Skip to content

chore: update to .net 10#4

Open
query-wow wants to merge 1 commit into
mainfrom
modernize-c-sharp-excercise
Open

chore: update to .net 10#4
query-wow wants to merge 1 commit into
mainfrom
modernize-c-sharp-excercise

Conversation

@query-wow

Copy link
Copy Markdown

No description provided.

@socket-security

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security
Vulnerability Quality Maintenance License
Updatedswashbuckle.aspnetcore@​6.7.3 ⏵ 10.2.310010090100100

View full report

@socket-security

Copy link
Copy Markdown

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Warn High
License policy violation: nuget system.text.json under unrecognized license

License: unrecognized license - This license was not allowed or given any lesser classification by the applicable policy (THIRD-PARTY-NOTICES.TXT)

License: unrecognized license - This license was not allowed or given any lesser classification by the applicable policy (THIRD-PARTY-NOTICES.TXT)

From: src/WebApi/GamingApi.WebApi.csprojnuget/swashbuckle.aspnetcore@10.2.3nuget/system.text.json@8.0.5

ℹ Read more on: This package | This alert | What is a license policy violation?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore nuget/system.text.json@8.0.5. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant