chore(deps): update nuget packages

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
Azure.Identity (source)	1.17.1 → 1.21.0
Grpc.AspNetCore	2.76.0 → 2.80.0
Microsoft.Azure.Cosmos	3.57.0 → 3.60.0

---

Release Notes

Azure/azure-sdk-for-net (Azure.Identity)

v1.21.0

Compare Source

1.21.0 (2026-04-10)

Other Changes

• All Azure.Identity types have been moved to Azure.Core and are now available through TypeForwardedTo attributes. This is a non-breaking change — existing code continues to work transparently. The library's version number now aligns with that of Azure.Core. See the Migration Guide for details.

v1.20.0

Compare Source

1.20.0 (2026-03-30)

Features Added

• Added a JSON schema segment to the NuGet package that provides IntelliSense and validation for Azure.Identity credential configuration in appsettings.json.

Breaking Changes

• AddAzureClient, AddKeyedAzureClient, and WithAzureCredential return type changed from IHostApplicationBuilder to IClientBuilder to align with the IClientBuilder composition change in System.ClientModel.

v1.19.0

Compare Source

1.19.0 (2026-03-11)

Features Added

• Added support in ClientCertificateCredential to specify a path in the form of cert:/StoreLocation/StoreName/Thumbprint to refer to a certificate in the platform certificate store - such as the Windows Certificate Store on Windows, and the KeyChain on MacOS - instead of a file on disk. For example to load a certificate from the "My" store in the "CurrentUser" location use the path cert:/CurrentUser/My/E661583E8FABEF4C0BEF694CBC41C28FB81CD870 (A community contribution, courtesy of fowl2).

Other Changes

• Updated Microsoft.Identity.Client and Microsoft.Identity.Client.Extensions.Msal dependencies to version 4.83.1.

v1.18.0

Compare Source

1.18.0 (2026-02-25)

Features Added

• Added experimental Microsoft.Extensions.Configuration and Microsoft.Extensions.DependencyInjection integration for Azure SDK clients. For details, see the Configuration and Dependency Injection documentation.

• The WorkloadIdentityCredentialOptions.IsAzureProxyEnabled property, which enables Azure Kubernetes token proxy mode, is only available in beta releases of this package.

• AzureDeveloperCliCredential now parses JSON error output from azd auth token to extract clean error messages instead of including raw JSON in exceptions. Error messages like {"type":"consoleMessage","data":{"message":"ERROR: fetching token: ..."}} are now displayed as ERROR: fetching token: ....

v1.17.2

Compare Source

1.17.2 (2026-04-15)

Other Changes

• Updated Microsoft.Identity.Client and Microsoft.Identity.Client.Extensions.Msal dependencies to version 4.83.1.

grpc/grpc-dotnet (Grpc.AspNetCore)

v2.80.0

What's Changed

• Update .NET 10, System.CommandLine 2.0.0, fix warnings by @​JamesNK in #​2677
• Fix System.CommandLine 2.0.0 Uri parsing in GrpcClient benchmark app by @​ilonatommy in #​2695
• Implement GrpcServiceEndpointConventionBuilder.Finally by @​halter73 in #​2693
• Bump axios from 1.11.0 to 1.12.2 in /testassets/InteropTestsGrpcWebWebsite/Tests by @​dependabot[bot] in #​2669
• Bump webpack from 5.101.0 to 5.105.0 in /examples/Browser/Server/wwwroot by @​dependabot[bot] in #​2689
• Bump lodash from 4.17.21 to 4.17.23 in /testassets/InteropTestsGrpcWebWebsite/Tests by @​dependabot[bot] in #​2687
• Bump glob from 10.4.5 to 10.5.0 in /testassets/InteropTestsGrpcWebWebsite/Tests by @​dependabot[bot] in #​2679
• Bump basic-ftp from 5.0.5 to 5.2.0 in /testassets/InteropTestsGrpcWebWebsite/Tests by @​dependabot[bot] in #​2698
• Bump serialize-javascript and terser-webpack-plugin in /examples/Browser/Server/wwwroot by @​dependabot[bot] in #​2699
• Bump minimatch in /testassets/InteropTestsGrpcWebWebsite/Tests by @​dependabot[bot] in #​2700
• Bump axios from 1.12.2 to 1.13.6 in /testassets/InteropTestsGrpcWebWebsite/Tests by @​dependabot[bot] in #​2701
• Bump js-yaml in /testassets/InteropTestsGrpcWebWebsite/Tests by @​dependabot[bot] in #​2702
• Handle Trailers-Only OK responses in streaming calls without exception handling by @​michaelmccord in #​2697
• Bump picomatch in /testassets/InteropTestsGrpcWebWebsite/Tests by @​dependabot[bot] in #​2703
• Implement v1 reflection service and clean up integration by @​JamesNK in #​2704
• Bump brace-expansion in /testassets/InteropTestsGrpcWebWebsite/Tests by @​dependabot[bot] in #​2706
• Fix flaky PickAsync_UpdateAddressesWhileRequestingConnection_DoesNotDeadlock test by @​JamesNK in #​2705
• Bump Tools Version prep for release v2.80.0 by @​asheshvidyut in #​2707
• [Release v2.80.x] Fix the version number - Step 3 by @​asheshvidyut in #​2711
• Rel (v1.80.0) Prep for stable release by @​asheshvidyut in #​2723

New Contributors

• @​ilonatommy made their first contribution in #​2695
• @​halter73 made their first contribution in #​2693
• @​michaelmccord made their first contribution in #​2697

Full Changelog: grpc/grpc-dotnet@v2.76.0...v2.80.0

Azure/azure-cosmos-dotnet-v3 (Microsoft.Azure.Cosmos)

v3.60.0

Compare Source

Features Added

• 5825 ChangeFeed: Promotes Full Fidelity Change Feed (AllVersionsAndDeletes) APIs to GA
• 5839 Direct: Adds Direct package version bump to 3.43.0

Bugs Fixed

• 5618 Diagnostics: Fixes null contacted region name for multimaster hub fallback (410/21005)
• 5816 HttpTimeoutPolicy: Fixes aggressive 500ms first-attempt timeout in HttpTimeoutPolicyControlPlaneRetriableHotPath
• 5819 LINQ: Fixes .NET 10 MemoryExtensions.Contains breaking change in LINQ queries
• 5823 LocationCache: Fixes read fallback to use WriteEndpoints[0] when PPAF enabled and all regions excluded
• 5825 ChangeFeedProcessor: Exempts AllVersionsAndDeletes from implicit StartTime back-off (not applicable to LSN-based continuation)
• 5870 CrossRegionHedgingAvailabilityStrategy: Fixes StackOverflow in CrossRegionHedgingAvailabilityStrategy Observed in .NET Framework 4.7.2

v3.59.0

Compare Source

Added

• 5579 Change Feed Processor: Adds Lease container export support
• 5709 Performance: Adds caching for URL-encoded AAD authorization signature
• 5731 DNS dot-suffix: Adds TCP DNS dot-suffix for Direct mode to avoid Kubernetes ndots latency
• 5755 Exceptionless: Adds enabling exception less 400 status code
• 5756 Exceptionless: Adds enabling exception less 404/1002 status code
• 5757 Exceptionless: Adds enabling exception less 403
• 5779 Direct: Adds Direct package version bump to 3.42.4
• 5786 Region Availability: Adds missing regions from Direct 3.42.4
• 5788 Socket Handler: Adds HTTP/2 PING keep-alive to detect broken connections in pool

Fixed

• 5553 NativeDLLs: Fixes Conditionally include win-x64 native DLLs based on RuntimeIdentifier
• 5588 LINQ: Fixes memory leak from Expression.Compile() in all call sites
• 5617 ChangeFeedProcessor: Fixes first-change skip during initial startup by anchoring StartTime
• 5636 CosmosClientBuilder: Fixes self-referencing loop in GetSerializedConfiguration with STJ TypeInfoResolver
• 5748 Routing: Fixes GetOverlappingRanges CPU overhead from repeated JSON deserialization
• 5807 ChangeFeedProcessor: Fixes lease de-duplication for /partitionKey-partitioned lease containers

v3.58.0

Compare Source

Added

• 5447 Per Partition Automatic Failover: Adds Hub Region Processing Only While Routing Requests Failed with 404/1002 for single master accounts
• 5551 HPK: Adds internal CosmosClientOptions flag UseLengthAwareRangeComparer for length aware range comparer rollout
• 5582 Query: Adds ability to choose global vs local/focused statistics for FullTextScore
• 5610 Refactors N-Region Synchronous Commit feature to use IServiceConfigurationReaderVNext interface.
• 5693 ThinClient Integration: Adds Enable Multiple Http2 connection on SocketsHttpHandler
• 5614 ThinClient Integration: Adds support for QueryPlan in thinclient mode

Fixed

• 5597 CosmosClient: Fixes ObjectDisposedException message when client is disposed during request
• 5613 CrossRegionHedgingAvailabilityStrategy: Fixes ArgumentNullException race condition in hedging cancellation
• 5650 Batch: Fixes null ErrorMessage when promoting status from MultiStatus response
• 5651 Serializer: Fixes unsafe stream cast in FromStream
• 5697 ResourceThrottleRetryPolicy: Fixes cumulativeRetryDelay tracking when x-ms-retry-after-ms header is absent

v3.57.1

Compare Source

Fixed

• 5613 CrossRegionHedgingAvailabilityStrategy: Fixes ArgumentNullException race condition in hedging cancellation

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • Between 12:00 AM and 03:59 AM, on day 1 of the month (* 0-3 1 * *)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

This PR was generated by Mend Renovate. View the repository job log.