Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the duende group with 2 updates #736

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump the duende group with 2 updates #736

wants to merge 1 commit into from
+1 −1

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 17, 2025
edited
Loading

Bumps the duende group with 2 updates: Duende.IdentityServer and Duende.IdentityServer.Storage.

Updates Duende.IdentityServer from 7.0.8 to 7.1.0

Release notes

Sourced from Duende.IdentityServer's releases.

IdentityServer 7.1.0 is a significant release that includes:

  • .NET 9 support
  • Use of Duende.IdentityModel
  • New license usage helpers
  • Friendly READMEs in the NuGet packages
  • Improved log filtering when HTTP requests are aborted
  • Redaction of the subject token during token exchange
  • Improved extensibility of the ClientConfigurationStore in the Configuration API
  • Several bug fixes
  • Numerous small code quality and performance enhancements from the community

Breaking Changes

There are no schema changes needed for IdentityServer 7.1.0. Small code changes will be required for must users to upgrade.

  • IdentityModel renamed Duende.IdentityModel
  • ClientConfigurationStore now uses IConfigurationDbContext

IdentityModel renamed Duende.IdentityModel

  • Use Duende.IdentityModel 7.0.0 by @​damianh in DuendeSoftware/IdentityServer#1621 Our open source IdentityModel library has been renamed Duende.IdentityModel, and we now depend on Duende.IdentityModel instead of IdentityModel. Duende.IdentityModel is a drop-in replacement for IdentityModel with updated namespaces that include the Duende prefix. If you are using IdentityModel's types in your IdentityServer implementation, you will need to update references from IdentityModel to Duende.IdentityModel (replace "using IdentityModel" with "using Duende.IdentityModel").

ClientConfigurationStore now uses IConfigurationDbContext

  • Use IConfigurationDbContext in ClientConfigurationStore by @​stefannikolei in DuendeSoftware/IdentityServer#1624 The ClientConfigurationStore in the Duende.Configuration.EntityFramework package now depends on IConfigurationDbContext instead of ConfigurationDbContext to allow for customization. If you have a customized store that derives from the default store, you may need to update your constructors. Note that this only affects the Entity Framework based implementation of the configuration store used by the dynamic client registration configuration API.

Enhancements

.NET 9

License Usage Helpers

  • Add new license management services by @​josephdecock in DuendeSoftware/IdentityServer#1637 A LicenseUsageSummary is now available which includes the license edition and clients, issuers, and enterprise or business edition features used. The intent is to make it easier to understand which license is needed.

Other Enhancements

Bug Fixes

  • Fall back to other token types when given incorrect hint during introspection by @​josephdecock in DuendeSoftware/IdentityServer#1607 When an incorrect token_type_hint parameter is passed during introspection we now fall back to find tokens of the other type, in compliance with RFC 7662 Section 2.1.
  • Clean up retired keys even if they are not unprotectable by @​josephdecock in DuendeSoftware/IdentityServer#1608 Retired signing keys will now be deleted by the key manager even if the data protected portion of the key cannot be unprotected.
  • Filter protocol claims from reference tokens by @​josephdecock in DuendeSoftware/IdentityServer#1662 Reference tokens from IdentityServer 4 sometimes contain "protocol" claims, such as iat, which caused a bug where claims were duplicated.

... (truncated)

Commits
  • bb9798e ci(is): Update code signing cert
  • b573785 ci(is) remove monorepo references in build steps for 7.1 release
  • 7d0f52d ci(is): fix tag prefix in workflow
  • 945592f ci(is): use dash instead of slash in tag prefix
  • 757d429 ci(is): add path restrictions to build triggers
  • c0f53f6 ci(is): minver tag prefix
  • 9955acc Merge pull request #1722 from DuendeSoftware/jmdc/align-builds
  • 474e2c6 ci(is): align workflows across branches
  • c9ab4a3 Merge pull request #1720 from DuendeSoftware/jmdc/git-config-for-release
  • c4f1531 ci(is): add 7.1 workflow dispatch
  • Additional commits viewable in compare view

Updates Duende.IdentityServer.Storage from 7.0.8 to 7.1.0

Release notes

Sourced from Duende.IdentityServer.Storage's releases.

IdentityServer 7.1.0 is a significant release that includes:

  • .NET 9 support
  • Use of Duende.IdentityModel
  • New license usage helpers
  • Friendly READMEs in the NuGet packages
  • Improved log filtering when HTTP requests are aborted
  • Redaction of the subject token during token exchange
  • Improved extensibility of the ClientConfigurationStore in the Configuration API
  • Several bug fixes
  • Numerous small code quality and performance enhancements from the community

Breaking Changes

There are no schema changes needed for IdentityServer 7.1.0. Small code changes will be required for must users to upgrade.

  • IdentityModel renamed Duende.IdentityModel
  • ClientConfigurationStore now uses IConfigurationDbContext

IdentityModel renamed Duende.IdentityModel

  • Use Duende.IdentityModel 7.0.0 by @​damianh in DuendeSoftware/IdentityServer#1621 Our open source IdentityModel library has been renamed Duende.IdentityModel, and we now depend on Duende.IdentityModel instead of IdentityModel. Duende.IdentityModel is a drop-in replacement for IdentityModel with updated namespaces that include the Duende prefix. If you are using IdentityModel's types in your IdentityServer implementation, you will need to update references from IdentityModel to Duende.IdentityModel (replace "using IdentityModel" with "using Duende.IdentityModel").

ClientConfigurationStore now uses IConfigurationDbContext

  • Use IConfigurationDbContext in ClientConfigurationStore by @​stefannikolei in DuendeSoftware/IdentityServer#1624 The ClientConfigurationStore in the Duende.Configuration.EntityFramework package now depends on IConfigurationDbContext instead of ConfigurationDbContext to allow for customization. If you have a customized store that derives from the default store, you may need to update your constructors. Note that this only affects the Entity Framework based implementation of the configuration store used by the dynamic client registration configuration API.

Enhancements

.NET 9

License Usage Helpers

  • Add new license management services by @​josephdecock in DuendeSoftware/IdentityServer#1637 A LicenseUsageSummary is now available which includes the license edition and clients, issuers, and enterprise or business edition features used. The intent is to make it easier to understand which license is needed.

Other Enhancements

Bug Fixes

  • Fall back to other token types when given incorrect hint during introspection by @​josephdecock in DuendeSoftware/IdentityServer#1607 When an incorrect token_type_hint parameter is passed during introspection we now fall back to find tokens of the other type, in compliance with RFC 7662 Section 2.1.
  • Clean up retired keys even if they are not unprotectable by @​josephdecock in DuendeSoftware/IdentityServer#1608 Retired signing keys will now be deleted by the key manager even if the data protected portion of the key cannot be unprotected.
  • Filter protocol claims from reference tokens by @​josephdecock in DuendeSoftware/IdentityServer#1662 Reference tokens from IdentityServer 4 sometimes contain "protocol" claims, such as iat, which caused a bug where claims were duplicated.

... (truncated)

Commits
  • bb9798e ci(is): Update code signing cert
  • b573785 ci(is) remove monorepo references in build steps for 7.1 release
  • 7d0f52d ci(is): fix tag prefix in workflow
  • 945592f ci(is): use dash instead of slash in tag prefix
  • 757d429 ci(is): add path restrictions to build triggers
  • c0f53f6 ci(is): minver tag prefix
  • 9955acc Merge pull request #1722 from DuendeSoftware/jmdc/align-builds
  • 474e2c6 ci(is): align workflows across branches
  • c9ab4a3 Merge pull request #1720 from DuendeSoftware/jmdc/git-config-for-release
  • c4f1531 ci(is): add 7.1 workflow dispatch
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the duende group with 2 updates
96a6a07 
Bumps the duende group with 2 updates: [Duende.IdentityServer](https://github.com/DuendeSoftware/products) and [Duende.IdentityServer.Storage](https://github.com/DuendeSoftware/products).


Updates `Duende.IdentityServer` from 7.0.8 to 7.1.0
- [Release notes](https://github.com/DuendeSoftware/products/releases)
- [Commits](DuendeSoftware/products@is/7.0.8...is-7.1.0)

Updates `Duende.IdentityServer.Storage` from 7.0.8 to 7.1.0
- [Release notes](https://github.com/DuendeSoftware/products/releases)
- [Commits](DuendeSoftware/products@is/7.0.8...is-7.1.0)

---
updated-dependencies:
- dependency-name: Duende.IdentityServer
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: duende
- dependency-name: Duende.IdentityServer.Storage
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: duende
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Feb 17, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants