Skip to content

Bump System.IdentityModel.Tokens.Jwt from 8.12.1 to 8.15.0#168

Closed
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/nuget/System.IdentityModel.Tokens.Jwt-8.15.0
Closed

Bump System.IdentityModel.Tokens.Jwt from 8.12.1 to 8.15.0#168
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/nuget/System.IdentityModel.Tokens.Jwt-8.15.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Nov 19, 2025

Updated System.IdentityModel.Tokens.Jwt from 8.12.1 to 8.15.0.

Release notes

Sourced from System.IdentityModel.Tokens.Jwt's releases.

8.14.0

8.14.0

Bug Fixes

  • Switch back to use ValidationResult instead of OperationResult when validating a token in a new experimental validation flow. Additionally removed the dependency on Microsoft.IdentityModel.Abstractions. See #​3299 for details.

8.13.1

8.13.1

Dependencies

Microsoft.IdentityModel now depends on Microsoft.Identity.Abstractions 9.3.0

Bug Fixes

  • Fixed a decompression failure happening for large JWE payloads. See #​3286 for details.

Work related to redesign of IdentityModel's token validation logic #​2711

  • Update the validation methods to return Microsoft.Identity.Abstractions.OperationResult. See #​3284 for details.

8.13.0

8.13.0

8.13.0

Fundamentals

  • CaseSensitiveClaimsIdentity.SecurityToken setter is now protected internal (was internal). See PR #​3278 for details.
  • Update .NET SDK version to 9.0.108 used when building or running the code. See PR #​3274 for details.
  • Update RsaSecurityKey.cs to replace the Pkcs1 padding by Pss from HasPrivateKey check. See #​3280 for details.

What's Changed

New Contributors

Full Changelog: AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet@8.12.1...8.13.0

Commits viewable in compare view.

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump System.IdentityModel.Tokens.Jwt from 8.12.1 to 8.15.0
1800024 
---
updated-dependencies:
- dependency-name: System.IdentityModel.Tokens.Jwt
  dependency-version: 8.15.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added .NET Pull requests that update .net code dependencies Pull requests that update a dependency file labels Nov 19, 2025
@dependabot dependabot Bot mentioned this pull request Nov 19, 2025
Closed
@cocogitto-bot
Copy link
Copy Markdown

cocogitto-bot Bot commented Nov 19, 2025

❌ Found 0 compliant commit and 1 non-compliant commits in 1800024.

Commit 1800024 by @dependabot[bot] is not conform to the conventional commit specification :

  • message: `Bump System.IdentityModel.Tokens.Jwt from 8.12.1 to 8.15.0

updated-dependencies:

  • dependency-name: System.IdentityModel.Tokens.Jwt
    dependency-version: 8.15.0
    dependency-type: direct:production
    update-type: version-update:semver-minor
    ...

Signed-off-by: dependabot[bot] support@github.com`

  • cause: 
    Missing commit type separator `:`

Caused by:
     --> 1:5
      |
    1 | Bump System.IdentityModel.Tokens.Jwt from 8.12.1 to 8.15.0
      |     ^---
      |
      = expected scope or type_separator

1 similar comment
@cocogitto-bot
Copy link
Copy Markdown

cocogitto-bot Bot commented Nov 19, 2025

❌ Found 0 compliant commit and 1 non-compliant commits in 1800024.

Commit 1800024 by @dependabot[bot] is not conform to the conventional commit specification :

  • message: `Bump System.IdentityModel.Tokens.Jwt from 8.12.1 to 8.15.0

updated-dependencies:

  • dependency-name: System.IdentityModel.Tokens.Jwt
    dependency-version: 8.15.0
    dependency-type: direct:production
    update-type: version-update:semver-minor
    ...

Signed-off-by: dependabot[bot] support@github.com`

  • cause: 
    Missing commit type separator `:`

Caused by:
     --> 1:5
      |
    1 | Bump System.IdentityModel.Tokens.Jwt from 8.12.1 to 8.15.0
      |     ^---
      |
      = expected scope or type_separator

@codecov
Copy link
Copy Markdown

codecov Bot commented Nov 19, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 96.78%. Comparing base (1986144) to head (1800024).
⚠️ Report is 4 commits behind head on master.

Additional details and impacted files 
@@           Coverage Diff           @@
##           master     #168   +/-   ##
=======================================
  Coverage   96.78%   96.78%           
=======================================
  Files          10       10           
  Lines         249      249           
  Branches       19       19           
=======================================
  Hits          241      241           
  Misses          4        4           
  Partials        4        4

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Mar 30, 2026

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot Bot deleted the dependabot/nuget/System.IdentityModel.Tokens.Jwt-8.15.0 branch March 30, 2026 06:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@VMelnalksnis VMelnalksnis

Labels

dependencies Pull requests that update a dependency file .NET Pull requests that update .net code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@VMelnalksnis