Skip to content

Bump the nuget group with 1 update#26

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/nuget/ContosoPizza/nuget-8b4cb3573d
Open

Bump the nuget group with 1 update#26
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/nuget/ContosoPizza/nuget-8b4cb3573d

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown

Updated Microsoft.OpenApi from 3.0.0 to 3.5.4.

Release notes

Sourced from Microsoft.OpenApi's releases.

3.5.4

3.5.4 (2026-05-26)

Bug Fixes

  • library: handle circular schema references (b3cd42b)
  • library: handle circular schema references (91a989f)

3.5.3

3.5.3 (2026-04-27)

Bug Fixes

  • null reference exception for boolean component schemas (f97f91a)
  • null reference exception for boolean component schemas (fe0b50a)
  • schema: support boolean schemas in deserializer for OpenAPI 3.1/3.2 (05b44be)

Performance Improvements

  • schema: optimize boolean schema deserialization (7316e3f)

3.5.2

3.5.2 (2026-04-14)

Bug Fixes

  • hidi: update Microsoft.OpenApi.OData to 3.2.1 (b0a68fb)
  • hidi: update Microsoft.OpenApi.OData to 3.2.1 (8c22ab2), closes #​2811

3.5.1

3.5.1 (2026-03-31)

Bug Fixes

  • security scheme references serialization (a5acb89)

3.5.0

3.5.0 (2026-03-20)

Features

  • library: add Extensions support for schema references in v3.1/v3.2; add SerializeAsV32 with loop detection (9b422bf)

Bug Fixes

  • a bug where path parameter validation would fail if they contained forbidden JSON pointer characters (ef55b2c)
  • a bug where path parameter validation would fail if they contained forbidden JSON pointer characters (4b3164a)
  • double encoding of json pointer for invalid reference rule (b246cd0)
  • encoding of special characters for JSON paths (4c757e1)
  • library: do not emit unevaluatedProperties for non-object schemas (852fb4c)
  • library: do not emit unevaluatedProperties for non-object schemas (19538aa)
  • library: enforce spec-compliant $ref serialization; add Extensions support for schema references in v3.1/v3.2 (9bf61de)
  • potential double encoding of paths (471a61a)

3.4.0

3.4.0 (2026-03-04)

Features

  • library: preserve PatternProperties as x-jsonschema-patternProperties extension for OpenAPI v2/v3.0 serialization (d969fdc)
  • library: Preserve PatternProperties via x-jsonschema-patternProperties extension for OpenAPI v2/v3.0 (16ab5e4)
  • securityscheme: add oauth2MetadataUrl support (OpenAPI 3.2) (4509488)

Bug Fixes

  • implement unevaluatedProperties as schema per JSON Schema 2020-12 (#​2728) (7c13fb3)
  • library: serialize additionalProperties schema in OpenAPI V2 (f3165fa)
  • library: serialize additionalProperties schema in OpenAPI V2 documents (3d07756)
  • optimize parsing V3.1 documents by reducing GetLocation method allocation on hot path(#​2748) (f690681)

3.3.1

3.3.1 (2026-01-22)

Features

Bug Fixes

  • broken binary compatibility due to interface changes in previous version (d96bba7)

3.3.0

3.3.0 (2026-01-21)

Features

  • models: add shared Content interface (9e13b25)
  • models: add shared Content interface (#​2695) (9e13b25)
  • models: support mutualTLS security scheme (a4efdfe)

3.2.0

3.2.0 (2026-01-19)

Features

  • hidi validate command now logs warnings (76a3c0f)
  • hidi validate command now logs warnings (62e7d56)

Bug Fixes

  • discriminator property validation fails any/allOf cases when it shouldn't (fb6cecc)
  • discriminator property validation fails any/allOf cases when it shouldn't (a8fb81c)

3.1.3

3.1.3 (2026-01-16)

Bug Fixes

  • Support custom tag ordering (008576c)
  • Support custom tag ordering (7610d07)

3.1.2

3.1.2 (2026-01-06)

Bug Fixes

  • correct error pointer when extension parser throws OpenApiException (43c75a9)
  • wrap extension parser calls in try-catch to ensure correct error pointers (50b44aa)

3.1.1

3.1.1 (2025-12-18)

Bug Fixes

  • schema: always serialize additionalProperties: false (6651c36)
  • schema: always serialize additionalProperties: false (e36fc95)

3.1.0

3.1.0 (2025-12-17)

Features

  • Add type: "null" downcasting when in oneOf and anyOf for OpenAPI v3 (782cf8d)

3.0.3

3.0.3 (2025-12-16)

Bug Fixes

  • load JSON documents that are preceded by multiple whitespace (6461bac)
  • non-seekable json streams would fail to load as a document (2436d73)
  • reading streams in an asp.net context would cause async exceptions (f9e5248)

3.0.2

3.0.2 (2025-12-08)

Bug Fixes

  • additional properties serialization should not emit a schema in v2 (946cba9)
  • additional properties serialization should not emit booleans in v3.1+ (946cba9)

3.0.1

3.0.1 (2025-11-17)

Bug Fixes

  • empty strings should be quoted in yaml (8d215f9)
  • empty strings should be quoted in yaml (0ca10db)

Commits viewable in compare view.

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps Microsoft.OpenApi from 3.0.0 to 3.5.4

---
updated-dependencies:
- dependency-name: Microsoft.OpenApi
  dependency-version: 3.5.4
  dependency-type: direct:production
  dependency-group: nuget
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file .NET Pull requests that update .NET code labels Jul 1, 2026
@socket-security

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security
Vulnerability Quality Maintenance License
Updatednuget/​microsoft.openapi@​3.0.0 ⏵ 3.5.498100 +1690100100

View full report

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file .NET Pull requests that update .NET code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Update Microsoft.OpenApi.OData to 3.2.1 on main (OpenAPI 3.2)

0 participants