chore(deps) Update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence	Type	Update
@semantic-release/commit-analyzer	13.0.0 -> 13.0.1					devDependencies	patch
@semantic-release/release-notes-generator	14.0.0 -> 14.0.3					devDependencies	patch
BrowserStackLocal	2.3.1 -> 2.4.0					nuget	minor
Hangfire (source)	1.8.12 -> 1.8.17					nuget	patch
Hangfire.InMemory	0.9.0 -> 0.11.0					nuget	minor
HtmlSanitizer	8.0.865 -> 8.1.870					nuget	minor
ITfoxtec.Identity.Saml2 (source)	4.10.8 -> 4.15.3					nuget	minor
ITfoxtec.Identity.Saml2.MvcCore (source)	4.10.8 -> 4.15.3					nuget	minor
LigerShark.WebOptimizer.Core	3.0.405 -> 3.0.433					nuget	patch
Markdig (source)	0.37.0 -> 0.40.0					nuget	minor
Microsoft.AspNetCore.Authentication.Negotiate (source)	8.0.6 -> 8.0.12					nuget	patch
Microsoft.AspNetCore.Identity.EntityFrameworkCore (source)	8.0.6 -> 8.0.12					nuget	patch
Microsoft.AspNetCore.Mvc.Razor.RuntimeCompilation (source)	8.0.6 -> 8.0.12					nuget	patch
Microsoft.AspNetCore.Mvc.Testing (source)	8.0.6 -> 8.0.12					nuget	patch
Microsoft.AspNetCore.WebUtilities (source)	8.0.6 -> 8.0.12					nuget	patch
Microsoft.EntityFrameworkCore (source)	8.0.6 -> 8.0.12					nuget	patch
Microsoft.EntityFrameworkCore.InMemory (source)	8.0.6 -> 8.0.12					nuget	patch
Microsoft.EntityFrameworkCore.SqlServer (source)	8.0.6 -> 8.0.12					nuget	patch
Microsoft.EntityFrameworkCore.Tools (source)	8.0.6 -> 8.0.12					nuget	patch
Microsoft.NET.Test.Sdk	17.10.0 -> 17.12.0					nuget	minor
Moq	4.20.70 -> 4.20.72					nuget	patch
NUglify	1.21.7 -> 1.21.11					nuget	patch
Selenium.WebDriver (source)	4.21.0 -> 4.28.0					nuget	minor
SixLabors.ImageSharp	3.1.5 -> 3.1.6					nuget	patch
SolrNet	1.1.1 -> 1.1.2					nuget	patch
SolrNet.Core	1.1.1 -> 1.1.2					nuget	patch
SolrNet.Microsoft.DependencyInjection (source)	1.1.1 -> 1.1.2					nuget	patch
SonarAnalyzer.CSharp (source)	9.26.0.92422 -> 9.32.0.97167					nuget	minor
System.Data.SqlClient	4.8.6 -> 4.9.0					nuget	minor
WebMarkupMin.AspNetCore5	2.16.0 -> 2.18.1					nuget	minor
bulma (source)	1.0.1 -> 1.0.3					devDependencies	patch
coverlet.collector	6.0.2 -> 6.0.4					nuget	patch
peter-evans/create-pull-request	v6.0.5 -> v6.1.0					action	minor
potatoqualitee/mssqlsuite	v1.7 -> v1.8					action	minor
python	3.12 -> 3.13					image	minor
python	3.12-alpine -> 3.13-alpine					stage	minor
xo	^0.58.0 -> ^0.60.0					devDependencies	minor
xunit	2.8.1 -> 2.9.3					nuget	minor
xunit.runner.visualstudio	2.8.1 -> 2.8.2					nuget	patch

---

Release Notes

semantic-release/commit-analyzer (@​semantic-release/commit-analyzer)

v13.0.1

Compare Source

Bug Fixes

• deps: update dependency import-from-esm to v2 (#​741) (f106b76)

semantic-release/release-notes-generator (@​semantic-release/release-notes-generator)

v14.0.3

Compare Source

Bug Fixes

• deps: update dependency import-from-esm to v2 (#​756) (832620e)

v14.0.2

Compare Source

Bug Fixes

• AWS CodeCommit compatibility (#​748) (687e2e2)

v14.0.1

Compare Source

Bug Fixes

• deps: rename read-pkg-up to read-package-up (#​671) (687ba5a)

HangfireIO/Hangfire (Hangfire)

v1.8.17: 1.8.17

Release Notes

Hangfire.SqlServer

• Fixed – InvalidCastException while fetching a job with older schemas regression from 1.8.16.

v1.8.16: 1.8.16

Release Notes

Hangfire.Core

• Changed – Include fewer stack frames in exceptions come from IServerFilter implementations.
• Changed – Don't include file information in the ExceptionDetails property of a FailedState instance.
• Changed – Switch back to CancellationEvent usage instead of CancellationToken.WaitHandle.
• Fixed – Don't commit external transaction in the BackgroundJobStateChanger implementation.
• Fixed – Use safe default serializer settings for Newtonsoft.Json 12.X and below.
• Project – Fix builds for the net451 platform when using .NET 9.0.
• Project – Significantly reduce execution time of unit tests in the RecurringJobSchedulerFacts class.
• Project – Bump Microsoft.CodeAnalysis.NetAnalyzers package to version 9.0.0.

Hangfire.SqlServer

• Changed – Use vanilla ADO.NET when fetching a job in the SqlServerJobQueue implementation.
• Changed – Decrease the LockTimeout time when calling the sp_getapplock procedure to 1 second for less blocking.
• Fixed – SqlException: Must declare the scalar variable "key" in delayed and recurring job schedulers.
• Project – Disable parallel tests execution when building under .NET 9.0.
• Project – Run tests over the latest Microsoft.Data.SqlClient package and the net6.0 platform.
• Project – Reduce execution time of integration tests.
• Project – Disable PoolBlockingPeriod setting on AppVeyor to handle transient test failures.

v1.8.15: 1.8.15

Release Notes

Hangfire.Core

• Added – New AutomaticRetryAttribute.ExceptOn property to skip retries for specific exceptions.
• Changed – Refactor filters pipeline to use less LINQ magic and fewer allocations.
• Changed – Use GetCultureInfo instead of creating an instance in the CaptureCultureAttribute filter.
• Changed – Cache some immutable data to avoid extra allocations.
• Fixed – Improve loopback address detection (by @​meziantou).
• Fixed – Reformulate misleading error messages regarding retry timings (by @​RGFuaWVs).
• Fixed – Problem with missing localizations in the previous version.
• Fixed – Don't hide exception details on Failed Jobs page when the exception message is empty.
• Fixed – Problems with the first restore when using the build.bat command.
• Fixed – Better display of canceled recurring jobs in dashboard.
• Fixed – Less overall allocations with using static delegates and struct-based iterators.
• Fixed – Improve precision of some diagnostic messages in the wait protection logic.
• Fixed – Make all private and internal classes sealed to improve code consistency.
• Fixed – Less overall pressure on garbage collector.

Hangfire.SqlServer

• Changed – Use query template caching based on schema name to avoid excessive string allocations.
• Changed – Use static callbacks almost anywhere to avoid unnecessary delegate allocations.
• Changed – Use QuerySingle* or ReadSingle* where possible to avoid allocating lists.
• Changed – Unify DbCommand and DbParameter creation logic to improve code consistency.

v1.8.14: 1.8.13 & 1.8.14

Release Notes

Hangfire.Core

• Changed – Partial cache for serialization and deserialization in InvocationData to produce less strings.
• Changed – Add caching for default type serializer and resolver.
• Changed – Don't let JobFilter-related logic to show up in profilers.
• Changed – Modify IProfiler to be less allocatey for diagnostic purposes that almost never run.
• Changed – Prefer using CancellationToken.WaitHandle again, since early .NET Core days are gone.
• Changed – Fewer allocations when working with IStateHandler collections in a state machine.
• Fixed – Redirect the "System.Private.Xml.Linq" assembly to the "System.Xml.Linq" one for better interoperability.
• Fixed – Don't throw KeyNotFoundException when recurring job is malformed.
• Fixed – Proper relative path calculation in UrlHelper.To for OWIN-based Dashboard UI (by @​LordJZ).
• Fixed – Typo in the Turkish localization file (by @​ismkdc).
• Project – Switch to a modern PowerShell 7+ to speed up SignPath installation on AppVeyor.

Hangfire.SqlServer

• Changed – Limit polling queries when queues are empty with a semaphore for all configurations.
• Changed – Use per-queue signaling for same-process workers, instead of having a global signal.
• Fixed – Don't silently truncate queue names, throw an exception instead.
• Project – Decrease delays in SQL Server-related tests to complete them faster.

HangfireIO/Hangfire.InMemory (Hangfire.InMemory)

v0.11.0: 0.11.0

Release Notes

• Changed – This version targets Hangfire 1.7.0 and don't support some of the newest features.
• Breaking – Remove the deprecated DisableJobSerialization option.
• Breaking – Change default value for the IdType option to long.

v0.10.4: 0.10.4

Release Notes

• Fixed – Problem with locks implementation due to a regression in .NET 8.0.

v0.10.3: 0.10.3

Release Notes

• Changed – Significantly optimize GetFirstByLowestScoreFromSet method overloads.

v0.10.2: 0.10.2

Release Notes

• Changed – Refactor command dispatching to make it more simple and less allocating.
• Changed – Straightforward locking implementation with more unit tests.
• Fixed – InvalidOperationException "Wrong level" when trying to release a lock (regression from 0.10.1).
• Fixed – "An item with the same key has already been added" on the Awaiting Jobs page (regression from 0.10.0).

v0.10.1: 0.10.1

Release Notes

• Changed – Roll back a breaking change in 0.10.0 for the InMemoryStorageOptions class.
• Changed – Increase the default eviction interval to 5 seconds.
• Changed – More efficient storage of state history records.
• Changed – Implement fast path for the FetchNextJob method.
• Fixed – More robust entry eviction implementation.
• Fixed – Graceful dispatcher shutdown without additional waiting.
• Project – Faster build pipeline on AppVeyor after migration to modern Powershell 7+.

v0.10.0: 0.10.0

Release Notes

• Breaking – InMemoryStorageOptions class instances are now immutable after initialization.
• Added – Support long-based job identifiers through the InMemoryStorageOptions.IdType property.
• Added – Expose the InMemoryStorageOptions.CommandTimeout option to control the command timeouts.
• Changed – Significantly improve query dispatching pipeline in terms of speed and allocations.
• Changed – More compact representation of jobs and their parameters.
• Changed – Optimise the GetFirstByLowestScoreFromSet query when the number of items is huge.
• Changed – Better concurrency handling implementation for the collection of locks.

mganss/HtmlSanitizer (HtmlSanitizer)

v8.1.870: 8.1.870

#​556

ITfoxtec/ITfoxtec.Identity.Saml2 (ITfoxtec.Identity.Saml2)

v4.15.3: Version 4.15.3

Compare Source

• Change submit in post form to improve Chrome custom tab and Android app support.
• Support certificate load of Pkcs12 file without a password in .NET 9.

NuGet package released:
https://www.nuget.org/packages/ITfoxtec.Identity.Saml2/
https://www.nuget.org/packages/ITfoxtec.Identity.Saml2.Mvc/
https://www.nuget.org/packages/ITfoxtec.Identity.Saml2.MvcCore/

v4.14.1: Version 4.14.1

Compare Source

• Support .NET 9.
• Use X509CertificateLoader in .NET 9 instead of X509Certificate2.

NuGet package released:
https://www.nuget.org/packages/ITfoxtec.Identity.Saml2/
https://www.nuget.org/packages/ITfoxtec.Identity.Saml2.Mvc/
https://www.nuget.org/packages/ITfoxtec.Identity.Saml2.MvcCore/

v4.13.3: Version 4.13.3

Compare Source

• Nuget package updates

Nuget package updates in .NET 8.0

• Microsoft.Extensions.Http updated from version 8.0.0 to version 8.0.1
• Microsoft.IdentityModel.Tokens.Saml updated from version 8.0.2 to version 8.2.1
• System.Security.Cryptography.Xml updated from version 8.0.1 to version 8.0.2

NuGet package released:
https://www.nuget.org/packages/ITfoxtec.Identity.Saml2/
https://www.nuget.org/packages/ITfoxtec.Identity.Saml2.Mvc/
https://www.nuget.org/packages/ITfoxtec.Identity.Saml2.MvcCore/

v4.13.2: Version 4.13.2

Compare Source

• Make the KeyName element in the signatures KeyInfo element configurable. Default not included.

NuGet package released:
https://www.nuget.org/packages/ITfoxtec.Identity.Saml2/
https://www.nuget.org/packages/ITfoxtec.Identity.Saml2.Mvc/
https://www.nuget.org/packages/ITfoxtec.Identity.Saml2.MvcCore/

v4.13.1: Version 4.13.1

Compare Source

• Add the KeyName element to signatures in the KeyInfo element.

Signature eksample:

 <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
    <SignedInfo>
      <CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
      <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />
      <Reference URI="#_a425a45e-d384-4513-8bc4-1e265611e305">
        <Transforms>
          <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
          <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
        </Transforms>
        <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
        <DigestValue>ZPpcgQxkNsP9v3fZHeCRLw6VNyWyBFaVSorlDMr7lvQ=</DigestValue>
      </Reference>
    </SignedInfo>
    <SignatureValue>TIkglNgY/Rb8OeafHcoJ ... /SnYPRymovw==</SignatureValue>
    <KeyInfo>
      <KeyName>CybsnsH2VizGs9Mzdl8l+6gkoBs=</KeyName>
      <X509Data>
        <X509Certificate>MIIDKjCCAhIC ... WlLINBSPArTQ==</X509Certificate>
      </X509Data>
    </KeyInfo>
  </Signature>

NuGet package released:
https://www.nuget.org/packages/ITfoxtec.Identity.Saml2/
https://www.nuget.org/packages/ITfoxtec.Identity.Saml2.Mvc/
https://www.nuget.org/packages/ITfoxtec.Identity.Saml2.MvcCore/

v4.12.7: Version 4.12.7

Compare Source

Resolve bug:

• Authn context comparison types do not accept lowercase values.

NuGet package released:
https://www.nuget.org/packages/ITfoxtec.Identity.Saml2/
https://www.nuget.org/packages/ITfoxtec.Identity.Saml2.Mvc/
https://www.nuget.org/packages/ITfoxtec.Identity.Saml2.MvcCore/

v4.12.6: Version 4.12.6

Compare Source

• Support an Assertion element in the Advice element by allowing nested assertions.
• Add support for EntitiesDescriptor with nested EntityDescriptor in metadata.
• Make Index and IsDefault configurable for AttributeConsumingService in metadata.
• Added cookieName parameter to AddSaml2.
• Resolve null pointer bug if Logout request is without a NameID.
• NuGet package updates.

NuGet package released:
https://www.nuget.org/packages/ITfoxtec.Identity.Saml2/
https://www.nuget.org/packages/ITfoxtec.Identity.Saml2.Mvc/
https://www.nuget.org/packages/ITfoxtec.Identity.Saml2.MvcCore/

v4.11.3: Version 4.11.3

Compare Source

• Remove local repeated namespace from Scoping, IDPList and IDPEntry.
• Resolve Scoping.RequesterID and IDPList.GetComplete created as an attributes instead of an elements bug.
• Resolve scoping bug "Unable to convert element ITfoxtec.Identity.Saml2.Schemas.Scoping".

NuGet package released:
https://www.nuget.org/packages/ITfoxtec.Identity.Saml2/
https://www.nuget.org/packages/ITfoxtec.Identity.Saml2.Mvc/
https://www.nuget.org/packages/ITfoxtec.Identity.Saml2.MvcCore/

v4.11.1: Version 4.11.1

Compare Source

• Add support for NameQualifier and SPNameQualifier.
• Add support for AuthnRequest Scoping.
• Add support for ProviderName property as part of the AuthnRequest.
• Add fix for scoping namespace.
• Bug fix: Use protocol instead of assertion namespace in metadata IDPEntry, IDPList and Scoping.

Metadata:

• Add support for ServiceNames [1..*] according to SAML 2.0 spec, to provide service names for different languages in metadata.
• Add support for the FriendlyName property as part of the RequestedAttribute in metadata.
• Add support for Extensions property as part of the EntityDescriptor and the SP/IDPSSODescriptor in metadata.
• Add support for multiple translation for Organization elements.

Braking changes in metadata:

• The type ServiceName is changed to LocalizedNameType.

General:

• Update vulnerable dependencies for System.IdentityModel.Tokens.Jwt and System.Security.Cryptography.Xml.
• Removed support for .NET 5.0 and .NET Core 3.1, still indirectly supported with .NET Standard 2.1.
• Change the access level to protected in related to the SamlBinding to make inheritance possible.
• In Saml2Configuration, change the set property to public for SignatureValidationCertificates and AllowedAudienceUris.

NuGet package released:
https://www.nuget.org/packages/ITfoxtec.Identity.Saml2/
https://www.nuget.org/packages/ITfoxtec.Identity.Saml2.Mvc/
https://www.nuget.org/packages/ITfoxtec.Identity.Saml2.MvcCore/

xoofx/markdig (Markdig)

v0.40.0

Compare Source

Changes

🐛 Bug Fixes

• Fix errors in LinkHelper and LinkInlineParser. (PR #​837) by @​snnz
• Check that the alert candidate is not already in an alert block or nested within other elements. (PR #​842) by @​snnz
• Fixes exception in DefinitionListParser.GetCurrentDefinitionList() (PR #​843) by @​snnz
• Prevent GridTableParser from looking beyond the end of a line. (PR #​844) by @​snnz

Full Changelog: 0.39.1...0.40.0

_{Published with dotnet-releaser}

v0.39.1

Compare Source

Changes

🐛 Bug Fixes

• Fix an incorrect offset in GridTableParser. (PR #​834) by @​snnz
• Include opening and closing pipes in the table span (PR #​835) by @​snnz
• Fix an error in the AbbreviationParser. (PR #​836) by @​snnz

🧰 Maintenance

• Update ci badge (fdaef77)

Full Changelog: 0.39.0...0.39.1

_{Published with dotnet-releaser}

v0.39.0

Compare Source

Changes

🐛 Bug Fixes

• Fix extra line feeds in link title (PR #​826) by @​snnz
• Fix incorrect emphasis span calculation. (PR #​829) by @​snnz
• Set delimiter char and count in CustomContainerInline instances. (PR #​831) by @​snnz
• Set the correct source location in Footnote and FootnoteLinkReferenceDefinition (PR #​832) by @​snnz

🚀 Enhancements

• Add .NET 9 target, drop .NET 6 (PR #​828) by @​MihaZupan

🧰 Misc

• Update readme.md (310a55c)

Full Changelog: 0.38.0...0.39.0

_{Published with dotnet-releaser}

v0.38.0

Compare Source

Changes

🐛 Bug Fixes

• Update DiagramExtension.cs (PR #​823)

🚀 Enhancements

• Rename a variable (PR #​817) by @​ehsankalafchi

📚 Documentation

• Fix mermaid link in readme.md (PR #​808) by @​digvijayad

Full Changelog: 0.37.0...0.38.0

_{Published with dotnet-releaser}

dotnet/aspnetcore (Microsoft.AspNetCore.Authentication.Negotiate)

v8.0.12: .NET 8.0.12

Release

What's Changed

• Update branding to 8.0.12 by @​vseanreesermsft in https://github.com/dotnet/aspnetcore/pull/58800
• [release/8.0] (deps): Bump src/submodules/googletest from 6dae7eb to 1204d63 by @​dependabot in https://github.com/dotnet/aspnetcore/pull/58741
• Add scope for internal npm packages by @​BrennanConroy in https://github.com/dotnet/aspnetcore/pull/58512
• [release/8.0] Update dependencies from dotnet/source-build-externals by @​dotnet-maestro in https://github.com/dotnet/aspnetcore/pull/58477
• [release/8.0] Upgrade serialize-javascript transient dependency by @​MackinnonBuck in https://github.com/dotnet/aspnetcore/pull/58466
• [release/8.0] Update Messagepack dependency by @​wtgodbe in https://github.com/dotnet/aspnetcore/pull/58676
• Merging internal commits for release/8.0 by @​vseanreesermsft in https://github.com/dotnet/aspnetcore/pull/58898
• [release/8.0] Use MacOS-13 in CI by @​wtgodbe in https://github.com/dotnet/aspnetcore/pull/58549
• [release/8.0] Update dependencies from dotnet/arcade by @​dotnet-maestro in https://github.com/dotnet/aspnetcore/pull/59065
• [release/8.0] Fix java discovery in helix-matrix by @​wtgodbe in https://github.com/dotnet/aspnetcore/pull/59181
• [release/8.0] Update dependencies from dotnet/roslyn by @​wtgodbe in https://github.com/dotnet/aspnetcore/pull/59184
• [release/8.0] (deps): Bump src/submodules/googletest from 1204d63 to d144031 by @​dependabot in https://github.com/dotnet/aspnetcore/pull/59033

Full Changelog: dotnet/aspnetcore@v8.0.11...v8.0.12

v8.0.11: .NET 8.0.11

Release

What's Changed

• Update branding to 8.0.11 by @​vseanreesermsft in https://github.com/dotnet/aspnetcore/pull/58198
• [release/8.0] (deps): Bump src/submodules/googletest from ff233bd to 6dae7eb by @​dependabot in https://github.com/dotnet/aspnetcore/pull/58180
• [release/8.0] Add explicit conversion for value-type returning handlers with filters by @​captainsafia in https://github.com/dotnet/aspnetcore/pull/57966
• [release/8.0] Stop using Mac 11 in Helix by @​wtgodbe in https://github.com/dotnet/aspnetcore/pull/58063
• [release/8.0] Enable TSA/Policheck by @​github-actions in https://github.com/dotnet/aspnetcore/pull/58124
• [rel

---

Configuration

📅 Schedule: Branch creation - "before 10pm on Sunday" in timezone America/Chicago, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.