Bump azure-functions-core-tools from 4.5.0 to 4.6.0 in /api

[dependabot]

Bumps azure-functions-core-tools from 4.5.0 to 4.6.0.

Release notes

Sourced from azure-functions-core-tools's releases.

4.6.0

Azure Functions CLI 4.6.0

Host Version

• Host Runtime Version: 4.1045.200
• In-Proc CLI:
  • CLI Version: 4.3.0
  • Host Runtime Version: 4.44.100 (includes 4.844.100, 4.644.100)

Changes

• Fix .gitignore to allow PowerShell module bin folders (#4574)
• Refactor to use msbuild for determining .NET target framework & add support multiple TFMs (#4715)
  • When using func init --docker-only on a .NET project with multiple target frameworks, the CLI will now prompt the user to select which target framework to use for the Dockerfile.
• Enhanced dotnet installation discovery by adopting the same Muxer logic used by the .NET SDK itself (#4732)
• Update .NET templates package version to 4.0.5337 (#4728)
• Fix func pack --build-native-deps failure on Windows for Python 3.13+ (#4742)
• Add deprecation warning for extension bundles during function app publish (#4700)
• Update the TypeScript project template to improve interoperability (#4739)
  • Upgrade typescript from ^4.0.0 to ^5.0.0
  • Add "esModuleInterop": true option to tsconfig.json
• Cleaned up func --help output and fixed validation errors when using the --help flag for specific commands (#4748)
• Improved func init --help output to better display options for each worker runtime (#4748)
• Fix F# project & template initialization via func init | new (#4749)
• Log a warning if remote build is used for Python 3.14 flex app (#4755)

Changelog

Sourced from azure-functions-core-tools's changelog.

Azure Functions CLI 4.6.0

Host Version

• Host Runtime Version: 4.1045.200
• In-Proc CLI:
  • CLI Version: 4.3.0
  • Host Runtime Version: 4.44.100 (includes 4.844.100, 4.644.100)

Changes

• Fix .gitignore to allow PowerShell module bin folders (#4574)
• Refactor to use msbuild for determining .NET target framework & add support multiple TFMs (#4715)
  • When using func init --docker-only on a .NET project with multiple target frameworks, the CLI will now prompt the user to select which target framework to use for the Dockerfile.
• Enhanced dotnet installation discovery by adopting the same Muxer logic used by the .NET SDK itself (#4732)
• Update .NET templates package version to 4.0.5337 (#4728)
• Fix func pack --build-native-deps failure on Windows for Python 3.13+ (#4742)
• Add deprecation warning for extension bundles during function app publish (#4700)
• Update the TypeScript project template to improve interoperability (#4739)
  • Upgrade typescript from ^4.0.0 to ^5.0.0
  • Add "esModuleInterop": true option to tsconfig.json
• Cleaned up func --help output and fixed validation errors when using the --help flag for specific commands (#4748)
• Improved func init --help output to better display options for each worker runtime (#4748)
• Fix F# project & template initialization via func init | new (#4749)
• Log a warning if remote build is used for Python 3.14 flex app (#4755)

Commits

• ab90faa Updating host version to 4.1045.200 (#4754)
• de27dbd Add deprecation warning for extension bundles during publish (#4746)
• 23eb3b9 Bump dotnet-sdk from 9.0.306 to 9.0.308 (#4750)
• 5185bc9 Update typescript version and TS compile option in template files (#4739)
• 6c10c0b Log a warning if remote build is used for Python 3.14 flex app (#4755)
• 3115e2a Fix F# function project initialization and function creation (#4749)
• 6ee444f Cleanup & fix func --help & func init --help output (#4748)
• b828623 Fix nightly build to pull correct CLI version from artifact feed (#4730)
• b0d4915 Clean up repository & general housekeeping(#4734)
• 0130b8b Fix python buildenv dockerfile name (#4742)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Labels

The following labels could not be found: api, dependencies. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[github-actions]

⚠️ Deprecation Warning: The deny-licenses option is deprecated for possible removal in the next major release. For more information, see issue 997.

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
npm/azure-functions-core-tools	4.6.0	🟢 7.1	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 18 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 10 all changesets reviewed Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Binary-Artifacts 🟢 9 binaries present in source code Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection 🟢 5 branch protection is not maximal on development and all release branches Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST 🟢 9 SAST tool is not run on all commits -- score normalized to 9 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0

Scanned Files

• api/package-lock.json