Bump Microsoft.Rest.ClientRuntime from 2.3.21 to 2.3.24 in /sdk/PowerBI.Api

[dependabot]

Bumps Microsoft.Rest.ClientRuntime from 2.3.21 to 2.3.24.

Commits

• 0a3afc9 Clientruntime/sanitize request header (#28169)
• 8724e58 Minor fix to update comment for TokenCacheRefreshArgs.SuggestedCacheKey (#28128)
• 2decee4 performance patch of JsonConverterHelper.cs (#26448)
• 64b55ac [DataFactory]Added new features into 6.0.0 (#28135)
• bba0666 Sync eng/common directory with azure-sdk-tools for PR 3124 (#28158)
• 15f55a0 check the right variable syntax (#28159)
• d9f870d Fixed readme links (#28133)
• 24e3145 [FormRecognizer] Updated Form Recognizer sanitized properties (#28151)
• 7ac1c4a update pipeline generator package version (#28157)
• 6ce436c Remove empty changelog sections (#28152)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[erenes]

The older version of the ClientRuntime library has a security vulnerability, so I would recommend merging this PR.

As a workaround on my end I have added ClientRuntime in my central package version file with the latest version as follows:
<PackageVersion Include="Microsoft.Rest.ClientRuntime" Version="2.3.24" />

Hope this helps someone coming across this later :)

[wagnerbsouza]

Hey there!

I might be stepping onto other's toes, but Microsoft.Rest.ClientRuntime is fully deprecated (i.e. all versions are marked as such) and it's recommended to use Azure.Core instead.

Will this be attended in the future?

Sorry if that's not the place to ask it.
Cheers!

[hvhaaren]

Hello, I also vote for updating the Microsoft.Rest.ClientRuntime because the Mend security scan on our product reports this security issue because we include the powerbi package.
Thanks.

[thomrommens]

Dear maintainers, appreciate your efforts. Can we please have an outlook on moving away from your dependency Microsoft.Rest.ClientRuntime to Azure.Core? I'm facing comparable issues as mentioned before in this thread. Thank you!

[ghost]

Would be nice if this was indeed removed by regenerating the client using AutoRest 3 as opposed to 2 and making it compatible with that. Alternatively if you could shed some light on how the swagger file was generated or provide a compatible one that would enable opensource contributions. - Simply running the old swagger file trough AutoRest 3 throws exceptions, converting it trough https://editor.swagger.io/ to openapi 3 and then running it also results in some exceptions. -