Reputation: 1973
How to update the child nuget package in dot net core
During pen testing of web application using the NetSparker Tool. The System.Text.RegularExpressions of version of 4.3.0 was having security vulnerability. The solution is to update the nuget package to 4.3.1 version.
The project is indirectly dependent on the System.Text.RegularExpressions package. That the project is using the Microsoft.Data.SqlClient of version 2.1.0. Even if I upgrade this to 2.1.3, this package is not upgrading its child package System.Text.RegularExpressions to 4.3.1. By default the acceptable nuget package version of System.Text.RegularExpressions for Microsoft.Data.SqlClient is >=4.3.0.
Need help on how to upgrade only the child nuget package
System.Text.RegularExpressions to version 4.3.1
Upvotes: 6
Views: 4475
Answers (1)
Reputation: 1973
Since I had too many references in the child project. I did a direct reference in the parent project, System.Text.RegularExpressions & Microsoft.Data.SqlClient pointing to the secure version of the nuget package.
After, this all the child project which was referencing insecure version of System.Text.RegularExpressions & Microsoft.Data.SqlClient, started to take the version mentioned on the parent project.
Upvotes: 1
Related Questions
- How to Update All Packages of solution to Latest Minor Version Nuget?
- Updating Nuget Package of the Same Version Number
- Updating NuGet packages in ASP.NET MVC 6
- How can I solve this problem of NuGet packages?
- Updating Files in Existing Nuget Package
- How to push an update to a NuGet feed for .NET Framework and .NET Core libraries
- Update .net core nuget packages with CLI
- How to install nuget package in ASP.NET Core project by the CLI
- .Net Framework Nuget Package in .Net Core Project
- How to use nuget package in ASP.NET vNext?