Skip to content

Commit

Permalink
chore: Upgrade packages to combat CVE in dependencies. Fixes #1593
Browse files Browse the repository at this point in the history
  • Loading branch information
@linkdotnet
linkdotnet committed Nov 1, 2024
1 parent c0260b1 commit ee3e229
Show file tree
Hide file tree
Showing 2 changed files with 26 additions and 25 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ All notable changes to **bUnit** will be documented in this file. The project ad
### Fixed

- Use latest `System.Text.Json` due to CVE in `8.0.4`.
- Fixed other packages that have a CVE like `Microsoft.Extensions.Caching.Memory`. Reported by [@polajenko](https://github.com/polajenko). Fixed by [@linkdotnet](https://github.com/linkdotnet).

## [1.32.7] - 2024-10-04

Expand Down
50 changes: 25 additions & 25 deletions Directory.Packages.props
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@
<PackageVersion Include="Autofac" Version="8.1.0" />
<PackageVersion Include="Autofac.Extensions.DependencyInjection" Version="10.0.0" />

<PackageVersion Include="Serilog" Version="4.0.2"/>
<PackageVersion Include="Serilog" Version="4.1.0"/>
<PackageVersion Include="Serilog.Expressions" Version="5.0.0"/>
<PackageVersion Include="AngleSharp.Diffing" Version="1.0.0"/>
<PackageVersion Include="AngleSharp" Version="1.1.2"/>
Expand All @@ -24,7 +24,7 @@

<ItemGroup Label="Package Versioning">
<PackageVersion Include="Microsoft.SourceLink.GitHub" Version="8.0.0" />
<PackageVersion Include="Nerdbank.GitVersioning" Version="3.6.143" />
<PackageVersion Include="Nerdbank.GitVersioning" Version="3.6.146" />
</ItemGroup>

<ItemGroup Label="System.Text.Json Vulnerability">
Expand Down Expand Up @@ -65,7 +65,7 @@

<PackageVersion Include="Microsoft.AspNetCore.Components.Authorization" Version="6.0.33"/>
<PackageVersion Include="Microsoft.Extensions.Localization.Abstractions" Version="6.0.33"/>
<PackageVersion Include="Microsoft.Extensions.Caching.Memory" Version="6.0.1"/>
<PackageVersion Include="Microsoft.Extensions.Caching.Memory" Version="6.0.2"/>
<PackageVersion Include="Microsoft.AspNetCore.Components.Web" Version="6.0.33"/>
<PackageVersion Include="Microsoft.AspNetCore.Components.WebAssembly" Version="6.0.33"/>
<PackageVersion Include="Microsoft.AspNetCore.Components.WebAssembly.Authentication" Version="6.0.33"/>
Expand All @@ -85,29 +85,29 @@
</ItemGroup>

<ItemGroup Condition="'$(TargetFramework)' == 'net8.0'">
<PackageVersion Include="Microsoft.Extensions.Logging" Version="8.0.0"/>
<PackageVersion Include="Microsoft.Extensions.Logging.Abstractions" Version="8.0.1"/>
<PackageVersion Include="Microsoft.AspNetCore.Components" Version="8.0.8"/>

<PackageVersion Include="Microsoft.AspNetCore.Components.Authorization" Version="8.0.8"/>
<PackageVersion Include="Microsoft.Extensions.Localization.Abstractions" Version="8.0.8"/>
<PackageVersion Include="Microsoft.Extensions.Caching.Memory" Version="8.0.0"/>
<PackageVersion Include="Microsoft.AspNetCore.Components.Web" Version="8.0.8"/>
<PackageVersion Include="Microsoft.AspNetCore.Components.WebAssembly" Version="8.0.8"/>
<PackageVersion Include="Microsoft.AspNetCore.Components.WebAssembly.Authentication" Version="8.0.8"/>
<PackageVersion Include="Microsoft.Extensions.Logging" Version="8.0.1"/>
<PackageVersion Include="Microsoft.Extensions.Logging.Abstractions" Version="8.0.2"/>
<PackageVersion Include="Microsoft.AspNetCore.Components" Version="8.0.10"/>

<PackageVersion Include="Microsoft.AspNetCore.Components.Authorization" Version="8.0.10"/>
<PackageVersion Include="Microsoft.Extensions.Localization.Abstractions" Version="8.0.10"/>
<PackageVersion Include="Microsoft.Extensions.Caching.Memory" Version="8.0.1"/>
<PackageVersion Include="Microsoft.AspNetCore.Components.Web" Version="8.0.10"/>
<PackageVersion Include="Microsoft.AspNetCore.Components.WebAssembly" Version="8.0.10"/>
<PackageVersion Include="Microsoft.AspNetCore.Components.WebAssembly.Authentication" Version="8.0.10"/>
</ItemGroup>

<ItemGroup Condition="'$(TargetFramework)' == 'net9.0'">
<PackageVersion Include="Microsoft.Extensions.Logging" Version="9.0.0-rc.1.24431.7"/>
<PackageVersion Include="Microsoft.Extensions.Logging.Abstractions" Version="9.0.0-rc.1.24431.7"/>
<PackageVersion Include="Microsoft.AspNetCore.Components" Version="9.0.0-rc.1.24452.1"/>

<PackageVersion Include="Microsoft.AspNetCore.Components.Authorization" Version="9.0.0-rc.1.24452.1"/>
<PackageVersion Include="Microsoft.Extensions.Localization.Abstractions" Version="9.0.0-rc.1.24452.1"/>
<PackageVersion Include="Microsoft.Extensions.Caching.Memory" Version="9.0.0-rc.1.24431.7"/>
<PackageVersion Include="Microsoft.AspNetCore.Components.Web" Version="9.0.0-rc.1.24452.1"/>
<PackageVersion Include="Microsoft.AspNetCore.Components.WebAssembly" Version="9.0.0-rc.1.24452.1"/>
<PackageVersion Include="Microsoft.AspNetCore.Components.WebAssembly.Authentication" Version="9.0.0-rc.1.24452.1"/>
<PackageVersion Include="Microsoft.Extensions.Logging" Version="9.0.0-rc.2.24473.5"/>
<PackageVersion Include="Microsoft.Extensions.Logging.Abstractions" Version="9.0.0-rc.2.24473.5"/>
<PackageVersion Include="Microsoft.AspNetCore.Components" Version="9.0.0-rc.2.24474.3"/>

<PackageVersion Include="Microsoft.AspNetCore.Components.Authorization" Version="9.0.0-rc.2.24474.3"/>
<PackageVersion Include="Microsoft.Extensions.Localization.Abstractions" Version="9.0.0-rc.2.24474.3"/>
<PackageVersion Include="Microsoft.Extensions.Caching.Memory" Version="9.0.0-rc.2.24473.5"/>
<PackageVersion Include="Microsoft.AspNetCore.Components.Web" Version="9.0.0-rc.2.24474.3"/>
<PackageVersion Include="Microsoft.AspNetCore.Components.WebAssembly" Version="9.0.0-rc.2.24474.3"/>
<PackageVersion Include="Microsoft.AspNetCore.Components.WebAssembly.Authentication" Version="9.0.0-rc.2.24474.3"/>
</ItemGroup>

<ItemGroup Label="Test Dependencies">
Expand All @@ -117,13 +117,13 @@
<PackageVersion Include="MSTest.TestFramework" Version="3.6.0" />
<PackageVersion Include="Microsoft.NET.Test.Sdk" Version="17.11.1"/>
<PackageVersion Include="Moq" Version="4.20.72" />
<PackageVersion Include="NSubstitute" Version="5.1.0" />
<PackageVersion Include="NSubstitute" Version="5.3.0" />
<PackageVersion Include="NUnit3TestAdapter" Version="4.6.0" />
<PackageVersion Include="RichardSzalay.MockHttp" Version="7.0.0" />
<PackageVersion Include="Serilog.Extensions.Logging" Version="8.0.0" />
<PackageVersion Include="Shouldly" Version="4.2.1"/>
<PackageVersion Include="Verify.SourceGenerators" Version="2.5.0"/>
<PackageVersion Include="Verify.Xunit" Version="26.6.0"/>
<PackageVersion Include="Verify.Xunit" Version="28.1.0"/>
<PackageVersion Include="Xunit.Combinatorial" Version="1.6.24"/>
<PackageVersion Include="coverlet.collector" Version="6.0.2" />
<PackageVersion Include="coverlet.msbuild" Version="6.0.2" />
Expand Down

0 comments on commit ee3e229

Please sign in to comment.