Skip to content

Bump Sarif.Sdk from 2.4.16 to 3.1.0#3303

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/nuget/src/PSRule/Sarif.Sdk-3.1.0
Closed

Bump Sarif.Sdk from 2.4.16 to 3.1.0#3303
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/nuget/src/PSRule/Sarif.Sdk-3.1.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 9, 2026
edited
Loading

Updated Sarif.Sdk from 2.4.16 to 3.1.0.

Release notes

Sourced from Sarif.Sdk's releases.

3.1.0

v3.1.0 Sdk | Driver | Converters | Multitool | Multitool Library

  • BUGFIX: Loosen System.Collections.Immutable minimum version requirement to 1.5.0. #​2504

3.1.0-beta1

v3.1.0-beta1 Sdk | Driver | Converters | Multitool | Multitool Library

  • DEPENDENCY BREAKING: SARIF.SDK now requires System.Collections.Immutable 1.5.0. #​2504

3.0.0

v3.0.0 Sdk | Driver | Converters | Multitool | Multitool Library

  • BUGFIX: Loosen Newtonsoft.JSON minimum version requirement to 6.0.8 (for .NET framework) or 9.0.1 (for all other compilations) for Sarif.Sdk. Sarif.Converts requires 8.0.1, minimally, for .NET framework compilations.
  • BUGFIX: Broaden set of supported .NET frameworks for compatibility reasons. Sarif.Sdk, Sarif.Driver and Sarif.WorkItems requires net461.
  • BUGFIX: Set default stack limit in Newtonsoft.JSON utilization (if JsonConvert.Defaults is not already configured) to address GitHub advisory GHSA-5crp-9r3c-p9vr.

3.0.0-beta1

SARIF Package Release History (SDK, Driver, Converters, and Multitool)

3.0.0-beta1 Sdk | Driver | Converters | Multitool | Multitool Library

  • BUGFIX: Loosen Newtonsoft.JSON minimum version requirement to 6.0.8 (for .NET framework) or 9.0.1 (for all other compilations) for Sarif.Sdk. Sarif.Converts requires 8.0.1, minimally, for .NET framework compilations.
  • BUGFIX: Broaden set of supported .NET frameworks for compatibility reasons. Sarif.Sdk now supports net45 forward. Sarif.Driver and Sarif.WorkItems requires net461 due to other dependencies.
  • BUGFIX: Set default stack limit in Newtonsoft.JSON utilization (if JsonConvert.Defaults is not already configured) to address GitHub advisory GHSA-5crp-9r3c-p9vr.

Commits viewable in compare view.

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump Sarif.Sdk from 2.4.16 to 3.1.0
d098cb4 
---
updated-dependencies:
- dependency-name: Sarif.Sdk
  dependency-version: 3.1.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Changes for a dependency update label Apr 9, 2026
@dependabot dependabot bot requested a review from a team as a code owner April 9, 2026 15:04
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Apr 9, 2026

Thank you for your contribution, one of the team will evaluate shortly.

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot bot commented on behalf of github Apr 14, 2026

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot bot deleted the dependabot/nuget/src/PSRule/Sarif.Sdk-3.1.0 branch April 14, 2026 08:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Changes for a dependency update

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@BernieWhite