Stratara.Infrastructure 3.1.3

.NET 10.0 This package targets .NET 10.0. The package is compatible with this framework or higher. 
dotnet add package Stratara.Infrastructure --version 3.1.3
                    


                    

                
NuGet\Install-Package Stratara.Infrastructure -Version 3.1.3
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package. 
<PackageReference Include="Stratara.Infrastructure" Version="3.1.3" />
For projects that support PackageReference, copy this XML node into the project file to reference the package. 
<PackageVersion Include="Stratara.Infrastructure" Version="3.1.3" />
                    


                            Directory.Packages.props
                        

                    

                
<PackageReference Include="Stratara.Infrastructure" />
                    


                            Project file
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package. 
paket add Stratara.Infrastructure --version 3.1.3
                    


                    

                
#r "nuget: Stratara.Infrastructure, 3.1.3"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package. 
#:package Stratara.Infrastructure@3.1.3
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package. 
#addin nuget:?package=Stratara.Infrastructure&version=3.1.3
                    


                            Install as a Cake Addin
                        

                    

                
#tool nuget:?package=Stratara.Infrastructure&version=3.1.3
                    


                            Install as a Cake Tool

Stratara.Infrastructure

License: FSL-1.1-MIT (Functional Source License — source-available; converts to MIT after 2 years). Not OSI-approved OSS.

Cross-cutting infrastructure plumbing for the Stratara framework — the Tier-C glue that lets downstream apps wire authorization, DI composition, and worker-stack configuration with a single reference.

Contents

  • Authorization decorators over command-outbox dispatch (AuthorizingCommandOutboxDispatcher).
  • DI composition helpers that wire Mediator, Outbox, Identity, and EFCore into a hosted app.
  • Configuration providers and option binders used by the worker stack.

Dependencies

Transitively depends on Stratara.Contracts, Stratara.EventSourcing.EntityFrameworkCore, Stratara.Mediator, Stratara.Outbox.RabbitMQ, Stratara.Sessions, Stratara.Shared.

Behavioural notes

AddSecurity() — IKeyStore registration (since 3.0.11)

AddSecurity() registers Stratara's security stack including the IKeyStore abstraction. The default is a TryAddSingleton<IKeyStore, DummyKeyStore> fallback — but DummyKeyStore since 3.0.11 throws InvalidOperationException in any environment other than Development (whitelist guard to prevent production data exposure from the demo encryption key). Hosts on Staging, QA, UAT, Preview, or any custom environment must register a real IKeyStore implementation before calling AddSecurity():

// Recommended composition root
if (builder.Environment.IsDevelopment())
{
    builder.Services.AddSecurity();   // DummyKeyStore fallback is fine
}
else
{
    builder.Services.AddSingleton<IKeyStore, AzureKeyVaultKeyStore>();  // or AwsKmsKeyStore, HsmKeyStore, ...
    builder.Services.AddSecurity();
}

KeyStoreStartupProbe logs a Warning (event id LogEvents.KeyManagement.DummyKeyStoreActive = 112_001) at host start when the resolved IKeyStore is DummyKeyStore — even in Development — so an accidental dependency on the dummy is loud rather than silent.

Why the change: Before 3.0.11 the guard only blocked IsProduction(). Hosts in any other environment silently encrypted with the world-known constant pass-phrase "StrataraTestKey" baked into the shipping NuGet — a Staging or QA copy of production data could be decrypted by anyone reading the source. The whitelist guard makes this configuration crash-fast at host build instead of allowing silent data exposure.

AddCaching() — Redis registration

AddCaching() used to delegate to builder.AddRedisClient("redis") from Aspire.StackExchange.Redis. After the Aspire-wrapper removal it registers IConnectionMultiplexer directly via ConnectionMultiplexer.Connect(...) from StackExchange.Redis. The method signature is unchanged, but the Aspire-only side-effects are gone:

  • No automatic Redis health check. Add one explicitly with AddHealthChecks().AddRedis(connectionString) (from AspNetCore.HealthChecks.Redis) if your host exposes /health and you want Redis covered.
  • No automatic OpenTelemetry Redis instrumentation. Add OpenTelemetry.Instrumentation.StackExchangeRedis and .AddRedisInstrumentation() to your TracerProviderBuilder if you want Redis spans in your traces.

The connection-string lookup (ConnectionStrings:redis in configuration) is identical to the pre-cleanup behaviour.

Product Compatible and additional computed target framework versions.
.NET net10.0 is compatible.  net10.0-android was computed.  net10.0-browser was computed.  net10.0-ios was computed.  net10.0-maccatalyst was computed.  net10.0-macos was computed.  net10.0-tvos was computed.  net10.0-windows was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages (2)

Showing the top 2 NuGet packages that depend on Stratara.Infrastructure:

Package Downloads
Stratara.EventSourcing.WorkerDefaults

Worker-host wiring composites for the Stratara event-sourced stack. IHostApplicationBuilder extensions (AddBackendServices, AddCommandWorkerServices, AddEventProjectionWorkerServices, AddSagaWorkerServices, AddOutboxWorkerServices) bundle the per-concern DI calls so each worker host opts in with one line.
Stratara.Testing.EntityFrameworkCore

Spin up the real Stratara event-sourcing write stack (EventSource, aggregation, snapshots, the EF Core write store) against a shared in-memory SQLite database in one call — production code paths, no Postgres, no Docker. Builds on Stratara.Testing's in-memory doubles.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last Updated
3.1.3 0 6/10/2026
3.1.2 109 6/5/2026
3.1.1 193 6/1/2026
3.1.0 106 5/30/2026
3.0.23 108 5/28/2026

### Added

- **Mediator tenant-isolation behavior** (`Stratara.Mediator`) — `AddStrataraTenantIsolation()`
 registers a pipeline behavior that enforces tenant isolation at the mediator entrance, before the
 handler runs, for any request that opts in via the new `ITenantScopedRequest` marker
 (`Stratara.Abstractions.Multitenancy`). The behavior compares the request's `TenantId` (data owner)
 against the ambient session's data-owner tenant and rejects a mismatch with the new
 `TenantAccessDeniedException` (translated to HTTP 403 on ASP.NET hosts). `TenantIsolationMode.Default`
 enforces only the subject match (privileged cross-tenant operations pass when the endpoint promoted
 the session subject to the target); `TenantIsolationMode.Strict` additionally routes every
 cross-tenant operation through the new `ICrossTenantAuthorizer`, whose shipped default denies all
 cross-tenant access until a consumer registers its own authorizer. Complements the existing
 database-side `ApplyGlobalTenantQueryFilters` with a command-/query-entrance guard. New log-event
 IDs `114_101`/`114_102`/`114_003` in `Stratara.Diagnostics`.
- **`Stratara.Abstractions.Persistence.ConcurrencyConflictException`** — provider-agnostic
 wrapper for an optimistic-concurrency conflict detected during commit. Allows framework-level
 code in `Stratara.Projections` (and any consumer outside the `EntityFrameworkCore` package) to
 react to concurrency without taking an EF Core dependency. EF Core's `DbUpdateConcurrencyException`
 (and provider equivalents) flow through this type.

### Changed

- **`EfTransaction.SaveChangesAsync`** (in `Stratara.EventSourcing.EntityFrameworkCore`) now
 wraps `DbUpdateConcurrencyException` thrown by EF Core in the new
 `ConcurrencyConflictException`. PostgreSQL unique-violation paths remain on `DbUpdateException`
 (different semantics — duplicate-key on insert vs. stale-row on update/delete).
- **`EventSource.SaveChangesAsync`** (write-side append flow) extends its concurrency-handling
 catch to the new exception type so the existing append-conflict recovery path keeps working
 after the wrap. Behaviour for both EF concurrency conflicts and PostgreSQL unique violations
 is unchanged.

### Fixed

- **`TenantProjection` no longer aborts the event bundle on a parallel delete race.** The two
 delete handlers (`TenantDeleted`, `CustomerTenantsDeleted`) now swallow
 `ConcurrencyConflictException` silently — a missing row is the desired end-state of a delete.
 Before this fix, a consumer-side customer-delete cascade saga that emits both
 `CustomerTenantsDeleted` and a follow-up `TenantDeleted` for the same tenants would race the
 two parallel projection bundles on the same `TenantView` row; the loser threw
 `DbUpdateConcurrencyException` out of `SaveChangesAsync`, which propagated through
 `ProjectionWorker` and caused `RabbitMqBus` to roll back the entire bundle — including
 sibling projections that had already committed. Update handlers (rename / activate /
 deactivate / locale / customer-assigned) keep their current behaviour: a concurrency failure
 there is a real race that propagates.