Fix vulnerable dependencies

Author: const-cloudinary

CloudinaryDotNet.IntegrationTests/CloudinaryDotNet.IntegrationTests.csproj

@@ -1,7 +1,7 @@
 <Project Sdk="Microsoft.NET.Sdk">
 
   <PropertyGroup>
-    <TargetFrameworks>net452;net7.0</TargetFrameworks>
+    <TargetFrameworks>net452;net8.0</TargetFrameworks>
 
     <IsPackable>false</IsPackable>
   </PropertyGroup>
@@ -16,7 +16,7 @@
     <PackageReference Include="System.Text.RegularExpressions" Version="4.3.1" />
     <PackageReference Include="Appveyor.TestLogger" Version="2.0.0" />
     <PackageReference Include="Moq" Version="4.16.1" />
-    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.0.2" />
+    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.9.0" />
     <PackageReference Include="NUnit" Version="3.13.3" />
     <PackageReference Include="NUnit3TestAdapter" Version="4.5.0" />
   </ItemGroup>

CloudinaryDotNet.Tests/CloudinaryDotNet.Tests.csproj

@@ -1,7 +1,7 @@
 <Project Sdk="Microsoft.NET.Sdk">
 
   <PropertyGroup>
-    <TargetFrameworks>net452;net7.0</TargetFrameworks>
+    <TargetFrameworks>net452;net8.0</TargetFrameworks>
 
     <IsPackable>false</IsPackable>
   </PropertyGroup>
@@ -15,7 +15,7 @@
     <PackageReference Include="System.Text.RegularExpressions" Version="4.3.1" />
     <PackageReference Include="Appveyor.TestLogger" Version="2.0.0" />
     <PackageReference Include="Moq" Version="4.16.1" />
-    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.0.2" />
+    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.9.0" />
     <PackageReference Include="NUnit" Version="3.13.3" />
     <PackageReference Include="NUnit3TestAdapter" Version="4.5.0" />
 

CloudinaryDotNet.Tests/Transformations/Image/ImageTransformationTest.cs

@@ -98,7 +98,7 @@ public void TestOverlayHelpers()
             {
                 var expected = layerTest.Value;
                 var actual = layerTest.Key.ToString();
-                Assert.IsTrue(expected.Equals(actual, StringComparison.CurrentCultureIgnoreCase));
+                StringAssert.AreEqualIgnoringCase(expected, actual);
             }
         }
 

CloudinaryDotNet/ApiShared.cs

@@ -391,7 +391,7 @@ public Url ApiUrlVideoUpV
         public static string GetCloudinaryParam<T>(T e)
         {
             Type eType = typeof(T);
-            FieldInfo fi = eType.GetField(e.ToString());
+            FieldInfo fi = eType.GetRuntimeField(e.ToString());
             EnumMemberAttribute[] attrs = (EnumMemberAttribute[])fi.GetCustomAttributes(
                 typeof(EnumMemberAttribute), false);
 
@@ -412,7 +412,7 @@ public static string GetCloudinaryParam<T>(T e)
         public static T ParseCloudinaryParam<T>(string s)
         {
             Type eType = typeof(T);
-            foreach (var fi in eType.GetFields())
+            foreach (var fi in eType.GetRuntimeFields())
             {
                 EnumMemberAttribute[] attrs = (EnumMemberAttribute[])fi.GetCustomAttributes(
                     typeof(EnumMemberAttribute), false);

CloudinaryDotNet/CloudinaryDotNet.csproj

@@ -15,7 +15,7 @@
     <Description>Official client library for easily integrating with the Cloudinary service</Description>
     <PackageTags>Image Video Responsive Web Utility CDN Performance Resize Crop Rotate Quality Watermark Gif Jpg Jpeg Bitmap PNG Tiff Webp Webm mp4 avi Filter Effect</PackageTags>
     <PackageLicenseExpression>MIT</PackageLicenseExpression>
-    <PackageProjectUrl>http://cloudinary.com</PackageProjectUrl>
+    <PackageProjectUrl>https://cloudinary.com</PackageProjectUrl>
     <PackageReadmeFile>.\README.md</PackageReadmeFile>
     <PackageIcon>.\CloudinaryIcon.png</PackageIcon>
     <RepositoryUrl>https://github.com/cloudinary/CloudinaryDotNet/</RepositoryUrl>
@@ -26,47 +26,26 @@
     <GenerateDocumentationFile>true</GenerateDocumentationFile>
   </PropertyGroup>
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|AnyCPU'">
-    <OutputPath></OutputPath>
     <DebugType>none</DebugType>
     <DebugSymbols>False</DebugSymbols>
     <DefineConstants>TRACE</DefineConstants>
   </PropertyGroup>
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|AnyCPU'">
     <DefineConstants>TRACE;DEBUG;NETSTANDARD1_0</DefineConstants>
-    <OutputPath></OutputPath>
   </PropertyGroup>
   <PropertyGroup Condition=" '$(Sign)' == 'true' ">
     <SignAssembly>true</SignAssembly>
     <AssemblyOriginatorKeyFile>..\CloudinaryDotNet.snk</AssemblyOriginatorKeyFile>
     <DefineConstants>SIGN_ASSEMBLY</DefineConstants>
   </PropertyGroup>
   <ItemGroup Condition=" '$(TargetFramework)' == 'net452' ">
-    <Reference Include="System.Net.Http" />
     <PackageReference Include="System.Runtime.InteropServices.RuntimeInformation" Version="4.3.0" />
-    <PackageReference Include="System.Text.Encodings.Web" Version="4.5.1" />
-    <PackageReference Include="System.Text.RegularExpressions" Version="4.3.1" />
-    <PackageReference Include="Microsoft.NETFramework.ReferenceAssemblies" Version="1.0.0" PrivateAssets="All" />
-    <PackageReference Include="Newtonsoft.Json" Version="13.0.3" />
   </ItemGroup>
-  <ItemGroup Condition=" $(TargetFramework.StartsWith('netstandard1.')) ">
-    <PackageReference Include="Microsoft.NETFramework.ReferenceAssemblies" Version="1.0.0" PrivateAssets="All" />
-    <PackageReference Include="System.Text.Encodings.Web" Version="4.5.1" />
+  <ItemGroup>
+    <PackageReference Include="System.Net.Http" Version="4.3.4" />
     <PackageReference Include="System.Text.RegularExpressions" Version="4.3.1" />
-    <PackageReference Include="Microsoft.AspNetCore.Html.Abstractions" Version="1.0.3" />
-    <PackageReference Include="Microsoft.AspNetCore.Http.Abstractions" Version="1.0.3" />
-    <PackageReference Include="Newtonsoft.Json" Version="13.0.3" />
-  </ItemGroup>
-  <ItemGroup Condition=" $(TargetFramework.StartsWith('netstandard2.')) ">
     <PackageReference Include="Microsoft.NETFramework.ReferenceAssemblies" Version="1.0.0" PrivateAssets="All" />
-    <PackageReference Include="Microsoft.AspNetCore.Html.Abstractions" Version="2.2.0" />
-    <PackageReference Include="Microsoft.AspNetCore.Http.Abstractions" Version="2.2.0" />
     <PackageReference Include="Newtonsoft.Json" Version="13.0.3" />
-  </ItemGroup>
-  <ItemGroup>
-    <None Include=".\CloudinaryIcon.png" Pack="true" PackagePath="\" />
-    <None Include="..\README.md" Pack="true" PackagePath="\" />
-  </ItemGroup>
-  <ItemGroup>
     <PackageReference Include="Microsoft.CodeAnalysis.FxCopAnalyzers" Version="3.3.2">
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
@@ -75,6 +54,9 @@
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
     </PackageReference>
-    <PackageReference Include="System.Net.Http" Version="4.3.4" />
+  </ItemGroup>
+  <ItemGroup>
+    <None Include=".\CloudinaryIcon.png" Pack="true" PackagePath="\" />
+    <None Include="..\README.md" Pack="true" PackagePath="\" />
   </ItemGroup>
 </Project>

CloudinaryDotNet/Url.cs

@@ -6,7 +6,6 @@
     using System.Globalization;
     using System.Linq;
     using System.Text;
-    using System.Text.Encodings.Web;
     using System.Text.RegularExpressions;
 
     /// <summary>
@@ -1277,7 +1276,7 @@ private CSource UpdateSource(string source)
             }
             else
             {
-                var targetSource = isSignedAndUnicode ? UrlEncoder.Default.Encode(source) : source;
+                var targetSource = isSignedAndUnicode ? Utils.Encode(source) : source;
 
                 src = new CSource(Encode(Decode(targetSource)));
 

CloudinaryDotNet/Utils.cs

@@ -6,9 +6,9 @@
     using System.Globalization;
     using System.Linq;
     using System.Linq.Expressions;
+    using System.Net;
     using System.Security.Cryptography;
     using System.Text;
-    using System.Text.Encodings.Web;
     using System.Text.RegularExpressions;
 
     /// <summary>
@@ -78,7 +78,9 @@ internal static bool IsRemoteFile(string filePath)
         /// <returns>Encoded string.</returns>
         internal static string Encode(string value)
         {
-            return UrlEncoder.Default.Encode(value);
+            // Convert to lowercase hex for backwards compatibility.
+            var reg = new Regex(@"%[A-F0-9]{2}");
+            return reg.Replace(Uri.EscapeDataString(value), m => m.Value.ToLowerInvariant());
         }
 
         /// <summary>