Skip to content

chore: Bump Microsoft.OpenApi from 2.6.1 to 3.5.0#87

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/nuget/Microsoft.OpenApi-3.5.0
Open

chore: Bump Microsoft.OpenApi from 2.6.1 to 3.5.0#87
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/nuget/Microsoft.OpenApi-3.5.0

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 23, 2026

Updated Microsoft.OpenApi from 2.6.1 to 3.5.0.

Release notes

Sourced from Microsoft.OpenApi's releases.

3.5.0

3.5.0 (2026-03-20)

Features

  • library: add Extensions support for schema references in v3.1/v3.2; add SerializeAsV32 with loop detection (9b422bf)

Bug Fixes

  • a bug where path parameter validation would fail if they contained forbidden JSON pointer characters (ef55b2c)
  • a bug where path parameter validation would fail if they contained forbidden JSON pointer characters (4b3164a)
  • double encoding of json pointer for invalid reference rule (b246cd0)
  • encoding of special characters for JSON paths (4c757e1)
  • library: do not emit unevaluatedProperties for non-object schemas (852fb4c)
  • library: do not emit unevaluatedProperties for non-object schemas (19538aa)
  • library: enforce spec-compliant $ref serialization; add Extensions support for schema references in v3.1/v3.2 (9bf61de)
  • potential double encoding of paths (471a61a)

3.4.0

3.4.0 (2026-03-04)

Features

  • library: preserve PatternProperties as x-jsonschema-patternProperties extension for OpenAPI v2/v3.0 serialization (d969fdc)
  • library: Preserve PatternProperties via x-jsonschema-patternProperties extension for OpenAPI v2/v3.0 (16ab5e4)
  • securityscheme: add oauth2MetadataUrl support (OpenAPI 3.2) (4509488)

Bug Fixes

  • implement unevaluatedProperties as schema per JSON Schema 2020-12 (#​2728) (7c13fb3)
  • library: serialize additionalProperties schema in OpenAPI V2 (f3165fa)
  • library: serialize additionalProperties schema in OpenAPI V2 documents (3d07756)
  • optimize parsing V3.1 documents by reducing GetLocation method allocation on hot path(#​2748) (f690681)

3.3.1

3.3.1 (2026-01-22)

Features

Bug Fixes

  • broken binary compatibility due to interface changes in previous version (d96bba7)

3.3.0

3.3.0 (2026-01-21)

Features

  • models: add shared Content interface (9e13b25)
  • models: add shared Content interface (#​2695) (9e13b25)
  • models: support mutualTLS security scheme (a4efdfe)

3.2.0

3.2.0 (2026-01-19)

Features

  • hidi validate command now logs warnings (76a3c0f)
  • hidi validate command now logs warnings (62e7d56)

Bug Fixes

  • discriminator property validation fails any/allOf cases when it shouldn't (fb6cecc)
  • discriminator property validation fails any/allOf cases when it shouldn't (a8fb81c)

3.1.3

3.1.3 (2026-01-16)

Bug Fixes

  • Support custom tag ordering (008576c)
  • Support custom tag ordering (7610d07)

3.1.2

3.1.2 (2026-01-06)

Bug Fixes

  • correct error pointer when extension parser throws OpenApiException (43c75a9)
  • wrap extension parser calls in try-catch to ensure correct error pointers (50b44aa)

3.1.1

3.1.1 (2025-12-18)

Bug Fixes

  • schema: always serialize additionalProperties: false (6651c36)
  • schema: always serialize additionalProperties: false (e36fc95)

3.1.0

3.1.0 (2025-12-17)

Features

  • Add type: "null" downcasting when in oneOf and anyOf for OpenAPI v3 (782cf8d)

3.0.3

3.0.3 (2025-12-16)

Bug Fixes

  • load JSON documents that are preceded by multiple whitespace (6461bac)
  • non-seekable json streams would fail to load as a document (2436d73)
  • reading streams in an asp.net context would cause async exceptions (f9e5248)

3.0.2

3.0.2 (2025-12-08)

Bug Fixes

  • additional properties serialization should not emit a schema in v2 (946cba9)
  • additional properties serialization should not emit booleans in v3.1+ (946cba9)

3.0.1

3.0.1 (2025-11-17)

Bug Fixes

  • empty strings should be quoted in yaml (8d215f9)
  • empty strings should be quoted in yaml (0ca10db)

3.0.0

3.0.0 (2025-11-11)

⚠ BREAKING CHANGES

  • adds support for OpenAPI 3.2.0

Note: Please refer to the upgrade guide for a detailed description of the breaking changes.

Note: ASP.net users should remain on version 1.X for ASP.net < 10, and version 2.X for ASP.net 10, this new major version will be implemented in a future version of ASP.net, more information

Features

  • adds support for OpenAPI 3.2.0 (765a8dd)

Special thanks

2.7.1

2.7.1 (2026-03-20)

Bug Fixes

  • a bug where path parameter validation would fail if they contained forbidden JSON pointer characters (2efd2b2)
  • library: do not emit unevaluatedProperties for non-object schemas (28d614f)
  • library: enforce spec-compliant $ref serialization; add Extensions support for schema references in v3.1/v3.2 (7640a8a)

2.7.0

2.7.0 (2026-03-05)

Features

  • add UnevaluatedPropertiesSchema support to IOpenApiSchema (fb691d6)
  • library: preserve PatternProperties as x-jsonschema-patternProperties extension for OpenAPI v2/v3.0 serialization (dd5085a)

Bug Fixes

  • address PR feedback on UnevaluatedProperties implementation (80fc0f6)
  • correct deserialization and test for UnevaluatedPropertiesSchema (a4d66fc)
  • library: serialize additionalProperties schema in OpenAPI V2 (99b653c)
  • library: serialize additionalProperties schema in OpenAPI V2 (cef7996)
  • optimize parsing V3.1 documents by reducing GetLocation method allocation on hot path(#​2748) (91e697b)
  • optimize parsing V3.1 documents by reducing GetLocation method allocation on hot path(#​2748) (06c58a5)

Commits viewable in compare view.

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore: Bump Microsoft.OpenApi from 2.6.1 to 3.5.0
5036984 
---
updated-dependencies:
- dependency-name: Microsoft.OpenApi
  dependency-version: 3.5.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Mar 23, 2026

Labels

The following labels could not be found: automated, dependencies, nuget. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@devops-thiago devops-thiago

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@devops-thiago