added vulnerable (outdated) package to test Trivy

2026-05-05 15:39:28 +02:00
parent 5454f03ddb
commit 0122db15f2
8 changed files with 37 additions and 13 deletions
--- a/MyHelloWorld.Tests/obj/project.assets.json
+++ b/MyHelloWorld.Tests/obj/project.assets.json
@@ -377,7 +377,7 @@
          "System.Xml.XDocument": "4.3.0"
        }
      },
-      "Newtonsoft.Json/13.0.1": {
+      "Newtonsoft.Json/12.0.3": {
        "type": "package",
        "compile": {
          "lib/netstandard2.0/Newtonsoft.Json.dll": {
@@ -2138,10 +2138,10 @@
        "netstandard.library.nuspec"
      ]
    },
-    "Newtonsoft.Json/13.0.1": {
-      "sha512": "ppPFpBcvxdsfUonNcvITKqLl3bqxWbDCZIzDWHzjpdAHRFfZe0Dw9HmA0+za13IdyrgJwpkDTDA9fHaxOrt20A==",
+    "Newtonsoft.Json/12.0.3": {
+      "sha512": "6mgjfnRB4jKMlzHSl+VD+oUc1IebOZabkbyWj2RiTgWwYPPuaK1H97G1sHqGwPlS5npiF5Q0OrxN1wni2n5QWg==",
      "type": "package",
-      "path": "newtonsoft.json/13.0.1",
+      "path": "newtonsoft.json/12.0.3",
      "files": [
        ".nupkg.metadata",
        ".signature.p7s",
@@ -2160,7 +2160,11 @@
        "lib/netstandard1.3/Newtonsoft.Json.xml",
        "lib/netstandard2.0/Newtonsoft.Json.dll",
        "lib/netstandard2.0/Newtonsoft.Json.xml",
-        "newtonsoft.json.13.0.1.nupkg.sha512",
+        "lib/portable-net40+sl5+win8+wp8+wpa81/Newtonsoft.Json.dll",
+        "lib/portable-net40+sl5+win8+wp8+wpa81/Newtonsoft.Json.xml",
+        "lib/portable-net45+win8+wp8+wpa81/Newtonsoft.Json.dll",
+        "lib/portable-net45+win8+wp8+wpa81/Newtonsoft.Json.xml",
+        "newtonsoft.json.12.0.3.nupkg.sha512",
        "newtonsoft.json.nuspec",
        "packageIcon.png"
      ]
@@ -5541,6 +5545,7 @@
    "net8.0": [
      "JunitXml.TestLogger >= 8.0.0",
      "Microsoft.NET.Test.Sdk >= 17.8.0",
+      "Newtonsoft.Json >= 12.0.3",
      "SecDevOpsLab >= 1.0.0",
      "coverlet.collector >= 6.0.0",
      "xunit >= 2.5.3",
@@ -5579,8 +5584,12 @@
        }
      },
      "warningProperties": {
-        "warnAsError": [
-          "NU1605"
+        "noWarn": [
+          "NU1605",
+          "NU1901",
+          "NU1902",
+          "NU1903",
+          "NU1904"
        ]
      },
      "restoreAuditProperties": {
@@ -5601,6 +5610,10 @@
            "target": "Package",
            "version": "[17.8.0, )"
          },
+          "Newtonsoft.Json": {
+            "target": "Package",
+            "version": "[12.0.3, )"
+          },
          "coverlet.collector": {
            "target": "Package",
            "version": "[6.0.0, )"