Bump the nuget-dependencies group with 27 updates

[dependabot]

Updated Amazon.CDK.Lib from 2.221.1 to 2.233.0.

Release notes

Sourced from Amazon.CDK.Lib's releases.

2.233.0

⚠ BREAKING CHANGES

CHANGES TO L1 RESOURCES: L1 resources are automatically generated from public CloudFormation Resource Schemas. They are built to closely reflect the real state of CloudFormation. Sometimes these updates can contain changes that are incompatible with previous types, but more accurately reflect reality. In this release we have changed:

aws-ec2: AWS::EC2::EC2Fleet: DefaultTargetCapacityType property is now immutable.
aws-ec2: AWS::EC2::EC2Fleet: TargetCapacityUnitType property is now immutable.

Features

• update L1 CloudFormation resource definitions (#​36390) (a6077a2)
• events-targets: support messageGroupId for standard SQS queues (#​36068) (95d4ed5)
• update L1 CloudFormation resource definitions (#​36367) (e551afe)
• codebuild: add support for macOS 15 runners (#​35836) (1b8b4e3)
• route53-patterns: HttpsRedirect use Distribution as the default CloudFront distribution (under feature flag) (#​34312) (e2987eb), closes #​31546
• update L1 CloudFormation resource definitions (#​36326) (cb82627)
• ec2: add Interface VPC Endpoints for ACM and ACM-PCA (#​35890) (06e6b25)
• route53: support failover routing policy for record sets (#​35909) (9395467), closes #​35910

Bug Fixes

• aws-cdk-lib: make grants factory methods public (#​36317) (7dde625)
• ci: checkout the pr head instead of the default main head (#​36311) (a1cbcf9), closes /github.com/aws/aws-cdk/blob/main/.github/workflows/integration-test-deployment.yml#L39C11-L39C57
• cloudtrail: do not attach s3 bucket permission when orgId is not set for organization trail (#​30778) (61ee074), closes #​30490
• custom-resources: waiter state machine retry fails with ExecutionAlreadyExists (#​35988) (36ea606), closes #​35957
• ecs: removal of canContainersAccessInstanceRole instance role (#​36362) (7395b41)
• pipelines: propagate CodeBuild fleet and certificate (#​35673) (71cfd60), closes #​35664
• region-info: standalone use of @​aws-cdk/region-info throws an Cannot find module 'aws-cdk-lib/core/lib/errors' error (#​36414) (01c7d2e), closes #​36399
• ci fix for spec updater workflow (#​36364) (a0b42cc)
• re-export of ResourceEnvironment is not an alias (#​36370) (ba8e194)

---

Alpha modules (2.233.0-alpha.0)

⚠ BREAKING CHANGES

• bedrock-agentcore-alpha: Runtime constructs will no longer automatically include lifecycleConfiguration with default values when not explicitly specified by users.
• elasticache-alpha: The engine property in NoPasswordUserProps has been removed.

Bug Fixes

• bedrock-agentcore-alpha: runtime construct incorrectly forces default lifecycleConfiguration values (#​36379) (7954354), closes #​36376
• elasticache-alpha: the default engine for NoPasswordUser contradict in the docs (#​35920) (495fa37), closes #​35847
• mixins-preview: improving delivery source and delivery destination creation (#​36314) (86092ab)

2.232.2

Bug Fixes

• re-export of ResourceEnvironment is not an alias (#​36370) (6178d32)

---

Alpha modules (2.232.2-alpha.0)

2.232.1

Bug Fixes

• core: TypeScript properties missing for types which extend internal interfaces (#​36313) (3e7e17c), closes #​36310

---

Alpha modules (2.232.1-alpha.0)

2.232.0

Features

• update L1 CloudFormation resource definitions (#​36299) (0945692)
• bedrock-agentcore: add fromImageUri method to AgentRuntimeArtifact (#​36263) (ad25aba)
• lambda: add support for durable functions (#​36282) (599a1d3)
• update L1 CloudFormation resource definitions (#​36277) (c4fa99b)

Bug Fixes

• core: temp cleanup does not work with jest (#​36238) (1f4a224), closes #​36226

---

Alpha modules (2.232.0-alpha.0)

Bug Fixes

• bedrock-agentcore-alpha: use static construct ID for asset-based runtime artifacts (#​36241) (e2bdddd), closes #​35968
• mixins-preview: service exports are different then in aws-cdk-lib (#​36201) (5858006), closes #​36210
• mixins-preview: strongly-typed ConstructSelector interface (#​36266) (1d2f473)

2.231.0

Features

• lambda: support for capacity providers (#​36255) (2e4c1cf)
• update L1 CloudFormation resource definitions (#​36253) (8410b13)
• aws-cdk-lib: add arnFor<ResourceName> for 47 more resources (#​36231) (5a8be4f)
• aws-cdk-lib: all L1s now have a isCfn<ResourceName> static helper to check if a value is this L1 resource (#​36243) (dc9db9b)
• ec2: expose EC2 instance MetadataOptions (#​35369) (4056e14), closes #​35357

Bug Fixes

• dynamodb: unsupported actions added to table resource policy (#​36228) (10de047), closes #​32230

---

Alpha modules (2.231.0-alpha.0)

Features

• glue-alpha: support Glue Version 5.1 (#​36223) (b956492)
• imagebuilder-alpha: add support for Image Construct (#​36154) (eee3ae6), closes aws/aws-cdk-rfcs#​789 aws/aws-cdk-rfcs#​789

2.230.0

Features

• apigateway: support response streaming with response transfer mode (#​36155) (f431021), closes #​36156
• update L1 CloudFormation resource definitions (f203b8e)
• update L1 CloudFormation resource definitions (#​36193) (d074024)
• events: the L2 EventPattern interfaces can be used with CfnRule (#​36191) (efc135e)
• update L1 CloudFormation resource definitions (#​36180) (5cddd7e)

Bug Fixes

• ecs: wrong ARN generated in Cluster.grantTaskProtection method (#​36207) (9b337df)
• ecs-patterns: target group ID changes without setting feature flag (#​36199) (b7ca082), closes #​36149
• scheduler: wrong ARN generated in ScheduleGroup.grant* methods (#​36175) (eae8838)

---

Alpha modules (2.230.0-alpha.0)

Features

• bedrock-agentcore-alpha: update resources on grantInvokeXXX for runtime (#​35864) (5dad62f)
• imagebuilder-alpha: add support for Image Pipeline Construct (#​36153) (d8c324a), closes aws/aws-cdk-rfcs#​789 aws/aws-cdk-rfcs#​789
• imagebuilder-alpha: add support for Lifecycle Policy Construct (#​36152) (7e31eb6), closes aws/aws-cdk-rfcs#​789 aws/aws-cdk-rfcs#​789
• mixins-preview: adds LogDelivery Mixins for 47 resources (#​36158) (6607ce9)
• mixins-preview: vended log deliveries (#​36138) (69442a8)
• mixins-preview: helpers to generate EventBridge event patterns for 26 services (#​36121) (073185d)

Bug Fixes

• mixins-preview: AutoDeleteObjects mixin fails with cannot find file error (#​36188) (3ef337d), closes aws-cdk/mixins-preview/lib/custom-resource-handlers/aws-s3/auto-delete-objects-provider.ts#L21
• mixins-preview: ResourcePolicy with this name already exists error when setting up LogDelivery (#​36195) (f9aa31d)
• mixins-preview: cannot use string literal types for S3LogsDeliveryProps.permissionsVersion (#​36197) (cc491df)

2.229.1

Bug Fixes

• scheduler: wrong ARN generated in ScheduleGroup.grant* methods (#​36175) (ca9fbdd)

---

Alpha modules (2.229.1-alpha.0)

2.229.0

Features

• agentcore: add new properties for runtime, browser (#​36003) (439495f)
• route53: add HostedZoneGrants (#​36109) (d24305c)

Bug Fixes

• stepfunctions: allow multiline jsonata strings (#​35985) (8805e13), closes #​35912 #​35912

---

Alpha modules (2.229.0-alpha.0)

Features

• imagebuilder-alpha: add support for Container Recipe Construct (#​36091) (875e0e7), closes aws/aws-cdk-rfcs#​789 aws/aws-cdk-rfcs#​789
• imagebuilder-alpha: add support for Image Recipe Construct (#​36092) (4361f8b), closes aws/aws-cdk-rfcs#​789 aws/aws-cdk-rfcs#​789
• imagebuilder-alpha: add support for Workflow Construct (#​36007) (616d32a), closes aws/aws-cdk-rfcs#​789 aws/aws-cdk-rfcs#​789
• mixins-preview: developer preview of CDK Mixins (#​36136) (0c6ee1d)

Bug Fixes

• bedrock-agentcore-alpha: empty submodule accidentally exposed and runtime validation fix (#​36148) (72d3e6f)

2.228.0

Features

• lambda: add new lambda/kafka esm properties and on failure desitination (65f9c35)

Bug Fixes

• cloudformation-include: TypeError when including template with intrinsic functions (#​36157) (f2a384b), closes #​36140 #​35838

---

Alpha modules (2.228.0-alpha.0)

2.227.0

CHANGES TO L1 RESOURCES: L1 resources are automatically generated from public CloudFormation Resource Schemas. They are built to closely reflect the real state of CloudFormation. Sometimes these updates can contain changes that are incompatible with previous types, but more accurately reflect reality. In this release we have changed:

• aws-backup: AWS::Backup::LogicallyAirGappedBackupVault: EncryptionKeyArn attribute removed.

Features

• stepfunctions: add StateMachineGrants (#​36094) (59ef00d)
• update L1 CloudFormation resource definitions (#​36122) (51d805e)
• core: cfn constructs (L1s) can now accept constructs as parameters for known resource relationships (#​35838) (6be7b4b)
• factory methods for Grants made public (#​36123) (f9a894f)
• dynamodb: add TableGrants and StreamGrants (#​36093) (d0b074a)
• rds: support instance and iam-db-auth-error CloudWatch log exports (#​35058) (e71a8b1), closes #​35018
• s3: add BucketGrants (#​36102) (5891172)
• grants are now available through a separate class (#​35782) (21fd959)

---

Alpha modules (2.227.0-alpha.0)

Features

• bedrock-agentcore-alpha: agentcore gateway L2 construct (#​35771) (07c4a0d)
• imagebuilder-alpha: add support for Component Construct (#​36107) (93a76e4), closes #​36006 #​36104
• imagebuilder-alpha: add support for Distribution Configuration Construct (#​36108) (6051039), closes #​36005

Bug Fixes

• bedrock-agentcore-alpha: fix unexpected validation error when properties are Token (#​35978) (084b736)

2.226.0

Features

• dynamodb: compound keys for global secondary indexes (046b06d)
• lambda: add multi-tenancy support with TenancyConfig (5f384db)

---

Alpha modules (2.226.0-alpha.0)

2.225.0

⚠ BREAKING CHANGES

• ** L1 resources are automatically generated from public CloudFormation Resource Schemas. They are built to closely reflect the real state of CloudFormation. Sometimes these updates can contain changes that are incompatible with previous types, but more accurately reflect reality. In this release we have changed:

  • aws-dynamodb: AWS::DynamoDB::GlobalTable: ResourcePolicy property is now required.

Features

• update L1 CloudFormation resource definitions (#​36082) (3df1d81)
• custom-resource: add External ID support for AwsCustomResource (#​35252) (9f6c02b), closes #​34018
• route53: support restricting delegated zone names when using grantDelegation (#​35129) (d832aca)

Bug Fixes

• aws-cdk-lib: temporary Cloud Assemblies are not cleaned up (#​36043) (1ace1ef), closes #​802
• cognito: remove overly strict validation for threat protection on non-PLUS plans (#​36027) (172c65f), closes #​36023
• s3-deployment: Source.jsonData() fails with null JSON values (#​36054) (67b85f2), closes #​36052

Reverts

• (dynamodb) revert Table.table field to private to fix .NET naming (#​36029) (d84fce8), closes #​36025 #​35554

---

Alpha modules (2.225.0-alpha.0)

2.224.0

⚠ BREAKING CHANGES

• aws-cdk-lib: Reference interfaces (such as IBucketRef, IRoleRef, etc.) were moved to a new aws-cdk-lib.interfaces submodule to prevent cyclic dependencies between service modules. If you are importing reference interfaces, you have to update import statements accordingly. See #​36060 for full details.
• Amazon.CDK.Lib (.NET): The .NET namespace for multiple submodules has changed. If you are using any of the renamed submodules, you have to update using statements for these submodules. See #​36037 for full details.
• L1 resources are automatically generated from public CloudFormation Resource Schemas. They are built to closely reflect the real state of CloudFormation. Sometimes these updates can contain changes that are incompatible with previous types, but more accurately reflect reality. In this release we have changed:

aws-opensearchserverless: AWS::OpenSearchServerless::Collection: StandbyReplicas property is now immutable.
aws-servicecatalog: AWS::ServiceCatalog::PortfolioPrincipalAssociation: Id attribute removed.

Features

• apigateway: add option for consolidating lambda permissions for rest and http lambda integrations (#​36021) (35f8e46), closes #​9327 #​19535 #​35705
• update L1 CloudFormation resource definitions (#​35994) (47a9a20)
• core: add methods to SecretValue and aws-secretsmanager Secret to obtain a literal (unresolved by CloudFormation) dynamic reference key (#​34397) (#​35105) (457aa99), closes /github.com/aws/aws-cdk/blob/main/packages/aws-cdk-lib/core/lib/secret-value.ts#L98C17-L98C31 /github.com/aws/aws-cdk/blob/main/packages/aws-cdk-lib/aws-secretsmanager/lib/secret.ts#L499
• eks: add support for Kubernetes version 1.34 (#​36016) (60096ac), closes #​35717
• lambda: add nodejs24.x runtime for Lambda (#​36001) (404bf1a)
• sagemaker: add support for serverless inference endpoints (#​35557) (3f5c5ac), closes #​23148 #​23148
• stepfunctions-tasks: add architecture support to EvaluateExpression (#​35468) (771ea13), closes #​34974

Bug Fixes

• aws-cdk-lib: move reference interfaces to their own submodules (#​35971) (1e4dfe6)
• aws-cdk-lib: multiple submodules use an incorrect namespace for .NET (#​36002) (e48e584)
• dynamodb: resolve circular dependency with AccountRootPrincipal grants (#​35983) (24d2adf), closes #​35967
• ecs: allow empty placementStrategies on EC2Service (#​35580) (0d773b1), closes #​30382 /github.com/aws/aws-cdk/pull/27572#issuecomment-1766287866

---

Alpha modules (2.224.0-alpha.0)

Features

• imagebuilder-alpha: add support for EC2 Image Builder L2 Constructs - Infrastructure Configuration (#​35882) (db1d964), closes aws/aws-cdk-rfcs#​789 aws/aws-cdk-rfcs#​789

2.223.0

⚠ BREAKING CHANGES

L1 resources are automatically generated from public CloudFormation Resource Schemas. They are built to closely reflect the real state of CloudFormation. Sometimes these updates can contain changes that are incompatible with previous types, but more accurately reflect reality. In this release we have changed:

• aws-dynamodb: AWS::DynamoDB::GlobalTable: GlobalTableSettingsReplicationMode property removed.
• aws-dynamodb: AWS::DynamoDB::GlobalTable: GlobalTableSourceArn property removed.
• aws-dynamodb: AWS::DynamoDB::Table: GlobalTableSettingsReplicationMode property removed.
• aws-events: AWS::Events::EventBusPolicy: Id attribute removed.

Features

• update L1 CloudFormation resource definitions (#​35926) (3f4d585)
• ec2: support for Cloud Wan Core Network routes (#​35008) (fba027b)
• s3-deployment: support securityGroups in BucketDeploymentProps (#​33233) (f2a3166), closes #​33229

Bug Fixes

• stepfunctions: DistributedMap ResultWriter correct query language selection (#​35834) (75b8ead), closes #​35403
• onEvent function to pass all the options to rule resource (#​35829) (3d7023d)

---

Alpha modules (2.223.0-alpha.0)

2.222.0

⚠ BREAKING CHANGES

• bedrock-agentcore: The signature of RuntimeAuthorizerConfiguration.usingCognito() has changed to accept IUserPool and IUserPoolClient constructs instead of string parameters, and now supports multiple clients.

Features

• apigateway: add binaryMediaTypes property to SpecRestApi (#​35502) (bf10d94), closes #​35498
• apigatewayv2: WebSocketStage support accessLogSettings (#​34766) (dad112e), closes #​21935
• bedrock-agentcore: use IUserPool and IUserPoolClient interfaces instead of string identifiers (#​35860) (a38afc9), closes #​35854
• core: IEnvironmentAware interface to retrieve a construct's environment (#​35817) (8ee5d4b)
• elasticloadbalancingv2: create security group settings for NLB by default (under feature flag) (#​34675) (ff83cfd), closes #​34606 /github.com/aws/aws-cdk/issues/34606#issuecomment-2931313249
• events-targets: support Amazon Data Firehose target using Firehose's IDeliveryStream (#​33798) (a374b6b), closes #​33757 #​33758
• kinesisfirehose: add built-in data processors to decompress CloudWatch logs and extract messages (#​33749) (5dec21e), closes #​33691 #​20242 /github.com/aws/aws-cdk/issues/33691#issuecomment-2713012245
• lambda: add Java25 runtime for Lambda (#​35867) (db71fac)
• lambda: add Python 3.14 runtime for Lambda (#​35869) (ebef303)
• memory: add agentcore memory l2 construct (#​35757) (6a2e17e)
• msk: support Express brokers (#​34741) (0a69e5f), closes #​32923

Bug Fixes

• agentcore: addToRolePolicy for runtime with imported role destroys and recreates policies on every deployment (#​35842) (92525e4), closes #​35844 40aws-cdk/aws-bedrock-agentcore-alpha/agentcore/runtime/runtime-base.ts#L253
• agentcore: custom execution role policy for runtime lacks proper permissions (#​35849) (ee94b63), closes #​35852 40aws-cdk/aws-bedrock-agentcore-alpha/agentcore/runtime/runtime-artifact.ts#L65 40aws-cdk/aws-bedrock-agentcore-alpha/agentcore/runtime/runtime.ts#L252-L259 /github.com/aws/aws-cdk/blob/v2.221.0/packages/aws-cdk-lib/aws-codepipeline/lib/pipeline.ts#L693 /github.com/aws/aws-cdk/blob/v2.221.0/packages/aws-cdk-lib/aws-lambda/lib/function.ts#L1468 /github.com/aws/aws-cdk/blob/v2.221.0/packages/aws-cdk-lib/aws-ecs/lib/base/base-service.ts#L1161
• dynamodb: addToResourcePolicy has no effect (#​35554) (94d7e34), closes #​35062
• ecs: remove empty CfnClusterCapacityProviderAssociations resource (#​35783) (c8a131b), closes #​35699 #​35742
• iam: cannot grant lambda:InvokeFunction on ManagedPolicy or Policy via grantInvoke() method (#​32984) (a07d75a), closes #​32980 /github.com/aws/aws-cdk/pull/32984#pullrequestreview-2863553504
• compilation failure in Go (#​35871) (5e4f603), closes aws/aws-cdk#​35770 #​35862
• ec2: remove PassRole policy emitted by cloudwatch vpc flow destination (#​35762) (c4b80df), closes #​35729

---

Alpha modules (2.222.0-alpha.0)

Features

• eks-v2-alpha: eks-v2-alpha is now in developer preview (#​35801) (32afc0f)

Bug Fixes

• bedrock-alpha: apply permission dependency to existing and non-existing roles (#​35123) (b39ccf3), closes #​35120
• eks-v2-alpha: remove hyphen from Go package name (#​35927) (2cdfc8a)

Commits viewable in compare view.

Updated Amazon.Lambda.Annotations from 1.7.0 to 1.8.0.

Release notes

Sourced from Amazon.Lambda.Annotations's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Amazon.Lambda.APIGatewayEvents from 2.7.1 to 2.7.3.

Release notes

Sourced from Amazon.Lambda.APIGatewayEvents's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Amazon.Lambda.Core from 2.7.1 to 2.8.0.

Release notes

Sourced from Amazon.Lambda.Core's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Asp.Versioning.Http from 8.1.0 to 8.1.1.

Release notes

Sourced from Asp.Versioning.Http's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Asp.Versioning.Mvc.ApiExplorer from 8.1.0 to 8.1.1.

Release notes

Sourced from Asp.Versioning.Mvc.ApiExplorer's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Aspire.Hosting.Testing from 9.5.2 to 13.1.0.

Release notes

Sourced from Aspire.Hosting.Testing's releases.

13.1.0

We are excited to share that our 13.1.0 release of Aspire has shipped! All of the packages are available in NuGet.org now. Head over to https://aspire.dev/whats-new/aspire-13-1/ to find what's new in 13.1.0!

What's Changed

• Target net10.0 in client integrations by @​eerhardt in Target net10.0 in client integrations dotnet/aspire#12500
• Fix DockerComposeEnvironment duplicating image names in .env file by @​Copilot in Fix DockerComposeEnvironment duplicating image names in .env file dotnet/aspire#12310
• Replace apt-get with npm for Azure Functions Core Tools installation by @​Copilot in Replace apt-get with npm for Azure Functions Core Tools installation dotnet/aspire#12537
• Improve flaky dashboard integration test by @​JamesNK in Improve flaky dashboard integration test dotnet/aspire#12534
• Add README.md for the Aspire.Hosting.Azure.AppService package by @​ShilpiRach in Add README.md for the Aspire.Hosting.Azure.AppService package dotnet/aspire#12528
• Add support to enable automatic scaling for App Service Environment by @​ShilpiRach in Add support to enable automatic scaling for App Service Environment dotnet/aspire#12305
• Update to FluentUI 4.13.1 by @​JamesNK in Update to FluentUI 4.13.1 dotnet/aspire#12532
• Skip playground projects in build-packages workflow by @​Copilot in Skip playground projects in build-packages workflow dotnet/aspire#12547
• Allow HostUrl to remap both address and port by @​danegsta in Allow HostUrl to remap both address and port dotnet/aspire#12521
• Refactor NodeJs Integration by @​eerhardt in Refactor NodeJs Integration dotnet/aspire#12530
• Fix MCP endpoint with redirect HTTPS by @​JamesNK in Fix MCP endpoint with redirect HTTPS dotnet/aspire#12556
• [main] Update dependencies from microsoft/usvc-apiserver by @​dotnet-maestro[bot] in [main] Update dependencies from microsoft/usvc-apiserver dotnet/aspire#12540
• Refactor AddNodeApp by @​eerhardt in Refactor AddNodeApp dotnet/aspire#12538
• Update Aspire branding from 13.0 to 13.1 by @​Copilot in Update Aspire branding from 13.0 to 13.1 dotnet/aspire#12527
• Add annotation to specify custom base images for generated Dockerfiles by @​Copilot in Add annotation to specify custom base images for generated Dockerfiles dotnet/aspire#12566
• Fix generating random MCP endpoint URL in templates by @​JamesNK in Fix generating random MCP endpoint URL in templates dotnet/aspire#12558
• [CI] Add new Agent for disabling or quarantining tests by @​radical in [CI] Add new Agent for disabling or quarantining tests dotnet/aspire#12570
• Add ExcludeFromMcp() resource extension by @​JamesNK in Add ExcludeFromMcp() resource extension dotnet/aspire#12515
• Localized file check-in by OneLocBuild Task: Build definition ID 1309: Build ID 2828818 by @​dotnet-bot in Localized file check-in by OneLocBuild Task: Build definition ID 1309: Build ID 2828818 dotnet/aspire#12546
• Register IPipelineOutputService in DI for pipeline output directory management by @​Copilot in Register IPipelineOutputService in DI for pipeline output directory management dotnet/aspire#12563
• Add deploy support for Docker Compose by @​captainsafia in Add deploy support for Docker Compose dotnet/aspire#12548
• Quarantine flaky test: AzureServiceBusEmulatorResourceGeneratesConfigJsonWithCustomizations by @​Copilot in Quarantine flaky test: AzureServiceBusEmulatorResourceGeneratesConfigJsonWithCustomizations dotnet/aspire#12578
• Update connection properties for non-Azure resources by @​sebastienros in Update connection properties for non-Azure resources dotnet/aspire#12583
• Filter to highest package version per channel in aspire add command by @​Copilot in Filter to highest package version per channel in aspire add command dotnet/aspire#12553
• Log DCP messages at Debug/Trace level in AppHost by @​Copilot in Log DCP messages at Debug/Trace level in AppHost dotnet/aspire#12533
• Add CLI self-update prompts to aspire update command by @​Copilot in Add CLI self-update prompts to aspire update command dotnet/aspire#12395
• Fix golang and alpine images. by @​mitchdenny in Fix golang and alpine images. dotnet/aspire#12592
• Replace ContainerTargetPlatform.AllLinux with LinuxAmd64 by @​Copilot in Replace ContainerTargetPlatform.AllLinux with LinuxAmd64 dotnet/aspire#12596
• [main] Update dependencies from microsoft/usvc-apiserver by @​dotnet-maestro[bot] in [main] Update dependencies from microsoft/usvc-apiserver dotnet/aspire#12610
• Make IReportingStep and IReportingTask completion idempotent by @​Copilot in Make IReportingStep and IReportingTask completion idempotent dotnet/aspire#12602
• Show --log-level debug hint when pipeline fails by @​Copilot in Show --log-level debug hint when pipeline fails dotnet/aspire#12603
• [main] Update dependencies from dotnet/arcade by @​dotnet-maestro[bot] in [main] Update dependencies from dotnet/arcade dotnet/aspire#12622
• Rename app.py to main.py in template by @​eerhardt in Rename app.py to main.py in template dotnet/aspire#12628
• bump extension version by @​adamint in bump extension version dotnet/aspire#12623
• don't build apphost in cli when running in extension by @​adamint in don't build apphost in cli when running in extension dotnet/aspire#12621
• Detect which version of yarn is being used by @​eerhardt in Detect which version of yarn is being used dotnet/aspire#12633
• Fix duplicate key exception when using WithExplicitStart() on resources with environment callbacks by @​Copilot in Fix duplicate key exception when using WithExplicitStart() on resources with environment callbacks dotnet/aspire#12604
• Support AddCSharpApp, fix some rough edges around project resources by @​adamint in Support AddCSharpApp, fix some rough edges around project resources dotnet/aspire#12568
• Add missing namespace to CertificateAuthorityCollectionResource by @​danegsta in Add missing namespace to CertificateAuthorityCollectionResource dotnet/aspire#12639
• Add ModelContextProtocol assemblies to signing list by @​joperezr in Add ModelContextProtocol assemblies to signing list dotnet/aspire#12637
• Generate fallback Dockerfile for Python apps without UV by @​Copilot in Generate fallback Dockerfile for Python apps without UV dotnet/aspire#12627
• Update/bump container image tags for hosting components by @​joperezr in Update/bump container image tags for hosting components dotnet/aspire#12459
• Mark IDeveloperCertificateService experimental by @​danegsta in Mark IDeveloperCertificateService experimental dotnet/aspire#12648
• Wait with exponential backoff for expected Executables by @​karolz-ms in Wait with exponential backoff for expected Executables dotnet/aspire#12647
• Make ProcessCertificateTrustConfigAsync internal by @​danegsta in Make ProcessCertificateTrustConfigAsync internal dotnet/aspire#12649
• Add test cases and ensure container cert override paths work by @​danegsta in Add test cases and ensure container cert override paths work dotnet/aspire#12654
• Python hosting: Support .venv lookup by walking up parent directories by @​Copilot in Python hosting: Support .venv lookup by walking up parent directories dotnet/aspire#12616
  ... (truncated)

13.0.2

This patch is updating our Project Templates for our Python starter app to ensure we depend on the latest version of React. This is out of an abundance of caution, as we don't depend on any of the react packages that were flagged as vulnerable in GHSA-fv66-9v8q-g76r.

What's Changed

• Bump patch version from 13.0.1 to 13.0.2 by @​Copilot in Bump patch version from 13.0.1 to 13.0.2 dotnet/aspire#13324
• Update React and ReactDOM to version 19.2.1 across all projects by @​joperezr in Update React and ReactDOM to version 19.2.1 across all projects dotnet/aspire#13325

Full Changelog: dotnet/aspire@v13.0.1...v13.0.2

13.0.1

What's Changed

• Merge internal changes by @​joperezr in Merge internal changes dotnet/aspire#12896
• [release/13.0] Fix Azure roles resources always redeploying by @​github-actions[bot] in [release/13.0] Fix Azure roles resources always redeploying dotnet/aspire#12903
• [release/13.0] Remove .py and .js files from being signed (#​13005) by @​eerhardt in [release/13.0] Remove .py and .js files from being signed (#13005) dotnet/aspire#13032
• [release/13.0] Fix subscription ID not being disabled on Azure provisioning dialog by @​github-actions[bot] in [release/13.0] Fix subscription ID not being disabled on Azure provisioning dialog dotnet/aspire#12913
• [release/13.0] Default OpenAISettings.EnableSensitiveTelemetryData to TelemetryHelpers.EnableSensitiveDataDefault by @​github-actions[bot] in [release/13.0] Default OpenAISettings.EnableSensitiveTelemetryData to TelemetryHelpers.EnableSensitiveDataDefault dotnet/aspire#13017
• Bump patch version from 13.0.0 to 13.0.1 by @​Copilot in Bump patch version from 13.0.0 to 13.0.1 dotnet/aspire#13167
• [release/13.0] EndpointReference evaluation should wait on missing AllocatedEndpoint (#​13074) by @​karolz-ms in [release/13.0] EndpointReference evaluation should wait on missing AllocatedEndpoint (#13074) dotnet/aspire#13076
• [release/13.0] Update to Npgsql 10 by @​github-actions[bot] in [release/13.0] Update to Npgsql 10 dotnet/aspire#13166
• [release/13.0] Update dependencies from microsoft/usvc-apiserver by @​danegsta in [release/13.0] Update dependencies from microsoft/usvc-apiserver dotnet/aspire#13187

Full Changelog: dotnet/aspire@v13.0.0...v13.0.1

13.0.0

We are excited to share that our 13.0.0 release of Aspire has shipped! All of the packages are available in NuGet.org now. Head over to https://aspire.dev/whats-new/aspire-13/ to find what's new in 13.0.0!

New Contributors

• @​jomaxso made their first contribution in Add WithChildRelationship methods for parent-child relationships dotnet/aspire#11840
• @​jguadagno made their first contribution in Queue document update dotnet/aspire#11876
• @​foxminchan made their first contribution in Update Qdrant logo image to a new version dotnet/aspire#11700
• @​yreynhout made their first contribution in Support for .fsproj, .vbproj project files next to .csproj dotnet/aspire#12087

Full Changelog: dotnet/aspire@v9.5.0...v13.0.0

Commits viewable in compare view.

Updated AWS.Lambda.Powertools.Logging from 3.0.1 to 3.0.2.

Release notes

Sourced from AWS.Lambda.Powertools.Logging's releases.

3.0.2

Summary

In this release we fixed a bug that caused correlation ids not to be captured due to case sensitive string matching. We also added a new API to get the correlation id from the Logging utility

Changes

Correlation ID extraction improvements

Enhanced the CaptureCorrelationId method to try multiple strategies for extracting the correlation ID: first by exact (case-sensitive) match, then by output case transformation, and finally by case-insensitive search. This makes correlation ID retrieval more reliable across various event shapes.

Public API enhancements

| Docs

• Added a static CorrelationId property to the Logger class, allowing easy access to the current correlation ID from log context.
• Introduced a new GetCorrelationId extension method for ILogger, providing a convenient way to access the correlation ID from any logger instance.

Bugs

• chore: Fix correlationid case insensitive (#​1049) by @​hjgraca

🔧 Maintenance

• chore: Bump version from 3.0.1 to 3.0.2 (#​1056) by @​hjgraca
• chore(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0 (#​1052) by @dependabot[bot]
• chore(deps): bump actions/download-artifact from 5.0.0 to 6.0.0 (#​1051) by @dependabot[bot]
• chore(deps): bump github/codeql-action from 4.30.9 to 4.31.0 (#​1050) by @dependabot[bot]

This release was made possible by the following contributors:

@​dependabot[bot], @​hjgraca and dependabot[bot]

Commits viewable in compare view.

Updated AWSSDK.DynamoDBv2 from 4.0.9.3 to 4.0.10.5.

Release notes

Sourced from AWSSDK.DynamoDBv2's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated AWSSDK.DynamoDBv2 from 4.0.9.4 to 4.0.10.5.

Release notes

Sourced from AWSSDK.DynamoDBv2's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated AWSSDK.EventBridge from 4.0.5.2 to 4.0.5.10.

Release notes

Sourced from AWSSDK.EventBridge's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated AWSSDK.EventBridge from 4.0.5.7 to 4.0.5.10.

Release notes

Sourced from AWSSDK.EventBridge's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated AWSSDK.SimpleNotificationService from 4.0.1.1 to 4.0.2.10.

Release notes

Sourced from AWSSDK.SimpleNotificationService's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated AWSSDK.SimpleSystemsManagement from 4.0.3.1 to 4.0.6.7.

Release notes

Sourced from AWSSDK.SimpleSystemsManagement's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated AWSSDK.SimpleSystemsManagement from 4.0.6.4 to 4.0.6.7.

Release notes

Sourced from AWSSDK.SimpleSystemsManagement's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated AWSSDK.StepFunctions from 4.0.0.23 to 4.0.2.4.

Release notes

Sourced from AWSSDK.StepFunctions's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Constructs from 10.4.2 to 10.4.4.

Release notes

Sourced from Constructs's releases.

10.4.4

10.4.4 (2025-12-11)

Bug Fixes

• python: only allow Typeguard 2.x (#​2831) (04ca69c)

10.4.3

10.4.3 (2025-11-06)

Bug Fixes

• deps: upgrade to jsii & typescript 5.9 (#​2823) (02796b2)

Commits viewable in compare view.

Updated Datadog.Trace from 3.22.0 to 3.34.0.

Release notes

Sourced from Datadog.Trace's releases.

3.34.0

Summary

• [Tracing] Fix missing traces when using .NET Core 2.1 (#​7955)
• [Tracing] Don't inject into EventBridge when injection is disabled (#​7919)
• [Tracing] Bug fix for missing traces with some HotChocolate and Grpc integrations

Changes

Tracer

• Don't use global statics where possible (#​7939)
• Don't use System.Runtime.CompilerServices.Unsafe in .NET Core 2.1 (#​7955)

Continuous Profiler

• [profiler] Refactor linux unwinder and remove unused one (#​7917)

Fixes

• Fix System.InvalidCastException in Grpc during Header Removal (#​7975)
• Fix HotChocolate duck typing error (#​7930)
• Restore null scope check to stop EventBridge injection (#​7919)
• fix(DSM): Fix race condition on DataStreamsWriter disposal (#​7968)

Miscellaneous

• [Profiler/Tracer] Bump to libdatadog v24.0.2 (#​7560)
• bump libdatadog version to v25 (#​7971)
• Downgrade DSM flush shutdown log from Error to Warning (#​7984)
• fix bug where process tags were never initialized for telemetry (#​7954)

Build / Test

• Add some documentation on updating Windows GitLab image for CI (#​7782)
• [Test Package Versions Bump] Updating package versions (#​7942)
• Update microbenchmarks to enable standard BP PR comments (#​7952)
• Pre-cache reference assemblies as package references in analyzers tests (#​7959)
• Add PR-level performance quality gates (#​7967)
• [Github] Add permission for the apm-sdks-benchmarks repo (#​7972)
• Fix sealed analyzer, and fix regressions (#​7973)
• Bump memory limit slightly (#​7977)
• [Test Package Versions Bump] Updating package versions (#​7983)

Changes since 3.33.0

3.33.0

[!WARNING]
Version 3.33.0 includes a bug for those running .NET Core 2.1 resulting in missing Traces. If you are affected, please update your library to version 3.34.0 or above.

Summary

• Hangfire Auto Instrumentation (#​6904)
• Add support for npgsql 10 (#​7855)
• Add support for RedisServiceStack v10 (#​7903)
• [Debugger-Test Optimization] Add agent-less support to ER (#​7859)
• Implement Serverless Service Representation (SSR) in AWS Lambda (#​7850)
• Add Defender processes to exclusion list (#​7925)
• Fixing DSM flush logic & CPU usage (#​7827)

Changes

Tracer

• [Dynamic Instrumentation] Fixed race condition with ProbeStatusPoller dispose (#​6409)
• Create SettingsManager for managing mutable settings and ExporterSettings (#​7695)
• Remove properties from TracerSettings which can change at runtime (#​7723)
• Stop using Tracer.Instance if we don't need to (#​7744)
• Fixing DSM flush logic & CPU usage (#​7827)
• Restructure RuntimeMetricsWriter for .NET Framework to fix StackOverflowException (#​7830)
• Update documentation to account for MutableSettings (#​7867)
• Nit: cache is ready state for profiler in ProfilerStatus (#​7873)
• Reduce allocations in TraceContext (#​7874)
• Small perf improvement for some TagList implementations (#​7887)
• Add support for RedisServiceStack v10 (#​7903)
• Add Defender processes to exclusion list (#​7925)
• Add testing for Microsoft.Data.Sqlite v10 (#​7936)
• Set DataPipelineEnabled=0 by default (#​7943)

CI Visibility

• [Test Optimization] Add branch parameter to test management API request (#​7891)
• [Test Optimization] - Add support for BenchmarkDotNet 0.15.x internally (#​7909)

ASM

• [AAP] Update waf and add support for security_response_id (#​7807)
• [AAP] Rugerize waf encoder disposal (#​7863)

Continuous Profiler

• [Profiler] Generate heap snapshot (#​7681)
• [Profiler] Update liveheap handle limit (#​7872)

Debugger

• [Debugger-Test Optimization] Add agent-less support to ER (#​7859)

Serverless

• Implement Serverless Service Representation (SSR) in AWS Lambda (#​7850)
• [AWS Lambda] Cleanup from PR#​7835 (#​7858)

... (truncated)

3.32.1

Summary

Reduces serialization allocation in .NET Framework and < .NET Core 3.1 (#​7884)

Changes

Tracer

• Fix serialization allocation in .NET Framework and < .NET Core 3.1 (#​7884)

Changes since 3.32.0

3.32.0

Summary

• [Tracer] Fix orphaned spans in WCF traces
• [AWS Lambda] Add request-id as header to Lambda start/end invocation

Changes

Tracer

• Add process tags to client-side stats (#​7791)

CI Visibility

• Avoid allocating and preparing CI Visibility stuff in startup hot path (#​7821)

Debugger

• Add process tags to dynamic instrumentation snapshots (#​7839)

Serverless

• Respect baggage in Azure messaging integrations (#​7818)
• [AWS Lambda] Add request-id as header to Lambda start/end invocation (#​7835)
• Add #nullable enable and fix NullReferenceException in DynamoDB (#​7849)

Fixes

• Fix orphaned spans in WCF traces (#​7842)

Data Streams Monitoring

• Add process tags to DSM (#​7775)

Miscellaneous

• Add process tags to telemetry (#​7780)
• [Docs] fix CLI commands to download logs from AAS apps (#​7802)

Build / Test

• Fix microbenchmark artifacts (#​7816)
• Add testing for latest Microsoft.Extensions.Telemetry version (#​7817)
• Fix broken CI when running tests against a specific sample (#​7819)
• Publish native symbols in all DCs (#​7828)
• Update .gitlab/one-pipeline.locked.yaml (#​7836)
• Add support for VS 2026 to Nuke detection (#​7843)

Changes since 3.31.0

3.31.0

Summary

• Add support for .NET 10
• Add support for MongoDB.Driver v3.5+

Changes

Tracer

• Use RuntimeHelpers.GetHashCode in IndexObject (#​7678)
• Removing V1 tags class from AWS integrations (#​7746)
• Add support for MongoDB.Driver v3.5+ (#​7808)
• Compress telemetry payload (#​7645)

Continuous Profiler

• [Crashtracker] Add module path to frames (#​7642)

Serverless

• [Docs] Add Azure Functions architecture docs and PowerShell debugging tools (#​7639)

Fixes

• Fix null character termination in CString abstraction. (#​7785)
• Add fix for persistent Process.Start version-conflict issue (#​7789)
• Protect against null LoggingEvent and Properties in log4net (#​7735)
• Fix InvalidOperationException in Baggage handling in Azure Functions (#​7810)

Build / Test

• Add support for .NET 10 GA (#​7804)
• Improve execution benchmark comment post (#​7570)
• Split create_draft_release worfklow into hotfix / normal (#​7601)
• Limit Dependabot to 1 open PR for our integration bumps (#​7675)
• [Test Package Versions Bump] Updating package versions (#​7740)
• Bump the gh-actions-packages group across 3 directories with 5 updates (#​7748)
• [ASM] Fix Asm benchmark and stop-reinitializing tracer (#​7750)
• Improve aerospike sample to avoid timeouts (#​7751)
• [Test Package Versions Bump] Updating package versions (#​7757)
• Bump softprops/action-gh-release from 2.3.3 to 2.4.1 in the gh-actions-packages group across 1 directory (#​7758)
• Fix (more) EventHubs flaky batch tests (#​7768)
• Increase debugger serialize timeout for unit tests (#​7769)
• Use ScopedTracer in tests (#​7770)
• Fix RedirectInput test flakyness (#​7771)
• Replace macos-13 with macos-14 in CI (#​7778)
• Add partial trust/legacy CAS detection to dd-trace and dd-dotnet (#​7779)
• Avoid exceptions in ProcessBasicChecksTests (#​7781)
• Tweak CI variables (#​7784)
• [Test Package Versions Bump] Updating package versions (#​7794)
• Fix GRPC flaky tests. (#​7800)
• [Test Package Versions Bump] Updating package versions (#​7812)
• Cosmos DB partial integration testing (#​7752)
• Dispose ManualResetEventSlim instances in tests (#​7797)

... (truncated)

3.30.0

Summary

• [Tracer] Add support for Azure Event Hubs
• [Test Optimization] Add support for MSTest 4.x.x
• [OpenTelemetry] OTLP Logs API Support
• [Continuous Profiler] Performance improvements

Changes

Tracer

• [Tracer] Add Azure Event Hubs instrumentation (#​7620)
• [OTEL] OTLP Logs API Support (#​7680)
• [Tracer] Add new process tags (#​7651)
• small follow up on process tags (#​7743)
• Removing Forgiven Nulls (#​7745)
• Add fix for whitespace in exporter settings and metrics URL (#​7747)
• Fix ad-hoc use of TracerSettings to use MutableSettings where appropriate (#​7543)
• Fix calls to IsIntegrationEnabled(), IsErrorStatusCode(), ....

Description has been truncated

[dependabot]

Looks like these dependencies are no longer updatable, so this is no longer needed.