Home Archive Agent storage, AOT addons, security fix – .NET News Daily Issue #446 (May 1, 2026)

Part of: ASP.NET Core: a working guide for .NET developers, C#: a working guide for .NET developers, Performance: a working guide for .NET developers

Topics: ASP.NET Core C# .NET 10 Native AOT Performance Security Semantic Kernel System.Text.Json

Editor's note

I pulled together another deliberately mixed issue today, with a few pieces that are especially practical. The Agent Framework storage article gets into a decision teams usually postpone too long, and the .NET 10 out-of-band security update is the sort of release note you really should read closely. I also liked the Native AOT Node.js addon write-up because it shows .NET reaching into places many developers wouldn’t immediately expect.

Agent storage, AOT addons, security fix

Author

Jasen Fici
May 01, 2026

Enjoying the newsletter? Your feedback helps us grow and reach more developers.

Share your testimonial →

Today's Articles

Chat History Storage Patterns in Microsoft Agent Framework

https://devblogs.microsoft.com/agent-framework/chat-history-storage-patterns-in-microsoft-agent-framework/

When people talk about building AI agents, they usually focus on models, tools, and prompts. In practice, one of the most important architectural decisions is much simpler: where does the conversation...
Article preview

.NET 10.0.7 Out-of-Band Security Update

https://devblogs.microsoft.com/dotnet/dotnet-10-0-7-oob-security-update/

We are releasing .NET 10.0.7 as an out-of-band (OOB) update to address a security issue introduced in Microsoft.AspNetCore.DataProtection Security update details This release includes a fix for
Article preview

Building File-Based Apps in .NET: A Complete Guide With Multi-File Support

https://antondevtips.com/blog/building-file-based-apps-in-dotnet-with-multi-file-support

Learn how to build file-based apps in .NET 10 and .NET 11 Preview 3. This guide covers single-file C# scripts, multi-file apps with the #:include directive, including SDK, including project files and
Article preview

Caching a geo-restricted app without the cache exploding

https://melkisetoglu.medium.com/caching-a-geo-restricted-app-without-the-cache-exploding-4b0c00d1410e?source=rss------dotnet-5

A small .NET pattern that’s really just a small idea — and works in any web stack.
Article preview

Difference Between ref and out Parameters in C# with Examples?

https://www.c-sharpcorner.com/article/difference-between-ref-and-out-parameters-in-c-sharp-with-examples/

Unlock the power of ref and out parameters in C#! Master passing arguments by reference, modifying existing values with ref, and returning multiple values with out. Enhance your C# coding skills!
Article preview

Obfuscator: Code Virtualization

https://medium.com/@rustemsoft/obfuscator-code-virtualization-d3910c36df3d?source=rss------dotnet-5

A practical guide to protecting .NET applications
Article preview

String vs JSON vs Object in .NET — Why Beginners Get Confused

https://medium.com/@sweetondonie/string-vs-json-vs-object-in-net-why-beginners-get-confused-67e949d88b59?source=rss------csharp-5

When I started working with APIs in .NET, this was one of the most confusing things:
Article preview

AI integrations: Rely or verify? Checking Semantic Kernel

https://unicorn-dev.medium.com/ai-integrations-rely-or-verify-checking-semantic-kernel-a07f71b1f11a?source=rss------csharp-5

Semantic Kernel is a Microsoft’s SDK for integrating AI models into applications.
Article preview

Do Agent Skills Actually Save Tokens? With vs Without Skills Loading in Microsoft Agent Framework

https://medium.com/@sainitesh/do-agent-skills-actually-save-tokens-with-vs-without-skills-loading-in-microsoft-agent-framework-98d1f0ade703?source=rss------dotnet-5

After exploring agent sessions, I wanted to dig into how the Microsoft Agent Framework handles domain knowledge. The question was: if I…
Article preview

Another crash caused by uninstaller code injection into Explorer

https://devblogs.microsoft.com/oldnewthing/20260423-00/?p=112261

Some time ago, I noted that any sufficiently advanced uninstaller is indistinguishable from malware.¹ During one of our regular debugging chats, a colleague of mine mentione
Article preview

Writing Node.js addons with .NET Native AOT

https://devblogs.microsoft.com/dotnet/writing-nodejs-addons-with-dotnet-native-aot/

C# Dev Kit is a VS Code extension. Like all VS Code extensions, its front end is TypeScript running in Node.js. For certain platform-specific tasks, such as reading the Windows Registry, we've histori...
Article preview

How We Beat the Y2K Bug

https://www.spreaker.com/episode/how-we-beat-the-y2k-bug--71580154

The Y2K bug turned out to be a non-event on January 1, 2000. How did that happen? Carl and Richard bring together a number of stories from folks who were there, fixing the software and updating system...
Article preview

Jasen's take on today's picks

Chat History Storage Patterns in Microsoft Agent Framework

A useful architectural piece on agent memory, persistence options, and why chat history design affects reliability more than prompt tweaks.

.NET 10.0.7 Out-of-Band Security Update

Short but important: this out-of-band patch fixes a DataProtection-related security issue in .NET 10.0.7.

Building File-Based Apps in .NET: A Complete Guide With Multi-File Support

Interesting look at file-based apps, including multi-file support and newer script-style workflows in .NET 10 and .NET 11 preview.

Caching a geo-restricted app without the cache exploding

A smart caching pattern for geo-restricted scenarios that avoids multiplying cache entries by every regional variation.

Difference Between ref and out Parameters in C# with Examples?

Beginner-friendly refresher on ref versus out, with examples that clarify when each parameter style makes sense.

Obfuscator: Code Virtualization

Covers code virtualization as an obfuscation technique for protecting .NET applications, with a practical security angle.

String vs JSON vs Object in .NET — Why Beginners Get Confused

A straightforward explainer for developers who still mix up raw strings, JSON payloads, and object models in API work.

AI integrations: Rely or verify? Checking Semantic Kernel

Worth reading if you’re wiring in AI features and want to validate Semantic Kernel behavior instead of assuming abstractions are correct.

Do Agent Skills Actually Save Tokens? With vs Without Skills Loading in Microsoft Agent Framework

A nice follow-up experiment measuring whether Agent Framework skills loading actually reduces token usage in practice.

Another crash caused by uninstaller code injection into Explorer

Classic Raymond Chen: a debugging story that doubles as a cautionary tale about invasive installer and uninstaller behavior.

Writing Node.js addons with .NET Native AOT

One of the more interesting platform posts here, showing how Native AOT can bridge .NET into Node.js addon scenarios.

How We Beat the Y2K Bug

Not a coding tutorial, but a worthwhile industry retrospective on the engineering discipline that kept Y2K from becoming a visible disaster.

Related issues

Issue #443 • Apr 28, 2026
ASP.NET Core, EF Core & AI security
Issue #424 • Apr 01, 2026
C# design, AI upgrades, and ASP.NET Core
Issue #413 • Mar 17, 2026
MCP servers, .NET 11 Preview 2, and Copilot CLI
Issue #410 • Mar 12, 2026
Rounding, routing, and agent workflows
Issue #378 • Jan 27, 2026
ASP.NET Core routing, Copilot, and .NET 10 API updates

📬 Get daily .NET content delivered to your inbox