chore(security): drop dead audit suppressions; patch OpenTelemetry + Tmds.DBus CVEs
All five suppressed advisories are now resolved at baseline/resolved versions, so every NuGetAuditSuppress is removed repo-wide: - System.Security.Cryptography.Xml (GHSA-37gx-xxp4-5rgx / GHSA-w3x6-4m5h-cxqf) -> fixed by the .NET 10 baseline (10.0.6) - OPCFoundation Opc.Ua.Core (GHSA-h958-fxgg-g7w3) -> fixed at resolved 1.5.378.106 Two were still live and are now patched via direct security pins: - OpenTelemetry.Api 1.9.0 -> 1.15.3 (GHSA-g94r-2vxg-569j) pinned in Cluster; Runtime/ControlPlane/AdminUI + tests inherit via project reference - Tmds.DBus.Protocol 0.20.0 -> 0.21.3 (GHSA-xrw6-gwf8-vvr9) pinned in Client.UI Also correct the Historian sidecar runtime comments (x86 -> x64, matching the csproj PlatformTarget). Solution audit: 0 vulnerable packages; full build clean.
This commit is contained in:
Joseph Doherty
+1
-1
@@ -4,7 +4,7 @@ namespace ZB.MOM.WW.OtOpcUa.Driver.Historian.Wonderware.Client.Internal;
|
||||
/// Maps a raw OPC DA quality byte (as returned by Wonderware Historian's <c>OpcQuality</c>)
|
||||
/// to an OPC UA <c>StatusCode</c> uint. Byte-identical port of the sidecar's
|
||||
/// <c>HistorianQualityMapper.Map</c> — kept in sync via parity tests rather than a
|
||||
/// shared assembly because the sidecar is .NET 4.8 x86 and the client is .NET 10 x64.
|
||||
/// shared assembly because the sidecar is .NET 4.8 (x64) and the client is .NET 10 (x64).
|
||||
/// </summary>
|
||||
internal static class QualityMapper
|
||||
{
|
||||
|
||||
Reference in New Issue
Block a user