Bump Microsoft.SemanticKernel.Abstractions and SonarAnalyzer.CSharp

[dependabot]

Pinned Microsoft.SemanticKernel.Abstractions at 1.68.0.

Release notes

Sourced from Microsoft.SemanticKernel.Abstractions's releases.

1.68.0

Changes:

• 9ee675aa66e899ca936d31328c06c1f7043527af .NET: Added solution filter file for release (#​13402)
• 7c9c469d516fad1490d9f5e401b84e8791e0aa03 .Net: Fix #​13262: GeminiRequest to handle single turn requests correctly (#​13288)
• 7d84d6b1319f04bc983e1ab61de4f9e113d1340e Version 1.68.0 (#​13398)
• 855e83c7c219873e1ea9f968fac8cfb2317723c5 .Net: Respect custom ToolChoice and ParallelToolCallsEnabled options in OpenAIResponseAgent (#​13275) [ #​13253 ]
• cd4b483480189d7b1dc8534c0224010f6fbe2d9d Update OpenAI and M.E.AI versions (#​13390)
• 42716d5e9ae1caad57bda62f30da9681bacc2fca Add IncludeThoughts parameter to Google Connector for accessing Gemini reasoning content (#​13383)
• b50299be6d493052ecb7a9647714c613624289a8 Upgrade to .NET 10 (#​13395)
• 775b8fc1f1dae4b4513a46b2665789c0ffe91838 Fix YAML agent ignoring model.options execution settings (#​13365) [ #​13349 ]
• 6888aa6ce06f4af50ce618af5663146c1c84abba Fix: emit streaming usage once at final chunk for OpenAI/Azure (#​13386)

See More

• 89755e04f8d71df3ca01443303940bb86c272073 .Net: Fix GeminiChatCompletionClient to invoke IAutoFunctionInvocationFilter during auto function calling (#​13397) [ #​11245, #​12998 ]
• 460521a6309bac55e6a09bcf492a66a3c55bddb2 .Net: Add ThinkingLevel parameter to GeminiThinkingConfig for Gemini 3.0+ (#​13396) [ #​11920, #​13377 ]
• 60685a700f4f73f81c9854df8c1c4d240de00403 .Net: Fix: include taskType in Google AI embedding request (fixes #​13250) (#​13277)
• 5b30c8b703cc965e28b9e87c508d59df5d9b2ee7 .NET Fix - Surface agent failure for orchestration (#​13369)
• 73337db6949a846791bd0adef23c3789039745b7 .Net: Enable argument types retention in handoff orchestration. (#​13367)
• de20575aee70ddb31d4b58bbd7b837101ed82cfb Fixes to Get/Delete for Guid keys (#​13353)
• b1ecee2d0e513963a3aef99bbb85f7d7bce816aa .Net: Add OpenAPI tool call migration sample for AzureOpenAI (#​13339)

This list of changes was auto generated.

Commits viewable in compare view.

Updated SonarAnalyzer.CSharp from 10.15.0.120848 to 10.17.0.131074.

Release notes

Sourced from SonarAnalyzer.CSharp's releases.

10.17



False Negative

• NET-2840 - Improve S2077: Support more methods

Task

• NET-2839 - Update RSPEC before 10.17 release

New Feature

• NET-2820 - ShimLayer: Implement Factory
• NET-2789 - ShimLayer Generator: Enums
• NET-2728 - ShimLayer Generator: SyntaxNodes

Bug

• NET-2816 - Fix S3603 AD0001: NRE when LocalFunction inside Record constructor in C#​7

Improvement

• NET-2722 - Activate new ShimLayer
• NET-2721 - Create diff for ShimLayer
• NET-2720 - Create ShimLayer projects

10.16.2

Rotations of binary signing keys

10.16.1

Rotations of binary signing keys

10.16

False Positive

• NET-1729 - Fix S2114 FP: list.AddRange(list) and list.Concat(list) are sensible

False Negative

• NET-399 - Fix S4790 FN: Support CryptographicOperations data methods

Bug

• NET-2686 - Fix S3604 AD0001: NRE with partial constructor

Commits viewable in compare view.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[dependabot]

Looks like these dependencies are no longer updatable, so this is no longer needed.