Douglas Woods
Reputation: 964
How do you override a transitive nuget dependency
I have a net6.0 project where one of the packages has a transitive dependency on another package that has a vulnerability.
I also explicity have added the latest version of the package with the vulnerability. Is there a way I can override the transitive dependency with the updated version?
Upvotes: 10
Views: 7513
Answers (1)
rbennett485
Reputation: 2163
Sounds like you've already done it - you can only use one version of each package, which NuGet picks at restore time.
If you've got a direct reference to the newer version then that is the version that will get picked due to the nearest wins rule.
Upvotes: 10
Related Questions
- How to force downgrade a transitive dependency in dotnet core
- Override Nuget packages dependency in order to use higher version of that dependency
- How to ignore dependencies for .NET Core during NuGet packaging?
- How to use a more recent version of a NuGet package for dependent packages in .NET Core 3.1?
- Nuget Dependencies in .NET Core
- Overriding a NuGet solution's DLL's reference to a core library
- Override dependency of nuget package in post build
- .NET Core transitive Dependency for a .NET 4.6 Project
- How to ignore newer dependency of Nuget package
- Using nuget with already referenced dependencies