Update dependency LogicBuilder.Expressions.Utils
See original GitHub issueThe issue
This library relies on LogicBuilder.Expressions.Utils v5.0.6
which relies on System.Linq.Dynamic.Core v1.2.14
.
Why is this an issue?
System.Linq.Dynamic.Core
contains a severe vulnerability in version 1.2.14
.
What is LogicBuilder.Expressions.Utils doing about it?
They updated the dependency to a safer version as seen in this commit.
What can do?
We should update LogicBuilder.Expressions.Utils
to 5.0.10
(fixed in 5.0.9, but better to get latest patch) to get the fix.
Issue Analytics
- State:
- Created a month ago
- Comments:6 (6 by maintainers)
Top Results From Across the Web
LogicBuilder.Expressions.Utils 5.0.9
LogicBuilder.Expressions.Utils 5.0.9. The ID prefix of this package has been reserved for one of the owners of this Prefix Reserved .NET Standard 2.0....
Read more >LogicBuilder.EntityFrameworkCore.SqlServer 5.0.8
Given an EF Core DBContext, LogicBuilder. ... dotnet add package LogicBuilder. ... README; Frameworks; Dependencies; Used By; Versions; Release Notes.
Read more >How to update dependencies of dependencies using npm
Your best bet is to update npm to version >= 7.0. Please see the answer from xeos for more details. If that is...
Read more >Is it possible to update only one package and its ...
whenever you update a direct dependency, poetry needs to rebuild the dependency tree. Is the same true if I add a direct dependency?...
Read more >Managing dependencies
Upgrade or downgrade dependency versions as needed over time. ... Avoid common terms such as widgets , utilities , or app . For...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
I believe the usual approach is to create the PR from a fork. GitHub has instructions if you search for the following “Creating a pull request from a fork”.
@BlaiseD Done now and PR created thanks.
Would prefer not to have the extra dependency installed locally for us to manage 😃