Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Dependency to packages with known vulnerability #5

Open
GrumpyMan opened this issue Nov 13, 2024 · 0 comments
Open

Dependency to packages with known vulnerability #5

GrumpyMan opened this issue Nov 13, 2024 · 0 comments

Comments

@GrumpyMan
Copy link

I noticed that Visual Studio complains about a couple of nuget packages with known vulnerabilities is dragged in as a transitive dependency. It is System.Net.Http 4.3.0 that is referenced by MightyLittleGeodesy 1.0.2. The same for System.Text.RegularExpressions.

I think it is the dependency to .NET Standard 1.6.1 that is the problem.

Maybe it is time for MightyLittleGeodes 2.x that leaves support for .NET Framework and .NET standard 1.6 behind and aims for .NET Standard 2.0?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant