all open Dependabot PRs into a single tested change to reduce merge churn and CI overhead.
NuGet dependency updates
GitHub Actions updates
SourceLink 10.x is incompatible with this project's
net462/netstandard2.0targets (causesSystem.Runtime 8.0.0.0assembly load failures). PR #1022 was closed as incompatible.Supersedes
Closes #1025, closes #1024, closes #1023, closes #1021, closes #1017, closes #1009
Testing
Microsoft Reviewers: Open in CodeFlow