build: Bump the all-nuget-deps group with 6 updates

[dependabot]

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

---

Updated Azure.Identity from 1.15.0 to 1.16.0.

Release notes

Sourced from Azure.Identity's releases.

1.16.0

1.16.0 (2025-09-09)

Features Added

• Added a new DefaultAzureCredential constructor that accepts a custom environment variable name for credential configuration. This provides flexibility beyond the default AZURE_TOKEN_CREDENTIALS environment variable. The constructor accepts any environment variable name and uses the same credential selection logic as the existing AZURE_TOKEN_CREDENTIALS processing.
• Added DefaultAzureCredential.DefaultEnvironmentVariableName constant property that returns "AZURE_TOKEN_CREDENTIALS" for convenience when referencing the default environment variable name.
• AzureCliCredential, AzurePowerShellCredential, and AzureDeveloperCliCredential now throw an AuthenticationFailedException when the TokenRequestContext includes claims, as these credentials do not support claims challenges. The exception message includes guidance for handling such scenarios.
• When AZURE_TOKEN_CREDENTIALS or the equivalent custom environment variable is configured to ManagedIdentityCredential, the DefaultAzureCredential does not issue a probe request and performs retries with exponential backoff.

Bugs Fixed

• Fixed AzureDeveloperCliCredential hanging when the AZD_DEBUG environment variable is set by adding the --no-prompt flag to prevent interactive prompts (#​52005).
• BrokerCredential is now included in the chain when AZURE_TOKEN_CREDENTIALS is set to dev.
• Fixed an issue that prevented ManagedIdentityCredential from utilizing the token cache in Workload Identity Federation environments.
• Fixed a bug in DefaultAzureCredential that caused the credential chain to be constructed incorrectly when using AZURE_TOKEN_CREDENTIALS in combination with DefaultAzureCredentialOptions.

Other Changes

• The BrokerCredential is now always included in the DefaultAzureCredential chain. If the Azure.Identity.Broker package is not referenced, an exception will be thrown when GetToken is called, making its behavior consistent with the rest of the credentials in the chain.
• Updated Microsoft.Identity.Client dependency to version 4.76.0.
• Updated Microsoft.Identity.Client.Extensions.Msal dependency to version 4.76.0.

Commits viewable in compare view.

Updated Azure.Storage.Blobs from 12.25.0 to 12.25.1.

Release notes

Sourced from Azure.Storage.Blobs's releases.

12.25.1

12.25.1 (2025-09-24)

Bugs Fixed

• Fixed bug for processing partitioned downloads for empty blobs with content validation enabled.

Commits viewable in compare view.

Updated Markdig from 0.41.3 to 0.42.0.

Release notes

Sourced from Markdig's releases.

0.42.0

Changes

🐛 Bug Fixes

• Fixes issue #​845 (PR #​888) by @​prozolic

🚀 Enhancements

• Add support for a table without an extra new line before it (PR #​885) by @​dannyp32
• Add source position tracking for grid tables (PR #​883) by @​messani

Full Changelog: 0.41.3...0.42.0

_{Published with dotnet-releaser}

Commits viewable in compare view.

Updated Microsoft.SemanticKernel from 1.64.0 to 1.65.0.

Release notes

Sourced from Microsoft.SemanticKernel's releases.

1.65.0

Changes:

• 27e8457fda815b7eda93f94d2a582dfb4bad2319 .Net: Fixed sorting for negative DOT product (#​13071)
• 6e4097b27cd0f49d510caa6ce98899b97c7c3a9d .Net: Version bump 1.65.0 (#​13100)
• ca23263bb064ba81998ad59c7a3a61d5206d9f7f .Net: Update M.E.AI and OpenAI dependencies (#​13095)
• 5272beb956b415a3fad0445ab0531ec22dc59f23 Update COMMUNITY.md with new office hour meeting links (#​13074)
• f80e5f97d6d11232146606afcef59eb7ec4ee84f .Net: Fix batch operation non-string keys with MongoDB (#​13036) [ #​12827 ]
• 0ec81c8a14cee73e543a4a93f76526fd5ca7ab4a .Net: Fix for : OpenAIResponsesAgent don't generate ReasoningContent. (#​13048) [ #​13046 ]
• 652575a97a250d611cb42a95766933fb474d5e6b Python: Bump Python version to 1.36.2 for a release (#​13067)
• 22ff5f844f735fbca9de17ae20a27505d55a6de9 Python: Fix responses agent kernel args bug (#​13056) [ #​13053 ]
• d7db35dc47ce6a24559754251af58c12a293fc10 Python: Fix Azure AI Inference connector model_extras duplication (#​13066) [ #​13005 ]
• 06d6494ae9c50a17501827077458031246f922ad Python: Don't return code output via on_intermediate_msg callback (#​13058) [ #​12956 ]

See More

• c61af1a2556426b3f2ccd2dc65c0ce9e44fa6d69 Python: Update pymongo requirement from <4.14,>=4.8.0 to >=4.8.0,<4.15 in /python (#​12921) [ #​2458, #​2451, #​2457, #​2455, #​2454, #​2453, #​2452, #​2447, #​2450, #​2449 ]
• f1aac84b51313e6e81568c6db2d0de5a274e99dd Python: Add framework name into UserAgent header for bedrock integration (#​12901)
• ea564cf04ffcaa6ec7e39f2a89bc54d4e0954742 Python: docs(typing): add return type and docstring to store_results in utils/chat.py (#​12910)
• e110472edd3597eb863822d85535bb173deee06a Python: Update pymilvus requirement from <2.6,>=2.3 to >=2.3,<2.7 in /python (#​12918) [ io/pymilvus#​2433, io/pymilvus#​2461, io/pymilvus#​2513, io/pymilvus#​2525, io/pymilvus#​2541, io/pymilvus#​2552, io/pymilvus#​2491, io/pymilvus#​2411, io/pymilvus#​2852, io/pymilvus#​2611, io/pymilvus#​2390, io/pymilvus#​2684, io/pymilvus#​2679, io/pymilvus#​2705, io/pymilvus#​2704, io/pymilvus#​2386, #​2418, io/pymilvus#​2419, io/pymilvus#​2406, io/pymilvus#​2435, io/pymilvus#​2408, io/pymilvus#​2448, io/pymilvus#​2446, io/pymilvus#​2395, io/pymilvus#​2507, io/pymilvus#​2544, io/pymilvus#​2595, io/pymilvus#​2551, io/pymilvus#​2618, io/pymilvus#​2639, io/pymilvus#​2622, io/pymilvus#​2708, io/pymilvus#​2722, io/pymilvus#​2672, io/pymilvus#​2735, io/pymilvus#​2729, io/pymilvus#​2747, io/pymilvus#​2760, io/pymilvus#​2822, #​2835, io/pymilvus#​2836, #​2848, io/pymilvus#​2849, io/pymilvus#​2907, #​2921, #​2907, #​2919, #​2914, #​2913, #​2902, #​2905, #​2895, #​2900, #​2894 ]
• 2db2aa1bb9ece06e80f36a38dd4f485f3d7a1945 Python: Bump torch from 2.7.1 to 2.8.0 in /python (#​12919) [ #​159592, #​15, #​158925, #​158880, #​152934, #​158, #​158237, #​158867, #​158801, #​158689 ]
• 52bb300ffe0dc7d4a10294ce4968388a3d4185fb Bump actions/checkout from 4 to 5 (#​12930) [ actions/checkout#​2226, actions/checkout#​2238, actions/checkout#​1971, actions/checkout#​1977, actions/checkout#​2043, actions/checkout#​2044, actions/checkout#​2194, actions/checkout#​2224, actions/checkout#​2236, actions/checkout#​2237, actions/checkout#​1941, actions/checkout#​1946, actions/checkout#​1924, actions/checkout#​1919, actions/checkout#​1180, actions/checkout#​1777, actions/checkout#​1872, actions/checkout#​1739, actions/checkout#​1697, actions/checkout#​1774, actions/checkout#​1776, actions/checkout#​1732, actions/checkout#​1703, actions/checkout#​1694, actions/checkout#​1696, actions/checkout#​1695, actions/checkout#​1707, actions/checkout#​1692, actions/checkout#​1688, actions/checkout#​1693, actions/checkout#​1643, #​2238, #​2226 ]
• 0b8d9e2b0ddf806f9181b7d5d43a10f6ed1477ea Bump MishaKav/pytest-coverage-comment from 1.1.54 to 1.1.56 (#​12932) [ av/pytest-coverage-comment#​215, #​209, #​214, #​215, #​213, #​212, #​210 ]
• d7c149c42c3652627770a0140998f419b9a6e11b Bump crate-ci/typos from 1.35.1 to 1.35.5 (#​12973) [ #​1358, #​1355 ]
• 0e84e2fdb9952a6ebafbc5b1d4f01ccfcc154a08 Bump google-github-actions/auth from 2 to 3 (#​13060) [ actions/auth#​508, actions/auth#​509, actions/auth#​510, actions/auth#​506, actions/auth#​507, actions/auth#​502, actions/auth#​503, actions/auth#​488, actions/auth#​499, actions/auth#​500, actions/auth#​501, actions/auth#​482, actions/auth#​483, actions/auth#​484, actions/auth#​478, actions/auth#​479, actions/auth#​480, #​510, #​509, #​508 ]
• da8ca430648bdbd301c8751d541aec0c454e35c1 Python: fix (openai): only propagate usage metadata for final streaming chunk without choices (#​12977)
• 4e9ea783903b5428debd777e5496bba997b5a150 Python: Bump Python version to 1.36.1 for a release (#​13049)
• f7fdfcd9a97b41b56822590de856383532974603 Python: Add AzureAIAgent Deep Research Tool support (#​13034) [ #​12978 ]
• 86b10b95d27ab458c567a789aa6687ef51b94ed0 Python: provide AzureAIAgent thread msg id during streaming (#​13032) [ #​12959 ]
• 38a7d91785ab83ff24704dba18910c748dd4e8c7 .Net: Fix MongoDB test container ready detection (#​13026) [ #​13025 ]
• 5e50e190c4de65b5dcb7a1e5f5d97cf4f6d4f31c Python: Add reasoning support for OpenAI Responses Agents (GPT-5, o4-mini, o3) (#​12881) [ #​12843 ]
• d3318adfc2ba1eef7e3153856487eca5b7be80e0 Python: Add container_id and filename fields to AnnotationContent class (#​12985)

This list of changes was auto generated.

Commits viewable in compare view.

Updated MongoDB.Driver from 3.4.3 to 3.5.0.

Release notes

Sourced from MongoDB.Driver's releases.

3.5.0

This is the general availability release for the 3.5.0 version of the driver.

[!IMPORTANT]

Internal Changes for an Upcoming Feature

This release includes low level changes to internal subsystems including operation execution, timeout handling, and resource cleanup logic - in preparation for supporting Client-Side Operations Timeout (CSOT) in an upcoming release.
While these changes should be backward-compatible and not alter existing behavior, they touch core driver infrastructure.
If you experience unexpected issues such as:

• Operations timing out unexpectedly or not timing out when expected
• Unusual delays or hangs in database calls
• Differences in command cancellation behavior

Please let us know via the MongoDB JIRA Driver project or your MongoDB support channel, providing driver logs and a reproduction if possible.

Experimental Support for Queryable Encryption Text Field Prefix, Suffix and Substring Queries

Substring, prefix and suffix search for Queryable Encryption are in preview and should be used for experimental workloads only. These features are unstable and their security is not guaranteed until released as Generally Available (GA). The GA version of these features may not be backwards compatible with the preview version.

The main new features in 3.5.0 include:

• CSHARP-5453: Add builder for CSFLE schemas
• CSHARP-3222: Add LINQ support for median and percentile accumulators/window functions
• CSHARP-5672: Support sorting by value in PushEach operation
• CSHARP-5625: Support text indexes for explicit and automatic encryption
• CSHARP-734: SOCKS5 Proxy Support
• CSHARP-3458: Extend IAsyncCursor and IAsyncCursorSource to support IAsyncEnumerable

Improvements:

• CSHARP-5603: Add Big Endian support in BinaryVectorReader and BinaryVectorWriter
• CSHARP-5614: Fix deserialization of primitive arrays on Big Endian systems
• CSHARP-5619: Replace IConnection.SendMessages with the method to send a single message
• CSHARP-5377: Eliminate unnecessary killCursors command when batchSize == limit

Fixes:

• CSHARP-3435: FilterDefinition Inject method should use root serializer
• CSHARP-3662: MongoClientSettings.SocketTimeout does not work for values under 500ms on Windows for sync code
• CSHARP-4040: Fix bug when using field with same element name as discriminator
• CSHARP-5587: FindOneAndUpdate should insert correct discriminator value on upsert
• CSHARP-3494: Fix discriminator for generic types
• CSHARP-5588: Unable to select KeyValuePair Key when using camelCase convention
• CSHARP-5633: BsonSerializer.IsTypeDiscriminated is not thread-safe

Maintenance:

• CSHARP-5596: Remove unused *OpcodeOperation classes
• CSHARP-5617: Remove unused IChannel.Query methods
• CSHARP-5547: Remove support for MongoDB 4.0

The full list of issues resolved in this release is available at CSHARP JIRA project.
Documentation on the .NET driver can be found here.

Commits viewable in compare view.

Updated Newtonsoft.Json from 13.0.3 to 13.0.4.

Release notes

Sourced from Newtonsoft.Json's releases.

13.0.4

• New feature - Annotated for trim/AOT (in)compatibility
• New feature - Added support for using Index with JArray
• Change - Avoid LINQ expression trees in .NET 6+ reflection
• Fix - Fixed handling of empty constructor names
• Fix - Fixed XML convert duplicate attribute error on nested arrays with writeArrayAttribute set to true
• Fix - Fixed XML convert array attribute is not set for properties with special characters
• Fix - Fixed TimeOnly deserialization to support more formats

Commits viewable in compare view.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions