Update NServiceBus Core to v10

[dependencyupdates]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
NServiceBus (source)	9.2.11 → 10.2.2
NServiceBus.AcceptanceTesting (source)	9.2.11 → 10.2.2

---

Release Notes

Particular/NServiceBus (NServiceBus)

v10.2.2

Compare Source

As part of this release we had 1 commit which resulted in 1 issue being closed.

Improvement

• #​7779 Delete unnecessary test that causes friction downstream

Where to get it

You can download this release from NuGet.

🛡 ClamAV virus scan results: No viruses detected

Version: ClamAV 1.4.4
Scan Date: Wed, 27 May 2026 22:05:18 GMT

----------- SCAN SUMMARY -----------
Known viruses: 3627866
Engine version: 1.4.4
Scanned directories: 1
Scanned files: 7
Infected files: 0
Data scanned: 21.33 MB
Data read: 4.67 MB (ratio 4.57:1)
Time: 32.147 sec (0 m 32 s)
Start Date: 2026:05:27 22:04:45
End Date:   2026:05:27 22:05:17

v10.2.1

Compare Source

As part of this release we had 2 commits which resulted in 4 issues being closed.

Bugs

• #​7770 False positive NSB0033 for Handle methods implementing a derived IHandleMessages
• #​7777 Convention-based message handler double registration

Improvements

• #​7771 Persistence tests leave saga storage directories around in temp directory
• #​7775 Prefer strongly-typed StringBuilder overload in PipelineStepDiagnostics

Where to get it

You can download this release from NuGet.

🛡 ClamAV virus scan results: No viruses detected

Version: ClamAV 1.4.4
Scan Date: Wed, 27 May 2026 16:07:33 GMT

----------- SCAN SUMMARY -----------
Known viruses: 3627866
Engine version: 1.4.4
Scanned directories: 1
Scanned files: 7
Infected files: 0
Data scanned: 21.32 MB
Data read: 4.67 MB (ratio 4.57:1)
Time: 37.520 sec (0 m 37 s)
Start Date: 2026:05:27 16:06:52
End Date:   2026:05:27 16:07:30

v10.2.0

Compare Source

As part of this release we had 92 commits which resulted in 20 issues being closed.

Features

• #​7633 Multi-hosted endpoint lifecycle, keyed DI isolation, and slot-scoped logging
• #​7641 Convention-based handler support

Improvements

• #​7126 Add DateOnly support to XmlSerializer
• #​7629 Allow pipeline behaviors to be registered using Register
• #​7631 Replace expression tree pipeline execution with prewired invokers
• #​7658 Consolidate Microsoft.Extensions dependencies by replacing specific packages with Microsoft.Extensions.Hosting
• #​7659 Making sure the basic logging infrastructure is always wired up
• #​7660 Add opt-in startup diagnostics logging with automatic size optimization
• #​7661 Expose RollingLoggerProviderOptions and deprecate legacy logging APIs
• #​7662 Preserve transport receive properties through message dispatch
• #​7663 Analyzer warnings for static handler classes
• #​7665 Simplify startup logging paths and retire DefaultFactory runtime logger internals
• #​7667 AddNServiceBusEndpoint throws a meaningful exception when the transport is not specified
• #​7668 Deprecate self-hosting APIs in favor of AddNServiceBusEndpoint
• #​7678 Add obsolete warnings to additional public self-hosting APIs
• #​7683 Introduce AddNServiceBusEndpointInstaller and deprecate old installer APIs
• #​7692 Add support for DateOnly/TimeOnly into xml serializer
• #​7698 Expose Endpoint Name as a read-only property on EndpointConfiguration
• #​7709 Add AddNServiceBusInstallers for Generic Host Integration
• #​7723 Replace MD5-based deterministic GUIDs with XxHash128

Where to get it

You can download this release from NuGet.

🛡 ClamAV virus scan results: No viruses detected

Version: ClamAV 1.4.4
Scan Date: Thu, 21 May 2026 17:26:05 GMT

----------- SCAN SUMMARY -----------
Known viruses: 3627866
Engine version: 1.4.4
Scanned directories: 1
Scanned files: 7
Infected files: 0
Data scanned: 21.25 MB
Data read: 4.66 MB (ratio 4.56:1)
Time: 31.933 sec (0 m 31 s)
Start Date: 2026:05:21 17:25:32
End Date:   2026:05:21 17:26:04

v10.1.4

Compare Source

As part of this release we had 4 commits which resulted in 2 issues being closed.

Dependency CVEs

• #​7726 GitHub Security Advisory ID (GHSA-37gx-xxp4-5rgx) reported on branch release-10.1
• #​7729 GitHub Security Advisory ID (GHSA-w3x6-4m5h-cxqf) reported on branch release-10.1

Where to get it

You can download this release from NuGet.

🛡 ClamAV virus scan results: No viruses detected

Version: ClamAV 1.4.4
Scan Date: Wed, 29 Apr 2026 21:34:59 GMT

----------- SCAN SUMMARY -----------
Known viruses: 3627837
Engine version: 1.4.4
Scanned directories: 1
Scanned files: 7
Infected files: 0
Data scanned: 17.31 MB
Data read: 4.07 MB (ratio 4.26:1)
Time: 29.254 sec (0 m 29 s)
Start Date: 2026:04:29 21:34:26
End Date:   2026:04:29 21:34:55

v10.1.3

Compare Source

As part of this release we had 1 commit which resulted in 1 issue being closed.

Bug

• #​7702 Update dependency System.Security.Cryptography.Xml to 10.0.6 (#​7700)

Where to get it

You can download this release from NuGet.

🛡 ClamAV virus scan results: No viruses detected

Version: ClamAV 1.4.3
Scan Date: Wed, 15 Apr 2026 12:15:44 GMT

----------- SCAN SUMMARY -----------
Known viruses: 3627833
Engine version: 1.4.3
Scanned directories: 1
Scanned files: 7
Infected files: 0
Data scanned: 17.29 MB
Data read: 4.06 MB (ratio 4.26:1)
Time: 29.338 sec (0 m 29 s)
Start Date: 2026:04:15 12:15:11
End Date:   2026:04:15 12:15:40

v10.1.2

Compare Source

As part of this release we had 1 commit which resulted in 1 issue being closed.

Improvement

• #​7695 Split When_sending_within_an_ambient_transaction into two distinct tests and improve done condition

Where to get it

You can download this release from NuGet.

🛡 ClamAV virus scan results: No viruses detected

Version: ClamAV 1.4.3
Scan Date: Wed, 15 Apr 2026 03:35:20 GMT

----------- SCAN SUMMARY -----------
Known viruses: 3627834
Engine version: 1.4.3
Scanned directories: 1
Scanned files: 7
Infected files: 0
Data scanned: 17.30 MB
Data read: 4.06 MB (ratio 4.26:1)
Time: 29.884 sec (0 m 29 s)
Start Date: 2026:04:15 03:34:49
End Date:   2026:04:15 03:35:19

v10.1.1

Compare Source

As part of this release we had 4 commits which resulted in 1 issue being closed.

Improvement

• #​7680 Fixed outbox test for multiple subscribers handling the same event

Where to get it

You can download this release from NuGet.

🛡 ClamAV virus scan results: No viruses detected

Version: ClamAV 1.4.3
Scan Date: Wed, 08 Apr 2026 05:33:47 GMT

----------- SCAN SUMMARY -----------
Known viruses: 3627817
Engine version: 1.4.3
Scanned directories: 1
Scanned files: 7
Infected files: 0
Data scanned: 17.29 MB
Data read: 4.05 MB (ratio 4.27:1)
Time: 29.266 sec (0 m 29 s)
Start Date: 2026:04:08 05:33:14
End Date:   2026:04:08 05:33:43

v10.1.0

Compare Source

As part of this release we had 42 commits which resulted in 2 issues being closed.

Features

• #​7422 Introduce incoming message support for envelope unwrapping
• #​7535 Allow auditing to be configured and enabled via environment variables

Where to get it

You can download this release from NuGet.

🛡 ClamAV virus scan results: No viruses detected

Version: ClamAV 1.4.3
Scan Date: Fri, 06 Feb 2026 01:50:50 GMT

----------- SCAN SUMMARY -----------
Known viruses: 3627342
Engine version: 1.4.3
Scanned directories: 1
Scanned files: 7
Infected files: 0
Data scanned: 17.28 MB
Data read: 4.05 MB (ratio 4.27:1)
Time: 29.189 sec (0 m 29 s)
Start Date: 2026:02:06 01:50:17
End Date:   2026:02:06 01:50:46

v10.0.3

Compare Source

As part of this release we had 4 commits which resulted in 2 issues being closed.

Dependency CVEs

• #​7725 GitHub Security Advisory ID (GHSA-37gx-xxp4-5rgx) reported on branch release-10.0
• #​7728 GitHub Security Advisory ID (GHSA-w3x6-4m5h-cxqf) reported on branch release-10.0

Where to get it

You can download this release from NuGet.

🛡 ClamAV virus scan results: No viruses detected

Version: ClamAV 1.4.4
Scan Date: Wed, 29 Apr 2026 21:35:33 GMT

----------- SCAN SUMMARY -----------
Known viruses: 3627837
Engine version: 1.4.4
Scanned directories: 1
Scanned files: 7
Infected files: 0
Data scanned: 17.18 MB
Data read: 4.03 MB (ratio 4.27:1)
Time: 28.579 sec (0 m 28 s)
Start Date: 2026:04:29 21:35:01
End Date:   2026:04:29 21:35:30

v10.0.2

Compare Source

As part of this release we had 3 commits which resulted in 1 issue being closed.

Bug

• #​7703 Update dependency System.Security.Cryptography.Xml to 10.0.6 (#​7700)

Where to get it

You can download this release from NuGet.

🛡 ClamAV virus scan results: No viruses detected

Version: ClamAV 1.4.3
Scan Date: Wed, 15 Apr 2026 12:14:34 GMT

----------- SCAN SUMMARY -----------
Known viruses: 3627833
Engine version: 1.4.3
Scanned directories: 1
Scanned files: 7
Infected files: 0
Data scanned: 17.16 MB
Data read: 4.02 MB (ratio 4.27:1)
Time: 27.916 sec (0 m 27 s)
Start Date: 2026:04:15 12:14:05
End Date:   2026:04:15 12:14:33

v10.0.1

Compare Source

As part of this release we had 2 commits which resulted in 1 issue being closed.

Bug

• #​7620 Assembly scanner can load types more than once from different AssemblyLoadContexts

Where to get it

You can download this release from NuGet.

🛡 ClamAV virus scan results: No viruses detected

Version: ClamAV 1.4.3
Scan Date: Tue, 03 Feb 2026 23:45:17 GMT

----------- SCAN SUMMARY -----------
Known viruses: 3627324
Engine version: 1.4.3
Scanned directories: 1
Scanned files: 7
Infected files: 0
Data scanned: 17.16 MB
Data read: 4.02 MB (ratio 4.27:1)
Time: 27.945 sec (0 m 27 s)
Start Date: 2026:02:03 23:44:44
End Date:   2026:02:03 23:45:12

v10.0.0

Compare Source

This release is part of NServiceBus 10. Check out the NServiceBus 9 to 10 upgrade guide for details on how to upgrade.

Where to get it

You can download this release from NuGet.

🛡 ClamAV virus scan results: No viruses detected

Version: ClamAV 1.4.3
Scan Date: Thu, 29 Jan 2026 22:41:56 GMT

----------- SCAN SUMMARY -----------
Known viruses: 3627279
Engine version: 1.4.3
Scanned directories: 1
Scanned files: 7
Infected files: 0
Data scanned: 17.15 MB
Data read: 4.02 MB (ratio 4.27:1)
Time: 28.187 sec (0 m 28 s)
Start Date: 2026:01:29 22:41:24
End Date:   2026:01:29 22:41:52

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

Commands to ignore dependencies

You can trigger dependency actions by commenting on this PR:

• @particularbot ignore this major version
• @particularbot ignore this minor version
• @particularbot ignore this dependency

[dependencyupdates]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.

[dependencyupdates]

Renovate Ignore Notification

Because you closed this PR without merging, Renovate will ignore this update. You will not get PRs for any future 10.x releases. But if you manually upgrade to 10.x then Renovate will re-enable minor and patch updates automatically.

If you accidentally closed this PR, or if you changed your mind: rename this PR to get a fresh replacement PR.