Merge pull request #47453 from dotnet/main

Merge main into live

Author: dotnet-policy-service[bot]

.github/copilot-instructions.md

@@ -24,7 +24,9 @@ Use "might" instead of "may" to indicate possibility. For example, "This method
 
 Use the Oxford comma in lists of three or more items.
 
-Number ordered list items all as "1." instead of "1.", "2.", etc. Use bullets for unordered lists.
+Number ordered list items all as "1." instead of "1.", "2.", etc.
+
+Use bullets for unordered lists. Unless *all* the bullet list items are three words or less, each bullet item should end with a period.
 
 Use **bold** when referring to UI elements. Use `code style` for file names and folders, custom types, and other text that should never be localized.
 

.openpublishing.redirection.core.json

@@ -1345,8 +1345,7 @@
         },
         {
             "source_path_from_root": "/docs/whats-new/dotnet-7-docs.md",
-            "redirect_url": "/dotnet/whats-new/dotnet-docs-mod0",
-            "redirect_document_id": true
+            "redirect_url": "/dotnet/whats-new"
         },
         {
             "source_path_from_root": "/docs/core/whats-new/dotnet-8.md",

docs/azure/includes/dotnet-all.md

@@ -412,7 +412,7 @@
 | Speech Extension Telemetry | NuGet [1.45.0](https://www.nuget.org/packages/Microsoft.CognitiveServices.Speech.Extension.Telemetry/1.45.0) |  |  |
 | System Net Client Model | NuGet [1.0.0-beta.1](https://www.nuget.org/packages/System.Net.ClientModel/1.0.0-beta.1) |  |  |
 | Unknown Display Name | NuGet [0.10.9-akri](https://www.nuget.org/packages/Azure.Iot.Operations.Connector/0.10.9-akri) |  |  |
-| Unknown Display Name | NuGet [1.1.0-preview](https://www.nuget.org/packages/Microsoft.Azure.WebJobs.Extensions.AzureCosmosDb.Mongo/1.1.0-preview) |  |  |
+| Unknown Display Name | NuGet [1.1.1-preview](https://www.nuget.org/packages/Microsoft.Azure.WebJobs.Extensions.AzureCosmosDb.Mongo/1.1.1-preview) |  |  |
 | Unknown Display Name | NuGet [1.45.0](https://www.nuget.org/packages/Microsoft.CognitiveServices.Speech.Extension.MAS/1.45.0) |  |  |
 | WebJobs Extension MySQL | NuGet [1.0.129](https://www.nuget.org/packages/Microsoft.Azure.WebJobs.Extensions.MySql/1.0.129) |  |  |
 | Anomaly Detector | NuGet [1.0.0](https://www.nuget.org/packages/Microsoft.Azure.CognitiveServices.AnomalyDetector/1.0.0) |  | GitHub [1.0.0](https://github.com/Azure/azure-sdk-for-net/tree/Microsoft.Azure.CognitiveServices.AnomalyDetector_1.0.0-preview.1/sdk/cognitiveservices/AnomalyDetector) |

docs/core/compatibility/aspnet-core/8.0/securitytoken-events.md

@@ -5,21 +5,21 @@ ms.date: 07/31/2023
 ---
 # Security token events return a JsonWebToken
 
-The <xref:Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerEvents>, <xref:Microsoft.AspNetCore.Authentication.WsFederation.WsFederationEvents>, and <xref:Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectEvents> events are authentication events fired respectively by the [JwtBearer](xref:Microsoft.AspNetCore.Authentication.JwtBearer), [WsFederation](xref:Microsoft.AspNetCore.Authentication.WsFederation), and [OpenIdConnect](xref:Microsoft.AspNetCore.Authentication.OpenIdConnect) authentication handlers. For example, the <xref:Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerEvents.OnTokenValidated> event is fired when a security token is validated. These events are fired with a context (for example, <xref:Microsoft.AspNetCore.Authentication.JwtBearer.TokenValidatedContext>) that exposes a <xref:Microsoft.AspNetCore.Authentication.JwtBearer.TokenValidatedContext.SecurityToken?displayProperty=nameWithType> property of abstract type <xref:System.IdentityModel.Tokens.SecurityToken>. The default real implementation of <xref:Microsoft.AspNetCore.Authentication.JwtBearer.TokenValidatedContext.SecurityToken?displayProperty=nameWithType> changed from <xref:System.IdentityModel.Tokens.Jwt.JwtSecurityToken> to <xref:Microsoft.IdentityModel.JsonWebTokens.JsonWebToken>.
+The <xref:Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerEvents>, <xref:Microsoft.AspNetCore.Authentication.WsFederation.WsFederationEvents>, and <xref:Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectEvents> events are authentication events fired respectively by the [JwtBearer](xref:Microsoft.AspNetCore.Authentication.JwtBearer), [WsFederation](xref:Microsoft.AspNetCore.Authentication.WsFederation), and [OpenIdConnect](xref:Microsoft.AspNetCore.Authentication.OpenIdConnect) authentication handlers. For example, the <xref:Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerEvents.OnTokenValidated> event is fired when a security token is validated. These events are fired with a context (for example, <xref:Microsoft.AspNetCore.Authentication.JwtBearer.TokenValidatedContext>) that exposes a <xref:Microsoft.AspNetCore.Authentication.JwtBearer.TokenValidatedContext.SecurityToken?displayProperty=nameWithType> property of abstract type <xref:System.IdentityModel.Tokens.SecurityToken>. The default real implementation of <xref:Microsoft.AspNetCore.Authentication.JwtBearer.TokenValidatedContext.SecurityToken?displayProperty=nameWithType> changed from `System.IdentityModel.Tokens.Jwt.JwtSecurityToken` to <xref:Microsoft.IdentityModel.JsonWebTokens.JsonWebToken>.
 
 ## Version introduced
 
 ASP.NET Core 8.0 Preview 7
 
 ## Previous behavior
 
-Previously, the affected `SecurityToken` properties were implemented by <xref:System.IdentityModel.Tokens.Jwt.JwtSecurityToken>, which derives from <xref:System.IdentityModel.Tokens.SecurityToken>. <xref:System.IdentityModel.Tokens.Jwt.JwtSecurityToken> is the previous generation of JSON Web Token (JWT) implementation. The <xref:System.IdentityModel.Tokens.Jwt.JwtSecurityToken> tokens were produced by <xref:Microsoft.AspNetCore.Builder.JwtBearerOptions.SecurityTokenValidators>.
+Previously, the affected `SecurityToken` properties were implemented by `System.IdentityModel.Tokens.Jwt.JwtSecurityToken`, which derives from <xref:System.IdentityModel.Tokens.SecurityToken>. `JwtSecurityToken` is the previous generation of JSON Web Token (JWT) implementation. The `JwtSecurityToken` tokens were produced by <xref:Microsoft.AspNetCore.Builder.JwtBearerOptions.SecurityTokenValidators>.
 
-In addition, the <xref:System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.DefaultInboundClaimTypeMap?displayProperty=nameWithType> field provided the default claim type mapping for inbound claims.
+In addition, the `JwtSecurityTokenHandler.DefaultInboundClaimTypeMap` field provided the default claim type mapping for inbound claims.
 
 ## New behavior
 
-Starting in ASP.NET Core 8.0, the <xref:Microsoft.IdentityModel.JsonWebTokens> class, which also derives from <xref:System.IdentityModel.Tokens.SecurityToken>, implements the `SecurityToken` properties, by default. <xref:Microsoft.IdentityModel.JsonWebTokens> tokens are produced by more optimized <xref:Microsoft.IdentityModel.Tokens.TokenHandler> handlers.
+Starting in ASP.NET Core 8.0, the <xref:Microsoft.IdentityModel.JsonWebTokens> class, which also derives from <xref:System.IdentityModel.Tokens.SecurityToken>, implements the `SecurityToken` properties, by default. <xref:Microsoft.IdentityModel.JsonWebTokens> tokens are produced by more optimized `TokenHandler` handlers.
 
 In addition, the <xref:Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.DefaultInboundClaimTypeMap?displayProperty=nameWithType> field provides the default claim type mapping for inbound claims.
 
@@ -37,7 +37,7 @@ This change was made because <xref:Microsoft.IdentityModel.JsonWebTokens.JsonWeb
 
 ## Recommended action
 
-For most users, this change shouldn't be a problem as the type of the properties ([SecurityToken](xref:Microsoft.IdentityModel.Tokens.SecurityToken)) hasn't changed, and you weren't supposed to look at the real type.
+For most users, this change shouldn't be a problem as the type of the properties (`SecurityToken`) hasn't changed, and you weren't supposed to look at the real type.
 
 However, if you were down-casting one of the affected `SecurityToken` properties to `JwtSecurityToken` (for example, to get the claims), you have two options:
 

docs/core/compatibility/networking/10.0/ssl-certificate-revocation-check-default.md

@@ -8,19 +8,23 @@ ms.custom: https://github.com/dotnet/docs/issues/46824
 
 # HttpClient/SslStream default certificate revocation check mode changed to `Online`
 
-The default values of <xref:System.Net.Security.SslClientAuthenticationOptions.CertificateRevocationCheckMode?displayProperty=nameWithType> and <xref:System.Net.Security.SslServerAuthenticationOptions.CertificateRevocationCheckMode?displayProperty=nameWithType> have changed from `NoCheck` to `Online`. This change enhances security and makes the behavior consistent with <xref:System.Security.Cryptography.X509Certificates.X509ChainPolicy?displayProperty=nameWithType>.
+The default values of <xref:System.Net.Security.SslClientAuthenticationOptions.CertificateRevocationCheckMode?displayProperty=nameWithType> and <xref:System.Net.Security.SslServerAuthenticationOptions.CertificateRevocationCheckMode?displayProperty=nameWithType> have changed from `NoCheck` to `Online`.
+
+The default values of <xref:System.Net.Http.HttpClientHandler.CheckCertificateRevocationList?displayProperty=nameWithType> and <xref:System.Net.Http.WinHttpHandler.CheckCertificateRevocationList?displayProperty=nameWithType> have changed from `false` to `true`.
+
+This change enhances security and makes the behavior consistent with <xref:System.Security.Cryptography.X509Certificates.X509ChainPolicy?displayProperty=nameWithType>.
 
 ## Version introduced
 
 .NET 10 Preview 6
 
 ## Previous behavior
 
-Previously, the default values of <xref:System.Net.Security.SslClientAuthenticationOptions.CertificateRevocationCheckMode?displayProperty=nameWithType> and <xref:System.Net.Security.SslServerAuthenticationOptions.CertificateRevocationCheckMode?displayProperty=nameWithType> were <xref:System.Security.Cryptography.X509Certificates.X509RevocationMode.NoCheck?displayProperty=nameWithType>, meaning revocation status of peer certificates wasn't checked by default.
+Previously, the default values of <xref:System.Net.Security.SslClientAuthenticationOptions.CertificateRevocationCheckMode?displayProperty=nameWithType> and <xref:System.Net.Security.SslServerAuthenticationOptions.CertificateRevocationCheckMode?displayProperty=nameWithType> were <xref:System.Security.Cryptography.X509Certificates.X509RevocationMode.NoCheck?displayProperty=nameWithType>, and the default values of <xref:System.Net.Http.HttpClientHandler.CheckCertificateRevocationList?displayProperty=nameWithType> and <xref:System.Net.Http.WinHttpHandler.CheckCertificateRevocationList?displayProperty=nameWithType> were `false`, meaning revocation status of peer certificates wasn't checked by default.
 
 ## New behavior
 
-Starting in .NET 10, the default values of <xref:System.Net.Security.SslClientAuthenticationOptions.CertificateRevocationCheckMode?displayProperty=nameWithType> and <xref:System.Net.Security.SslServerAuthenticationOptions.CertificateRevocationCheckMode?displayProperty=nameWithType> are <xref:System.Security.Cryptography.X509Certificates.X509RevocationMode.Online?displayProperty=nameWithType>, meaning revocation status of peer certificates are checked online by default.
+Starting in .NET 10, the default values of <xref:System.Net.Security.SslClientAuthenticationOptions.CertificateRevocationCheckMode?displayProperty=nameWithType> and <xref:System.Net.Security.SslServerAuthenticationOptions.CertificateRevocationCheckMode?displayProperty=nameWithType> are <xref:System.Security.Cryptography.X509Certificates.X509RevocationMode.Online?displayProperty=nameWithType>, and the default values of <xref:System.Net.Http.HttpClientHandler.CheckCertificateRevocationList?displayProperty=nameWithType> and <xref:System.Net.Http.WinHttpHandler.CheckCertificateRevocationList?displayProperty=nameWithType> are `true`, meaning revocation status of peer certificates are checked online by default.
 
 ## Type of breaking change
 
@@ -32,7 +36,7 @@ This change enhances security and ensures consistency between APIs related to X.
 
 ## Recommended action
 
-If certificate revocation checking is not desired, specify <xref:System.Security.Cryptography.X509Certificates.X509RevocationMode.NoCheck?displayProperty=nameWithType> explicitly:
+If certificate revocation checking is not desired and you are using <xref:System.Net.Security.SslStream> directly, specify <xref:System.Security.Cryptography.X509Certificates.X509RevocationMode.NoCheck?displayProperty=nameWithType> explicitly:
 
 ```csharp
 var clientOptions = new SslClientAuthenticationOptions
@@ -48,8 +52,30 @@ var serverOptions = new SslServerAuthenticationOptions
 };
 ```
 
+When using <xref:System.Net.Http.HttpClient> you need to configure the underlying handler during creation:
+
+```csharp
+var withHttpClientHandler = new HttpClient(new HttpClientHandler
+{
+    CheckCertificateRevocationList = false
+});
+
+var withWinHttpHandler = new HttpClient(new WinHttpHandler
+{
+    CheckCertificateRevocationList = false
+});
+
+var withSocketsHttpHandler = new HttpClient(new SocketsHttpHandler
+{
+    SslOptions =
+    {
+        CertificateRevocationCheckMode = X509RevocationMode.NoCheck
+    }
+});
+```
+
 > [!NOTE]
-> Due to a bug on the OSX platform, you might encounter certificate validation failures with <xref:System.Security.Cryptography.X509Certificates.X509ChainStatusFlags.RevocationStatusUnknown?displayProperty=nameWithType> in scenarios where the certificate doesn't support revocation checking via OCSP. This is a bug in the underlying platform crypto implementation. To avoid failing the certificate validation if revocation status can't be retrieved, either disable certificate revocation checking as per the previous instructions, or set <xref:System.Security.Cryptography.X509Certificates.X509ChainPolicy> with <xref:System.Security.Cryptography.X509Certificates.X509ChainPolicy.VerificationFlags?displayProperty=nameWithType> set to `X509VerificationFlags.IgnoreEndRevocationUnknown | X509VerificationFlags.IgnoreCertificateAuthorityRevocationUnknown`.
+> Due to a bug on the OSX platform, you might encounter certificate validation failures with <xref:System.Security.Cryptography.X509Certificates.X509ChainStatusFlags.RevocationStatusUnknown?displayProperty=nameWithType> in scenarios where the certificate doesn't support revocation checking via OCSP. This is a bug in the underlying platform crypto implementation. To avoid failing the certificate validation if revocation status can't be retrieved, either disable certificate revocation checking as per the previous instructions, or set <xref:System.Net.Security.SslClientAuthenticationOptions.CertificateChainPolicy?displayProperty=nameWithType> to <xref:System.Security.Cryptography.X509Certificates.X509ChainPolicy> with <xref:System.Security.Cryptography.X509Certificates.X509ChainPolicy.VerificationFlags?displayProperty=nameWithType> set to `X509VerificationFlags.IgnoreEndRevocationUnknown | X509VerificationFlags.IgnoreCertificateAuthorityRevocationUnknown`.
 
 In situations where you can't modify the code, you can restore the previous behavior with one of the following settings:
 

docs/core/extensions/httpclient-http3.md

@@ -2,7 +2,6 @@
 title: Use HTTP/3 with HttpClient
 description: Learn how to use the HttpClient to access HTTP/3 servers in .NET
 author: IEvangelist
-ms.author: samsp
 ms.date: 05/19/2023
 ---
 

docs/core/testing/microsoft-testing-platform-vs-vstest.md

@@ -117,7 +117,7 @@ Visual Studio Test Explorer supports the new test platform starting with version
 
 #### Visual Studio Code
 
-Visual Studio Code Test Explorer supports the new test platform starting with version X.
+Visual Studio Code with C# DevKit supports the new test platform.
 
 ### Azure DevOps
 

docs/csharp/advanced-topics/interface-implementation/default-interface-methods-versions.md

@@ -58,7 +58,7 @@ Notice the following portion of the test:
 
 :::code language="csharp" source="./snippets/default-interface-members-versions/finished/customer-relationship/Program.cs" id="SnippetHighlightCast":::
 
-That cast from `SampleCustomer` to `ICustomer` is necessary. The `SampleCustomer` class doesn't need to provide an implementation for `ComputeLoyaltyDiscount`; that's provided by the `ICustomer` interface. However, the `SampleCustomer` class doesn't inherit members from its interfaces. That rule hasn't changed. In order to call any method declared and implemented in the interface, the variable must be the type of the interface, `ICustomer` in this example.
+That implicit conversion from `SampleCustomer` to `ICustomer` is necessary. The `SampleCustomer` class doesn't need to provide an implementation for `ComputeLoyaltyDiscount`; that's provided by the `ICustomer` interface. However, the `SampleCustomer` class doesn't inherit members from its interfaces. That rule hasn't changed. In order to call any method declared and implemented in the interface, the variable must be the type of the interface, `ICustomer` in this example.
 
 ## Provide parameterization
 

docs/csharp/advanced-topics/interface-implementation/snippets/default-interface-members-versions/finished/customer-relationship/Program.cs

@@ -5,14 +5,14 @@
     Reminders =
     {
         { new DateTime(2010, 08, 12), "childs's birthday" },
-        { new DateTime(1012, 11, 15), "anniversary" }
+        { new DateTime(2012, 11, 15), "anniversary" }
     }
 };
 
 SampleOrder o = new SampleOrder(new DateTime(2012, 6, 1), 5m);
 c.AddOrder(o);
 
-o = new SampleOrder(new DateTime(2103, 7, 4), 25m);
+o = new SampleOrder(new DateTime(2013, 7, 4), 25m);
 c.AddOrder(o);
 
 // <SnippetHighlightCast>

docs/csharp/advanced-topics/interface-implementation/snippets/default-interface-members-versions/starter/customer-relationship/Program.cs

@@ -5,14 +5,14 @@
     Reminders =
     {
         { new DateTime(2010, 08, 12), "childs's birthday" },
-        { new DateTime(1012, 11, 15), "anniversary" }
+        { new DateTime(2012, 11, 15), "anniversary" }
     }
 };
 
 SampleOrder o = new SampleOrder(new DateTime(2012, 6, 1), 5m);
 c.AddOrder(o);
 
-o = new SampleOrder(new DateTime(2103, 7, 4), 25m);
+o = new SampleOrder(new DateTime(2013, 7, 4), 25m);
 c.AddOrder(o);
 
 Console.WriteLine($"Data about {c.Name}");