David-Moreira
commented
3 weeks ago Updating bunit is always fun. Perhaps it's better to focus on bunit on a separate task, and use this task just to focus on vulnerabilities in the actual product?
Closed stsrki closed 3 weeks ago
David-Moreira
commented
3 weeks ago Updating bunit is always fun. Perhaps it's better to focus on bunit on a separate task, and use this task just to focus on vulnerabilities in the actual product?
stsrki
commented
3 weeks ago Updating bunit is always fun. Perhaps it's better to focus on bunit on a separate task, and use this task just to focus on vulnerabilities in the actual product?
I wanted to make sure that everything works before emerging the PR. But yeah, I can do it in another task.
David-Moreira
commented
3 weeks ago @stsrki I mean, do not update any tests dependencies (bunit specially... ), and focus only on vulnerable dependencies of the actual product. We can handle test dependencies and test updating in a separate PR.
stsrki
commented
3 weeks ago @stsrki I mean, do not update any tests dependencies (bunit specially... ), and focus only on vulnerable dependencies of the actual product. We can handle test dependencies and test updating in a separate PR.
In that case, please review :)
This PR updates third-party packages that we use across the codebase. It also solves some vulnerability issues that VS was complaining about, specifically for the
Microsoft.AspNetCore.Httppackage.