diff --git a/eng/Npm.Workspace.nodeproj b/eng/Npm.Workspace.nodeproj
index 58722e78cc3a..c168ca2728e7 100644
--- a/eng/Npm.Workspace.nodeproj
+++ b/eng/Npm.Workspace.nodeproj
@@ -36,7 +36,7 @@
 
     <Message Text="Building NPM packages..." Importance="high" />
 
-    <Exec Condition="'$(ContinuousIntegrationBuild)' == 'true'"
+    <Exec
       Command="node $(MSBuildThisFileDirectory)scripts/npm/pack-workspace.mjs --update-versions $(RepoRoot)package.json $(PackageVersion) $(PackageOutputPath) $(IntermediateOutputPath)"
       EnvironmentVariables="$(_NpmAdditionalEnvironmentVariables)" />
 
diff --git a/eng/Versions.props b/eng/Versions.props
index 56c700a54d46..9530049a5162 100644
--- a/eng/Versions.props
+++ b/eng/Versions.props
@@ -282,7 +282,7 @@
     <MicrosoftAspNetCoreAzureAppServicesSiteExtension80x64Version>$(MicrosoftAspNetCoreAzureAppServicesSiteExtension80Version)</MicrosoftAspNetCoreAzureAppServicesSiteExtension80x64Version>
     <MicrosoftAspNetCoreAzureAppServicesSiteExtension80x86Version>$(MicrosoftAspNetCoreAzureAppServicesSiteExtension80Version)</MicrosoftAspNetCoreAzureAppServicesSiteExtension80x86Version>
     <!-- 3rd party dependencies -->
-    <AzureIdentityVersion>1.11.3</AzureIdentityVersion>
+    <AzureIdentityVersion>1.11.4</AzureIdentityVersion>
     <AngleSharpVersion>0.9.9</AngleSharpVersion>
     <BenchmarkDotNetVersion>0.13.0</BenchmarkDotNetVersion>
     <CastleCoreVersion>4.2.1</CastleCoreVersion>
@@ -328,7 +328,7 @@
     <XunitExtensibilityCoreVersion>$(XunitVersion)</XunitExtensibilityCoreVersion>
     <XunitExtensibilityExecutionVersion>$(XunitVersion)</XunitExtensibilityExecutionVersion>
     <XUnitRunnerVisualStudioVersion>2.4.3</XUnitRunnerVisualStudioVersion>
-    <MicrosoftDataSqlClientVersion>4.0.5</MicrosoftDataSqlClientVersion>
+    <MicrosoftDataSqlClientVersion>5.2.2</MicrosoftDataSqlClientVersion>
     <MicrosoftOpenApiVersion>1.6.17</MicrosoftOpenApiVersion>
     <MicrosoftOpenApiReadersVersion>1.6.17</MicrosoftOpenApiReadersVersion>
     <!-- dotnet tool versions (see also auto-updated DotnetEfVersion property). -->
diff --git a/eng/scripts/npm/update-dependency-versions.mjs b/eng/scripts/npm/update-dependency-versions.mjs
index ce8b9b42c6d7..3cee60be697c 100644
--- a/eng/scripts/npm/update-dependency-versions.mjs
+++ b/eng/scripts/npm/update-dependency-versions.mjs
@@ -38,19 +38,25 @@ export function applyVersions(defaultPackageVersion, workspacePath) {
   return [packagesToPack, renames];
 }
 
-function applyPackageVersion(packagesToPack, defaultPackageVersion) {
+function applyPackageVersion(packagesToPack, packageVersion) {
   const currentDir = process.cwd();
   const renames = [];
   for (const [packagePath, packageJson] of packagesToPack) {
-    const packageName = packageJson.name;
-    const packageVersion = defaultPackageVersion;
-    const packageDir = path.dirname(packagePath);
     // Run npm version packageVersion --no-git-tag-version
     // This will update the package.json version to the specified version without creating a git tag
     // Make a backup of the package.json
     fs.copyFileSync(packagePath, `${packagePath}.bak`);
     renames.push([`${packagePath}.bak`, packagePath]);
 
+    // "npm version ..." fails if it wouldn't change the version which is common for local builds.
+    // Rather than fail the build, we'll produce packages versions with the "-dev" suffix.
+    if (packageJson.version === packageVersion) {
+      continue;
+    }
+
+    const packageName = packageJson.name;
+    const packageDir = path.dirname(packagePath);
+
     process.chdir(packageDir);
     execSync(`npm version ${packageVersion} --no-git-tag-version`, { stdio: 'inherit' });
     process.chdir(currentDir);
diff --git a/src/ProjectTemplates/Shared/Project.cs b/src/ProjectTemplates/Shared/Project.cs
index ed00a32f7f8e..8fc9a152dc2f 100644
--- a/src/ProjectTemplates/Shared/Project.cs
+++ b/src/ProjectTemplates/Shared/Project.cs
@@ -142,6 +142,20 @@ internal async Task RunDotNetNewAsync(
             CaptureBinLogOnFailure(restoreExecution);
 
             Assert.True(0 == restoreResult.ExitCode, ErrorMessages.GetFailedProcessMessage("restore", this, restoreResult));
+
+            // We must specify nuget.org as a source because the Azure DevOps feeds do not support the --vulnerable flag.
+            // If we restored packages from nuget.org, we could remove the following check since the restore itself would produce
+            // NuGet vulnerability warnings, but we avoid using nuget.org as a source for the restore to avoid supply chain attacks.
+            // https://learn.microsoft.com/nuget/reference/errors-and-warnings/nu1901-nu1904
+            argString = "list package --vulnerable --include-transitive --source https://api.nuget.org/v3/index.json";
+            using var listVulnerableExecution = ProcessEx.Run(Output, TemplateOutputDir, DotNetMuxer.MuxerPathOrDefault(), argString, environmentVariables);
+            await listVulnerableExecution.Exited;
+
+            if (listVulnerableExecution.ExitCode != 0 || !listVulnerableExecution.Output.Contains("has no vulnerable packages"))
+            {
+                // We consider this part of the build step, since the build would normally warn about vulnerable packages if not for --no-restore.
+                Assert.Fail(ErrorMessages.GetFailedProcessMessage("restore", this, new ProcessResult(listVulnerableExecution)));
+            }
         }
     }
 
diff --git a/src/ProjectTemplates/TestInfrastructure/PrepareForTest.targets b/src/ProjectTemplates/TestInfrastructure/PrepareForTest.targets
index 4e1a98035f07..d332234acaa5 100644
--- a/src/ProjectTemplates/TestInfrastructure/PrepareForTest.targets
+++ b/src/ProjectTemplates/TestInfrastructure/PrepareForTest.targets
@@ -88,7 +88,10 @@
       <_FilesToCopy Include="$(LocalDotNetRoot)sdk\**\*" DestinationRelativeFolder="sdk\" />
       <_FilesToCopy Include="$(SharedFrameworkLayoutRoot)\**\*" />
 
-      <_DestinationFiles Include="@(_FilesToCopy->'$(TemplateTestDotNetRoot)%(DestinationRelativeFolder)%(RecursiveDir)%(Filename)%(Extension)')" />
+      <_PrelimDestinationFiles Include="@(_FilesToCopy->'$(TemplateTestDotNetRoot)%(DestinationRelativeFolder)%(RecursiveDir)%(Filename)%(Extension)')" />
+      <_DestinationFiles Include="@(_PrelimDestinationFiles)" Condition="!$([MSBuild]::IsOSPlatform(`Windows`))" />
+      <!-- Prefix absolute destination paths with "\\?\" on Windows to avoid MSBuild MAX_PATH issues in VS. https://github.com/dotnet/msbuild/issues/53 -->
+      <_DestinationFiles Include="@(_PrelimDestinationFiles->'\\?\%(Identity)')" Condition="$([MSBuild]::IsOSPlatform(`Windows`))" />
     </ItemGroup>
 
     <Copy SourceFiles="@(_FilesToCopy)"
@@ -97,8 +100,6 @@
 
     <Message Importance="high" Text="Removed directory %(_CleanedUpDirectories.Identity)" />
 
-    <Message Importance="high" Text="Created directory %(_CreatedDirectories.Identity)" />
-
     <GenerateFileFromTemplate
       TemplateFile="$(MSBuildThisFileDirectory)..\TestInfrastructure\Directory.Build.targets.in"
       Properties="Configuration=$(Configuration);
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/BlazorWeb-CSharp.csproj.in b/src/ProjectTemplates/Web.ProjectTemplates/BlazorWeb-CSharp.csproj.in
index 541be08bd263..8b3e8fcdf7bd 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/BlazorWeb-CSharp.csproj.in
+++ b/src/ProjectTemplates/Web.ProjectTemplates/BlazorWeb-CSharp.csproj.in
@@ -22,9 +22,12 @@
     <PackageReference Include="Microsoft.AspNetCore.Components.WebAssembly.Server" Version="${MicrosoftAspNetCoreComponentsWebAssemblyServerVersion}" Condition="'$(UseWebAssembly)' == 'True'" />
     <PackageReference Include="Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore" Version="${MicrosoftAspNetCoreDiagnosticsEntityFrameworkCoreVersion}" Condition="'$(IndividualLocalAuth)' == 'True'" />
     <PackageReference Include="Microsoft.AspNetCore.Identity.EntityFrameworkCore" Version="${MicrosoftAspNetCoreIdentityEntityFrameworkCoreVersion}" Condition="'$(IndividualLocalAuth)' == 'True'" />
+    <PackageReference Include="Microsoft.Data.SqlClient" Version="${MicrosoftDataSqlClientVersion}" Condition="'$(IndividualLocalAuth)' == 'True' AND '$(UseLocalDB)' == 'True'" />
     <PackageReference Include="Microsoft.EntityFrameworkCore.Sqlite" Version="${MicrosoftEntityFrameworkCoreSqliteVersion}" Condition="'$(IndividualLocalAuth)' == 'True' AND '$(UseLocalDB)' != 'True'" />
     <PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="${MicrosoftEntityFrameworkCoreSqlServerVersion}" Condition="'$(IndividualLocalAuth)' == 'True' AND '$(UseLocalDB)' == 'True'" />
     <PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="${MicrosoftEntityFrameworkCoreToolsVersion}" Condition="'$(IndividualLocalAuth)' == 'True'" />
+    <PackageReference Include="System.Drawing.Common" Version="${SystemDrawingCommonVersion}" Condition="'$(IndividualLocalAuth)' == 'True'" />
+    <PackageReference Include="System.Text.Json" Version="${SystemTextJsonVersion}" Condition="'$(IndividualLocalAuth)' == 'True'" />
   </ItemGroup>
 
   <!--#endif -->
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/Microsoft.DotNet.Web.ProjectTemplates.csproj b/src/ProjectTemplates/Web.ProjectTemplates/Microsoft.DotNet.Web.ProjectTemplates.csproj
index 01fd5e06eafd..9ba5a7cb108c 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/Microsoft.DotNet.Web.ProjectTemplates.csproj
+++ b/src/ProjectTemplates/Web.ProjectTemplates/Microsoft.DotNet.Web.ProjectTemplates.csproj
@@ -6,6 +6,9 @@
     <Description>ASP.NET Core Web Template Pack for Microsoft Template Engine</Description>
     <ComponentsWebAssemblyProjectsRoot>$(RepoRoot)src\Components\WebAssembly\</ComponentsWebAssemblyProjectsRoot>
     <UsingToolTemplateLocalizer>true</UsingToolTemplateLocalizer>
+    <!-- Unfortunately, UpToDateCheckInput and UpToDateCheckBuilt don't seem to have any effect on VS builds of this project. -->
+    <!-- https://github.com/dotnet/project-system/blob/d0a44e00b723283d8520cfbe3b6d7876bd7e128c/docs/up-to-date-check.md -->
+    <DisableFastUpToDateCheck>true</DisableFastUpToDateCheck>
   </PropertyGroup>
 
   <PropertyGroup>
@@ -14,6 +17,7 @@
       DefaultNetCoreTargetFramework=$(DefaultNetCoreTargetFramework);
       GrpcAspNetCoreVersion=$(GrpcAspNetCoreVersion);
       MicrosoftAspNetCoreMvcRazorRuntimeCompilationVersion=$(MicrosoftAspNetCoreMvcRazorRuntimeCompilationVersion);
+      MicrosoftDataSqlClientVersion=$(MicrosoftDataSqlClientVersion);
       MicrosoftEntityFrameworkCoreSqliteVersion=$(MicrosoftEntityFrameworkCoreSqliteVersion);
       MicrosoftEntityFrameworkCoreSqlServerVersion=$(MicrosoftEntityFrameworkCoreSqlServerVersion);
       MicrosoftEntityFrameworkCoreToolsVersion=$(MicrosoftEntityFrameworkCoreToolsVersion);
@@ -24,8 +28,9 @@
       MicrosoftIdentityWebUIVersion=$(MicrosoftIdentityWebUIVersion);
       MicrosoftIdentityWebDownstreamApiVersion=$(MicrosoftIdentityWebDownstreamApiVersion);
       MicrosoftNETCoreAppRuntimeVersion=$(MicrosoftNETCoreAppRuntimeVersion);
-      SystemNetHttpJsonVersion=$(SystemNetHttpJsonVersion);
       MicrosoftGraphVersion=$(MicrosoftGraphVersion);
+      SystemDrawingCommonVersion=$(SystemDrawingCommonVersion);
+      SystemTextJsonVersion=$(SystemTextJsonVersion);
     </GeneratedContentProperties>
   </PropertyGroup>
 
@@ -64,6 +69,11 @@
     <GeneratedContent Include="BlazorWeb-CSharp.csproj.in" OutputPath="content/BlazorWeb-CSharp/BlazorWeb-CSharp/BlazorWeb-CSharp.csproj" />
     <GeneratedContent Include="BlazorWeb-CSharp.Client.csproj.in" OutputPath="content/BlazorWeb-CSharp/BlazorWeb-CSharp.Client/BlazorWeb-CSharp.Client.csproj" />
     <GeneratedContent Include="ComponentsWebAssembly-CSharp.csproj.in" OutputPath="content/ComponentsWebAssembly-CSharp/ComponentsWebAssembly-CSharp.csproj" />
+    <!-- This appears to use the right UpToDateCheckBuilt parameters, but DisableFastUpToDateCheck is still necessary for VS to pick up incremental updates. -->
+    <!-- Maybe this is related to the OutputPath being inside of the projects content directory rather than bin or obj. -->
+    <!--<UpToDateCheckBuilt Include="@(GeneratedContent->'%(OutputPath)')" Original="@(GeneratedContent)" />-->
+    <!-- Use "None Include" to make csproj.in files visible in VS Solution Explorer. -->
+    <None Include="@(GeneratedContent)" />
   </ItemGroup>
 
 </Project>
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/RazorPagesWeb-CSharp.csproj.in b/src/ProjectTemplates/Web.ProjectTemplates/RazorPagesWeb-CSharp.csproj.in
index 2ed95f454912..6a5f32095f7e 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/RazorPagesWeb-CSharp.csproj.in
+++ b/src/ProjectTemplates/Web.ProjectTemplates/RazorPagesWeb-CSharp.csproj.in
@@ -20,6 +20,7 @@
     <PackageReference Include="Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore" Version="${MicrosoftAspNetCoreDiagnosticsEntityFrameworkCoreVersion}" Condition=" '$(IndividualLocalAuth)' == 'True' " />
     <PackageReference Include="Microsoft.AspNetCore.Identity.EntityFrameworkCore" Version="${MicrosoftAspNetCoreIdentityEntityFrameworkCoreVersion}" Condition=" '$(IndividualLocalAuth)' == 'True' " />
     <PackageReference Include="Microsoft.AspNetCore.Identity.UI" Version="${MicrosoftAspNetCoreIdentityUIVersion}" Condition=" '$(IndividualLocalAuth)' == 'True' " />
+    <PackageReference Include="Microsoft.Data.SqlClient" Version="${MicrosoftDataSqlClientVersion}" Condition="'$(IndividualLocalAuth)' == 'True' AND '$(UseLocalDB)' == 'True'" />
     <PackageReference Include="Microsoft.EntityFrameworkCore.Sqlite" Version="${MicrosoftEntityFrameworkCoreSqliteVersion}" Condition=" '$(IndividualLocalAuth)' == 'True' AND '$(UseLocalDB)' != 'True'" />
     <PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="${MicrosoftEntityFrameworkCoreSqlServerVersion}" Condition=" '$(IndividualLocalAuth)' == 'True' AND '$(UseLocalDB)' == 'True'" />
     <PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="${MicrosoftEntityFrameworkCoreToolsVersion}" Condition=" '$(IndividualLocalAuth)' == 'True' " />
@@ -30,6 +31,8 @@
     <PackageReference Include="Microsoft.Identity.Web.GraphServiceClient" Version="${MicrosoftIdentityWebGraphServiceClientVersion}" Condition=" '$(GenerateGraph)' == 'True' " />
     <PackageReference Include="Microsoft.Identity.Web.UI" Version="${MicrosoftIdentityWebUIVersion}" Condition=" '$(IndividualB2CAuth)' == 'True' OR '$(OrganizationalAuth)' == 'True'" />
     <PackageReference Include="Microsoft.Identity.Web.DownstreamApi" Version="${MicrosoftIdentityWebDownstreamApiVersion}" Condition=" '$(IndividualB2CAuth)' == 'True' OR '$(OrganizationalAuth)' == 'True'" />
+    <PackageReference Include="System.Drawing.Common" Version="${SystemDrawingCommonVersion}" Condition="'$(IndividualLocalAuth)' == 'True'" />
+    <PackageReference Include="System.Text.Json" Version="${SystemTextJsonVersion}" Condition="'$(IndividualLocalAuth)' == 'True'" />
   </ItemGroup>
 
   <!--#endif -->
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/StarterWeb-CSharp.csproj.in b/src/ProjectTemplates/Web.ProjectTemplates/StarterWeb-CSharp.csproj.in
index c900105fff89..515b1ecebba0 100644
--- a/src/ProjectTemplates/Web.ProjectTemplates/StarterWeb-CSharp.csproj.in
+++ b/src/ProjectTemplates/Web.ProjectTemplates/StarterWeb-CSharp.csproj.in
@@ -20,6 +20,7 @@
     <PackageReference Include="Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore" Version="${MicrosoftAspNetCoreDiagnosticsEntityFrameworkCoreVersion}" Condition=" '$(IndividualLocalAuth)' == 'True' " />
     <PackageReference Include="Microsoft.AspNetCore.Identity.EntityFrameworkCore" Version="${MicrosoftAspNetCoreIdentityEntityFrameworkCoreVersion}" Condition=" '$(IndividualLocalAuth)' == 'True' " />
     <PackageReference Include="Microsoft.AspNetCore.Identity.UI" Version="${MicrosoftAspNetCoreIdentityUIVersion}" Condition=" '$(IndividualLocalAuth)' == 'True' " />
+    <PackageReference Include="Microsoft.Data.SqlClient" Version="${MicrosoftDataSqlClientVersion}" Condition="'$(IndividualLocalAuth)' == 'True' AND '$(UseLocalDB)' == 'True'" />
     <PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="${MicrosoftEntityFrameworkCoreSqlServerVersion}" Condition=" '$(IndividualLocalAuth)' == 'True' AND '$(UseLocalDB)' == 'True'" />
     <PackageReference Include="Microsoft.EntityFrameworkCore.Sqlite" Version="${MicrosoftEntityFrameworkCoreSqliteVersion}" Condition=" '$(IndividualLocalAuth)' == 'True' AND '$(UseLocalDB)' != 'True'" />
     <PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="${MicrosoftEntityFrameworkCoreToolsVersion}" Condition=" '$(IndividualLocalAuth)' == 'True' " />
@@ -30,6 +31,8 @@
     <PackageReference Include="Microsoft.Identity.Web.GraphServiceClient" Version="${MicrosoftIdentityWebGraphServiceClientVersion}" Condition=" '$(GenerateGraph)' == 'True' " />
     <PackageReference Include="Microsoft.Identity.Web.UI" Version="${MicrosoftIdentityWebUIVersion}" Condition=" '$(IndividualB2CAuth)' == 'True' OR '$(OrganizationalAuth)' == 'True'" />
     <PackageReference Include="Microsoft.Identity.Web.DownstreamApi" Version="${MicrosoftIdentityWebDownstreamApiVersion}" Condition=" '$(IndividualB2CAuth)' == 'True' OR '$(OrganizationalAuth)' == 'True'" />
+    <PackageReference Include="System.Drawing.Common" Version="${SystemDrawingCommonVersion}" Condition="'$(IndividualLocalAuth)' == 'True'" />
+    <PackageReference Include="System.Text.Json" Version="${SystemTextJsonVersion}" Condition="'$(IndividualLocalAuth)' == 'True'" />
   </ItemGroup>
 
   <!--#endif -->