Vulnerabilities in transitive dependencies #4115

DavidBoike · 2024-04-23T21:02:04Z

Re-implements Add NuGetAuditMode = all and bump necessary versions #4114 in branch release-5.1 to fix Vulnerabilities in transitive dependencies #4122

Adds NuGetAuditMode = all to the project so that all transitive dependencies with known vulnerabilities will be detected and fixed using available NuGet tooling.

Also adds explicit versions for the detected transitive dependencies to ensure vulnerable dependencies are not shipped.

DavidBoike changed the base branch from master to release-5.1 April 23, 2024 21:02

Add NuGetAuditMode = all and bump necessary versions

7f50333

DavidBoike force-pushed the nuget-audit-mode-5.1 branch from b39be8f to 7f50333 Compare April 23, 2024 21:03

DavidBoike requested a review from tamararivera April 23, 2024 21:03

DavidBoike self-assigned this Apr 23, 2024

tamararivera approved these changes Apr 24, 2024

View reviewed changes

DavidBoike merged commit 6ae74fb into release-5.1 Apr 24, 2024

DavidBoike deleted the nuget-audit-mode-5.1 branch April 24, 2024 21:30

DavidBoike added this to the 5.1.1 milestone Apr 25, 2024

DavidBoike changed the title ~~Add NuGetAuditMode = all and bump necessary versions (release-5.1)~~ Vulnerabilities in transitive dependencies Apr 29, 2024

This was referenced Apr 29, 2024

Vulnerabilities in transitive dependencies #4122

Closed

Add NuGetAuditMode = all and bump necessary versions #4114

Merged

DavidBoike added the Bug label Apr 29, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Vulnerabilities in transitive dependencies #4115

Vulnerabilities in transitive dependencies #4115

Uh oh!

DavidBoike commented Apr 23, 2024 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Vulnerabilities in transitive dependencies #4115

Vulnerabilities in transitive dependencies #4115

Uh oh!

Conversation

DavidBoike commented Apr 23, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

DavidBoike commented Apr 23, 2024 •

edited

Loading