chore: adjust dependency to remove vulnerability warning - Githubissues

unoplatform / uno

Open-source platform for building cross-platform native Mobile, Web, Desktop and Embedded apps quickly. Create rich, C#/XAML, single-codebase apps from any IDE. Hot Reload included! 90m+ NuGet Downloads!!

https://platform.uno

Apache License 2.0

9.05k stars 734 forks source link

chore: adjust dependency to remove vulnerability warning #18798

Closed ajpinedam closed 1 week ago

ajpinedam commented 1 week ago

GitHub Issue (If applicable): closes #

PR Type

What kind of change does this PR introduce?

Other... Please describe: Update dependency

What is the current behavior?

What is the new behavior?

Set dependency System.Private.Uri library version to avoid a transitive version (4.3.0), which has a vulnerability: https://github.com/advisories/GHSA-x5qj-9vmx-7g6g

PR Checklist

Please check if your PR fulfills the following requirements:

[ ] Docs have been added/updated which fit documentation template (for bug fixes / features)
[ ] Unit Tests and/or UI Tests for the changes have been added (for bug fixes / features) (if applicable)
[ ] Validated PR Screenshots Compare Test Run results.
[x] Contains NO breaking changes
[ ] Associated with an issue (GitHub or internal) and uses the automatic close keywords.
[x] Commits must be following the Conventional Commits specification.

Other information

Internal Issue (If applicable):

unodevops commented 1 week ago

🤖 Your Docs stage site is ready! Visit it here: https://unodocsprstaging.z13.web.core.windows.net/pr-18798/index.html

unodevops commented 1 week ago

🤖 Your WebAssembly Sample App stage site is ready! Visit it here: https://unowasmprstaging.z20.web.core.windows.net/pr-18798/index.html

jeromelaban commented 1 week ago

I'm fixing this one in https://github.com/unoplatform/uno/pull/18773, with a bunch of others.

ajpinedam commented 1 week ago

Closing PR as the fix will be handled with other issues