chore(deps): bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.13.1 to 1.14.0

[dependabot]

Bumps github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.13.1 to 1.14.0.

Release notes

Sourced from github.com/Azure/azure-sdk-for-go/sdk/azidentity's releases.

sdk/azidentity/v1.14.0

1.14.0 (2026-06-15)

Breaking Changes

These changes affect only code written against a beta version such as v1.14.0-beta.3

• Removed WorkloadIdentityCredentialOptions.EnableAzureProxy. It will return in v1.15.0-beta.1

Bugs Fixed

• AzureDeveloperCLICredential improved reporting of error messages returned from azd

Other Changes

• Returned azidentity errors include links to the troubleshooting guide when appropriate
• This module now requires a minimum Go version of 1.25
• Upgraded dependencies

Commits

• 0495c20 Prep azcore 1.14.0 for release (#23293)
• 217edee fix(generator tool): filter tsp-client diagnostics log (#23292)
• 023c88f Increment package version after release of azidentity (#23290)
• 17f3361 Sync eng/common directory with azure-sdk-tools for PR 8760 (#23271)
• f5f3234 bump proxy to one with an audit log and more correct locking (#23288)
• d707091 Prepare azidentity v1.8.0-beta.2 for release (#23289)
• 84d213c NewManagedIdentityCredential returns an error for unsupported ID options (#23...
• ea67e9c azcontainerregistry: move method to function (#23270)
• 40dad0a fix (#23287)
• a368082 fix generator tool: ExecuteGoGenerate func (#23286)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[cursor]

PR Summary

Medium Risk
Touches the Azure authentication stack used for Key Vault secrets; risk is limited to dependency behavior changes, not app logic rewrites.

Overview
Bumps github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.13.1 to 1.14.0 in go.mod / go.sum, with no application source changes.

The lockfile also picks up related indirect upgrades: microsoft-authentication-library-for-go 1.7.0 → 1.7.2 and sdk/azidentity/cache 0.3.2 → 0.4.0. Azure Key Vault access in pkg/secrets still uses the same azidentity APIs (e.g. managed identity); behavior may shift slightly from upstream fixes (clearer azidentity errors, MSAL updates) without local code edits.

^{Reviewed by Cursor Bugbot for commit b3347c6. Bugbot is set up for automated code reviews on this repo. Configure here.}

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	golang/​github.com/​Azure/​azure-sdk-for-go/​sdk/​azidentity@​v1.13.1 ⏵ v1.14.0	-3

View full report