Bump Akka from 1.5.51 to 1.5.55

[dependabot]

Updated Akka from 1.5.51 to 1.5.55.

Release notes

Sourced from Akka's releases.

1.5.55

1.5.55 October 26th, 2025

Akka.NET v1.5.55 is a patch release containing important stability and security improvements for Akka.Remote.

Akka.Remote Stability Improvements:

• Akka.Remote: harden EndpointWriter against serialization failures - Fixes issue #​7922 by hardening the EndpointWriter against a broader range of potential serialization failures, improving overall remoting stability.

Akka.Remote Security Improvements:

• Custom certificate validation with single execution path - fixes mTLS asymmetry bug - Fixes issue #​7914 by introducing programmatic certificate validation helpers through the new CertificateValidation factory class. This release adds 7 new validation helper methods including ValidateChain(), ValidateHostname(), PinnedCertificate(), ValidateSubject(), ValidateIssuer(), Combine(), and ChainPlusThen(). The update also fixes an mTLS asymmetry bug where server-side hostname validation was not being applied consistently with client-side validation, all while maintaining full backward compatibility with existing HOCON-based validation.

• Fix DotNettySslSetup being ignored when HOCON has valid SSL config - Fixes issue #​7917 where programmatic DotNettySslSetup settings were incorrectly being overridden by HOCON configuration. Programmatic configuration now correctly takes precedence over HOCON defaults as intended.

1 contributor since release 1.5.54

COMMITS	LOC+	LOC-	AUTHOR
3	1605	289	Aaron Stannard

Changes:

• 2492bdb1f238d5cc902b5d5a7600941bf0837ba9 Prepare v1.5.55 release (#​7926)
• 2dc1c579f638ff87022cc8a95d36f68793a1c1c0 Akka.Remote: harden EndpointWriter against serialization failures (#​7923) (#​7925) [ #​7922 ]
• 98c25d1c3690c218a007049d9bc43d2ac9e605b4 feat(remote): custom certificate validation with single execution path - fixes mTLS asymmetry bug (#​7915) (#​7921) [ #​7914 ]
• 1e8d6068cf2a94c19fbf3d951547cf460ef3e8f1 Fix DotNettySslSetup being ignored when HOCON has valid SSL config (#​7918) (#​7919) [ #​7917 ]
• 77ba03c0353bd813c6022a1a7713fab38c4d5d4a Prepare v1.5.54 release (#​7913)

This list of changes was auto generated.

1.5.54

1.5.54 October 17th, 2025

Akka.NET v1.5.54 is a patch release containing important bug fixes for Akka.Streams and Akka.DistributedData.

Bug Fixes:

• Fix SourceRef.Source and SinkRef.Sink non-idempotent property bug - Fixes issue #​7895 where ISourceRef<T>.Source and ISinkRef<T>.Sink properties created new stage instances on every access, causing race conditions and intermittent subscription timeouts. These properties are now idempotent using Lazy<T>, preventing failures from accidental property access (debugger inspection, logging, serialization frameworks).

• Fix LWWDictionary.Delta ArgumentNullException when underlying delta is null - Fixes issue #​7910 where LWWDictionary.Delta would throw ArgumentNullException when the underlying ORDictionary.Delta was null, which is a legitimate state after initialization or calling ResetDelta().

1 contributor since release 1.5.53

COMMITS	LOC+	LOC-	AUTHOR
2	159	20	Aaron Stannard

Changes:

• e7bf0c7b629f897405aefaad30bab7655a1b5928 Prepare v1.5.54 release
• eb020d050d47b22da38477c9370bde2a80d82600 Fix LWWDictionary.Delta ArgumentNullException when underlying delta is null (#​7910) (#​7911) (#​7912)
• 53e1b3d45dc6b0d0be84c0c002caea34ed63ac6b [v1.5] Fix SourceRef.Source and SinkRef.Sink non-idempotent property bug (#​7907) [ #​7895 ]
• e1c4b4f33b5be1605af6c4b9d723f043f8a0ef4a Prepare v1.5.53 release (#​7900)

This list of changes was auto generated.

1.5.53

1.5.53 October 9th, 2025

Akka.NET v1.5.53 is a security patch containing important fixes for TLS/SSL hostname validation and improved error diagnostics for certificate authentication issues.

Security Fixes:

• Fix TLS hostname validation bug and add configurable validation - Fixes a critical bug where TLS clients validated against their own certificate DNS name instead of the remote server address, particularly affecting mutual TLS scenarios. This release also adds a new validate-certificate-hostname configuration option to akka.remote.dot-netty.tcp (defaults to false for backward compatibility) and introduces type-safe validation APIs through the new TlsValidationCallbacks factory class.

Improvements:

• Improve TLS/SSL certificate error messages during handshake failures - Provides human-readable, actionable error messages for TLS/SSL certificate validation failures with detailed troubleshooting guidance, significantly improving the developer experience when configuring certificate-based authentication.

1 contributor since release 1.5.52

COMMITS	LOC+	LOC-	AUTHOR
2	1060	77	Aaron Stannard

To see the full set of changes in Akka.NET v1.5.53, click here

Changes:

• dfee7bb4db4c3382012425fb8654d3cdc1f33ad9 Prepare v1.5.53 release
• 4eaf307cd6914f8680efd37eaba846e575d74a71 Fix TLS hostname validation bug and add configurable validation (#​7897) [ #​7893 ]
• 8644c598b9eaf54222587f5d28a74276db47544f Improve TLS/SSL certificate error messages during handshake failures (#​7891) [ #​7890 ]

This list of changes was auto generated.

1.5.52

1.5.52 October 6th, 2025

SECURITY PATCH

Akka.NET v1.5.52 is a security patch containing crucial fixes for enforcing certificate-based authentication using mTLS enforcement. Please see https://getakka.net/articles/remoting/security.html for details on how this works.

• Akka.Remote: implement mutual TLS authentication support
• Akka.Remote: validate SSL certificate private key access at server startup

Other fixes:

• Akka.Cluster.Sharding: ShardedDaemonSets: randomize starting worker index

1 contributors since release 1.5.51

COMMITS	LOC+	LOC-	AUTHOR
3	1193	149	Aaron Stannard

To see the full set of changes in Akka.NET v1.5.52, click here

Changes:

• b4fbd5ffd00688e250126e0e004b95e2678532b0 added v1.5.52 release notes (#​7883)
• 5f8e39da189c1044aa0d9a5422c1421ea47603d0 ShardedDaemonSets: randomize starting worker index (#​7857) (#​7874)
• 1a5a82bc5ce463f5a94cba7c943b28dd2b0a1fd9 feat(remote): implement mutual TLS authentication support (#​7851) (#​7855) [ #​538 ]
• 5994efc01eec66ec53b6bcd9a4fa2efb16b19043 Fix: Validate SSL certificate private key access at server startup (#​7847) (#​7848) [ #​538 ]

This list of changes was auto generated.

Commits viewable in compare view.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)