cake-contrib / Cake.PinNuGetDependency

Cake Build addin used to lock dependency versions within NuGet packages
https://ghuntley.com/
MIT License
4 stars 4 forks source link

Recommended changes resulting from automated audit #19

Closed Jericho closed 5 years ago

Jericho commented 5 years ago

We performed an automated audit of your Cake addin and found that it does not follow all the best practices.

We encourage you to make the following modifications:

Apologies if this is already being worked on, or if there are existing open issues, this issue was created based on what is currently published for this package on NuGet.

This issue was created by a tool: Cake.AddinDiscoverer version 3.12.1

Jericho commented 5 years ago

We performed a follow up automated audit of your Cake addin and found that the issues we previously identified have been resolved. Thank you!

Please be aware that some of the recommendations we made in our last audit (which took place in June 2018) have changed. For instance, we now recommend that addins use Cake 0.33.0 (rather than 0.28.0) and also, due to the announced demise of the rawgit CDN, we ask that you use a new icon URL.

All this to say that a future automated audit may create a new issue if you haven't already addressed these new recommendations.