Prerequisites
Cake runner
Cake Frosting
Cake version
6.1.0
Operating system
Windows
Operating system architecture
x64
CI Server
No response
What are you seeing?
When referencing Cake.Frosting package on project that targeting net10 tfm.
NuGetAudit feature raise following vulnerable warnings on build.
Package 'NuGet.Packaging' 7.3.0 has a known low severity vulnerability, https://github.com/advisories/GHSA-g4vj-cjjj-v7hg
Package 'NuGet.Protocol' 7.3.0 has a known low severity vulnerability, https://github.com/advisories/GHSA-g4vj-cjjj-v7hg
What is expected?
Update NuGet.* packages dependencies to latest version. and publish to NuGet.
These warnings are for 'low severity vulnerabilities', so immediate updates might not be necessary.
Thought, for use who use TreatWarningsAsErrors setting need to override these transitive packages.
Steps to Reproduce
- Create console app that targeting net10
- Add reference to
Cake.Flosting package
- Build project and confirm warnings.
Output log
No response
Prerequisites
Cake runner
Cake Frosting
Cake version
6.1.0
Operating system
Windows
Operating system architecture
x64
CI Server
No response
What are you seeing?
When referencing
Cake.Frostingpackage on project that targetingnet10tfm.NuGetAuditfeature raise following vulnerable warnings on build.What is expected?
Update
NuGet.*packages dependencies to latest version. and publish to NuGet.These warnings are for 'low severity vulnerabilities', so immediate updates might not be necessary.
Thought, for use who use
TreatWarningsAsErrorssetting need to override these transitive packages.Steps to Reproduce
Cake.FlostingpackageOutput log
No response