dev-master/secdevops-csharp-app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

added vulnerable (outdated) package to test Trivy
Some checks failed
Tests / Declarative: Post Actions No test results found
Details
csharp-secdevops-pipeline-pod/pipeline/head There was a failure building this commit
Details

Browse Source
This commit is contained in:
Achim H.
2026-05-05 15:39:28 +02:00
parent 5454f03ddb
commit 0122db15f2
8 changed files with 37 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
MyHelloWorld.Tests/MyHelloWorld.Tests.csproj
View File

@@ -7,6 +7,8 @@
<IsPackable>false</IsPackable>
<IsTestProject>true</IsTestProject>
<NoWarn>$(NoWarn);NU1901;NU1902;NU1903;NU1904;NU1605</NoWarn>
<WarningsAsErrors></WarningsAsErrors>
</PropertyGroup>
<ItemGroup>
@@ -15,6 +17,7 @@
<PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.8.0" />
<PackageReference Include="xunit" Version="2.5.3" />
<PackageReference Include="xunit.runner.visualstudio" Version="2.5.3" />
<PackageReference Include="Newtonsoft.Json" Version="12.0.3" />
</ItemGroup>
<ItemGroup>

2
MyHelloWorld.Tests/obj/Debug/net8.0/MyHelloWorld.Tests.AssemblyInfo.cs
View File

@@ -13,7 +13,7 @@ using System.Reflection;
[assembly: System.Reflection.AssemblyCompanyAttribute("MyHelloWorld.Tests")]
[assembly: System.Reflection.AssemblyConfigurationAttribute("Debug")]
[assembly: System.Reflection.AssemblyFileVersionAttribute("1.0.0.0")]
[assembly: System.Reflection.AssemblyInformationalVersionAttribute("1.0.0+cf992d544c838206c483289f3baa0c85552f7539")]
[assembly: System.Reflection.AssemblyInformationalVersionAttribute("1.0.0+5454f03ddb4b3eb2300fa4d7dde94814ffd7c607")]
[assembly: System.Reflection.AssemblyProductAttribute("MyHelloWorld.Tests")]
[assembly: System.Reflection.AssemblyTitleAttribute("MyHelloWorld.Tests")]
[assembly: System.Reflection.AssemblyVersionAttribute("1.0.0.0")]

2
MyHelloWorld.Tests/obj/Debug/net8.0/MyHelloWorld.Tests.AssemblyInfoInputs.cache
View File

@@ -1 +1 @@
cd7cd6d89224ce4f2141ef3b9a0e34a6e8261f98f03df22fedfa5203ecf39536
e906e9e895a27502cddb2517d263bd5de60a1635334d4fe6ed7c2e3d25606bb7

BIN
MyHelloWorld.Tests/obj/Debug/net8.0/MyHelloWorld.Tests.assets.cache
View File

Binary file not shown.

BIN
MyHelloWorld.Tests/obj/Debug/net8.0/MyHelloWorld.Tests.csproj.AssemblyReference.cache
View File

Binary file not shown.

12
MyHelloWorld.Tests/obj/MyHelloWorld.Tests.csproj.nuget.dgspec.json
View File

@@ -33,8 +33,12 @@
}
},
"warningProperties": {
"warnAsError": [
"NU1605"
"noWarn": [
"NU1605",
"NU1901",
"NU1902",
"NU1903",
"NU1904"
]
},
"restoreAuditProperties": {
@@ -55,6 +59,10 @@
"target": "Package",
"version": "[17.8.0, )"
},
"Newtonsoft.Json": {
"target": "Package",
"version": "[12.0.3, )"
},
"coverlet.collector": {
"target": "Package",
"version": "[6.0.0, )"

27
MyHelloWorld.Tests/obj/project.assets.json
View File

@@ -377,7 +377,7 @@
"System.Xml.XDocument": "4.3.0"
}
},
"Newtonsoft.Json/13.0.1": {
"Newtonsoft.Json/12.0.3": {
"type": "package",
"compile": {
"lib/netstandard2.0/Newtonsoft.Json.dll": {
@@ -2138,10 +2138,10 @@
"netstandard.library.nuspec"
]
},
"Newtonsoft.Json/13.0.1": {
"sha512": "ppPFpBcvxdsfUonNcvITKqLl3bqxWbDCZIzDWHzjpdAHRFfZe0Dw9HmA0+za13IdyrgJwpkDTDA9fHaxOrt20A==",
"Newtonsoft.Json/12.0.3": {
"sha512": "6mgjfnRB4jKMlzHSl+VD+oUc1IebOZabkbyWj2RiTgWwYPPuaK1H97G1sHqGwPlS5npiF5Q0OrxN1wni2n5QWg==",
"type": "package",
"path": "newtonsoft.json/13.0.1",
"path": "newtonsoft.json/12.0.3",
"files": [
".nupkg.metadata",
".signature.p7s",
@@ -2160,7 +2160,11 @@
"lib/netstandard1.3/Newtonsoft.Json.xml",
"lib/netstandard2.0/Newtonsoft.Json.dll",
"lib/netstandard2.0/Newtonsoft.Json.xml",
"newtonsoft.json.13.0.1.nupkg.sha512",
"lib/portable-net40+sl5+win8+wp8+wpa81/Newtonsoft.Json.dll",
"lib/portable-net40+sl5+win8+wp8+wpa81/Newtonsoft.Json.xml",
"lib/portable-net45+win8+wp8+wpa81/Newtonsoft.Json.dll",
"lib/portable-net45+win8+wp8+wpa81/Newtonsoft.Json.xml",
"newtonsoft.json.12.0.3.nupkg.sha512",
"newtonsoft.json.nuspec",
"packageIcon.png"
]
@@ -5541,6 +5545,7 @@
"net8.0": [
"JunitXml.TestLogger >= 8.0.0",
"Microsoft.NET.Test.Sdk >= 17.8.0",
"Newtonsoft.Json >= 12.0.3",
"SecDevOpsLab >= 1.0.0",
"coverlet.collector >= 6.0.0",
"xunit >= 2.5.3",
@@ -5579,8 +5584,12 @@
}
},
"warningProperties": {
"warnAsError": [
"NU1605"
"noWarn": [
"NU1605",
"NU1901",
"NU1902",
"NU1903",
"NU1904"
]
},
"restoreAuditProperties": {
@@ -5601,6 +5610,10 @@
"target": "Package",
"version": "[17.8.0, )"
},
"Newtonsoft.Json": {
"target": "Package",
"version": "[12.0.3, )"
},
"coverlet.collector": {
"target": "Package",
"version": "[6.0.0, )"

4
MyHelloWorld.Tests/obj/project.nuget.cache
View File

@@ -1,6 +1,6 @@
{
"version": 2,
"dgSpecHash": "cMCqBPi36D8=",
"dgSpecHash": "AxMlimmOwXI=",
"success": true,
"projectFilePath": "C:\\Users\\HermanH\\SecDevOpsLab\\MyHelloWorld.Tests\\MyHelloWorld.Tests.csproj",
"expectedPackageFiles": [
@@ -14,7 +14,7 @@
"C:\\Users\\HermanH\\.nuget\\packages\\microsoft.testplatform.testhost\\17.8.0\\microsoft.testplatform.testhost.17.8.0.nupkg.sha512",
"C:\\Users\\HermanH\\.nuget\\packages\\microsoft.win32.primitives\\4.3.0\\microsoft.win32.primitives.4.3.0.nupkg.sha512",
"C:\\Users\\HermanH\\.nuget\\packages\\netstandard.library\\1.6.1\\netstandard.library.1.6.1.nupkg.sha512",
"C:\\Users\\HermanH\\.nuget\\packages\\newtonsoft.json\\13.0.1\\newtonsoft.json.13.0.1.nupkg.sha512",
"C:\\Users\\HermanH\\.nuget\\packages\\newtonsoft.json\\12.0.3\\newtonsoft.json.12.0.3.nupkg.sha512",
"C:\\Users\\HermanH\\.nuget\\packages\\nuget.frameworks\\6.5.0\\nuget.frameworks.6.5.0.nupkg.sha512",
"C:\\Users\\HermanH\\.nuget\\packages\\runtime.debian.8-x64.runtime.native.system.security.cryptography.openssl\\4.3.0\\runtime.debian.8-x64.runtime.native.system.security.cryptography.openssl.4.3.0.nupkg.sha512",
"C:\\Users\\HermanH\\.nuget\\packages\\runtime.fedora.23-x64.runtime.native.system.security.cryptography.openssl\\4.3.0\\runtime.fedora.23-x64.runtime.native.system.security.cryptography.openssl.4.3.0.nupkg.sha512",