chore(deps): bump packages flagged by NU190x advisories

Restore inside the docker build was failing because TreatWarningsAsErrors promotes NU1902/NU1903/NU1904 (vulnerable package warnings) to errors. Bump the flagged packages to advisory-free versions: - MailKit 4.15.1 -> 4.16.0 (GHSA-9j88-vvj5-vhgr) - Microsoft.AspNetCore.DataProtection.EFCore 10.0.5 -> 10.0.7 (GHSA-9mv3-2cwr-p262, transitively pulls fixed System.Security.Cryptography.Xml — GHSA-37gx-xxp4-5rgx, GHSA-w3x6-4m5h-cxqf) - OpenTelemetry.Api (transitive via Akka.Hosting) 1.9.0 -> 1.15.3 (GHSA-g94r-2vxg-569j, GHSA-8785-wc3w-h8q6) — added as a direct PackageReference in ScadaLink.Host to override the Akka.Hosting pin To resolve the NU1605 downgrade chain triggered by DataProtection.EFCore 10.0.7 (which transitively requires Microsoft.EntityFrameworkCore >= 10.0.7 and friends), bump every Microsoft.* 10.0.5 reference across src/ and tests/ to 10.0.7 in lockstep.
2026-05-08 09:34:17 -04:00
parent 5da779db17
commit ec1d8f1393
22 changed files with 76 additions and 73 deletions
--- a/tests/ScadaLink.IntegrationTests/ScadaLink.IntegrationTests.csproj
+++ b/tests/ScadaLink.IntegrationTests/ScadaLink.IntegrationTests.csproj
@@ -15,8 +15,8 @@
  <ItemGroup>
    <PackageReference Include="Akka.TestKit.Xunit2" Version="1.5.62" />
    <PackageReference Include="coverlet.collector" Version="6.0.4" />
-    <PackageReference Include="Microsoft.AspNetCore.Mvc.Testing" Version="10.0.5" />
-    <PackageReference Include="Microsoft.EntityFrameworkCore.InMemory" Version="10.0.5" />
+    <PackageReference Include="Microsoft.AspNetCore.Mvc.Testing" Version="10.0.7" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.InMemory" Version="10.0.7" />
    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.14.1" />
    <PackageReference Include="xunit" Version="2.9.3" />
    <PackageReference Include="NSubstitute" Version="5.3.0" />