Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Add package vulnerability information#3024

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Merged

Conversation

MichelZ
Copy link
Contributor

AI Blurp

This pull request includes changes to the NuGet configuration and build properties to improve package source auditing and manage warnings more effectively. The most important changes are as follows:

NuGet Configuration Updates:

  • NuGet.config: Added anauditSources section to specify sources for auditing, includingnuget.org as an audit source.

Build Properties Enhancements:

Description

Adding new functionality for .NET 9 / VS 17.12 / NuGet 6.12 with Audit Sources.
Also adding that the vulnerabilities (currently) are not treated as errors, but this can of course be enabled in the future

The idea is that package vulnerabilities get visibility at least on a warning level everywhere.
I'm sure I don't have to remind anyone of this, but I still do 😁 :
https://blogs.microsoft.com/blog/2024/05/03/prioritizing-security-above-all-else/

If you’re faced with the tradeoff between security and another priority, your answer is clear: Do security. -- Satya Nadella

cheenamalhotra reacted with heart emoji
@codecovCodecov
Copy link

codecovbot commentedNov 20, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 72.73%. Comparing base(1b9df10) to head(0213a45).
Report is 5 commits behind head on main.

Additional details and impacted files
@@            Coverage Diff             @@##             main    #3024      +/-   ##==========================================+ Coverage   72.64%   72.73%   +0.08%==========================================  Files         285      285                Lines       59160    59160              ==========================================+ Hits        42979    43028      +49+ Misses      16181    16132      -49
FlagCoverage Δ
addons92.58% <ø> (ø)
netcore75.46% <ø> (+0.07%)⬆️
netfx71.13% <ø> (+0.04%)⬆️

Flags with carried forward coverage won't be shown.Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report?Share it here.

@MichelZ
Copy link
ContributorAuthor

Also related to#2568

@mdaiglemdaigle added the Code Health 💊Issues/PRs that are targeted to source code quality improvements. labelNov 25, 2024
@mdaiglemdaigle added this to the6.0-preview3 milestoneNov 25, 2024
@mdaiglemdaigle merged commit88c5ada intodotnet:mainNov 25, 2024
82 checks passed
cheenamalhotra added a commit that referenced this pull requestJan 17, 2025
cheenamalhotra added a commit that referenced this pull requestJan 17, 2025
cheenamalhotra added a commit that referenced this pull requestJan 24, 2025
cheenamalhotra added a commit that referenced this pull requestJan 24, 2025
Sign up for freeto join this conversation on GitHub. Already have an account?Sign in to comment
Reviewers

@mdaiglemdaiglemdaigle approved these changes

@cheenamalhotracheenamalhotracheenamalhotra approved these changes

@benrr101benrr101Awaiting requested review from benrr101

@apoorvdeshmukhapoorvdeshmukhAwaiting requested review from apoorvdeshmukh

@David-EngelDavid-EngelAwaiting requested review from David-Engel

Assignees
No one assigned
Labels
Code Health 💊Issues/PRs that are targeted to source code quality improvements.
Projects
None yet
Milestone
6.0-preview3
Development

Successfully merging this pull request may close these issues.

3 participants
@MichelZ@mdaigle@cheenamalhotra
[8]ページ先頭
©2009-2025 Movatter.jp