search

Azure / azure-iot-sdk-csharp

A C# SDK for connecting devices to Microsoft Azure IoT services
Other
457 stars 493 forks source link

Added managed identities for ACR container pulls #3463

Closed ericwol-msft closed 3 weeks ago

ericwol-msft commented 3 weeks ago

Checklist

Description of the changes

Reference/Link to the issue solved with this PR (if any)

timtay-microsoft commented 3 weeks ago

FYI it looks like we lapsed on some security vulnerabilities and that is blocking your gate here.

/mnt/vss/_work/1/s/e2e/test/E2ETests.csproj : error NU1902: Warning As Error: Package 'Azure.Identity' 1.11.2 has a known moderate severity vulnerability, https://github.com/advisories/GHSA-m5vv-6r4h-3vj9 [/mnt/vss/_work/1/s/azureiot.sln]
/mnt/vss/_work/1/s/iothub/service/samples/how to guides/RoleBasedAuthenticationSample/RoleBasedAuthenticationSample.csproj : error NU1902: Package 'Azure.Identity' 1.11.2 has a known moderate severity vulnerability, https://github.com/advisories/GHSA-m5vv-6r4h-3vj9 [/mnt/vss/_work/1/s/azureiot.sln]
/mnt/vss/_work/1/s/provisioning/service/samples/how to guides/GroupCertificateVerificationSample/GroupCertificateVerificationSample.csproj : error NU1902: Package 'BouncyCastle' 1.8.9 has a known moderate severity vulnerability, https://github.com/advisories/GHSA-8xfc-gm6g-vgpv [/mnt/vss/_work/1/s/azureiot.sln]
/mnt/vss/_work/1/s/provisioning/service/samples/how to guides/GroupCertificateVerificationSample/GroupCertificateVerificationSample.csproj : error NU1902: Package 'BouncyCastle' 1.8.9 has a known moderate severity vulnerability, https://github.com/advisories/GHSA-m44j-cfrm-g8qc [/mnt/vss/_work/1/s/azureiot.sln]
/mnt/vss/_work/1/s/provisioning/service/samples/how to guides/GroupCertificateVerificationSample/GroupCertificateVerificationSample.csproj : error NU1902: Package 'BouncyCastle' 1.8.9 has a known moderate severity vulnerability, https://github.com/advisories/GHSA-v435-xc8x-wvr9 [/mnt/vss/_work/1/s/azureiot.sln]

You will probably need to bump those versions to unblock this PR

timtay-microsoft commented 3 weeks ago

/azp run

azure-pipelines[bot] commented 3 weeks ago
Azure Pipelines successfully started running 1 pipeline(s).
timtay-microsoft commented 3 weeks ago

/azp run

azure-pipelines[bot] commented 3 weeks ago
Azure Pipelines successfully started running 1 pipeline(s).