Update dependency Azure.Identity to 1.11.4 [SECURITY]

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
Azure.Identity (source)	1.8.2 → 1.11.4

GitHub Vulnerability Alerts

CVE-2023-36414

Azure Identity SDK is vulnerable to remote code execution.

CVE-2024-29992

Azure Identity Library for .NET Information Disclosure Vulnerability

CVE-2024-35255

Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability.

---

Release Notes

Azure/azure-sdk-for-net (Azure.Identity)

v1.11.4

Compare Source

1.11.4 (2024-06-10)

Bugs Fixed

• Managed identity bug fixes

v1.11.3

Compare Source

1.11.3 (2024-05-07)

Bugs Fixed

• Fixed a regression in DefaultAzureCredential probe request behavior for IMDS managed identity environments. #​43796

v1.11.2

Compare Source

1.11.2 (2024-04-19)

Bugs Fixed

• Fixed an issue which caused claims to be incorrectly added to confidential client credentials such as DeviceCodeCredential #​43468

v1.11.1

Compare Source

1.11.1 (2024-05-07)

Other Changes

• Updated Microsoft.Identity.Client and related dependencies to version 4.60.3

v1.11.0

Compare Source

1.11.0 (2024-04-09)

Bugs Fixed

• AzurePowerShellCredential now handles the case where it falls back to legacy PowerShell without relying on the error message string.

Breaking Changes

• DefaultAzureCredential now sends a probe request with no retries for IMDS managed identity environments to avoid excessive retry delays when the IMDS endpoint is not available. This should improve credential chain resolution for local development scenarios. See BREAKING_CHANGES.md.

v1.10.4

Compare Source

1.10.4 (2023-11-13)

Other Changes

• Distributed tracing with ActivitySource is stable and no longer requires the Experimental feature-flag.

v1.10.3

Compare Source

1.10.3 (2023-10-18)

Bugs Fixed

• ManagedIdentityCredential will now correctly retry when the instance metadata endpoint returns a 410 response. #​28568

Other Changes

• Updated Microsoft.Identity.Client dependency to version 4.56.0

v1.10.2

Compare Source

1.10.2 (2023-10-10)

Bugs Fixed

• Bug fixes for development time credentials.

v1.10.1

Compare Source

1.10.1 (2023-09-12)

Bugs Fixed

• ManagedIdentityCredential will fall through to the next credential in the chain in the case that Docker Desktop returns a 403 response when attempting to access the IMDS endpoint. #​38218
• Fixed an issue where interactive credentials would still prompt on the first GetToken request even when the cache is populated and an AuthenticationRecord is provided. #​38431

v1.10.0

Compare Source

1.10.0 (2023-08-14)

Features Added

• Added BrowserCustomization property to InteractiveBrowserCredential to enable web view customization for interactive authentication.

Bugs Fixed

• ManagedIdentityCredential will no longer attempt to parse invalid json payloads on responses from the managed identity endpoint.
• Fixed an issue where AzurePowerShellCredential fails to parse the token response from Azure PowerShell. #​22638

v1.9.0

Compare Source

1.9.0 (2023-05-09)

Breaking Changes

• Changed visibility of all environment variable based properties on EnvironmentCredentialOptions to internal. These options are again only configurable via environment variables.

---

Configuration

📅 Schedule: Branch creation - "" in timezone Europe/Oslo, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.