#### Description
This PR updates the version of the MSAL.js dependency that we redistribute in our Authentication.Msal library in response to user requests and recommendation from the MSAL team.
#### Technical Description
This PR contains some code changes in response to some changes in type definition over in MSAL.js:
- https://github.com/AzureAD/microsoft-authentication-library-for-js/pull/2105
- https://github.com/AzureAD/microsoft-authentication-library-for-js/pull/2512
#### Customer Impact
Without these changes, if users want to pick up required bug fixes in the downstream MSAL.js library, they would have to compile their own version of JavaScript dependencies and integrate them into their project.
This PR allows users to consume bug fixes blocking customer login and platform support without having to put in difficult workarounds.
#### Regression?
- [ ] Yes
- [X] No
#### Risk
- [ ] High
- [ ] Medium
- [X] Low
Change contains no breaking changes and was made on recommendation of the MSAL team. Manual verification completed.
#### Verification
- [X] Manual (required)
- [ ] Automated
Verified navigating to the authorized-only fetch data page, logging in, confirming redirect, logging out, logging in again on:
- Azure B2C + Blazor WASM Hosted
- Azure B2C + Blazor Standalone
- Azure AAD + Blazor WASM Hosted
- Azure AAD + Blazor WASM Standalone
#### Packaging changes reviewed?
- [ ] Yes
- [ ] No
- [X] N/A
Addresses https://github.com/dotnet/aspnetcore/issues/29010, https://github.com/dotnet/aspnetcore/issues/28969, https://github.com/dotnet/aspnetcore/issues/28956
## Description
Updates outdated dependencies for the Angular, React and React redux templates.
## Customer Impact
Customers creating new projects get obsolete versions of some javascript dependencies and need to update them manually.
## Regression?
- [ ] Yes
- [X] No
[If yes, specify the version the behavior has regressed from]
## Risk
- [ ] High
- [ ] Medium
- [X] Low
The changes only update dependencies and have been tested manually.
## Verification
- [X] Manual (required)
- [ ] Automated
## Packaging changes reviewed?
- [ ] Yes
- [ ] No
- [X] N/A
Description
#28017
In 5.0.1 we fixed a publish scenario where Blazor webassembly wasn't respecting the StaticWebAssetBasePath defined for the project. Unfortunately the logic for handling the path composition was not robust enough and while it fixed the publish output layout, it introduced an integration issue later on at runtime.
The current fix makes the handling of the path more tolerant to initial and final slashes and includes a new end to end test that validates this scenario.
Customer Impact
Customers can't host blazor applications outside the root path (/)
Regression?
Yes. Worked in 3.2
Risk
Low.
We've included additional tests and E2E automation to verify this case.
Validation
Automated
Manual
* Add legacy 3.1 fork of the whitespace tests, with baselines based on 5.0 behavior
* Remove non-applicable Legacy_3_1_WhiteSpace_WithPreserveWhitespace test
* Set the legacy tests to run with RazorLanguageVersion.Version_3_0
* Add legacy fork of the whitespace pass
* Consolidate both versions of whitespace pass and show it doesn't affect the baselines
* Revert BOM change
* Fix test
* Unset delegation propery from source queue. This removes the process from the target URL group and allows the delegation rule to be added back later on in the processes lifetime
* Add test
* Add disposing pattern
Co-authored-by: Nolan Glore <nglore@microsoft.com>
Remove MicrosoftAspNetCoreAuthenticationJwtBearerPackageVersion and MicrosoftAspNetCoreAuthenticationOpenIdConnectPackageVersion if there are not need eg. user wants only OpenApi.
Co-authored-by: Andrzej Król <andkrul@gmail.com>
The RazorTagHelper task in the SDK is invoked by targets outside the SDK.
Consequently, any new requirements on the tasks need to be compatible with these versions.
In 5.0, we changed the task to expect the path to be passed in by the ToolExe property. This changes allows
using dotnet.exe from the ambient PATH to be used instead (the previous behavior)
Description
We introduced a public property as part of #27907 to enable users to opt-in. Turns out that this caused issues since we didn't update the target pack.
As a result, the Razor compiler treats this new property as a regular HTML attribute (of type string) instead of as a boolean.
In turn this causes the template to error at runtime when the application starts.
Customer Impact
Customers using 5.0.1 won't be able to create and run new blazor apps out of the box. They can fix the template code by preceding the true value in the attribute with @ to force the compiler to interpret it as C#. (Which is the same fix we are applying).
Regression?
Yes, 5.0.0. Users were able to create new blazor templates without this issue.
Risk
Low. We've manually validated the fix against a new project from a 5.0.1 template.
[release/5.0] Update dependencies from dotnet/efcore dotnet/runtime
- Merge branch 'release/5.0' into darc-release/5.0-d4478e43-6d04-47a1-8a7c-c6c2dcd90d64
- Tweak tests
- Remove Extensions.Internal.Transport from Runtime
- Microsoft.AspNetCore.App.Runtime project does not expect compilation-only references
- !fixup! Rearrange a `Condition`
- slight change to 49cc13cb5ac6 workaround
- Do not compile against assemblies with newer assembly versions
- avoid problems with e.g. System.Extensions.DependencyInjection in 5.0.1
- Revert "Remove package version pinning for ref/ assemblies in servicing (#25851)"
- dotnet/runtime assembly versions are unexpectedly changing in servicing
This reverts commit bfc1ec6792.
- Update `SharedFxTests` to handle dotnet/runtime version changes
- assemblies with non-0.0 versions end up in Microsoft.AspNetCore.App
- future-proofs these tests because more dotnet/runtime versions may change
- !fixup! Revert of bfc1ec6792 messed up `RepoTasks`
- need the RTM-versioned packages on all platforms
- we only target `net472` on Windows
Razor requires referencing two different versions of Roslyn
Razor compiler (rzc) that ships as part of the SDK. rzc ships copies of compiler binaries (Microsoft.CodeAnalysis.CSharp and Microsoft.CodeAnalysis.Common).
Razor runtime compilation is shipped as a NuGet package and needs to reference a version of Roslyn that ships as a NuGet package.
Roslyn doesn't follow the runtime ship schedule so to reliably the 2nd item, ASP.NET Core manually updates this package version. As part of 5.0.1, it was discovered that there's two different versions of these binaries in the SDK (a 3.8.0 version carried by the compiler and a 3.7.0 version carried by Razor). This is a bit vexxing, more so in source build which only builds the newer version.
Fixes#28096
Description
Update the Roslyn version referenced by Razor to 3.8.0
Customer impact
Razor compilation uses a newer version of the compiler consistent with the rest of the SDK.
Users updating to the 5.0.1 version of runtime compilation package will now use a newer version of the compiler. While it's slightly unusual to update a reference by a minor version as part of a patch release, we do not see users taking a hard dependency on the compiler version to be affected by this.
Regression
No
Risk
Low.
Matt Mitchell
Safia Abdalla
Javier Calvarro Nelson
Doug Bunting
DotNet Bot
dotnet-bot
James Newton-King
dotnet-maestro[bot]
William Godbe
Steve Sanderson
Brennan Conroy
Sourabh Shirhatti
John Luo
Pranav K
Jan Vorlicek