Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DistributedLock.Azure is updated but not released to NuGet #177

Closed
krukowskid opened this issue Dec 4, 2023 · 1 comment
Closed

DistributedLock.Azure is updated but not released to NuGet #177

krukowskid opened this issue Dec 4, 2023 · 1 comment
Labels
dependencies Pull requests that update a dependency file
Milestone
2.4

Comments

@krukowskid
Copy link

Hey!
DistributedLock.Azure has a transitive package with vulnerability (Azure.Storage.Blobs). I see that you updated this package in the source code but this change was not published.
@madelson madelson added the dependencies Pull requests that update a dependency file label Dec 5, 2023
@madelson
Copy link
Owner

madelson commented Dec 6, 2023

@krukowskid thanks for bringing this to my attention. Probably obvious, but note that you can work around this in the meantime by just adding a <PackageReference> element for the problematic package of your own to set a version floor.

@madelson madelson added this to the 2.4 milestone Feb 11, 2024
madelson added a commit that referenced this issue Feb 11, 2024
@madelson
Leverage latest Azure package
fb8397a 
For #177
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
2.4
Development

No branches or pull requests
2 participants
@madelson @krukowskid