Bump Aspire.Hosting.RabbitMQ from 13.4.3 to 13.4.6#4200
Conversation
--- updated-dependencies: - dependency-name: Aspire.Hosting.RabbitMQ dependency-version: 13.4.6 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
There was a problem hiding this comment.
No application code in the PR — skipped Code Health checks.
See analysis details in CodeScene
Quality Gate Profile: Clean Code Collective
Install CodeScene MCP: safeguard and uplift AI-generated code. Catch issues early with our IDE extension and CLI tool.
Review: Bump Aspire.Hosting.RabbitMQ 13.4.3 → 13.4.6Reviewed the diff against Verdict: LGTM ✅ (already merged) Findings
Notes / Test coverage
Nothing actionable — straightforward, well-scoped dependency maintenance. |
Updated Aspire.Hosting.RabbitMQ from 13.4.3 to 13.4.6.
Release notes
Sourced from Aspire.Hosting.RabbitMQ's releases.
13.4.6
What's New in Aspire 13.4.6
Patch release for Aspire 13.4 fixing polyglot AppHost code generation binding when CLI and SDK versions diverge, resource service port collision in
--isolatedmode, and a MongoDB.Driver dependency update.🐛 Fixes
🔗 Polyglot AppHost code generation silently failed when CLI and SDK versions diverged —
Aspire.TypeSystemused a floating strong-nameAssemblyVersionthat changed with every build. When the installed Aspire CLI was built at a different version than the AppHost's SDK, the CLR couldn't satisfy the strong-name bind and every code generator (TypeScript, Python, Java, Go, Rust) was silently dropped, surfacing asNo code generator found for language: <lang>. TheAssemblyVersionis now frozen at a stable constant so any compatible CLI/SDK pair on 13.4 binds successfully. Relates to #18110 and #17910. (#18160,@sebastienros)🔌 Multiple AppHosts started with
--isolatedcollided on the resource service port — Both instances tried to bind to the same fixed port fromASPIRE_RESOURCE_SERVICE_ENDPOINT_URL, causing an "address already in use" error on the second instance.DashboardServiceHostnow binds to port 0 on loopback whenRandomizePortsis true (set by--isolated), letting the OS assign a unique port per instance. (#18341,@JamesNK)🍃 MongoDB.Driver updated to 3.9.0 — Removes a wrongly pinned
SharpCompresstransitive dependency and uses the correctedSnappiertransitive. Fixes #17981. (#18279,@Falco20019)🏷️ Housekeeping
Full Changelog: v13.4.5...v13.4.6
Full commit: 87fe259e4fc244c599019a7b1304c85a1488f248
13.4.5
What's New in Aspire 13.4.5
Patch release for Aspire 13.4 clearing a transitive MessagePack security advisory, tightening CLI validation for Playwright configuration, and adding coding-agent detection to CLI telemetry.
🐛 Fixes
MessagePackFormatteror LZ4 — all StreamJsonRpc calls useSystemTextJsonFormatterover local Unix sockets — so the vulnerability was not reachable in practice. The bump clears the NU1903 warning for consumers of theAspire.Hostingpackage. (#18204,@mitchdenny)playwrightCliVersionvalues that are not valid SemVer 2.0 now fail fast with a clear diagnostic — Previously an invalid override (range expression, dist-tag likelatest, or av-prefixed string) would surface as a generic npm resolution failure. The value is now validated with strict SemVer parsing at startup; an error naming the configuration key and the offending value is emitted immediately. (#18205,@mitchdenny)copilot-cli. (#18240,@damianedwards)🏷️ Housekeeping
@microsoft/aspire-clinpm package README to be TypeScript-only — updated examples to the currentts-startertemplate (apphost.mts/aspire.mjs), added a backing-services snippet showingaspire addfor PostgreSQL and Redis, and documentedaspire dashboard runas a standalone dashboard option. (#18221,@adamint)Full Changelog: v13.4.4...v13.4.5
Full commit: 73114e86c64aeb9f3f3c7da8e37df1ae4281b27e
13.4.4
What's New in Aspire 13.4.4
Patch release for Aspire 13.4 with improved DCP connection reliability during request execution and consistent
ExcludeFromMcp()filtering across all CLI MCP tools.🐛 Fixes
@karolz-ms)ExcludeFromMcp()were not consistently filtered from CLI MCP tools — Resources with theresource.excludeFromMcpproperty were not excluded uniformly from all CLI MCP tool results.list_resources,list_console_logs,execute_resource_command,list_structured_logs,list_traces, andlist_trace_structured_logsall now honor the exclusion, preventing excluded resources and their telemetry from appearing in agent context. (#18150,@JamesNK)🏷️ Housekeeping
@adamratzman)Full Changelog: v13.4.3...v13.4.4
Full commit: ccc566c5ab3285c9beb8f38ede34734bb477c029
Commits viewable in compare view.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)