You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When running my tests through GitHub Actions, this warning is appearing in the logs:
warning NU1904: Package 'System.Drawing.Common' 5.0.0 has a known critical severity vulnerability, GHSA-rxg9-xrhp-64gj
According to the dependency tree, this vulnerable package is referenced like so:
All of the "System . . ." packages have newer versions available, that I assume have the fixed version of System.Drawing.Common.
RazorEngine.NetCore.nixFix package has no updated version available, but it needs updated to use a more current version of System.Security.Permissions. This package (ExtentReports) then needs updated to use the updated RazorEngine.
I'm reporting this here, because @anshooarora owns both of these packages, and the RazorEngine.NetCore.nixFix repo does not give me the ability to report an issue. (Also reporting it here because other people are more likely to encounter this problem using ExtentReports.)
Thanks!
The text was updated successfully, but these errors were encountered:
When running my tests through GitHub Actions, this warning is appearing in the logs:
warning NU1904: Package 'System.Drawing.Common' 5.0.0 has a known critical severity vulnerability, GHSA-rxg9-xrhp-64gj
According to the dependency tree, this vulnerable package is referenced like so:
All of the "System . . ." packages have newer versions available, that I assume have the fixed version of System.Drawing.Common.
RazorEngine.NetCore.nixFix package has no updated version available, but it needs updated to use a more current version of System.Security.Permissions. This package (ExtentReports) then needs updated to use the updated RazorEngine.
I'm reporting this here, because @anshooarora owns both of these packages, and the RazorEngine.NetCore.nixFix repo does not give me the ability to report an issue. (Also reporting it here because other people are more likely to encounter this problem using ExtentReports.)
Thanks!
The text was updated successfully, but these errors were encountered: