Update Newtonsoft.Json to 13.0.1+

robinrodricks / FluentStorage

A polycloud .NET cloud storage abstraction layer. Provides Blob storage (AWS S3, GCP, FTP, SFTP, Azure Blob/File/Event Hub/Data Lake) and Messaging (AWS SQS, Azure Queue/ServiceBus). Supports .NET 5+ and .NET Standard 2.0+. Pure C#.

MIT License

268 stars 33 forks source link

Update Newtonsoft.Json to 13.0.1+ #18

Closed candoumbe closed 4 months ago

candoumbe commented 1 year ago

The Newtonsoft.Json v12.0.3 package used in the library has a known vulnerability that was fixed in 13.0.1+

This could help in the adoption of this library (which is really handy by the way)

robinrodricks commented 1 year ago

Will look into it, thanks.

robinrodricks commented 1 year ago

I cannot find any reference to newtonsoft.

candoumbe commented 1 year ago

I cannot find any reference to newtonsoft.

@robinrodricks Here's the reference : https://github.com/advisories/GHSA-5crp-9r3c-p9vr

robinrodricks commented 1 year ago

We are not referencing newtonsoft, we are referencing netbox, so I am trying to remove netbox.

candoumbe commented 1 year ago

We are not referencing newtonsoft, we are referencing netbox, so I am trying to remove netbox.

My bad ... I tought I saw Newtonsoft.Json version 12.x somewhere in this repository 😅

robinrodricks commented 1 year ago

I'll do you one better. All released!