Bump Azure.Identity from 1.13.2 to 1.18.0

[dependabot]

Updated Azure.Identity from 1.13.2 to 1.18.0.

Release notes

Sourced from Azure.Identity's releases.

1.18.0

1.18.0 (2026-02-25)

Features Added

• Added experimental Microsoft.Extensions.Configuration and Microsoft.Extensions.DependencyInjection integration for Azure SDK clients. For details, see the Configuration and Dependency Injection documentation.

• The WorkloadIdentityCredentialOptions.IsAzureProxyEnabled property, which enables Azure Kubernetes token proxy mode, is only available in beta releases of this package.

• AzureDeveloperCliCredential now parses JSON error output from azd auth token to extract clean error messages instead of including raw JSON in exceptions. Error messages like {"type":"consoleMessage","data":{"message":"ERROR: fetching token: ..."}} are now displayed as ERROR: fetching token: ....

1.18.0-beta.3

1.18.0-beta.3 (2026-02-20)

Breaking Changes

• Renamed WorkloadIdentityCredentialOptions.IsAzureKubernetesTokenProxyEnabled to IsAzureProxyEnabled to follow .NET naming conventions for boolean properties.

Bugs Fixed

• Fixed a NullReferenceException that occurred during X509Chain validation on Linux when using the Identity Bindings feature.

• Disabled MSAL's internal retry logic for ConfidentialClientApplication and PublicClientApplication to prevent double retries when combined with Azure SDK's retry policy. Only the configured Azure SDK retry policy is applied, avoiding unexpected additional retry attempts.

1.15.0

1.15.0 (2026-02-02)

Features Added

• Upgraded api-version to 2025-05-01.

1.14.0

1.14.0 (2026-01-16)

Features Added

• Added new resource type GalleryScript.
• Added StorageAccountStrategy property to GalleryArtifactPublishingProfileBase class.

Commits viewable in compare view.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 1 package(s) with unknown licenses.

See the Details below.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA db9d35c.

Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

License Issues

src/webapp01/webapp01.csproj

Package	Version	License	Issue Type
Azure.Identity	1.18.0	Null	Unknown License

Allowed Licenses:

MIT, Apache-2.0, GPL-3.0

OpenSSF Scorecard

Package	Version	Score	Details
nuget/Azure.Identity	1.18.0	Unknown	Unknown

Scanned Files

• src/webapp01/webapp01.csproj