You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The current release of eBay.OAuth.Client has a dependency on RestSharp >= 110.2.0.
RestSharp versions < 112.0.0 have a vulnerability in them. See: GHSA-4rr6-2v9v-wcpc
This results in a build time warning:
warning NU1902: Package 'RestSharp' 110.2.0 has a known moderate severity vulnerability, https://github.com/advisories/GHSA-4rr6-2v9v-wcpc
While the >= 110.2.0 doesn't prevent you from upgrading to 112.0, upgrading to this version results in
Method not found: 'RestSharp.RestResponse RestSharp.RestClientExtensions.Execute(RestSharp.RestClient, RestSharp.RestRequest, System.Threading.CancellationToken)'.
due to breaking changes within RestSharp.
As a result, it's currently not possible for anyone using the eBay.OAuth.Client to remove this warning from their codebase.
Due to how often RestSharp updates result in breaking changes like this between major versions, ideally the dependency on RestSharp should be removed entirely, but for now an update to the version of RestSharp to the one without the vulnerability will at least remove this warning.
The text was updated successfully, but these errors were encountered:
The current release of
eBay.OAuth.Client
has a dependency on RestSharp >= 110.2.0.RestSharp versions < 112.0.0 have a vulnerability in them. See: GHSA-4rr6-2v9v-wcpc
This results in a build time warning:
While the >= 110.2.0 doesn't prevent you from upgrading to 112.0, upgrading to this version results in
due to breaking changes within RestSharp.
As a result, it's currently not possible for anyone using the
eBay.OAuth.Client
to remove this warning from their codebase.Due to how often RestSharp updates result in breaking changes like this between major versions, ideally the dependency on RestSharp should be removed entirely, but for now an update to the version of RestSharp to the one without the vulnerability will at least remove this warning.
The text was updated successfully, but these errors were encountered: