Closed HumanPrinter closed 1 year ago
I'm not sure why Dependabot is pushing an unlisted NuGet, but there is no need to update to 1.18.0. There is also no particular reason to avoid the 1.18.0 NuGet, it's unlisted b/c the VS tooling it was made for hasn't been released yet.
We have several projects that use the
Microsoft.VisualStudio.Azure.Containers.Tools.Targets
package. Since these projects also use Dependabot to scan for updated packages, we receive Pull Requests to update this package to version 1.18.0.Looking at the package details at nuget.org however, it states that versions 1.17.2 and 1.18.0 are unlisted and should not be used. I can't find any issue or documentation that describes why these versions are unlisted. Perhaps this package is unlisted by mistake?
Is it safe to upgrade to version 1.18.0 of this package, should we stick to version 1.17.0 for the time being or is it best to exclude this package from Dependabot all together?