fix(deps): upgrade AutoMapper from 14.x to 16.1.1

[nanotaboada]

Closes #414

Summary by CodeRabbit

• Bug Fixes

  • Resolved high-severity security vulnerability (GHSA-rvv3-g6hj-g44x) in AutoMapper.

• Chores

  • Upgraded AutoMapper from version 14.x to 16.1.1 for enhanced compatibility.

[coderabbitai]

Warning

Rate limit exceeded

@nanotaboada has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 3 minutes and 31 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: a839e259-f7f1-4bae-bf47-77db9f0c8100

📥 Commits

Reviewing files that changed from the base of the PR and between f0b39b1 and ddf07c9.

⛔ Files ignored due to path filters (2)

• src/Dotnet.Samples.AspNetCore.WebApi/packages.lock.json is excluded by !**/packages.lock.json
• test/Dotnet.Samples.AspNetCore.WebApi.Tests/packages.lock.json is excluded by !**/packages.lock.json

📒 Files selected for processing (4)

• .github/dependabot.yml
• CHANGELOG.md
• src/Dotnet.Samples.AspNetCore.WebApi/Dotnet.Samples.AspNetCore.WebApi.csproj
• src/Dotnet.Samples.AspNetCore.WebApi/Extensions/ServiceCollectionExtensions.cs

Walkthrough

AutoMapper dependency upgraded from 14.x to 16.1.1 to resolve security vulnerability GHSA-rvv3-g6hj-g44x. Dependabot ignore rules removed, package version constraint updated, DI registration API migrated to the new config-action pattern, and changelog documented.

Changes

Cohort / File(s)	Summary
Configuration & Dependencies .github/dependabot.yml, src/Dotnet.Samples.AspNetCore.WebApi/Dotnet.Samples.AspNetCore.WebApi.csproj	Removed AutoMapper version pinning ignore rules from Dependabot configuration and updated package reference from [14.0.0,15.0.0) to [16.1.1,17.0.0).
DI Registration src/Dotnet.Samples.AspNetCore.WebApi/Extensions/ServiceCollectionExtensions.cs	Updated AddAutoMapper registration from type-based API (typeof(PlayerMappingProfile)) to configuration delegate pattern (config => config.AddProfile<PlayerMappingProfile>()) to comply with AutoMapper 16.x breaking changes.
Documentation CHANGELOG.md	Added changelog entry documenting AutoMapper upgrade to 16.1.1 and security vulnerability resolution.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Assessment against linked issues

Objective	Addressed	Explanation
Update AutoMapper to [16.1.1,17.0.0) in .csproj [#414]	✅
Remove Dependabot ignore rules for AutoMapper major-version updates [#414]	✅
Adapt DI registration to new AddAutoMapper(Action<IMapperConfigurationExpression>) API [#414]	✅
Update CHANGELOG.md with upgrade entry [#414]	✅

Suggested labels

dependencies, .NET

🚥 Pre-merge checks | ✅ 2

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title follows Conventional Commits format (fix:), is under 80 characters (49 chars), and clearly describes the main change: upgrading AutoMapper to resolve a security vulnerability.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/automapper-security-upgrade

• 🛠️ sync documentation: Commit on current branch
• 🛠️ sync documentation: Create PR
• 🛠️ enforce http error handling: Commit on current branch
• 🛠️ enforce http error handling: Create PR
• 🛠️ idiomatic review: Commit on current branch
• 🛠️ idiomatic review: Create PR
• 🛠️ verify api contract: Commit on current branch
• 🛠️ verify api contract: Create PR

📝 Coding Plan

• Generate coding plan for human review comments

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud