Bump dependencies (#3233)

* Bump Google.Protobuf to 3.25.2

* Bump Microsoft.Data.SqlClient to 5.1.4

* .NET Fx - Microsoft.Extensions.Options to 8.0.1

* .NET FX `Microsoft.Extensions.Configuration.Binder` from `8.0.0` to `8.0.1`

* .NET Fx `System.Text.Json` from `8.0.0` to `8.0.1`

* System.Data.SqlClient to 4.8.6 - older versions contains security issue

* StackExchange.Redis to 2.7.17

* MySqlConnector to 2.3.4

* MySql.Data to 8.3.0

* xunit 2.6.6

* Microsoft.Data.SqlClient - handles dotnet/announcements#292

CHANGELOG.md

@@ -43,7 +43,7 @@ This component adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.h
   - `OpenTelemetry.Shims.OpenTracing` from `1.6.0-beta.1` to `1.7.0-beta.1`,
   - `OpenTelemetry.ResourceDetectors.Azure` from `1.0.0-beta.3` to `1.0.0-beta.4`,
   - `OpenTelemetry.ResourceDetectors.Container` from `1.0.0-beta.4` to `1.0.0-beta.5`,
-  - `OpenTelemetry.ResourceDetectors.ProcessRuntime` from `0.1.0-alpha.1` to `0.1.0-alpha.2`,
+  - `OpenTelemetry.ResourceDetectors.ProcessRuntime` from `0.1.0-alpha.1` to `0.1.0-alpha.2`.
 - .NET only, following packages updated
   - `Google.Protobuf` updated from `3.19.4` to `3.22.5`.
   - `Microsoft.Extensions.Configuration` from `3.1.0` to `8.0.0`,
@@ -56,10 +56,14 @@ This component adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.h
   - `Microsoft.Extensions.Options.ConfigurationExtensions` from `3.1.0` to `8.0.0`,
   - `Microsoft.Extensions.Primitives` from `3.1.0` to `8.0.0`,
   - `OpenTelemetry.Instrumentation.AspNetCore` from `1.6.0-beta.3` to `1.7.0`,
-  - `OpenTelemetry.Instrumentation.EntityFrameworkCore` from `1.0.0-beta.8` to `1.0.0-beta.9`,
+  - `OpenTelemetry.Instrumentation.EntityFrameworkCore` from `1.0.0-beta.8` to `1.0.0-beta.9`.
 - .NET Framework only, following packages updated
-  - `Grpc.Core.Api` from `2.59.0` to `2.60.0`
+  - `Google.Protobuf` updated from `3.25.1` to `3.25.2`,
+  - `Grpc.Core.Api` from `2.59.0` to `2.60.0`,
+  - `Microsoft.Extensions.Configuration.Binder` from `8.0.0` to `8.0.1`,
+  - `Microsoft.Extensions.Options` from `8.0.0` to `8.0.1`,
   - `OpenTelemetry.Instrumentation.AspNet` from `1.6.0-beta.2` to `1.7.0-beta.1`,
+  - `System.Text.Json` from `8.0.0` to `8.0.1`.
 
 ### Deprecated
 

build/LibraryVersions.g.cs

@@ -76,18 +76,17 @@ public static class LibraryVersion
             "TestApplication.SqlClient.Microsoft",
             new List<PackageBuildInfo>
             {
-                new("1.1.4"),
-                new("2.1.5"),
-                new("3.1.2"),
-                new("4.1.1"),
-                new("5.1.2"),
+                new("2.1.7"),
+                new("3.1.5"),
+                new("4.0.5"),
+                new("5.1.4"),
             }
         },
         {
             "TestApplication.SqlClient.System",
             new List<PackageBuildInfo>
             {
-                new("4.8.5"),
+                new("4.8.6"),
             }
         },
         {
@@ -103,15 +102,15 @@ public static class LibraryVersion
             new List<PackageBuildInfo>
             {
                 new("2.0.0"),
-                new("2.3.3"),
+                new("2.3.4"),
             }
         },
         {
             "TestApplication.MySqlData",
             new List<PackageBuildInfo>
             {
                 new("8.1.0"),
-                new("8.2.0"),
+                new("8.3.0"),
             }
         },
         {
@@ -146,7 +145,7 @@ public static class LibraryVersion
                 new("2.1.50"),
                 new("2.5.61"),
                 new("2.6.66"),
-                new("2.7.10"),
+                new("2.7.17"),
             }
         },
         {

examples/demo/Service/Directory.Packages.props

@@ -3,7 +3,7 @@
     <ManagePackageVersionsCentrally>true</ManagePackageVersionsCentrally>
   </PropertyGroup>
   <ItemGroup>
-    <PackageVersion Include="Microsoft.Data.SqlClient" Version="5.1.2" />
+    <PackageVersion Include="Microsoft.Data.SqlClient" Version="5.1.4" />
     <PackageVersion Include="Microsoft.Extensions.Logging" Version="8.0.0" />
   </ItemGroup>
 </Project>

src/Directory.Packages.props

@@ -62,19 +62,19 @@
     <PackageVersion Include="System.Windows.Extensions" Version="4.7.0" />
   </ItemGroup>
   <ItemGroup Label="Transient dependencies auto-generated by GenerateNetFxTransientDependencies">
-    <PackageVersion Include="Google.Protobuf" Version="3.25.1" />
+    <PackageVersion Include="Google.Protobuf" Version="3.25.2" />
     <PackageVersion Include="Grpc" Version="2.46.6" />
     <PackageVersion Include="Grpc.Core" Version="2.46.6" />
     <PackageVersion Include="Grpc.Core.Api" Version="2.60.0" />
     <PackageVersion Include="Microsoft.Extensions.Configuration" Version="8.0.0" />
     <PackageVersion Include="Microsoft.Extensions.Configuration.Abstractions" Version="8.0.0" />
-    <PackageVersion Include="Microsoft.Extensions.Configuration.Binder" Version="8.0.0" />
+    <PackageVersion Include="Microsoft.Extensions.Configuration.Binder" Version="8.0.1" />
     <PackageVersion Include="Microsoft.Extensions.DependencyInjection" Version="8.0.0" />
     <PackageVersion Include="Microsoft.Extensions.DependencyInjection.Abstractions" Version="8.0.0" />
     <PackageVersion Include="Microsoft.Extensions.Logging" Version="8.0.0" />
     <PackageVersion Include="Microsoft.Extensions.Logging.Abstractions" Version="8.0.0" />
     <PackageVersion Include="Microsoft.Extensions.Logging.Configuration" Version="8.0.0" />
-    <PackageVersion Include="Microsoft.Extensions.Options" Version="8.0.0" />
+    <PackageVersion Include="Microsoft.Extensions.Options" Version="8.0.1" />
     <PackageVersion Include="Microsoft.Extensions.Options.ConfigurationExtensions" Version="8.0.0" />
     <PackageVersion Include="Microsoft.Extensions.Primitives" Version="8.0.0" />
     <PackageVersion Include="System.Buffers" Version="4.5.1" />
@@ -83,7 +83,7 @@
     <PackageVersion Include="System.Numerics.Vectors" Version="4.5.0" />
     <PackageVersion Include="System.Runtime.CompilerServices.Unsafe" Version="6.0.0" />
     <PackageVersion Include="System.Text.Encodings.Web" Version="8.0.0" />
-    <PackageVersion Include="System.Text.Json" Version="8.0.0" />
+    <PackageVersion Include="System.Text.Json" Version="8.0.1" />
     <PackageVersion Include="System.Threading.Tasks.Extensions" Version="4.5.4" />
     <PackageVersion Include="System.ValueTuple" Version="4.5.0" />
   </ItemGroup>

src/OpenTelemetry.AutoInstrumentation.Native/netfx_assembly_redirection.h

@@ -18,19 +18,19 @@ void CorProfiler::InitNetFxAssemblyRedirectsMap()
     const USHORT auto_major = atoi(AUTO_MAJOR);
 
     assembly_version_redirect_map_.insert({
-        { L"Google.Protobuf", {3, 25, 1, 0} },
+        { L"Google.Protobuf", {3, 25, 2, 0} },
         { L"Grpc.Core", {2, 0, 0, 0} },
         { L"Grpc.Core.Api", {2, 0, 0, 0} },
         { L"Microsoft.Bcl.AsyncInterfaces", {8, 0, 0, 0} },
         { L"Microsoft.Extensions.Configuration", {8, 0, 0, 0} },
         { L"Microsoft.Extensions.Configuration.Abstractions", {8, 0, 0, 0} },
-        { L"Microsoft.Extensions.Configuration.Binder", {8, 0, 0, 0} },
+        { L"Microsoft.Extensions.Configuration.Binder", {8, 0, 0, 1} },
         { L"Microsoft.Extensions.DependencyInjection", {8, 0, 0, 0} },
         { L"Microsoft.Extensions.DependencyInjection.Abstractions", {8, 0, 0, 0} },
         { L"Microsoft.Extensions.Logging", {8, 0, 0, 0} },
         { L"Microsoft.Extensions.Logging.Abstractions", {8, 0, 0, 0} },
         { L"Microsoft.Extensions.Logging.Configuration", {8, 0, 0, 0} },
-        { L"Microsoft.Extensions.Options", {8, 0, 0, 0} },
+        { L"Microsoft.Extensions.Options", {8, 0, 0, 1} },
         { L"Microsoft.Extensions.Options.ConfigurationExtensions", {8, 0, 0, 0} },
         { L"Microsoft.Extensions.Primitives", {8, 0, 0, 0} },
         { L"Microsoft.Win32.Primitives", {4, 0, 3, 0} },
@@ -145,7 +145,7 @@ void CorProfiler::InitNetFxAssemblyRedirectsMap()
         { L"System.Text.Encoding", {4, 0, 11, 0} },
         { L"System.Text.Encoding.Extensions", {4, 0, 11, 0} },
         { L"System.Text.Encodings.Web", {8, 0, 0, 0} },
-        { L"System.Text.Json", {8, 0, 0, 0} },
+        { L"System.Text.Json", {8, 0, 0, 1} },
         { L"System.Text.RegularExpressions", {4, 1, 1, 0} },
         { L"System.Threading", {4, 0, 11, 0} },
         { L"System.Threading.Overlapped", {4, 1, 0, 0} },

test/Directory.Packages.props

@@ -5,7 +5,7 @@
     <PackageVersion Include="Elastic.Clients.Elasticsearch" Version="8.11.0" />
     <PackageVersion Include="Confluent.Kafka" Version="2.3.0" />
     <PackageVersion Include="FluentAssertions" Version="6.12.0" />
-    <PackageVersion Include="Google.Protobuf" Version="3.25.1" />
+    <PackageVersion Include="Google.Protobuf" Version="3.25.2" />
     <PackageVersion Include="GraphQL" Version="7.7.2" />
     <PackageVersion Include="GraphQL.MicrosoftDI" Version="7.7.2" />
     <PackageVersion Include="GraphQL.Server.Transports.AspNetCore" Version="7.6.0" />
@@ -20,7 +20,7 @@
     <PackageVersion Include="Microsoft.AspNetCore.SignalR.Client" Version="8.0.0" />
     <PackageVersion Include="Microsoft.Build" Version="15.9.20" />
     <PackageVersion Include="Microsoft.Build.Utilities.Core" Version="15.9.20" />
-    <PackageVersion Include="Microsoft.Data.SqlClient" Version="5.1.2" />
+    <PackageVersion Include="Microsoft.Data.SqlClient" Version="5.1.4" />
     <PackageVersion Include="Microsoft.EntityFrameworkCore.Sqlite" Version="7.0.13" />
     <PackageVersion Include="Microsoft.Extensions.Configuration.Abstractions" Version="8.0.0" />
     <PackageVersion Include="Microsoft.Extensions.DependencyInjection" Version="8.0.0" />
@@ -30,8 +30,8 @@
     <PackageVersion Include="Microsoft.NET.Test.Sdk" Version="17.8.0" />
     <PackageVersion Include="MongoDB.Driver" Version="2.23.1" />
     <PackageVersion Include="NSubstitute" Version="5.1.0" />
-    <PackageVersion Include="MySqlConnector" Version="2.3.3" />
-    <PackageVersion Include="MySql.Data" Version="8.2.0" />
+    <PackageVersion Include="MySqlConnector" Version="2.3.4" />
+    <PackageVersion Include="MySql.Data" Version="8.3.0" />
     <PackageVersion Include="NServiceBus" Version="8.1.6" />
     <PackageVersion Include="Newtonsoft.Json" Version="13.0.3" />
     <PackageVersion Include="Npgsql" Version="8.0.1" />
@@ -41,10 +41,10 @@
     <PackageVersion Include="Quartz" Version="3.8.0" />
     <PackageVersion Include="Quartz.Extensions.DependencyInjection" Version="3.8.0" />
     <PackageVersion Include="Quartz.Extensions.Hosting" Version="3.8.0" />
-    <PackageVersion Include="StackExchange.Redis" Version="2.7.10" />
+    <PackageVersion Include="StackExchange.Redis" Version="2.7.17" />
     <PackageVersion Include="StrongNamer" Version="0.2.5" />
     <PackageVersion Include="System.Collections.Immutable" Version="8.0.0" />
-    <PackageVersion Include="System.Data.SqlClient" Version="4.8.5" />
+    <PackageVersion Include="System.Data.SqlClient" Version="4.8.6" />
     <PackageVersion Include="System.Diagnostics.DiagnosticSource" Version="8.0.0" />
     <PackageVersion Include="System.Reactive" Version="6.0.0" />
     <PackageVersion Include="System.Runtime.InteropServices" Version="4.3.0" />
@@ -54,7 +54,7 @@
     <PackageVersion Include="System.ValueTuple" Version="4.5.0" />
     <PackageVersion Include="Testcontainers" Version="3.6.0" />
     <PackageVersion Include="Verify.Xunit" Version="20.8.2" />
-    <PackageVersion Include="xunit" Version="2.6.4" />
+    <PackageVersion Include="xunit" Version="2.6.6" />
     <PackageVersion Include="xunit.abstractions" Version="2.0.3" />
     <PackageVersion Include="xunit.runner.visualstudio" Version="2.5.6" />
     <PackageVersion Include="Xunit.SkippableFact" Version="1.4.13" />

test/IntegrationTests/LibraryVersions.g.cs

@@ -82,19 +82,18 @@ public static class LibraryVersion
 #if DEFAULT_TEST_PACKAGE_VERSIONS
         new object[] { string.Empty }
 #else
-        new object[] { "1.1.4" },
-        new object[] { "2.1.5" },
-        new object[] { "3.1.2" },
-        new object[] { "4.1.1" },
-        new object[] { "5.1.2" },
+        new object[] { "2.1.7" },
+        new object[] { "3.1.5" },
+        new object[] { "4.0.5" },
+        new object[] { "5.1.4" },
 #endif
     };
     public static readonly IReadOnlyCollection<object[]> SqlClientSystem = new List<object[]>
     {
 #if DEFAULT_TEST_PACKAGE_VERSIONS
         new object[] { string.Empty }
 #else
-        new object[] { "4.8.5" },
+        new object[] { "4.8.6" },
 #endif
     };
     public static readonly IReadOnlyCollection<object[]> MongoDB = new List<object[]>
@@ -112,7 +111,7 @@ public static class LibraryVersion
         new object[] { string.Empty }
 #else
         new object[] { "2.0.0" },
-        new object[] { "2.3.3" },
+        new object[] { "2.3.4" },
 #endif
     };
     public static readonly IReadOnlyCollection<object[]> MySqlData = new List<object[]>
@@ -121,7 +120,7 @@ public static class LibraryVersion
         new object[] { string.Empty }
 #else
         new object[] { "8.1.0" },
-        new object[] { "8.2.0" },
+        new object[] { "8.3.0" },
 #endif
     };
     public static readonly IReadOnlyCollection<object[]> Npgsql = new List<object[]>
@@ -160,7 +159,7 @@ public static class LibraryVersion
         new object[] { "2.1.50" },
         new object[] { "2.5.61" },
         new object[] { "2.6.66" },
-        new object[] { "2.7.10" },
+        new object[] { "2.7.17" },
 #endif
     };
     public static readonly IReadOnlyCollection<object[]> WCFCoreClient = new List<object[]>

test/test-applications/integrations/TestApplication.MySqlData/TestApplication.MySqlData.csproj

@@ -7,7 +7,7 @@
   <ItemGroup>
     <PackageReference Include="MySql.Data" VersionOverride="$(LibraryVersion)" />
     <PackageReference Include="System.Diagnostics.DiagnosticSource" />
-    <PackageReference Include="Google.Protobuf" VersionOverride="3.22.5" />
+    <PackageReference Include="Google.Protobuf" VersionOverride="3.22.5" Condition="'$(LibraryVersion)' != '' and '$(LibraryVersion)'&lt;'8.3.0'"/>
   </ItemGroup>
 
 </Project>

test/test-applications/integrations/TestApplication.SqlClient.Microsoft/TestApplication.SqlClient.Microsoft.csproj

@@ -6,5 +6,6 @@
 
   <ItemGroup>
     <PackageReference Include="System.ValueTuple" Condition="'$(TargetFramework)' == 'net462'"/>
+    <PackageReference Include="System.Diagnostics.DiagnosticSource" Condition="'$(TargetFramework)' == 'net6.0'"/>
   </ItemGroup>
 </Project>

tools/LibraryVersionsGenerator/PackageVersionDefinitions.cs

@@ -94,10 +94,10 @@ internal static class PackageVersionDefinitions
             TestApplicationName = "TestApplication.SqlClient.Microsoft",
             Versions = new List<PackageVersion>
             {
-                new("1.1.4"),
-                new("2.1.5"),
-                new("3.1.2"),
-                new("4.1.1"),
+                // new("1.1.4"), - high vulnerability https://github.com/dotnet/announcements/issues/292, test should be skipped
+                new("2.1.7"),
+                new("3.1.5"),
+                new("4.0.5"),
                 new("*")
             }
         },
@@ -108,7 +108,7 @@ internal static class PackageVersionDefinitions
             TestApplicationName = "TestApplication.SqlClient.System",
             Versions = new List<PackageVersion>
             {
-                new("4.8.5"),
+                new("4.8.6"),
                 new("*")
             }
         },
@@ -119,8 +119,8 @@ internal static class PackageVersionDefinitions
             TestApplicationName = "TestApplication.MongoDB",
             Versions = new List<PackageVersion>
             {
-                // new("2.13.3"), - high vulnarability https://github.com/advisories/GHSA-7j9m-j397-g4wx, <= 2.18.0 test should be skipped
-                // new("2.15.0"), - high vulnarability https://github.com/advisories/GHSA-7j9m-j397-g4wx, <= 2.18.0 test should be skipped
+                // new("2.13.3"), - high vulnerability https://github.com/advisories/GHSA-7j9m-j397-g4wx, <= 2.18.0 test should be skipped
+                // new("2.15.0"), - high vulnerability https://github.com/advisories/GHSA-7j9m-j397-g4wx, <= 2.18.0 test should be skipped
                 new("2.19.0"),
                 new("*")
             }