Bump the aspire-packages group with 7 updates

[dependabot]

Updated Aspire.AppHost.Sdk from 13.2.2 to 13.3.5.

Release notes

Sourced from Aspire.AppHost.Sdk's releases.

13.3.5

What's New in Aspire 13.3.5

Patch release for Aspire 13.3 with fixes for the Azure provisioning location prompt and an Aspire CLI named-pipe timeout on Linux with .NET SDK 10.0.300.

🐛 Fixes

• 📍 Azure provisioning location prompt not populated — Selecting an existing resource group during aspire publish now correctly populates dependent server-controlled fields (such as Location). Previously, server-provided values for disabled inputs were discarded, leaving those fields blank. (#​17278, backported via #​17291)
• 🔧 Aspire CLI named-pipe timeout on Linux with .NET SDK 10.0.300 — The Aspire CLI was forcing DOTNET_CLI_USE_MSBUILD_SERVER=1 for all dotnet run/dotnet build invocations. On Linux with SDK 10.0.300 this caused a named-pipe timeout that prevented aspire run from building the AppHost. The forced override has been removed so the SDK chooses MSBuild server behavior. Fixes #​16849. (#​17313, backported via #​17314)

🏷️ Housekeeping

• ⬆️ Skipped log publish for WinGet/Homebrew installer pipeline jobs to fix Prepare Installers stage failures (#​17134)
• 🚀 Bumped branding to 13.3.5 (#​17315)

---

Full Changelog: microsoft/aspire@v13.3.4...v13.3.5

Full commit: 70b33bcb5f64c75e3ab6f57616545f35bd43dc81

Generated by Generate release notes for a new stable Aspire release · ● 4.3M

13.3.4

What's New in Aspire 13.3.4

Patch release for Aspire 13.3 with a fix for the Aspire skill description exceeding agent host limits.

🐛 Fixes

• 📝 Aspire skill description too long for agent hosts — The SKILL.md generated by aspire agent init included a frontmatter description that exceeded the 1024-character limit enforced by agent hosts such as Codex and Copilot CLI, causing the Aspire skill to fail to load. The bundled skill description has been shortened to stay within the limit. (#​17183, backported via #​17188)

🏷️ Housekeeping

• 🚀 Bumped branding to 13.3.4 (#​17215)

---

Full commit: 75080796af797483231a9da2d1642b5130617565

Generated by Generate release notes for a new stable Aspire release · ● 3.6M

13.3.3

What's New in Aspire 13.3.3

Patch release for Aspire 13.3 with fixes for debug log level leaking into user resources, Keycloak HTTPS endpoint token invalidation, and endpoint materialization in HostResourceWithEndpoints.

🐛 Fixes

• 🔇 Debug log level leaking into user resources — Logging__LogLevel__Default=Debug set by the app host was being inherited by all user resources, silently changing their logging verbosity. The app host now uses ASPIRE_APPHOST_LOGLEVEL instead, which is scoped to Aspire processes only. (#​17071, backported via #​17078)
• 🔑 Keycloak HTTPS primary endpoint — Fixed a regression where Keycloak tokens became invalid after an app host restart because the HTTPS endpoint port was dynamic. When developer certificates are enabled, Keycloak's primary endpoint is now upgraded to HTTPS directly, and the endpoint name is set to http to enable standard http+https:// service discovery URLs. (#​17058, backported via #​17063)
• 🔌 Endpoint materialization in HostResourceWithEndpoints — Endpoints configured via HostResourceWithEndpoints are now correctly materialized, ensuring endpoint resolution and service discovery work as expected. (#​17091, backported via #​17092)

🏷️ Housekeeping

• ⬆️ Bumped DCP (Microsoft.DeveloperControlPlane) from 0.23.5 → 0.23.6 — includes fixes for Kubernetes OpenAPI generator types that caused [SHOULD NOT HAPPEN] failed to update managedFields errors. (#​17070)
• 🚀 Bumped branding to 13.3.3 (#​17088)

---

Full commit: a4615e7c6def6cba4703cdbd84009cd3da9a261b

13.3.2

What's New in Aspire 13.3.2

Patch release for Aspire 13.3 with a fix for container tunnel startup when tunnel-dependent containers use WaitFor().

🐛 Fixes

• 🚇 Fix WaitFor() for tunnel-dependent containers — The container tunnel implementation that shipped in Aspire 13.3 deadlocked at startup when tunnel-using containers waited on other resources, because resource waits blocked ResourceStarting before the tunnel initialization could complete. Container and tunnel startup have been refactored to cooperate correctly, and additional tunnel-dependent containers can now be started at any point during the application lifecycle. Also improves error reporting for container tunnel failures. (#​16988, backported via #​16993)

🏷️ Housekeeping

• 🚀 Bumped branding to 13.3.2 (#​17053)

13.3.1

Aspire 13.3.1

What's New in Aspire 13.3.1

Patch release for Aspire 13.3 with a regression fix for aspire run and a DCP bump.

🐛 Fixes

• 🏃 aspire run compute environment validation — Skip compute environment validation in run mode so customers no longer hit Resource '<name>' is configured to publish as an Azure Container App, but there are no 'AzureContainerAppEnvironmentResource' resources. Ensure you have added one by calling 'AddAzureContainerAppEnvironment'. errors during local runs. The check is now only performed in publish mode, matching pre-13.3 behavior. (#​16945, backported via #​16952)

🏷️ Housekeeping

• ⬆️ Bumped DCP (Microsoft.DeveloperControlPlane) from 0.23.4 → 0.23.5 (#​16944)
• 🌐 Updated localization resources (#​16602)
• 🚀 Bumped branding to 13.3.1 (#​16951)

13.3.0

Aspire 13.3.0

Aspire 13.3 is here! 🚀 This release is packed with new ways to deploy, debug, and build distributed apps — including aspire destroy, browser telemetry in the dashboard, Kubernetes deployment, first-class JavaScript publishing, and major TypeScript AppHost parity
improvements.

Highlights

• 🧹 Clean teardown — New aspire destroy tears down Azure, Kubernetes, and Docker Compose deployments, and pipeline summaries make deploy/publish/destroy runs easier to follow.
• 🔍 Frontend telemetry — Aspire.Hosting.Browsers captures browser console logs, network requests, and screenshots right in the Aspire dashboard.
• ☸️ Kubernetes deploy preview — aspire deploy can now generate Helm-based Kubernetes deployments, with first-class Ingress and Gateway API routing.
• 🟨 JavaScript publishing — New PublishAs* methods support static sites, Node servers, npm-script apps, Next.js, Vite, Bun, Yarn, and pnpm.
• 🌐 TypeScript AppHost parity — Unified withEnvironment, Docker Compose hooks, endpoint expressions, Azure Container Apps domains, and more close the gap with C# AppHosts.
• 🛠️ CLI upgrades — Run the standalone dashboard with aspire dashboard run, install the CLI as a NativeAOT dotnet tool, and search API docs from the terminal.
• ☁️ Azure goodness — New Azure Front Door, Network Security Perimeter, AKS, private endpoint, and Foundry Prompt Agent support.
• 🐳 Better containers — The Aspire container tunnel is now enabled by default for consistent host connectivity across Docker Desktop, Docker Engine, and Podman.

⚠️ Breaking changes

Notable breaking changes include --log-level becoming --pipeline-log-level, the dashboard MCP server being replaced by aspire agent init, dotnet new aspire-py-starter moving to aspire new aspire-py-starter, and several API shape updates across AKS,
Foundry, JavaScript diagnostics, and TypeScript AppHost helpers.

See the full list in the Aspire 13.3 breaking changes.

📖 Learn more

For the full details, examples, migration guidance, and everything new in this release, check out What's new in Aspire 13.3.

Thank you to all the community contributors who helped make Aspire 13.3 possible! 💜

13.2.4

Aspire 13.2.4

What's New in Aspire 13.2.4

Patch release addressing a security advisory in OpenTelemetry dependencies.

🐛 Fixes

• 🔒 Bumped OpenTelemetry dependencies to address CVE-2026-40894 (#​16420)

🏷️ Housekeeping

• 🚀 Bumped branding to
  13.2.4 (#​16436)

13.2.3

What's New in Aspire 13.2.3

Patch release focused on CLI packaging, signing, and reliability fixes.

🐛 Fixes

• 🛑 aspire stop now properly cleans up application containers on Windows (#​16123)
• 🔐 Fixed macOS signing, permissions, and certificate trust with improved CI verification (#​16053)
• ✍️ Fixed signing for the aspire-managed bundle payload (#​16211)
• 🎭 Fixed Playwright CLI provenance verification for the new tag format (#​16134)
• 🧭 Updated service discovery environment variables (#​16223)

🔧 Improvements

• 📊 Removed telemetry API data limits and refactored URL builders (#​16023)
• ⏱️ Increased native build + sign timeout to 60 minutes for reliability (#​16212)

🏷️ Housekeeping

• 🔖 Bumped branding to 13.2.3 (#​16181)
• 🧪 Temporarily disabled Verify CLI archive step on Windows while investigating (#​16276, #​16285)

Commits viewable in compare view.

Updated Aspire.Confluent.Kafka from 13.2.2 to 13.3.5.

Release notes

Sourced from Aspire.Confluent.Kafka's releases.

13.3.5

What's New in Aspire 13.3.5

Patch release for Aspire 13.3 with fixes for the Azure provisioning location prompt and an Aspire CLI named-pipe timeout on Linux with .NET SDK 10.0.300.

🐛 Fixes

• 📍 Azure provisioning location prompt not populated — Selecting an existing resource group during aspire publish now correctly populates dependent server-controlled fields (such as Location). Previously, server-provided values for disabled inputs were discarded, leaving those fields blank. (#​17278, backported via #​17291)
• 🔧 Aspire CLI named-pipe timeout on Linux with .NET SDK 10.0.300 — The Aspire CLI was forcing DOTNET_CLI_USE_MSBUILD_SERVER=1 for all dotnet run/dotnet build invocations. On Linux with SDK 10.0.300 this caused a named-pipe timeout that prevented aspire run from building the AppHost. The forced override has been removed so the SDK chooses MSBuild server behavior. Fixes #​16849. (#​17313, backported via #​17314)

🏷️ Housekeeping

• ⬆️ Skipped log publish for WinGet/Homebrew installer pipeline jobs to fix Prepare Installers stage failures (#​17134)
• 🚀 Bumped branding to 13.3.5 (#​17315)

---

Full Changelog: microsoft/aspire@v13.3.4...v13.3.5

Full commit: 70b33bcb5f64c75e3ab6f57616545f35bd43dc81

Generated by Generate release notes for a new stable Aspire release · ● 4.3M

13.3.4

What's New in Aspire 13.3.4

Patch release for Aspire 13.3 with a fix for the Aspire skill description exceeding agent host limits.

🐛 Fixes

• 📝 Aspire skill description too long for agent hosts — The SKILL.md generated by aspire agent init included a frontmatter description that exceeded the 1024-character limit enforced by agent hosts such as Codex and Copilot CLI, causing the Aspire skill to fail to load. The bundled skill description has been shortened to stay within the limit. (#​17183, backported via #​17188)

🏷️ Housekeeping

• 🚀 Bumped branding to 13.3.4 (#​17215)

---

Full commit: 75080796af797483231a9da2d1642b5130617565

Generated by Generate release notes for a new stable Aspire release · ● 3.6M

13.3.3

What's New in Aspire 13.3.3

Patch release for Aspire 13.3 with fixes for debug log level leaking into user resources, Keycloak HTTPS endpoint token invalidation, and endpoint materialization in HostResourceWithEndpoints.

🐛 Fixes

• 🔇 Debug log level leaking into user resources — Logging__LogLevel__Default=Debug set by the app host was being inherited by all user resources, silently changing their logging verbosity. The app host now uses ASPIRE_APPHOST_LOGLEVEL instead, which is scoped to Aspire processes only. (#​17071, backported via #​17078)
• 🔑 Keycloak HTTPS primary endpoint — Fixed a regression where Keycloak tokens became invalid after an app host restart because the HTTPS endpoint port was dynamic. When developer certificates are enabled, Keycloak's primary endpoint is now upgraded to HTTPS directly, and the endpoint name is set to http to enable standard http+https:// service discovery URLs. (#​17058, backported via #​17063)
• 🔌 Endpoint materialization in HostResourceWithEndpoints — Endpoints configured via HostResourceWithEndpoints are now correctly materialized, ensuring endpoint resolution and service discovery work as expected. (#​17091, backported via #​17092)

🏷️ Housekeeping

• ⬆️ Bumped DCP (Microsoft.DeveloperControlPlane) from 0.23.5 → 0.23.6 — includes fixes for Kubernetes OpenAPI generator types that caused [SHOULD NOT HAPPEN] failed to update managedFields errors. (#​17070)
• 🚀 Bumped branding to 13.3.3 (#​17088)

---

Full commit: a4615e7c6def6cba4703cdbd84009cd3da9a261b

13.3.2

What's New in Aspire 13.3.2

Patch release for Aspire 13.3 with a fix for container tunnel startup when tunnel-dependent containers use WaitFor().

🐛 Fixes

• 🚇 Fix WaitFor() for tunnel-dependent containers — The container tunnel implementation that shipped in Aspire 13.3 deadlocked at startup when tunnel-using containers waited on other resources, because resource waits blocked ResourceStarting before the tunnel initialization could complete. Container and tunnel startup have been refactored to cooperate correctly, and additional tunnel-dependent containers can now be started at any point during the application lifecycle. Also improves error reporting for container tunnel failures. (#​16988, backported via #​16993)

🏷️ Housekeeping

• 🚀 Bumped branding to 13.3.2 (#​17053)

13.3.1

Aspire 13.3.1

What's New in Aspire 13.3.1

Patch release for Aspire 13.3 with a regression fix for aspire run and a DCP bump.

🐛 Fixes

• 🏃 aspire run compute environment validation — Skip compute environment validation in run mode so customers no longer hit Resource '<name>' is configured to publish as an Azure Container App, but there are no 'AzureContainerAppEnvironmentResource' resources. Ensure you have added one by calling 'AddAzureContainerAppEnvironment'. errors during local runs. The check is now only performed in publish mode, matching pre-13.3 behavior. (#​16945, backported via #​16952)

🏷️ Housekeeping

• ⬆️ Bumped DCP (Microsoft.DeveloperControlPlane) from 0.23.4 → 0.23.5 (#​16944)
• 🌐 Updated localization resources (#​16602)
• 🚀 Bumped branding to 13.3.1 (#​16951)

13.3.0

Aspire 13.3.0

Aspire 13.3 is here! 🚀 This release is packed with new ways to deploy, debug, and build distributed apps — including aspire destroy, browser telemetry in the dashboard, Kubernetes deployment, first-class JavaScript publishing, and major TypeScript AppHost parity
improvements.

Highlights

• 🧹 Clean teardown — New aspire destroy tears down Azure, Kubernetes, and Docker Compose deployments, and pipeline summaries make deploy/publish/destroy runs easier to follow.
• 🔍 Frontend telemetry — Aspire.Hosting.Browsers captures browser console logs, network requests, and screenshots right in the Aspire dashboard.
• ☸️ Kubernetes deploy preview — aspire deploy can now generate Helm-based Kubernetes deployments, with first-class Ingress and Gateway API routing.
• 🟨 JavaScript publishing — New PublishAs* methods support static sites, Node servers, npm-script apps, Next.js, Vite, Bun, Yarn, and pnpm.
• 🌐 TypeScript AppHost parity — Unified withEnvironment, Docker Compose hooks, endpoint expressions, Azure Container Apps domains, and more close the gap with C# AppHosts.
• 🛠️ CLI upgrades — Run the standalone dashboard with aspire dashboard run, install the CLI as a NativeAOT dotnet tool, and search API docs from the terminal.
• ☁️ Azure goodness — New Azure Front Door, Network Security Perimeter, AKS, private endpoint, and Foundry Prompt Agent support.
• 🐳 Better containers — The Aspire container tunnel is now enabled by default for consistent host connectivity across Docker Desktop, Docker Engine, and Podman.

⚠️ Breaking changes

Notable breaking changes include --log-level becoming --pipeline-log-level, the dashboard MCP server being replaced by aspire agent init, dotnet new aspire-py-starter moving to aspire new aspire-py-starter, and several API shape updates across AKS,
Foundry, JavaScript diagnostics, and TypeScript AppHost helpers.

See the full list in the Aspire 13.3 breaking changes.

📖 Learn more

For the full details, examples, migration guidance, and everything new in this release, check out What's new in Aspire 13.3.

Thank you to all the community contributors who helped make Aspire 13.3 possible! 💜

13.2.4

Aspire 13.2.4

What's New in Aspire 13.2.4

Patch release addressing a security advisory in OpenTelemetry dependencies.

🐛 Fixes

• 🔒 Bumped OpenTelemetry dependencies to address CVE-2026-40894 (#​16420)

🏷️ Housekeeping

• 🚀 Bumped branding to
  13.2.4 (#​16436)

13.2.3

What's New in Aspire 13.2.3

Patch release focused on CLI packaging, signing, and reliability fixes.

🐛 Fixes

• 🛑 aspire stop now properly cleans up application containers on Windows (#​16123)
• 🔐 Fixed macOS signing, permissions, and certificate trust with improved CI verification (#​16053)
• ✍️ Fixed signing for the aspire-managed bundle payload (#​16211)
• 🎭 Fixed Playwright CLI provenance verification for the new tag format (#​16134)
• 🧭 Updated service discovery environment variables (#​16223)

🔧 Improvements

• 📊 Removed telemetry API data limits and refactored URL builders (#​16023)
• ⏱️ Increased native build + sign timeout to 60 minutes for reliability (#​16212)

🏷️ Housekeeping

• 🔖 Bumped branding to 13.2.3 (#​16181)
• 🧪 Temporarily disabled Verify CLI archive step on Windows while investigating (#​16276, #​16285)

Commits viewable in compare view.

Updated Aspire.Hosting from 13.2.2 to 13.3.5.

Release notes

Sourced from Aspire.Hosting's releases.

13.3.5

What's New in Aspire 13.3.5

Patch release for Aspire 13.3 with fixes for the Azure provisioning location prompt and an Aspire CLI named-pipe timeout on Linux with .NET SDK 10.0.300.

🐛 Fixes

• 📍 Azure provisioning location prompt not populated — Selecting an existing resource group during aspire publish now correctly populates dependent server-controlled fields (such as Location). Previously, server-provided values for disabled inputs were discarded, leaving those fields blank. (#​17278, backported via #​17291)
• 🔧 Aspire CLI named-pipe timeout on Linux with .NET SDK 10.0.300 — The Aspire CLI was forcing DOTNET_CLI_USE_MSBUILD_SERVER=1 for all dotnet run/dotnet build invocations. On Linux with SDK 10.0.300 this caused a named-pipe timeout that prevented aspire run from building the AppHost. The forced override has been removed so the SDK chooses MSBuild server behavior. Fixes #​16849. (#​17313, backported via #​17314)

🏷️ Housekeeping

• ⬆️ Skipped log publish for WinGet/Homebrew installer pipeline jobs to fix Prepare Installers stage failures (#​17134)
• 🚀 Bumped branding to 13.3.5 (#​17315)

---

Full Changelog: microsoft/aspire@v13.3.4...v13.3.5

Full commit: 70b33bcb5f64c75e3ab6f57616545f35bd43dc81

Generated by Generate release notes for a new stable Aspire release · ● 4.3M

13.3.4

What's New in Aspire 13.3.4

Patch release for Aspire 13.3 with a fix for the Aspire skill description exceeding agent host limits.

🐛 Fixes

• 📝 Aspire skill description too long for agent hosts — The SKILL.md generated by aspire agent init included a frontmatter description that exceeded the 1024-character limit enforced by agent hosts such as Codex and Copilot CLI, causing the Aspire skill to fail to load. The bundled skill description has been shortened to stay within the limit. (#​17183, backported via #​17188)

🏷️ Housekeeping

• 🚀 Bumped branding to 13.3.4 (#​17215)

---

Full commit: 75080796af797483231a9da2d1642b5130617565

Generated by Generate release notes for a new stable Aspire release · ● 3.6M

13.3.3

What's New in Aspire 13.3.3

Patch release for Aspire 13.3 with fixes for debug log level leaking into user resources, Keycloak HTTPS endpoint token invalidation, and endpoint materialization in HostResourceWithEndpoints.

🐛 Fixes

• 🔇 Debug log level leaking into user resources — Logging__LogLevel__Default=Debug set by the app host was being inherited by all user resources, silently changing their logging verbosity. The app host now uses ASPIRE_APPHOST_LOGLEVEL instead, which is scoped to Aspire processes only. (#​17071, backported via #​17078)
• 🔑 Keycloak HTTPS primary endpoint — Fixed a regression where Keycloak tokens became invalid after an app host restart because the HTTPS endpoint port was dynamic. When developer certificates are enabled, Keycloak's primary endpoint is now upgraded to HTTPS directly, and the endpoint name is set to http to enable standard http+https:// service discovery URLs. (#​17058, backported via #​17063)
• 🔌 Endpoint materialization in HostResourceWithEndpoints — Endpoints configured via HostResourceWithEndpoints are now correctly materialized, ensuring endpoint resolution and service discovery work as expected. (#​17091, backported via #​17092)

🏷️ Housekeeping

• ⬆️ Bumped DCP (Microsoft.DeveloperControlPlane) from 0.23.5 → 0.23.6 — includes fixes for Kubernetes OpenAPI generator types that caused [SHOULD NOT HAPPEN] failed to update managedFields errors. (#​17070)
• 🚀 Bumped branding to 13.3.3 (#​17088)

---

Full commit: a4615e7c6def6cba4703cdbd84009cd3da9a261b

13.3.2

What's New in Aspire 13.3.2

Patch release for Aspire 13.3 with a fix for container tunnel startup when tunnel-dependent containers use WaitFor().

🐛 Fixes

• 🚇 Fix WaitFor() for tunnel-dependent containers — The container tunnel implementation that shipped in Aspire 13.3 deadlocked at startup when tunnel-using containers waited on other resources, because resource waits blocked ResourceStarting before the tunnel initialization could complete. Container and tunnel startup have been refactored to cooperate correctly, and additional tunnel-dependent containers can now be started at any point during the application lifecycle. Also improves error reporting for container tunnel failures. (#​16988, backported via #​16993)

🏷️ Housekeeping

• 🚀 Bumped branding to 13.3.2 (#​17053)

13.3.1

Aspire 13.3.1

What's New in Aspire 13.3.1

Patch release for Aspire 13.3 with a regression fix for aspire run and a DCP bump.

🐛 Fixes

• 🏃 aspire run compute environment validation — Skip compute environment validation in run mode so customers no longer hit Resource '<name>' is configured to publish as an Azure Container App, but there are no 'AzureContainerAppEnvironmentResource' resources. Ensure you have added one by calling 'AddAzureContainerAppEnvironment'. errors during local runs. The check is now only performed in publish mode, matching pre-13.3 behavior. (#​16945, backported via #​16952)

🏷️ Housekeeping

• ⬆️ Bumped DCP (Microsoft.DeveloperControlPlane) from 0.23.4 → 0.23.5 (#​16944)
• 🌐 Updated localization resources (#​16602)
• 🚀 Bumped branding to 13.3.1 (#​16951)

13.3.0

Aspire 13.3.0

Aspire 13.3 is here! 🚀 This release is packed with new ways to deploy, debug, and build distributed apps — including aspire destroy, browser telemetry in the dashboard, Kubernetes deployment, first-class JavaScript publishing, and major TypeScript AppHost parity
improvements.

Highlights

• 🧹 Clean teardown — New aspire destroy tears down Azure, Kubernetes, and Docker Compose deployments, and pipeline summaries make deploy/publish/destroy runs easier to follow.
• 🔍 Frontend telemetry — Aspire.Hosting.Browsers captures browser console logs, network requests, and screenshots right in the Aspire dashboard.
• ☸️ Kubernetes deploy preview — aspire deploy can now generate Helm-based Kubernetes deployments, with first-class Ingress and Gateway API routing.
• 🟨 JavaScript publishing — New PublishAs* methods support static sites, Node servers, npm-script apps, Next.js, Vite, Bun, Yarn, and pnpm.
• 🌐 TypeScript AppHost parity — Unified withEnvironment, Docker Compose hooks, endpoint expressions, Azure Container Apps domains, and more close the gap with C# AppHosts.
• 🛠️ CLI upgrades — Run the standalone dashboard with aspire dashboard run, install the CLI as a NativeAOT dotnet tool, and search API docs from the terminal.
• ☁️ Azure goodness — New Azure Front Door, Network Security Perimeter, AKS, private endpoint, and Foundry Prompt Agent support.
• 🐳 Better containers — The Aspire container tunnel is now enabled by default for consistent host connectivity across Docker Desktop, Docker Engine, and Podman.

⚠️ Breaking changes

Notable breaking changes include --log-level becoming --pipeline-log-level, the dashboard MCP server being replaced by aspire agent init, dotnet new aspire-py-starter moving to aspire new aspire-py-starter, and several API shape updates across AKS,
Foundry, JavaScript diagnostics, and TypeScript AppHost helpers.

See the full list in the Aspire 13.3 breaking changes.

📖 Learn more

For the full details, examples, migration guidance, and everything new in this release, check out What's new in Aspire 13.3.

Thank you to all the community contributors who helped make Aspire 13.3 possible! 💜

13.2.4

Aspire 13.2.4

What's New in Aspire 13.2.4

Patch release addressing a security advisory in OpenTelemetry dependencies.

🐛 Fixes

• 🔒 Bumped OpenTelemetry dependencies to address CVE-2026-40894 (#​16420)

🏷️ Housekeeping

• 🚀 Bumped branding to
  13.2.4 (#​16436)

13.2.3

What's New in Aspire 13.2.3

Patch release focused on CLI packaging, signing, and reliability fixes.

🐛 Fixes

• 🛑 aspire stop now properly cleans up application containers on Windows (#​16123)
• 🔐 Fixed macOS signing, permissions, and certificate trust with improved CI verification (#​16053)
• ✍️ Fixed signing for the aspire-managed bundle payload (#​16211)
• 🎭 Fixed Playwright CLI provenance verification for the new tag format (#​16134)
• 🧭 Updated service discovery environment variables (#​16223)

🔧 Improvements

• 📊 Removed telemetry API data limits and refactored URL builders (#​16023)
• ⏱️ Increased native build + sign timeout to 60 minutes for reliability (#​16212)

🏷️ Housekeeping

• 🔖 Bumped branding to 13.2.3 (#​16181)
• 🧪 Temporarily disabled Verify CLI archive step on Windows while investigating (#​16276, #​16285)

Commits viewable in compare view.

Updated Aspire.Hosting.Kafka from 13.2.2 to 13.3.5.

Release notes

Sourced from Aspire.Hosting.Kafka's releases.

13.3.5

What's New in Aspire 13.3.5

Patch release for Aspire 13.3 with fixes for the Azure provisioning location prompt and an Aspire CLI named-pipe timeout on Linux with .NET SDK 10.0.300.

🐛 Fixes

• 📍 Azure provisioning location prompt not populated — Selecting an existing resource group during aspire publish now correctly populates dependent server-controlled fields (such as Location). Previously, server-provided values for disabled inputs were discarded, leaving those fields blank. (#​17278, backported via #​17291)
• 🔧 Aspire CLI named-pipe timeout on Linux with .NET SDK 10.0.300 — The Aspire CLI was forcing DOTNET_CLI_USE_MSBUILD_SERVER=1 for all dotnet run/dotnet build invocations. On Linux with SDK 10.0.300 this caused a named-pipe timeout that prevented aspire run from building the AppHost. The forced override has been removed so the SDK chooses MSBuild server behavior. Fixes #​16849. (#​17313, backported via #​17314)

🏷️ Housekeeping

• ⬆️ Skipped log publish for WinGet/Homebrew installer pipeline jobs to fix Prepare Installers stage failures (#​17134)
• 🚀 Bumped branding to 13.3.5 (#​17315)

---

Full Changelog: microsoft/aspire@v13.3.4...v13.3.5

Full commit: 70b33bcb5f64c75e3ab6f57616545f35bd43dc81

Generated by Generate release notes for a new stable Aspire release · ● 4.3M

13.3.4

What's New in Aspire 13.3.4

Patch release for Aspire 13.3 with a fix for the Aspire skill description exceeding agent host limits.

🐛 Fixes

• 📝 Aspire skill description too long for agent hosts — The SKILL.md generated by aspire agent init included a frontmatter description that exceeded the 1024-character limit enforced by agent hosts such as Codex and Copilot CLI, causing the Aspire skill to fail to load. The bundled skill description has been shortened to stay within the limit. (#​17183, backported via #​17188)

🏷️ Housekeeping

• 🚀 Bumped branding to 13.3.4 (#​17215)

---

Full commit: 75080796af797483231a9da2d1642b5130617565

Generated by Generate release notes for a new stable Aspire release · ● 3.6M

13.3.3

What's New in Aspire 13.3.3

Patch release for Aspire 13.3 with fixes for debug log level leaking into user resources, Keycloak HTTPS endpoint token invalidation, and endpoint materialization in HostResourceWithEndpoints.

🐛 Fixes

• 🔇 Debug log level leaking into user resources — Logging__LogLevel__Default=Debug set by the app host was being inherited by all user resources, silently changing their logging verbosity. The app host now uses ASPIRE_APPHOST_LOGLEVEL instead, which is scoped to Aspire processes only. (#​17071, backported via #​17078)
• 🔑 Keycloak HTTPS primary endpoint — Fixed a regression where Keycloak tokens became invalid after an app host restart because the HTTPS endpoint port was dynamic. When developer certificates are enabled, Keycloak's primary endpoint is now upgraded to HTTPS directly, and the endpoint name is set to http to enable standard http+https:// service discovery URLs. (#​17058, backported via #​17063)
• 🔌 Endpoint materialization in HostResourceWithEndpoints — Endpoints configured via HostResourceWithEndpoints are now correctly materialized, ensuring endpoint resolution and service discovery work as expected. (#​17091, backported via #​17092)

🏷️ Housekeeping

• ⬆️ Bumped DCP (Microsoft.DeveloperControlPlane) from 0.23.5 → 0.23.6 — includes fixes for Kubernetes OpenAPI generator types that caused [SHOULD NOT HAPPEN] failed to update managedFields errors. (#​17070)
• 🚀 Bumped branding to 13.3.3 (#​17088)

---

Full commit: a4615e7c6def6cba4703cdbd84009cd3da9a261b

13.3.2

What's New in Aspire 13.3.2

Patch release for Aspire 13.3 with a fix for container tunnel startup when tunnel-dependent containers use WaitFor().

🐛 Fixes

• 🚇 Fix WaitFor() for tunnel-dependent containers — The container tunnel implementation that shipped in Aspire 13.3 deadlocked at startup when tunnel-using containers waited on other resources, because resource waits blocked ResourceStarting before the tunnel initialization could complete. Container and tunnel startup have been refactored to cooperate correctly, and additional tunnel-dependent containers can now be started at any point during the application lifecycle. Also improves error reporting for container tunnel failures. (#​16988, backported via #​16993)

🏷️ Housekeeping

• 🚀 Bumped branding to 13.3.2 (#​17053)

13.3.1

Aspire 13.3.1

What's New in Aspire 13.3.1

Patch release for Aspire 13.3 with a regression fix for aspire run and a DCP bump.

🐛 Fixes

• 🏃 aspire run compute environment validation — Skip compute environment validation in run mode so customers no longer hit Resource '<name>' is configured to publish as an Azure Container App, but there are no 'AzureContainerAppEnvironmentResource' resources. Ensure you have added one by calling 'AddAzureContainerAppEnvironment'. errors during local runs. The check is now only performed in publish mode, matching pre-13.3 behavior. (#​16945, backported via #​16952)

🏷️ Housekeeping

• ⬆️ Bumped DCP (Microsoft.DeveloperControlPlane) from 0.23.4 → 0.23.5 (#​16944)
• 🌐 Updated localization resources (#​16602)
• 🚀 Bumped branding to 13.3.1 (#​16951)

13.3.0

Aspire 13.3.0

Aspire 13.3 is here! 🚀 This release is packed with new ways to deploy, debug, and build distributed apps — including aspire destroy, browser telemetry in the dashboard, Kubernetes deployment, first-class JavaScript publishing, and major TypeScript AppHost parity
improvements.

Highlights

• 🧹 Clean teardown — New aspire destroy tears down Azure, Kubernetes, and Docker Compose deployments, and pipeline summaries make deploy/publish/destroy runs easier to follow.
• 🔍 Frontend telemetry — Aspire.Hosting.Browsers captures browser console logs, network requests, and screenshots right in the Aspire dashboard.
• ☸️ Kubernetes deploy preview — aspire deploy can now generate Helm-based Kubernetes deployments, with first-class Ingress and Gateway API routing.
• 🟨 JavaScript publishing — New PublishAs* methods support static sites, Node servers, npm-script apps, Next.js, Vite, Bun, Yarn, and pnpm.
• 🌐 TypeScript AppHost parity — Unified withEnvironment, Docker Compose hooks, endpoint expressions, Azure Container Apps domains, and more close the gap with C# AppHosts.
• 🛠️ CLI upgrades — Run the standalone dashboard with aspire dashboard run, install the CLI as a NativeAOT dotnet tool, and search API docs from the terminal.
• ☁️ Azure goodness — New Azure Front Door, Network Security Perimeter, AKS, private endpoint, and Foundry Prompt Agent support.
• 🐳 Better containers — The Aspire container tunnel is now enabled by default for consistent host connectivity across Docker Desktop, Docker Engine, and Podman.

⚠️ Breaking changes

Notable breaking changes include --log-level becoming --pipeline-log-level, the dashboard MCP server being replaced by aspire agent init, dotnet new aspire-py-starter moving to aspire new aspire-py-starter, and several API shape updates across AKS,
Foundry, JavaScript diagnostics, and TypeScript AppHost helpers.

See the full list in the Aspire 13.3 breaking changes.

📖 Learn more

For the full details, examples, migration guidance, and everything new in this release, check out What's new in Aspire 13.3.

Thank you to all the community contributors who helped make Aspire 13.3 possible! 💜

13.2.4

Aspire 13.2.4

What's New in Aspire 13.2.4

Patch release addressing a security advisory in OpenTelemetry dependencies.

🐛 Fixes

• 🔒 Bumped OpenTelemetry dependencies to address CVE-2026-40894 (#​16420)

🏷️ Housekeeping

• 🚀 Bumped branding to
  13.2.4 (#​16436)

13.2.3

What's New in Aspire 13.2.3

Patch release focused on CLI packaging, signing, and reliability fixes.

🐛 Fixes

• 🛑 aspire stop now properly cleans up application containers on Windows (#​16123)
• 🔐 Fixed macOS signing, permissions, and certificate trust with improved CI verification (#​16053)
• ✍️ Fixed signing for the aspire-managed bundle payload (#​16211)
• 🎭 Fixed Playwright CLI provenance verification for the new tag format (#​16134)
• 🧭 Updated service discovery environment variables (#​16223)

🔧 Improvements

• 📊 Removed telemetry API data limits and refactored URL builders (#​16023)
• ⏱️ Increased native build + sign timeout to 60 minutes for reliability (#​16212)

🏷️ Housekeeping

• 🔖 Bumped branding to 13.2.3 (#​16181)
• 🧪 Temporarily disabled Verify CLI archive step on Windows while investigating (#​16276, #​16285)

Commits viewable in compare view.

Updated Aspire.Hosting.RabbitMQ from 13.2.2 to 13.3.5.

Release notes

Sourced from Aspire.Hosting.RabbitMQ's releases.

13.3.5

What's New in Aspire 13.3.5

Patch release for Aspire 13.3 with fixes for the Azure provisioning location prompt and an Aspire CLI named-pipe timeout on Linux with .NET SDK 10.0.300.

🐛 Fixes

• 📍 Azure provisioning location prompt not populated — Selecting an existing resource group during aspire publish now correctly populates dependent server-controlled fields (such as Location). Previously, server-provided values for disabled inputs were discarded, leaving those fields blank. (#​17278, backported via #​17291)
• 🔧 Aspire CLI named-pipe timeout on Linux with .NET SDK 10.0.300 — The Aspire CLI was forcing DOTNET_CLI_USE_MSBUILD_SERVER=1 for all dotnet run/dotnet build invocations. On Linux with SDK 10.0.300 this caused a named-pipe timeout that prevented aspire run from building the AppHost. The forced override has been removed so the SDK chooses MSBuild server behavior. Fixes #​16849. (#​17313, backported via #​17314)

🏷️ Housekeeping

• ⬆️ Skipped log publish for WinGet/Homebrew installer pipeline jobs to fix Prepare Installers stage failures (#​17134)
• 🚀 Bumped branding to 13.3.5 (#​17315)

---

Full Changelog: microsoft/aspire@v13.3.4...v13.3.5

Full commit: 70b33bcb5f64c75e3ab6f57616545f35bd43dc81

Generated by Generate release notes for a new stable Aspire release · ● 4.3M

13.3.4

What's New in Aspire 13.3.4

Patch release for Aspire 13.3 with a fix for the Aspire skill description exceeding agent host limits.

🐛 Fixes

• 📝 Aspire skill description too long for agent hosts — The SKILL.md generated by aspire agent init included a frontmatter description that exceeded the 1024-character limit enforced by agent hosts such as Codex and Copilot CLI, causing the Aspire skill to fail to load. The bundled skill description has been shortened to stay within the limit. (#​17183, backported via #​17188)

🏷️ Housekeeping

• 🚀 Bumped branding to 13.3.4 (#​17215)

---

Full commit: 75080796af797483231a9da2d1642b5130617565

Generated by Generate release notes for a new stable Aspire release · ● 3.6M

13.3.3

What's New in Aspire 13.3.3

Patch release for Aspire 13.3 with fixes for debug log level leaking into user resources, Keycloak HTTPS endpoint token invalidation, and endpoint materialization in HostResourceWithEndpoints.

🐛 Fixes

• 🔇 Debug log level leaking into user resources — Logging__LogLevel__Default=Debug set by the app host was being inherited by all user resources, silently changing their logging verbosity. The app host now uses ASPIRE_APPHOST_LOGLEVEL instead, which is scoped to Aspire processes only. (#​17071, backported via #​17078)
• 🔑 Keycloak HTTPS primary endpoint — Fixed a regression where Keycloak tokens became invalid after an app host restart because the HTTPS endpoint port was dynamic. When developer certificates are enabled, Keycloak's primary endpoint is now upgraded to HTTPS directly, and the endpoint name is set to http to enable standard http+https:// service discovery URLs. (#​17058, backported via #​17063)
• 🔌 Endpoint materialization in HostResourceWithEndpoints — Endpoints configured via HostResourceWithEndpoints are now correctly materialized, ensuring endpoint resolution and service discovery work as expected. (#​17091, backported via #​17092)

🏷️ Housekeeping

• ⬆️ Bumped DCP (Microsoft.DeveloperControlPlane) from 0.23.5 → 0.23.6 — includes fixes for Kubernetes OpenAPI generator types that caused [SHOULD NOT HAPPEN] failed to update managedFields errors. (#​17070)
• 🚀 Bumped branding to 13.3.3 (#​17088)

---

Full commit: a4615e7c6def6cba4703cdbd84009cd3da9a261b

13.3.2

What's New in Aspire 13.3.2

Patch release for Aspire 13.3 with a fix for container tunnel startup when tunnel-dependent containers use WaitFor().

🐛 Fixes

• 🚇 Fix WaitFor() for tunnel-dependent containers — The container tunnel implementation that shipped in Aspire 13.3 deadlocked at startup when tunnel-using containers waited on other resources, because resource waits blocked ResourceStarting before the tunnel initialization could complete. Container and tunnel startup have been refactored to cooperate correctly, and additional tunnel-dependent containers can now be started at any point during the application lifecycle. Also improves error reporting for container tunnel failures. (#​16988, backported via #​16993)

🏷️ Housekeeping

• 🚀 Bumped branding to 13.3.2 (#​17053)

13.3.1

Aspire 13.3.1

What's New in Aspire 13.3.1

Patch release for Aspire 13.3 with a regression fix for aspire run and a DCP bump.

🐛 Fixes

• 🏃 aspire run compute environment validation — Skip compute environment validation in run mode so customers no longer hit Resource '<name>' is configured to publish as an Azure Container App, but there are no 'AzureContainerAppEnvironmentResource' resources. Ensure you have added one by calling 'AddAzureContainerAppEnvironment'. errors during local runs. The check is now only performed in publish mode, matching pre-13.3 behavior. (#​16945, backported via #​16952)

🏷️ Housekeeping

• ⬆️ Bumped DCP (Microsoft.DeveloperControlPlane) from 0.23.4 → 0.23.5 (#​16944)
• 🌐 Updated localization resources (#​16602)
• 🚀 Bumped branding to 13.3.1 (#​16951)

13.3.0

Aspire 13.3.0

Aspire 13.3 is here! 🚀 This release is packed with new ways to deploy, debug, and build distributed apps — including aspire destroy, browser telemetry in the dashboard, Kubernetes deployment, first-class JavaScript publishing, and major TypeScript AppHost parity
improvements.

Highlights

• 🧹 Clean teardown — New aspire destroy tears down Azure, Kubernetes, and Docker Compose deployments, and pipeline summaries make deploy/publish/destroy runs easier to follow.
• 🔍 Frontend telemetry — Aspire.Hosting.Browsers captures browser console logs, network requests, and screenshots right in the Aspire dashboard.
• ☸️ Kubernetes deploy preview — aspire deploy can now generate Helm-based Kubernetes deployments, with first-class Ingress and Gateway API routing.
• 🟨 JavaScript publishing — New PublishAs* methods support static sites, Node servers, npm-script apps, Next.js, Vite, Bun, Yarn, and pnpm.
• 🌐 TypeScript AppHost parity — Unified withEnvironment, Docker Compose hooks, endpoint expressions, Azure Container Apps domains, and more close the gap with C# AppHosts.
• 🛠️ CLI upgrades — Run the standalone dashboard with aspire dashboard run, install the CLI as a NativeAOT dotnet tool, and search API docs from the terminal.
• ☁️ Azure goodness — New Azure Front Door, Network Security Perimeter, AKS, private endpoint, and Foundry Prompt Agent support.
• 🐳 Better containers — The Aspire container tunnel is now enabled by default for consistent host connectivity across Docker Desktop, Docker Engine, and Podman.

⚠️ Breaking changes

Notable breaking changes include --log-level becoming --pipeline-log-level, the dashboard MCP server being replaced by aspire agent init, dotnet new aspire-py-starter moving to aspire new aspire-py-starter, and several API shape updates across AKS,
Foundry, JavaScript diagnostics, and TypeScript AppHost helpers.

See the full list in the Aspire 13.3 breaking changes.

📖 Learn more

For the full details, examples, migration guidance, and everything new in this release, check out What's new in Aspire 13.3.

Thank you to all the community contributors who helped make Aspire 13.3 possible! 💜

13.2.4

Aspire 13.2.4

What's New in Aspire 13.2.4

Patch release addressing a security advisory in OpenTelemetry dependencies.

🐛 Fixes

• 🔒 Bumped OpenTelemetry dependencies to address CVE-2026-40894 (#​16420)

🏷️ Housekeeping

• 🚀 Bumped branding to
  13.2.4 (#​16436)

13.2.3

What's New in Aspire 13.2.3

Patch release focused on CLI packaging, signing, and reliability fixes.

🐛 Fixes

• 🛑 aspire stop now properly cleans up application containers on Windows (#​16123)
• 🔐 Fixed macOS signing, permissions, and certificate trust with improved CI verification (#​16053)
• ✍️ Fixed signing for the aspire-managed bundle payload (#​16211)
• 🎭 Fixed Playwright CLI provenance verification for the new tag format (#​16134)
• 🧭 Updated service discovery environment variables (#​16223)

🔧 Improvements

• 📊 Removed telemetry API data limits and refactored URL builders (#​16023)
• ⏱️ Increased native build + sign timeout to 60 minutes for reliability (#​16212)

🏷️ Housekeeping

• 🔖 Bumped branding to 13.2.3 (#​16181)
• 🧪 Temporarily disabled Verify CLI archive step on Windows while investigating (#​16276, #​16285)

Commits viewable in compare view.

Updated Aspire.Hosting.Testing from 13.2.2 to 13.3.5.

Release notes

Sourced from Aspire.Hosting.Testing's releases.

13.3.5

What's New in Aspire 13.3.5

Patch release for Aspire 13.3 with fixes for the Azure provisioning location prompt and an Aspire CLI named-pipe timeout on Linux with .NET SDK 10.0.300.

🐛 Fixes

• 📍 Azure provisioning location prompt not populated — Selecting an existing resource group during aspire publish now correctly populates dependent server-controlled fields (such as Location). Previously, server-provided values for disabled inputs were discarded, leaving those fields blank. (#​17278, backported via #​17291)
• 🔧 Aspire CLI named-pipe timeout on Linux with .NET SDK 10.0.300 — The Aspire CLI was forcing DOTNET_CLI_USE_MSBUILD_SERVER=1 for all dotnet run/dotnet build invocations. On Linux with SDK 10.0.300 this caused a named-pipe timeout that prevented aspire run from building the AppHost. The forced override has been removed so the SDK chooses MSBuild server behavior. Fixes #​16849. (#​17313, backported via #​17314)

🏷️ Housekeeping

• ⬆️ Skipped log publish for WinGet/Homebrew installer pipeline jobs to fix Prepare Installers stage failures (#​17134)
• 🚀 Bumped branding to 13.3.5 (#​17315)

---

Full Changelog: microsoft/aspire@v13.3.4...v13.3.5

Full commit: 70b33bcb5f64c75e3ab6f57616545f35bd43dc81

Generated by Generate release notes for a new stable Aspire release · ● 4.3M

13.3.4

What's New in Aspire 13.3.4

Patch release for Aspire 13.3 with a fix for the Aspire skill description exceeding agent host limits.

🐛 Fixes

• 📝 Aspire skill description too long for agent hosts — The SKILL.md generated by aspire agent init included a frontmatter description that exceeded the 1024-character limit enforced by agent hosts such as Codex and Copilot CLI, causing the Aspire skill to fail to load. The bundled skill description has been shortened to stay within the limit. (#​17183, backported via #​17188)

🏷️ Housekeeping

• 🚀 Bumped branding to 13.3.4 (#​17215)

---

Full commit: 75080796af797483231a9da2d1642b5130617565

Generated by Generate release notes for a new stable Aspire release · ● 3.6M

13.3.3

What's New in Aspire 13.3.3

Patch release for Aspire 13.3 with fixes for debug log level leaking into user resources, Keycloak HTTPS endpoint token invalidation, and endpoint materialization in HostResourceWithEndpoints.

🐛 Fixes

• 🔇 Debug log level leaking into user resources — Logging__LogLevel__Default=Debug set by the app host was being inherited by all user resources, silently changing their logging verbosity. The app host now uses ASPIRE_APPHOST_LOGLEVEL instead, which is scoped to Aspire processes only. (#​17071, backported via #​17078)
• 🔑 Keycloak HTTPS primary endpoint — Fixed a regression where Keycloak tokens became invalid after an app host restart because the HTTPS endpoint port was dynamic. When developer certificates are enabled, Keycloak's primary endpoint is now upgraded to HTTPS directly, and the endpoint name is set to http to enable standard http+https:// service discovery URLs. (#​17058, backported via #​17063)
• 🔌 Endpoint materialization in HostResourceWithEndpoints — Endpoints configured via HostResourceWithEndpoints are now correctly materialized, ensuring endpoint resolution and service discovery work as expected. (#​17091, backported via #​17092)

🏷️ Housekeeping

• ⬆️ Bumped DCP (Microsoft.DeveloperControlPlane) from 0.23.5 → 0.23.6 — includes fixes for Kubernetes OpenAPI generator types that caused [SHOULD NOT HAPPEN] failed to update managedFields errors. (#​17070)
• 🚀 Bumped branding to 13.3.3 (#​17088)

---

Full commit: a4615e7c6def6cba4703cdbd84009cd3da9a261b

13.3.2

What's New in Aspire 13.3.2

Patch release for Aspire 13.3 with a fix for container tunnel startup when tunnel-dependent containers use WaitFor().

🐛 Fixes

• 🚇 Fix WaitFor() for tunnel-dependent containers — The container tunnel implementation that shipped in Aspire 13.3 deadlocked at startup when tunnel-using containers waited on other resources, because resource waits blocked ResourceStarting before the tunnel initialization could complete. Container and tunnel startup have been refactored to cooperate correctly, and additional tunnel-dependent containers can now be started at any point during the application lifecycle. Also improves error reporting for container tunnel failures. (#​16988, backported via #​16993)

🏷️ Housekeeping

• 🚀 Bumped branding to 13.3.2 (#​17053)

13.3.1

Aspire 13.3.1

What's New in Aspire 13.3.1

Patch release for Aspire 13.3 with a regression fix for aspire run and a DCP bump.

🐛 Fixes

• 🏃 aspire run compute environment validation — Skip compute environment validation in run mode so customers no longer hit Resource '<name>' is configured to publish as an Azure Container App, but there are no 'AzureContainerAppEnvironmentResource' resources. Ensure you have added one by calling 'AddAzureContainerAppEnvironment'. errors during local runs. The check is now only performed in publish mode, matching pre-13.3 behavior. (#​16945, backported via #​16952)

🏷️ Housekeeping

• ⬆️ Bumped DCP (Microsoft.DeveloperControlPlane) from 0.23.4 → 0.23.5 (#​16944)
• 🌐 Updated localization resources (#​16602)
• 🚀 Bumped branding to 13.3.1 (#​16951)

13.3.0

Aspire 13.3.0

Aspire 13.3 is here! 🚀 This release is packed with new ways to deploy, debug, and build distributed apps — including aspire destroy, browser telemetry in the dashboard, Kubernetes deployment, first-class JavaScript publishing, and major TypeScript AppHost parity
improvements.

Highlights

• 🧹 Clean teardown — New aspire destroy tears down Azure, Kubernetes, and Docker Compose deployments, and pipeline summaries make deploy/publish/destroy runs easier to follow.
• 🔍 Frontend telemetry — Aspire.Hosting.Browsers captures browser console logs, network requests, and screenshots right in the Aspire dashboard.
• ☸️ Kubernetes deploy preview — aspire deploy can now generate Helm-based Kubernetes deployments, with first-class Ingress and Gateway API routing.
• 🟨 JavaScript publishing — New PublishAs* methods support static sites, Node servers, npm-script apps, Next.js, Vite, Bun, Yarn, and pnpm.
• 🌐 TypeScript AppHost parity — Unified withEnvironment, Docker Compose hooks, endpoint expressions, Azure Container Apps domains, and more close the gap with C# AppHosts.
• 🛠️ CLI upgrades — Run the standalone dashboard with aspire dashboard run, install the CLI as a NativeAOT dotnet tool, and search API docs from the terminal.
• ☁️ Azure goodness — New Azure Front Door, Network Security Perimeter, AKS, private endpoint, and Foundry Prompt Agent support.
• 🐳 Better containers — The Aspire container tunnel is now enabled by default for consistent host connectivity across Docker Desktop, Docker Engine, and Podman.

⚠️ Breaking changes

Notable breaking changes include --log-level becoming --pipeline-log-level, the dashboard MCP server being replaced by aspire agent init, dotnet new aspire-py-starter moving to aspire new aspire-py-starter, and several API shape updates across AKS,
Foundry, JavaScript diagnostics, and TypeScript AppHost helpers.

See the full list in the Aspire 13.3 breaking changes.

📖 Learn more

For the full details, examples, migration guidance, and everything new in this release, check out What's new in Aspire 13.3.

Thank you to all the community contributors who helped make Aspire 13.3 possible! 💜

13.2.4

Aspire 13.2.4

What's New in Aspire 13.2.4

Patch release addressing a security advisory in OpenTelemetry dependencies.

🐛 Fixes

• 🔒 Bumped OpenTelemetry dependencies to address CVE-2026-40894 (#​16420)

🏷️ Housekeeping

• 🚀 Bumped branding to
  13.2.4 (#​16436)

13.2.3

What's New in Aspire 13.2.3

Patch release focused on CLI packaging, signing, and reliability fixes.

🐛 Fixes

• 🛑 aspire stop now properly cleans up application containers on Windows (#​16123)
• 🔐 Fixed macOS signing, permissions, and certificate trust with improved CI verification (#​16053)
• ✍️ Fixed signing for the aspire-managed bundle payload (#​16211)
• 🎭 Fixed Playwright CLI provenance verification for the new tag format (#​16134)
• 🧭 Updated service discovery environment variables (#​16223)

🔧 Improvements

• 📊 Removed telemetry API data limits and refactored URL builders (#​16023)
• ⏱️ Increased native build + sign timeout to 60 minutes for reliability (#​16212)

🏷️ Housekeeping

• 🔖 Bumped branding to 13.2.3 (#​16181)
• 🧪 Temporarily disabled Verify CLI archive step on Windows while investigating (#​16276, #​16285)

Commits viewable in compare view.

Updated Aspire.RabbitMQ.Client from 13.2.2 to 13.3.5.

Release notes

Sourced from Aspire.RabbitMQ.Client's releases.

13.3.5

What's New in Aspire 13.3.5

Patch release for Aspire 13.3 with fixes for the Azure provisioning location prompt and an Aspire CLI named-pipe timeout on Linux with .NET SDK 10.0.300.

🐛 Fixes

• 📍 Azure provisioning location prompt not populated — Selecting an existing resource group during aspire publish now correctly populates dependent server-controlled fields (such as Location). Previously, server-provided values for disabled inputs were discarded, leaving those fields blank. (#​17278, backported via #​17291)
• 🔧 Aspire CLI named-pipe timeout on Linux with .NET SDK 10.0.300 — The Aspire CLI was forcing DOTNET_CLI_USE_MSBUILD_SERVER=1 for all dotnet run/dotnet build invocations. On Linux with SDK 10.0.300 this caused a named-pipe timeout that prevented aspire run from building the AppHost. The forced override has been removed so the SDK chooses MSBuild server behavior. Fixes #​16849. (#​17313, backported via #​17314)

🏷️ Housekeeping

• ⬆️ Skipped log publish for WinGet/Homebrew installer pipeline jobs to fix Prepare Installers stage failures (#​17134)
• 🚀 Bumped branding to 13.3.5 (#​17315)

---

Full Changelog: microsoft/aspire@v13.3.4...v13.3.5

Full commit: 70b33bcb5f64c75e3ab6f57616545f35bd43dc81

Generated by Generate release notes for a new stable Aspire release · ● 4.3M

13.3.4

What's New in Aspire 13.3.4

Patch release for Aspire 13.3 with a fix for the Aspire skill description exceeding agent host limits.

🐛 Fixes

• 📝 Aspire skill description too long for agent hosts — The SKILL.md generated by aspire agent init included a frontmatter description that exceeded the 1024-character limit enforced by agent hosts such as Codex and Copilot CLI, causing the Aspire skill to fail to load. The bundled skill description has been shortened to stay within the limit. (#​17183, backported via #​17188)

🏷️ Housekeeping

• 🚀 Bumped branding to 13.3.4 (#​17215)

---

Full commit: 75080796af797483231a9da2d1642b5130617565

Generated by Generate release notes for a new stable Aspire release · ● 3.6M

13.3.3

What's New in Aspire 13.3.3

Patch release for Aspire 13.3 with fixes for debug log level leaking into user resources, Keycloak HTTPS endpoint token invalidation, and endpoint materialization in HostResourceWithEndpoints.

🐛 Fixes

• 🔇 Debug log level leaking into user resources — Logging__LogLevel__Default=Debug set by the app host was being inherited by all user resources, silently changing their logging verbosity. The app host now uses ASPIRE_APPHOST_LOGLEVEL instead, which is scoped to Aspire processes only. (#​17071, backported via #​17078)
• 🔑 Keycloak HTTPS primary endpoint — Fixed a regression where Keycloak tokens became invali...

Description has been truncated

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions ...

Description has been truncated