Activated NuGet Audit for high and critical vulnerabilities in direct…

… and transitive dependencies for all projects (https://devblogs.microsoft.com/nuget/nugetaudit-2-0-elevating-security-and-trust-in-package-management/) Related issue: #544
serilog-mssql · Aug 28, 2024 · 30254fd · 30254fd
1 parent 04ad485
commit 30254fd
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 0 deletions.
diff --git a/Directory.Build.props b/Directory.Build.props
@@ -0,0 +1,7 @@
+<Project>
+    <PropertyGroup>
+        <NuGetAuditMode>all</NuGetAuditMode>
+        <NuGetAuditLevel>high</NuGetAuditLevel>
+        <TreatWarningsAsErrors>true</TreatWarningsAsErrors>
+    </PropertyGroup>
+</Project>
diff --git a/serilog-sinks-mssqlserver.sln b/serilog-sinks-mssqlserver.sln
@@ -24,6 +24,7 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution
 		.editorconfig = .editorconfig
 		Build.ps1 = Build.ps1
 		CHANGES.md = CHANGES.md
+		Directory.Build.props = Directory.Build.props
 		Directory.Packages.props = Directory.Packages.props
 		.github\ISSUE_TEMPLATE.md = .github\ISSUE_TEMPLATE.md
 		.github\workflows\pr-analysis-codeql.yml = .github\workflows\pr-analysis-codeql.yml