New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update packages references #118
Comments
I don't want to add constraints, unless there is a security issue. The dependencies are not strict, so clients can reference newer versions that are non-deprecated versions. |
I've updated the initial post with additional information that shows that there are also security issues. Also, how would package update add constraints? All those references packages still support .NET Standard 2.0 (your only target framework) in their latest version. |
Could you please update the references to 3rd party packages? Currently those old package versions are either vulnerable/deprecated themselves or bring in some other transient dependencies which are vulnerable/deprecated.
System.Text.Json
5.0.2 is deprecatedMicrosoft.AspNet.WebApi.Client
5.2.4 ->Newtonsoft.Json.Bson
1.0.1 ->NETStandard.Library
1.6.1 -> multiple vulnerable packagesOutput for a new xUnit test project with FluentAssertions.Web:
The text was updated successfully, but these errors were encountered: