DotNet Dependency Alert
ActionsTags
(1)GitHub action to scan .NET solutions and projects for vulnerable, deprecated, or outdated package references. If any such top-level or transitive package is found, a Dependency Alert issue is created in the repository. Subsequent alerts are only created if new problems arise or the package references have changed.
See action.yml for a description of all available input parameters. With the default settings, the action restores and scans the solution or project in the current directory.
on:
schedule:
- cron: '0 5 * * *'
jobs:
Dependencies:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Check Dependencies
uses: mawosoft/dotnet-dependency-alert@v1Workflow Dependency Check Run #25
Top-level Packages
- FooLib
[netstandard2.0]
FooLib.Tests[net6.0]
| Package | Latest |
|---|---|
| BenchmarkDotNet 0.13.2 | 0.13.7 |
Transitive Packages
| Package | Latest | Vulnerable | Deprecated |
|---|---|---|---|
Newtonsoft.Json 9.0.1BarApp.Tests[net6.0]FooLib.Tests [net6.0] |
13.0.3 | High | |
System.Collections.Immutable 5.0.0BarApp[net48, net6.0]BarApp.Tests [net48, net6.0]FooLib [netstandard2.0]FooLib.Tests [net6.0] |
7.0.0 | Other,Legacy | |
System.Runtime.CompilerServices.Unsafe 5.0.0BarApp[net48, net6.0]BarApp.Tests [net48, net6.0]FooLib [netstandard2.0]FooLib.Tests [net6.0] |
6.0.0 | Other,Legacy | |
System.Security.AccessControl 5.0.0BarApp[net48]BarApp.Tests [net48]FooLib [netstandard2.0] |
6.0.0 | Other,Legacy |
Top-level Packages
| Package | Latest | Vulnerable | Deprecated |
|---|---|---|---|
BenchmarkDotNet 0.13.2FooLib[netstandard2.0]FooLib.Tests [net6.0] |
0.13.7 | ||
coverlet.collector 3.1.2BarApp.Tests[net48, net6.0]FooLib.Tests [net6.0] |
6.0.0 | ||
Microsoft.Extensions.FileSystemGlobbing 5.0.0BarApp[net48] |
7.0.0 | Other,Legacy | |
System.Text.RegularExpressions 4.3.0FooLib[netstandard2.0] |
4.3.1 | High |
Transitive Packages
| Package | Latest | Vulnerable | Deprecated |
|---|---|---|---|
Microsoft.Extensions.FileSystemGlobbing 5.0.0BarApp.Tests[net48] |
7.0.0 | Other,Legacy | |
Newtonsoft.Json 9.0.1BarApp.Tests[net6.0]FooLib.Tests [net6.0] |
13.0.3 | High | |
System.Collections.Immutable 5.0.0BarApp[net48, net6.0]BarApp.Tests [net48, net6.0]FooLib [netstandard2.0]FooLib.Tests [net6.0] |
7.0.0 | Other,Legacy | |
System.Net.Http 4.3.0BarApp.Tests[net6.0]FooLib.Tests [net6.0] |
4.3.4 | High | |
System.Runtime.CompilerServices.Unsafe 5.0.0BarApp[net48, net6.0]BarApp.Tests [net48, net6.0]FooLib [netstandard2.0]FooLib.Tests [net6.0] |
6.0.0 | Other,Legacy | |
System.Security.AccessControl 5.0.0BarApp[net48]BarApp.Tests [net48]FooLib [netstandard2.0] |
6.0.0 | Other,Legacy | |
System.Text.RegularExpressions 4.3.0BarApp.Tests[net6.0]FooLib.Tests [net6.0] |
4.3.1 | High |
DotNet Dependency Alert is not certified by GitHub. It is provided by a third-party and is governed by separate terms of service, privacy policy, and support documentation.
About
Tags
(1)DotNet Dependency Alert is not certified by GitHub. It is provided by a third-party and is governed by separate terms of service, privacy policy, and support documentation.