[release/8.0] Update dependencies from dotnet/arcade #61411

dotnet-maestro · 2025-04-09T14:23:12Z

This pull request updates the following dependencies

From https://github.com/dotnet/arcade

Subscription: 4f4b0ddb-c5f4-4ab0-0eac-08db9e40a4f0
Build: 20250408.7
Date Produced: April 9, 2025 2:29:53 AM UTC
Commit: c7a36e53f91e41943746f97a8c183549364c5092
Branch: refs/heads/release/8.0

Updates:
- Microsoft.DotNet.Arcade.Sdk: from 8.0.0-beta.25208.3 to 8.0.0-beta.25208.7
- Microsoft.DotNet.Build.Tasks.Installers: from 8.0.0-beta.25208.3 to 8.0.0-beta.25208.7
- Microsoft.DotNet.Build.Tasks.Templating: from 8.0.0-beta.25208.3 to 8.0.0-beta.25208.7
- Microsoft.DotNet.Helix.Sdk: from 8.0.0-beta.25208.3 to 8.0.0-beta.25208.7
- Microsoft.DotNet.RemoteExecutor: from 8.0.0-beta.25208.3 to 8.0.0-beta.25208.7

Updates to .NET SDKs:
- Updates sdk.version to 8.0.115
- Updates tools.dotnet to 8.0.115

…408.7 Microsoft.DotNet.Arcade.Sdk , Microsoft.DotNet.Build.Tasks.Installers , Microsoft.DotNet.Build.Tasks.Templating , Microsoft.DotNet.Helix.Sdk , Microsoft.DotNet.RemoteExecutor From Version 8.0.0-beta.25208.3 -> To Version 8.0.0-beta.25208.7

Updated [Microsoft.AspNetCore.SpaProxy](https://github.com/dotnet/aspnetcore) from 8.0.15 to 8.0.19. <details> <summary>Release notes</summary> _Sourced from [Microsoft.AspNetCore.SpaProxy's releases](https://github.com/dotnet/aspnetcore/releases)._ ## 8.0.18 [Release](https://github.com/dotnet/core/releases/tag/v8.0.18) ## What's Changed * Update branding to 8.0.18 by @vseanreesermsft in dotnet/aspnetcore#62241 * [release/8.0] Update Alpine helix references by @github-actions in dotnet/aspnetcore#62243 * [release/8.0] (deps): Bump src/submodules/googletest from `04ee1b4` to `e9092b1` by @dependabot in dotnet/aspnetcore#62201 * [8.0] Delete src/arcade directory by @akoeplinger in dotnet/aspnetcore#61994 * [Backport 8.0] [IIS] Manually parse exe bitness (#61894) by @BrennanConroy in dotnet/aspnetcore#62037 * [release/8.0] Update dependencies from dotnet/source-build-reference-packages by @dotnet-maestro in dotnet/aspnetcore#62006 * [release/8.0] Update dependencies from dotnet/arcade by @dotnet-maestro in dotnet/aspnetcore#61944 * [release/8.0] Associate tagged keys with entries so replacements are not evicted by @github-actions in dotnet/aspnetcore#62247 * [release/8.0] Block test that is failing after switching to latest-chrome by @github-actions in dotnet/aspnetcore#62284 * backport(net8.0): http.sys on-demand TLS client hello retrieval by @DeagleGross in dotnet/aspnetcore#62290 * Merging internal commits for release/8.0 by @vseanreesermsft in dotnet/aspnetcore#62302 **Full Changelog**: dotnet/aspnetcore@v8.0.17...v8.0.18 ## 8.0.17 ## Bug Fixes - **Forwarded Headers Middleware: Ignore X-Forwarded-Headers from Unknown Proxy** ([#61623](dotnet/aspnetcore#61623)) The Forwarded Headers Middleware now ignores `X-Forwarded-Headers` sent from unknown proxies. This change improves security by ensuring that only trusted proxies can influence the forwarded headers, preventing potential spoofing or misrouting of requests. ## Dependency Updates - **Update dependencies from dotnet/arcade** ([#61832](dotnet/aspnetcore#61832)) This update brings in the latest changes from the dotnet/arcade repository, ensuring that ASP.NET Core benefits from recent improvements, bug fixes, and security patches in the shared build infrastructure. - **Bump src/submodules/googletest from `52204f7` to `04ee1b4`** ([#61761](dotnet/aspnetcore#61761)) The GoogleTest submodule has been updated to a newer commit, providing the latest testing features, bug fixes, and performance improvements for the project's C++ test components. ## Miscellaneous - **Update branding to 8.0.17** ([#61830](dotnet/aspnetcore#61830)) The project version branding has been updated to reflect the new 8.0.17 release, ensuring consistency across build outputs and documentation. - **Merging internal commits for release/8.0** ([#61924](dotnet/aspnetcore#61924)) This change merges various internal commits into the release/8.0 branch, incorporating minor fixes, documentation updates, and other non-user-facing improvements to keep the release branch up to date. --- This summary is generated and may contain inaccuracies. For complete details, please review the linked pull requests. **Full Changelog**: dotnet/aspnetcore@v8.0.16...v8.0.17 ## 8.0.16 [Release](https://github.com/dotnet/core/releases/tag/v8.0.16) ## What's Changed * Update branding to 8.0.16 by @vseanreesermsft in dotnet/aspnetcore#61283 * [release/8.0] (deps): Bump src/submodules/googletest from `24a9e94` to `52204f7` by @dependabot in dotnet/aspnetcore#61260 * [release/8.0] Update dependencies from dotnet/source-build-externals by @dotnet-maestro in dotnet/aspnetcore#61281 * [release/8.0] Upgrade to Ubuntu 22 by @wtgodbe in dotnet/aspnetcore#61216 * [release/8.0] Update dependencies from dotnet/arcade by @dotnet-maestro in dotnet/aspnetcore#60901 * [release/8.0] Update dependencies from dotnet/source-build-reference-packages by @dotnet-maestro in dotnet/aspnetcore#60926 * [release/8.0] Update dependencies from dotnet/arcade by @dotnet-maestro in dotnet/aspnetcore#61404 * Merging internal commits for release/8.0 by @vseanreesermsft in dotnet/aspnetcore#61398 * [release/8.0] Update dependencies from dotnet/arcade by @dotnet-maestro in dotnet/aspnetcore#61411 * Revert "Revert "[release/8.0] Update remnants of azureedge.net"" by @wtgodbe in dotnet/aspnetcore#60352 * [release/8.0] Fix preserving messages for stateful reconnect with backplane by @BrennanConroy in dotnet/aspnetcore#61375 * [release/8.0] Update dependencies from dotnet/source-build-reference-packages by @dotnet-maestro in dotnet/aspnetcore#61442 * fetch TLS client hello message from HTTP.SYS by @BrennanConroy in dotnet/aspnetcore#61494 **Full Changelog**: dotnet/aspnetcore@v8.0.15...v8.0.16 Commits viewable in [compare view](https://github.com/dotnet/aspnetcore/commits). </details> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=Microsoft.AspNetCore.SpaProxy&package-manager=nuget&previous-version=8.0.15&new-version=8.0.19)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Peggy <[email protected]>

….19 (#2945) Updated [Microsoft.AspNetCore.Authentication.JwtBearer](https://github.com/dotnet/aspnetcore) from 8.0.15 to 8.0.19. <details> <summary>Release notes</summary> _Sourced from [Microsoft.AspNetCore.Authentication.JwtBearer's releases](https://github.com/dotnet/aspnetcore/releases)._ ## 8.0.18 [Release](https://github.com/dotnet/core/releases/tag/v8.0.18) ## What's Changed * Update branding to 8.0.18 by @vseanreesermsft in dotnet/aspnetcore#62241 * [release/8.0] Update Alpine helix references by @github-actions in dotnet/aspnetcore#62243 * [release/8.0] (deps): Bump src/submodules/googletest from `04ee1b4` to `e9092b1` by @dependabot in dotnet/aspnetcore#62201 * [8.0] Delete src/arcade directory by @akoeplinger in dotnet/aspnetcore#61994 * [Backport 8.0] [IIS] Manually parse exe bitness (#61894) by @BrennanConroy in dotnet/aspnetcore#62037 * [release/8.0] Update dependencies from dotnet/source-build-reference-packages by @dotnet-maestro in dotnet/aspnetcore#62006 * [release/8.0] Update dependencies from dotnet/arcade by @dotnet-maestro in dotnet/aspnetcore#61944 * [release/8.0] Associate tagged keys with entries so replacements are not evicted by @github-actions in dotnet/aspnetcore#62247 * [release/8.0] Block test that is failing after switching to latest-chrome by @github-actions in dotnet/aspnetcore#62284 * backport(net8.0): http.sys on-demand TLS client hello retrieval by @DeagleGross in dotnet/aspnetcore#62290 * Merging internal commits for release/8.0 by @vseanreesermsft in dotnet/aspnetcore#62302 **Full Changelog**: dotnet/aspnetcore@v8.0.17...v8.0.18 ## 8.0.17 ## Bug Fixes - **Forwarded Headers Middleware: Ignore X-Forwarded-Headers from Unknown Proxy** ([#61623](dotnet/aspnetcore#61623)) The Forwarded Headers Middleware now ignores `X-Forwarded-Headers` sent from unknown proxies. This change improves security by ensuring that only trusted proxies can influence the forwarded headers, preventing potential spoofing or misrouting of requests. ## Dependency Updates - **Update dependencies from dotnet/arcade** ([#61832](dotnet/aspnetcore#61832)) This update brings in the latest changes from the dotnet/arcade repository, ensuring that ASP.NET Core benefits from recent improvements, bug fixes, and security patches in the shared build infrastructure. - **Bump src/submodules/googletest from `52204f7` to `04ee1b4`** ([#61761](dotnet/aspnetcore#61761)) The GoogleTest submodule has been updated to a newer commit, providing the latest testing features, bug fixes, and performance improvements for the project's C++ test components. ## Miscellaneous - **Update branding to 8.0.17** ([#61830](dotnet/aspnetcore#61830)) The project version branding has been updated to reflect the new 8.0.17 release, ensuring consistency across build outputs and documentation. - **Merging internal commits for release/8.0** ([#61924](dotnet/aspnetcore#61924)) This change merges various internal commits into the release/8.0 branch, incorporating minor fixes, documentation updates, and other non-user-facing improvements to keep the release branch up to date. --- This summary is generated and may contain inaccuracies. For complete details, please review the linked pull requests. **Full Changelog**: dotnet/aspnetcore@v8.0.16...v8.0.17 ## 8.0.16 [Release](https://github.com/dotnet/core/releases/tag/v8.0.16) ## What's Changed * Update branding to 8.0.16 by @vseanreesermsft in dotnet/aspnetcore#61283 * [release/8.0] (deps): Bump src/submodules/googletest from `24a9e94` to `52204f7` by @dependabot in dotnet/aspnetcore#61260 * [release/8.0] Update dependencies from dotnet/source-build-externals by @dotnet-maestro in dotnet/aspnetcore#61281 * [release/8.0] Upgrade to Ubuntu 22 by @wtgodbe in dotnet/aspnetcore#61216 * [release/8.0] Update dependencies from dotnet/arcade by @dotnet-maestro in dotnet/aspnetcore#60901 * [release/8.0] Update dependencies from dotnet/source-build-reference-packages by @dotnet-maestro in dotnet/aspnetcore#60926 * [release/8.0] Update dependencies from dotnet/arcade by @dotnet-maestro in dotnet/aspnetcore#61404 * Merging internal commits for release/8.0 by @vseanreesermsft in dotnet/aspnetcore#61398 * [release/8.0] Update dependencies from dotnet/arcade by @dotnet-maestro in dotnet/aspnetcore#61411 * Revert "Revert "[release/8.0] Update remnants of azureedge.net"" by @wtgodbe in dotnet/aspnetcore#60352 * [release/8.0] Fix preserving messages for stateful reconnect with backplane by @BrennanConroy in dotnet/aspnetcore#61375 * [release/8.0] Update dependencies from dotnet/source-build-reference-packages by @dotnet-maestro in dotnet/aspnetcore#61442 * fetch TLS client hello message from HTTP.SYS by @BrennanConroy in dotnet/aspnetcore#61494 **Full Changelog**: dotnet/aspnetcore@v8.0.15...v8.0.16 Commits viewable in [compare view](https://github.com/dotnet/aspnetcore/commits). </details> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=Microsoft.AspNetCore.Authentication.JwtBearer&package-manager=nuget&previous-version=8.0.15&new-version=8.0.19)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Peggy <[email protected]>

Updated [Microsoft.AspNetCore.OpenApi](https://github.com/dotnet/aspnetcore) from 8.0.15 to 8.0.19. <details> <summary>Release notes</summary> _Sourced from [Microsoft.AspNetCore.OpenApi's releases](https://github.com/dotnet/aspnetcore/releases)._ ## 8.0.18 [Release](https://github.com/dotnet/core/releases/tag/v8.0.18) ## What's Changed * Update branding to 8.0.18 by @vseanreesermsft in dotnet/aspnetcore#62241 * [release/8.0] Update Alpine helix references by @github-actions in dotnet/aspnetcore#62243 * [release/8.0] (deps): Bump src/submodules/googletest from `04ee1b4` to `e9092b1` by @dependabot in dotnet/aspnetcore#62201 * [8.0] Delete src/arcade directory by @akoeplinger in dotnet/aspnetcore#61994 * [Backport 8.0] [IIS] Manually parse exe bitness (#61894) by @BrennanConroy in dotnet/aspnetcore#62037 * [release/8.0] Update dependencies from dotnet/source-build-reference-packages by @dotnet-maestro in dotnet/aspnetcore#62006 * [release/8.0] Update dependencies from dotnet/arcade by @dotnet-maestro in dotnet/aspnetcore#61944 * [release/8.0] Associate tagged keys with entries so replacements are not evicted by @github-actions in dotnet/aspnetcore#62247 * [release/8.0] Block test that is failing after switching to latest-chrome by @github-actions in dotnet/aspnetcore#62284 * backport(net8.0): http.sys on-demand TLS client hello retrieval by @DeagleGross in dotnet/aspnetcore#62290 * Merging internal commits for release/8.0 by @vseanreesermsft in dotnet/aspnetcore#62302 **Full Changelog**: dotnet/aspnetcore@v8.0.17...v8.0.18 ## 8.0.17 ## Bug Fixes - **Forwarded Headers Middleware: Ignore X-Forwarded-Headers from Unknown Proxy** ([#61623](dotnet/aspnetcore#61623)) The Forwarded Headers Middleware now ignores `X-Forwarded-Headers` sent from unknown proxies. This change improves security by ensuring that only trusted proxies can influence the forwarded headers, preventing potential spoofing or misrouting of requests. ## Dependency Updates - **Update dependencies from dotnet/arcade** ([#61832](dotnet/aspnetcore#61832)) This update brings in the latest changes from the dotnet/arcade repository, ensuring that ASP.NET Core benefits from recent improvements, bug fixes, and security patches in the shared build infrastructure. - **Bump src/submodules/googletest from `52204f7` to `04ee1b4`** ([#61761](dotnet/aspnetcore#61761)) The GoogleTest submodule has been updated to a newer commit, providing the latest testing features, bug fixes, and performance improvements for the project's C++ test components. ## Miscellaneous - **Update branding to 8.0.17** ([#61830](dotnet/aspnetcore#61830)) The project version branding has been updated to reflect the new 8.0.17 release, ensuring consistency across build outputs and documentation. - **Merging internal commits for release/8.0** ([#61924](dotnet/aspnetcore#61924)) This change merges various internal commits into the release/8.0 branch, incorporating minor fixes, documentation updates, and other non-user-facing improvements to keep the release branch up to date. --- This summary is generated and may contain inaccuracies. For complete details, please review the linked pull requests. **Full Changelog**: dotnet/aspnetcore@v8.0.16...v8.0.17 ## 8.0.16 [Release](https://github.com/dotnet/core/releases/tag/v8.0.16) ## What's Changed * Update branding to 8.0.16 by @vseanreesermsft in dotnet/aspnetcore#61283 * [release/8.0] (deps): Bump src/submodules/googletest from `24a9e94` to `52204f7` by @dependabot in dotnet/aspnetcore#61260 * [release/8.0] Update dependencies from dotnet/source-build-externals by @dotnet-maestro in dotnet/aspnetcore#61281 * [release/8.0] Upgrade to Ubuntu 22 by @wtgodbe in dotnet/aspnetcore#61216 * [release/8.0] Update dependencies from dotnet/arcade by @dotnet-maestro in dotnet/aspnetcore#60901 * [release/8.0] Update dependencies from dotnet/source-build-reference-packages by @dotnet-maestro in dotnet/aspnetcore#60926 * [release/8.0] Update dependencies from dotnet/arcade by @dotnet-maestro in dotnet/aspnetcore#61404 * Merging internal commits for release/8.0 by @vseanreesermsft in dotnet/aspnetcore#61398 * [release/8.0] Update dependencies from dotnet/arcade by @dotnet-maestro in dotnet/aspnetcore#61411 * Revert "Revert "[release/8.0] Update remnants of azureedge.net"" by @wtgodbe in dotnet/aspnetcore#60352 * [release/8.0] Fix preserving messages for stateful reconnect with backplane by @BrennanConroy in dotnet/aspnetcore#61375 * [release/8.0] Update dependencies from dotnet/source-build-reference-packages by @dotnet-maestro in dotnet/aspnetcore#61442 * fetch TLS client hello message from HTTP.SYS by @BrennanConroy in dotnet/aspnetcore#61494 **Full Changelog**: dotnet/aspnetcore@v8.0.15...v8.0.16 Commits viewable in [compare view](https://github.com/dotnet/aspnetcore/commits). </details> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=Microsoft.AspNetCore.OpenApi&package-manager=nuget&previous-version=8.0.15&new-version=8.0.19)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Peggy <[email protected]>

dotnet-maestro bot requested review from wtgodbe and a team as code owners April 9, 2025 14:23

ghost added the area-infrastructure Includes: MSBuild projects/targets, build scripts, CI, Installers and shared framework label Apr 9, 2025

dotnet-policy-service bot added this to the 8.0.x milestone Apr 9, 2025

wtgodbe approved these changes Apr 9, 2025

View reviewed changes

wtgodbe merged commit aa2ec53 into release/8.0 Apr 9, 2025
23 of 25 checks passed

wtgodbe deleted the darc-release/8.0-929d7d11-8941-4317-ad4c-edc8a83cc552 branch April 9, 2025 18:42

dotnet-policy-service bot modified the milestones: 8.0.x, 8.0.16 Apr 9, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[release/8.0] Update dependencies from dotnet/arcade #61411

[release/8.0] Update dependencies from dotnet/arcade #61411

Uh oh!

dotnet-maestro bot commented Apr 9, 2025

Uh oh!

Uh oh!

Uh oh!

[release/8.0] Update dependencies from dotnet/arcade #61411

[release/8.0] Update dependencies from dotnet/arcade #61411

Uh oh!

Conversation

dotnet-maestro bot commented Apr 9, 2025

From https://github.com/dotnet/arcade

Uh oh!

Uh oh!

Uh oh!