Closed ntruchsess closed 3 months ago
We should wait until PR eclipse-tractusx/portal-backend#875 is merged and the framework nuget packages are updated. We than can directly update the nuget packages for this project as well.
done, framework-dependencies are upgraded to 2.4.2, as a result the explicit dependency on System.Text.Json 8.0.4 could be removed.
Issues
0 New issues
0 Accepted issues
Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code
Description
System.Text.Json version is explictly set to 8.0.4 to override Microsoft.Extensions.Hosting default 8.0.0 Microsoft.Extensions.Hosting has been removed from package-dependencies where it is not required.
Why
System.Text.Json 8.0.0 has a security vulnerability that must be fixed by upgrading to 8.0.4
Issue
https://github.com/eclipse-tractusx/portal/issues/369
Checklist
Please delete options that are not relevant.