Skip to content

Commit 2d9b2e3

Browse files
akunzaiakunzai
committed
Scan vulnerable packages
- https://devblogs.microsoft.com/nuget/how-to-scan-nuget-packages-for-security-vulnerabilities/ - dotnet/sdk#16852
1 parent c120c2b commit 2d9b2e3

File tree

2 files changed

+7
-0
lines changed

2 files changed

+7
-0
lines changed

.github/workflows/ci.yml

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -42,6 +42,12 @@ jobs:
4242
dotnet build samples/AspNetCoreSingleLogoutSample/AspNetCoreSingleLogoutSample.csproj -c Release
4343
msbuild samples/OwinSample/OwinSample.csproj -noLogo -verbosity:minimal -restore -p:Configuration=Release
4444
msbuild samples/OwinSingleLogoutSample/OwinSingleLogoutSample.csproj -noLogo -verbosity:minimal -restore -p:Configuration=Release
45+
- name: Scan vulnerable packages
46+
# https://github.com/dotnet/sdk/issues/16852
47+
run: |
48+
dotnet restore
49+
dotnet list package --vulnerable --include-transitive | tee vulnerable.out
50+
test `grep -cm 1 'has the following vulnerable packages' vulnerable.out` = 0
4551
- name: Test
4652
run: |
4753
dotnet test --collect:"XPlat Code Coverage"

.gitignore

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@ appsettings.*.json
44
launchSettings.json
55
*.db
66
log.txt
7+
vulnerable.out
78
# JetBrians Rider
89
.idea/
910
.run/*.run.xml

0 commit comments

Comments
 (0)