Post merge, to make built work

2024-09-26 09:58:31 +02:00
parent 97edc951dc
commit 5026095353
10 changed files with 43 additions and 9 deletions
--- a/Directory.Packages.props
+++ b/Directory.Packages.props
@@ -47,7 +47,7 @@
    <PackageVersion Include="Dazinator.Extensions.FileProviders" Version="2.0.0" />
    <PackageVersion Include="Examine" Version="3.3.0" />
    <PackageVersion Include="Examine.Core" Version="3.3.0" />
-    <PackageVersion Include="HtmlAgilityPack" Version="1.11.65" />
+    <PackageVersion Include="HtmlAgilityPack" Version="1.11.66" />
    <PackageVersion Include="JsonPatch.Net" Version="3.1.1" />
    <PackageVersion Include="K4os.Compression.LZ4" Version="1.3.8" />
    <PackageVersion Include="MailKit" Version="4.7.1.1" />
@@ -75,7 +75,7 @@
    <PackageVersion Include="Serilog.Sinks.Map" Version="2.0.0" />
    <PackageVersion Include="SixLabors.ImageSharp" Version="3.1.5" />
    <PackageVersion Include="SixLabors.ImageSharp.Web" Version="3.1.3" />
-    <PackageVersion Include="Swashbuckle.AspNetCore" Version="6.7.3" />
+    <PackageVersion Include="Swashbuckle.AspNetCore" Version="6.8.0" />
  </ItemGroup>
  <!-- Transitive pinned versions (only required because our direct dependencies have vulnerable versions of transitive dependencies) -->
  <ItemGroup>
@@ -88,6 +88,11 @@
    <!-- Both Dazinator.Extensions.FileProviders and MiniProfiler.AspNetCore.Mvc bring in a vulnerable version of System.Text.RegularExpressions -->
    <PackageVersion Include="System.Text.RegularExpressions" Version="4.3.1" />
    <!-- Both OpenIddict.AspNetCore, Npoco.SqlServer and Microsoft.EntityFrameworkCore.SqlServer bring in a vulnerable version of Microsoft.IdentityModel.JsonWebTokens -->
-    <PackageVersion Include="Microsoft.IdentityModel.JsonWebTokens" Version="8.0.2" />
+    <PackageVersion Include="Microsoft.IdentityModel.JsonWebTokens" Version="8.1.0" />
+    <!-- Both  Azure.Identity, Microsoft.EntityFrameworkCore.SqlServer, Dazinator.Extensions.FileProviders bring in legacy versions of System.Text.Encodings.Web  -->
+    <PackageVersion Include="System.Text.Encodings.Web" Version="8.0.0" />
+
+    <!-- NPoco.SqlServer bring in vulnerable version of Microsoft.Data.SqlClient  -->
+    <PackageVersion Include="Microsoft.Data.SqlClient" Version="5.2.2" />
  </ItemGroup>
-</Project>
+</Project>