Bump Google.Protobuf and 11 others#110
Conversation
Bumps Google.Protobuf from 3.34.1 to 3.35.0 Bumps Grpc.AspNetCore from 2.67.0 to 2.80.0 Bumps Grpc.AspNetCore.HealthChecks from 2.67.0 to 2.80.0 Bumps Grpc.Net.Client from 2.76.0 to 2.80.0 Bumps Grpc.Tools from 2.68.1 to 2.80.0 Bumps Microsoft.AspNetCore.TestHost from 10.0.7 to 10.0.8 Bumps Microsoft.Extensions.Logging from 10.0.7 to 10.0.8 Bumps Microsoft.NET.Test.Sdk from 18.5.0 to 18.6.0 Bumps OpenFeature from 2.12.0 to 2.13.0 Bumps OpenFeature.Hosting from 2.12.0 to 2.13.0 Bumps OpenFeature.Providers.Flagd from 0.6.0 to 0.6.1 Bumps StackExchange.Redis from 2.12.14 to 2.13.1 --- updated-dependencies: - dependency-name: Google.Protobuf dependency-version: 3.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nuget-production-dependencies - dependency-name: Grpc.Tools dependency-version: 2.80.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nuget-production-dependencies - dependency-name: Microsoft.Extensions.Logging dependency-version: 10.0.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nuget-production-dependencies - dependency-name: Grpc.AspNetCore dependency-version: 2.80.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nuget-production-dependencies - dependency-name: Grpc.AspNetCore.HealthChecks dependency-version: 2.80.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nuget-production-dependencies - dependency-name: OpenFeature dependency-version: 2.13.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nuget-production-dependencies - dependency-name: OpenFeature.Providers.Flagd dependency-version: 0.6.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nuget-production-dependencies - dependency-name: OpenFeature.Hosting dependency-version: 2.13.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nuget-production-dependencies - dependency-name: StackExchange.Redis dependency-version: 2.13.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nuget-production-dependencies - dependency-name: Grpc.Net.Client dependency-version: 2.80.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nuget-production-dependencies - dependency-name: Microsoft.AspNetCore.TestHost dependency-version: 10.0.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nuget-production-dependencies - dependency-name: Microsoft.NET.Test.Sdk dependency-version: 18.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nuget-production-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
.NET
![devin-ai-integration[bot]](https://avatars.githubusercontent.com/in/811515?s=60&v=4){kind=small}
There was a problem hiding this comment.
📝 Info: CHANGELOG.md and documentation not updated with this PR
The CONTRIBUTING.md guidelines state that PRs should update the Changelog and documentation to reflect new changes. This PR does not appear to update the CHANGELOG.md. For a routine dependency bump PR this is likely acceptable as a trivial change, but it's worth noting for completeness with the project's contribution guidelines.
Was this helpful? React with 👍 or 👎 to provide feedback.
| <PackageReference Include="Grpc.AspNetCore" Version="2.80.0" /> | ||
| <PackageReference Include="Grpc.AspNetCore.HealthChecks" Version="2.80.0" /> |
There was a problem hiding this comment.
🟡 Stale comment contradicts Grpc.AspNetCore version bump from 2.67 to 2.80
Line 18 has a comment <!-- Keeping Grpc.AspNetCore* to 2.67 due to https://github.com/grpc/grpc/issues/38538 --> that explicitly states the package should be pinned to version 2.67 due to a known gRPC issue. However, the PR bumps Grpc.AspNetCore and Grpc.AspNetCore.HealthChecks from 2.67.0 to 2.80.0 on lines 19-20 without updating or removing this comment. This creates two problems: (1) if the referenced issue is still relevant, this upgrade could re-introduce the bug; (2) if the issue has been resolved, the now-stale comment will mislead future developers into thinking the version is still pinned at 2.67 and discourage further upgrades.
Prompt for agents
The comment on line 18 of src/cart/src/cart.csproj says the Grpc.AspNetCore packages are pinned to 2.67 due to https://github.com/grpc/grpc/issues/38538, but the PR bumps them to 2.80.0. Either: (1) verify that the referenced issue (grpc/grpc#38538) has been fixed in a version <= 2.80.0, and if so remove or update the comment to note the issue has been resolved; or (2) if the issue is still open, revert the version back to 2.67.0.
Was this helpful? React with 👍 or 👎 to provide feedback.
| <PackageReference Include="Grpc.Net.Client" Version="2.76.0" /> | ||
| <PackageReference Include="Microsoft.AspNetCore.TestHost" Version="10.0.7" /> | ||
| <PackageReference Include="Microsoft.NET.Test.Sdk" Version="18.5.0" /> | ||
| <PackageReference Include="Grpc.Net.Client" Version="2.80.0" /> |
There was a problem hiding this comment.
📝 Info: Grpc package versions are now consistent across projects
The PR aligns Grpc-related package versions across all three project files to 2.80.0: Grpc.Tools in Accounting.csproj:15, Grpc.AspNetCore and Grpc.AspNetCore.HealthChecks in cart.csproj:19-20, and Grpc.Net.Client in cart.tests.csproj:8. Previously, these were at different versions (2.68.1, 2.67.0, and 2.76.0 respectively). The alignment to a single version is a positive consistency improvement, though the stale pinning comment in cart.csproj should be addressed.
Was this helpful? React with 👍 or 👎 to provide feedback.
Updated Google.Protobuf from 3.34.1 to 3.35.0.
Release notes
Sourced from Google.Protobuf's releases.
No release notes found for this version range.
Commits viewable in compare view.
Updated Grpc.AspNetCore from 2.67.0 to 2.80.0.
Release notes
Sourced from Grpc.AspNetCore's releases.
2.80.0
What's Changed
New Contributors
Full Changelog: grpc/grpc-dotnet@v2.76.0...v2.80.0
2.80.0-pre1
What's Changed
New Contributors
Full Changelog: grpc/grpc-dotnet@v2.76.0...v2.80.0-pre1
2.76.0
What's Changed
New Contributors
Full Changelog: grpc/grpc-dotnet@v2.71.0...v2.76.0
2.76.0-pre1
What's Changed
New Contributors
Full Changelog: grpc/grpc-dotnet@v2.71.0...v2.76.0-pre1
2.71.0
What's Changed
Full Changelog: grpc/grpc-dotnet@v2.70.0...v2.71.0
2.71.0-pre1
What's Changed
Full Changelog: grpc/grpc-dotnet@v2.70.0...v2.71.0-pre1
2.70.0
What's Changed
await usingforpackageVersionStreamto ensure proper disposal of async resources by @dexcompiler in Refactor: Useawait usingforpackageVersionStreamto ensure proper disposal of async resources grpc/grpc-dotnet#2521New Contributors
await usingforpackageVersionStreamto ensure proper disposal of async resources grpc/grpc-dotnet#2521Full Changelog: grpc/grpc-dotnet@v2.67.0...v2.70.0
Commits viewable in compare view.
Updated Grpc.AspNetCore.HealthChecks from 2.67.0 to 2.80.0.
Release notes
Sourced from Grpc.AspNetCore.HealthChecks's releases.
2.80.0
What's Changed
New Contributors
Full Changelog: grpc/grpc-dotnet@v2.76.0...v2.80.0
2.80.0-pre1
What's Changed
New Contributors
Full Changelog: grpc/grpc-dotnet@v2.76.0...v2.80.0-pre1
2.76.0
What's Changed
New Contributors
Full Changelog: grpc/grpc-dotnet@v2.71.0...v2.76.0
2.76.0-pre1
What's Changed
New Contributors
Full Changelog: grpc/grpc-dotnet@v2.71.0...v2.76.0-pre1
2.71.0
What's Changed
Full Changelog: grpc/grpc-dotnet@v2.70.0...v2.71.0
2.71.0-pre1
What's Changed
Full Changelog: grpc/grpc-dotnet@v2.70.0...v2.71.0-pre1
2.70.0
What's Changed
await usingforpackageVersionStreamto ensure proper disposal of async resources by @dexcompiler in Refactor: Useawait usingforpackageVersionStreamto ensure proper disposal of async resources grpc/grpc-dotnet#2521New Contributors
await usingforpackageVersionStreamto ensure proper disposal of async resources grpc/grpc-dotnet#2521Full Changelog: grpc/grpc-dotnet@v2.67.0...v2.70.0
Commits viewable in compare view.
Updated Grpc.Net.Client from 2.76.0 to 2.80.0.
Release notes
Sourced from Grpc.Net.Client's releases.
2.80.0
What's Changed
New Contributors
Full Changelog: grpc/grpc-dotnet@v2.76.0...v2.80.0
2.80.0-pre1
What's Changed
New Contributors
Full Changelog: grpc/grpc-dotnet@v2.76.0...v2.80.0-pre1
Commits viewable in compare view.
Updated Grpc.Tools from 2.68.1 to 2.80.0.
Release notes
Sourced from Grpc.Tools's releases.
No release notes found for this version range.
Commits viewable in compare view.
Updated Microsoft.AspNetCore.TestHost from 10.0.7 to 10.0.8.
Release notes
Sourced from Microsoft.AspNetCore.TestHost's releases.
No release notes found for this version range.
Commits viewable in compare view.
Updated Microsoft.Extensions.Logging from 10.0.7 to 10.0.8.
Release notes
Sourced from Microsoft.Extensions.Logging's releases.
No release notes found for this version range.
Commits viewable in compare view.
Updated Microsoft.NET.Test.Sdk from 18.5.0 to 18.6.0.
Release notes
Sourced from Microsoft.NET.Test.Sdk's releases.
18.6.0
What's Changed
Changes to tests and infra
... (truncated)
18.5.1
What's Changed
Full Changelog: microsoft/vstest@v18.5.0...v18.5.1
Commits viewable in compare view.
Updated OpenFeature from 2.12.0 to 2.13.0.
Release notes
Sourced from OpenFeature's releases.
2.13.0
2.13.0 (2026-04-30)
🐛 Bug Fixes
✨ New Features
Commits viewable in compare view.
Updated OpenFeature.Hosting from 2.12.0 to 2.13.0.
Release notes
Sourced from OpenFeature.Hosting's releases.
2.13.0
2.13.0 (2026-04-30)
🐛 Bug Fixes
✨ New Features
Commits viewable in compare view.
Updated OpenFeature.Providers.Flagd from 0.6.0 to 0.6.1.
Updated StackExchange.Redis from 2.12.14 to 2.13.1.
Release notes
Sourced from StackExchange.Redis's releases.
No release notes found for this version range.
Commits viewable in compare view.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditionsSummary by cubic
Upgrade core dependencies in accounting and cart to current minor/patch releases, including the gRPC stack, Protobuf, OpenFeature, Redis, and test/logging tooling. This removes the old gRPC pin in cart and picks up bug fixes and .NET compatibility updates.
Grpc.AspNetCore,Grpc.AspNetCore.HealthChecks,Grpc.Net.Client,Grpc.ToolsGoogle.Protobufto 3.35.0OpenFeature,OpenFeature.Hosting;OpenFeature.Providers.Flagdto 0.6.1StackExchange.Redisto 2.13.1Microsoft.NET.Test.Sdk18.6.0,Microsoft.AspNetCore.TestHost10.0.8Microsoft.Extensions.Loggingto 10.0.8Written for commit ef39c6a. Summary will update on new commits. Review in cubic