issues
search
serilog-mssql
/
serilog-sinks-mssqlserver
A Serilog sink that writes events to Microsoft SQL Server and Azure SQL
Apache License 2.0
283
stars
148
forks
source link
Enabled NuGet audit
#553
Closed
ckadluba
closed
2 months ago
ckadluba
commented
3 months ago
Fixed vulnerabilites from #544 and package downgrade from #552
Fixed issue #552 by downgrading SqlClient dependency to 5.1.6 which is LTS and fixed the vulnerabilities referenced in issue #544
Fixed vulnerabilities by removing all System.* 4 versions as recommended by Microsoft (
https://devblogs.microsoft.com/nuget/nugetaudit-2-0-elevating-security-and-trust-in-package-management/#system-net-http-and-system-text-regularexpressions
, issue #544)
Fixed vulnerability by updating xunit to 2.9.0 (issue #544)
Fixed vulnerability by directly referencing transitive dependency System.Formats.Asn1 (
https://github.com/advisories/GHSA-447r-wph3-92pm
, issue #544)
Fixed vulnerability by directly referencing transitive dependency System.Private.Uri (
https://github.com/advisories/GHSA-xhfc-gr8f-ffwc
, issue #544)
Activated NuGet Audit for high and critical vulnerabilities in direct and transitive dependencies for all projects (
https://devblogs.microsoft.com/nuget/nugetaudit-2-0-elevating-security-and-trust-in-package-management/
)
Fixed vulnerabilites from #544 and package downgrade from #552