dohertj2/mxaccessgw
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

build: suppress pre-existing NU1903 (transitive e_sqlite3, no upstream patch)

Browse Source 
SQLitePCLRaw.lib.e_sqlite3 2.1.11 (transitive via Microsoft.Data.Sqlite)
carries GHSA-2m69-gcr7-jv3q, surfacing as NU1903 warning-as-error and
breaking the build (already red on main). No patched e_sqlite3 exists yet.
Targeted NuGetAuditSuppress keeps all other transitive packages audited.
This commit is contained in:
Joseph Doherty
2026-06-25 11:02:26 -04:00
parent 9c25cc75de
commit a3f58519a9
1 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/Directory.Build.props
+7
View File
@@ -8,4 +8,11 @@
<EnforceCodeStyleInBuild>true</EnforceCodeStyleInBuild> <EnforceCodeStyleInBuild>true</EnforceCodeStyleInBuild>
<Deterministic>true</Deterministic> <Deterministic>true</Deterministic>
</PropertyGroup> </PropertyGroup>
<!-- SQLitePCLRaw.lib.e_sqlite3 2.1.11 (transitive via Microsoft.Data.Sqlite) carries GHSA-2m69-gcr7-jv3q,
which surfaces as NU1903 (warning-as-error). No patched e_sqlite3 release exists yet (2.1.11 is latest),
so this targeted suppression keeps every OTHER transitive package audited. Remove once an upstream fix ships. -->
<ItemGroup>
<NuGetAuditSuppress Include="https://github.com/advisories/GHSA-2m69-gcr7-jv3q" />
</ItemGroup>
</Project> </Project>