chore(deps): update dependency microsoft.featuremanagement.aspnetcore to v4

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
Microsoft.FeatureManagement.AspNetCore	3.5.0 -> 4.0.0

---

Release Notes

microsoft/FeatureManagement-Dotnet (Microsoft.FeatureManagement.AspNetCore)

v4.0.0

Compare Source

4.0.0 - November 1, 2024

Microsoft.FeatureManagement Updates

The packages associated with this release are

• Microsoft.FeatureManagement 4.0.0
• Microsoft.FeatureManagement.AspNetCore 4.0.0
• Microsoft.FeatureManagement.Telemetry.ApplicationInsights 4.0.0

Microsoft.FeatureManagement

Enhancements

Variant Feature Flags

A variant feature flag is an enhanced feature flag that supports multiple states or variations. While it can still be toggled on or off, it also allows for different configurations, ranging from simple primitives to complex JSON objects. Variant feature flags are particularly useful for feature rollouts, configuration rollouts, and feature experimentation (also known as A/B testing).

The new IVariantFeatureManager has been introduced as the successor to the existing IFeatureManager. It retains all the functionalities of IFeatureManager while adding new GetVariantAsync methods and supporting CancellationToken for all methods.

IVariantFeatureManager featureManager;
...
Variant variant = await featureManager.GetVariantAsync(MyFeatureFlags.HelpText, CancellationToken.None);
model.Text = variant.Configuration.Value;

Note: If reading variant flags from App Configuration, version 8.0.0 or above for the Microsoft.Extensions.Configuration.AzureAppConfiguration or Microsoft.Azure.AppConfiguration.AspNetCore package is required.

For more details on Variants, see here.

Variant Service Provider

Variant feature flags can be used in conjunction with dependency injection to surface different implementations of a service for different users. This is accomplished by using the Variant Service Provider.

For more details on Variant Service Provider, see here

Telemetry

Telemetry provides observability into flag evaluations, offering insights into which users received specific flag results. This enables more powerful metric analysis, such as experimentation.

For more details on Telemetry, see here.

Microsoft Feature Management Schema

Added support for variant feature flags defined using Microsoft Feature Management schema. Variants and telemetry can be declared using Microsoft Feature Flag schema v2. Here is a Sample.

Performance Optimizations

The performance of the feature flag state evaluation has been improved by up to 20%, with a memory reduction of up to 30% for .NET 8 applications compared to the version 3.5.0 release.

Microsoft.FeatureManagement.AspNetCore

Enhancements

• Adjusted the .WithTargeting() builder method to automatically add HttpContextAccessor if it's not already added.

• Added TargetingHttpContextMiddleware which persists targeting context in the current activity. This is used when setting up Telemetry.

• Added support for variants in FeatureTagHelper. This allows MVC views to use the <feature> tag to conditionally render content based on whether a specific variant of a feature is assigned.

  <feature name="FeatureX" variant="Alpha">
    <p>This can only be seen if variant 'Alpha' of 'FeatureX' is assigned.</p>
  </feature>

  For more details on ASP.NET views and variants, see here.

• Updated Microsoft.FeatureManagement reference to 4.0.0. See the release notes for more information on the changes.

• Added support for .NET 9 as a target framework.

Breaking Change

• The FeatureTagHelper constructor now requires an IVariantFeatureManager to support new variant functionality. While this class is typically not instantiated directly, any direct instantiation will need to be updated.
• Removed .NET 7 as a target framework as .NET 7 is out of support.

Microsoft.FeatureManagement.Telemetry.ApplicationInsights

Enhancements

• Added support for Application Insights telemetry. To publish feature flag evaluation data and tag outgoing events with targeting information, register the Application Insights telemetry publisher as shown below.

  builder.Services.AddFeatureManagement()
      .AddApplicationInsightsTelemetry();

  For more details on Application Insights Publishing, see here

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
nuget/Microsoft.FeatureManagement.AspNetCore	4.0.0	🟢 8.2	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 10 security policy file detected Token-Permissions 🟢 9 detected GitHub workflow tokens with excessive permissions SAST 🟢 10 SAST tool is run on all commits Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0

Scanned Files

• src/Whipstaff.AspNetCore/Whipstaff.AspNetCore.csproj

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 32.67%. Comparing base (56a9c8c) to head (2e6eb75).
Report is 1 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #1960   +/-   ##
=======================================
  Coverage   32.67%   32.67%           
=======================================
  Files         240      240           
  Lines        6452     6452           
  Branches      426      426           
=======================================
  Hits         2108     2108           
  Misses       4246     4246           
  Partials       98       98           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[github-actions]

This pull request has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.