It is kind of a pain in the ass I know but using RepoDB in our various projects our nuget vulnerability scans always find issues with dependencies used only in RepoDB.
Would it be possible to find a process to minimize these issues (i.e. by checking for issues regulary)?
We don't use (and need) all these dependencies and don't want to fix the problem on our side i.e. by installing the latest, fixed version of this dependency in our own code.
It is kind of a pain in the ass I know but using RepoDB in our various projects our nuget vulnerability scans always find issues with dependencies used only in RepoDB.
Right now it is Azure.Identity (https://github.com/advisories/GHSA-5mfx-4wcx-rv27) and various others.
Would it be possible to find a process to minimize these issues (i.e. by checking for issues regulary)? We don't use (and need) all these dependencies and don't want to fix the problem on our side i.e. by installing the latest, fixed version of this dependency in our own code.