jjw24
commented
1 year ago Thank you for bringing this to our attention. We will look to remove Moq from flow.
Open KrystianLesniak opened 1 year ago
jjw24
commented
1 year ago Thank you for bringing this to our attention. We will look to remove Moq from flow.
github-actions[bot]
commented
11 months ago This issue is stale because it has been open 45 days with no activity. Remove stale label or comment or this will be closed in 5 days.
GabrielRavier
commented
11 months ago So what has happened w.r.t. Moq since then ?
jjw24
commented
11 months ago Current version we are using is safe, we disabled auto-update on this dependency and will remove/replace it in the future.
github-actions[bot]
commented
10 months ago This issue is stale because it has been open 45 days with no activity. Remove stale label or comment or this will be closed in 5 days.
Dear Flow Launcher Team,
I hope this message finds you well. I am writing to discuss a concern regarding the recent behavior of the Moq library, specifically starting from version 4.20. It has come to our attention that this library has exhibited behavior resembling that of malware, sending unauthorized emails from Git to cloud services. As Flow Launcher project currently utilizes version 4.18.4, which is considered safe, I recommend refraining from updating to the problematic versions.
In light of this situation, I would like to propose the exploration of alternative mocking libraries for Flow Launcher project. Given the critical role of mocking in testing and development processes, it is imperative to maintain a high level of security and reliability.
More information: https://github.com/moq/moq/issues/1370 https://github.com/moq/moq/issues/1372 https://www.reddit.com/r/dotnet/comments/15ljdcc/does_moq_in_its_latest_version_extract_and_send/