This is an automated email from the ASF dual-hosted git repository.
ptupitsyn pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/ignite-3.git
The following commit(s) were added to refs/heads/main by this push:
new 7283a51433 IGNITE-22751 .NET: Enable NuGet audit (#4132)
7283a51433 is described below
commit 7283a514330ca93c916baacbbc96227f391bbac7
Author: Pavel Tupitsyn <ptupit...@apache.org>
AuthorDate: Mon Jul 29 14:31:36 2024 +0300
IGNITE-22751 .NET: Enable NuGet audit (#4132)
Fail the build if a security vulnerability is detected in any package in
the dependency graph (direct or transitive).
---
modules/platforms/dotnet/Directory.Build.props | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/modules/platforms/dotnet/Directory.Build.props
b/modules/platforms/dotnet/Directory.Build.props
index 93f9bdd247..244b532876 100644
--- a/modules/platforms/dotnet/Directory.Build.props
+++ b/modules/platforms/dotnet/Directory.Build.props
@@ -34,6 +34,10 @@
<SymbolPackageFormat>snupkg</SymbolPackageFormat>
<PackageTags>Apache;Ignite;In-Memory;Distributed;Computing;SQL;NoSQL;Database;</PackageTags>
<Description>.NET client for Apache Ignite. Ignite is a distributed
database for high-performance computing with in-memory speed.</Description>
+
+ <NuGetAudit>true</NuGetAudit>
+ <NuGetAuditMode>all</NuGetAuditMode> <!-- Direct and transitive
dependencies -->
+ <NuGetAuditLevel>low</NuGetAuditLevel> <!-- Fail on low+ severity
issues -->
</PropertyGroup>
<ItemGroup>
