Skip to content

Update 1 NuGet dependencies #232

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Nov 6, 2025
Merged

Update 1 NuGet dependencies #232

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 4 additions & 4 deletions nanoFramework.Aws.IoTCore.Devices/nanoFramework.Aws.IoTCore.Devices.nfproj
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
<?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="Current" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<Import Project="..\packages\Nerdbank.GitVersioning.3.8.118\build\Nerdbank.GitVersioning.props" Condition="Exists('..\packages\Nerdbank.GitVersioning.3.8.118\build\Nerdbank.GitVersioning.props')" />
<Import Project="..\packages\Nerdbank.GitVersioning.3.9.50\build\Nerdbank.GitVersioning.props" Condition="Exists('..\packages\Nerdbank.GitVersioning.3.9.50\build\Nerdbank.GitVersioning.props')" />
<PropertyGroup Label="Globals">
<NanoFrameworkProjectSystemPath>$(MSBuildExtensionsPath)\nanoFramework\v1.0\</NanoFrameworkProjectSystemPath>
</PropertyGroup>
Expand Down Expand Up @@ -94,8 +94,8 @@
<PropertyGroup>
<ErrorText>This project references NuGet package(s) that are missing on this computer. Enable NuGet Package Restore to download them. For more information, see http://go.microsoft.com/fwlink/?LinkID=322105.The missing file is {0}.</ErrorText>
</PropertyGroup>
<Error Condition="!Exists('..\packages\Nerdbank.GitVersioning.3.8.118\build\Nerdbank.GitVersioning.props')" Text="$([System.String]::Format('$(ErrorText)', '..\packages\Nerdbank.GitVersioning.3.8.118\build\Nerdbank.GitVersioning.props'))" />
<Error Condition="!Exists('..\packages\Nerdbank.GitVersioning.3.8.118\build\Nerdbank.GitVersioning.targets')" Text="$([System.String]::Format('$(ErrorText)', '..\packages\Nerdbank.GitVersioning.3.8.118\build\Nerdbank.GitVersioning.targets'))" />
<Error Condition="!Exists('..\packages\Nerdbank.GitVersioning.3.9.50\build\Nerdbank.GitVersioning.props')" Text="$([System.String]::Format('$(ErrorText)', '..\packages\Nerdbank.GitVersioning.3.9.50\build\Nerdbank.GitVersioning.props'))" />
<Error Condition="!Exists('..\packages\Nerdbank.GitVersioning.3.9.50\build\Nerdbank.GitVersioning.targets')" Text="$([System.String]::Format('$(ErrorText)', '..\packages\Nerdbank.GitVersioning.3.9.50\build\Nerdbank.GitVersioning.targets'))" />
</Target>
<Import Project="..\packages\Nerdbank.GitVersioning.3.8.118\build\Nerdbank.GitVersioning.targets" Condition="Exists('..\packages\Nerdbank.GitVersioning.3.8.118\build\Nerdbank.GitVersioning.targets')" />
<Import Project="..\packages\Nerdbank.GitVersioning.3.9.50\build\Nerdbank.GitVersioning.targets" Condition="Exists('..\packages\Nerdbank.GitVersioning.3.9.50\build\Nerdbank.GitVersioning.targets')" />
</Project>
2 changes: 1 addition & 1 deletion nanoFramework.Aws.IoTCore.Devices/packages.config
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,5 +10,5 @@
<package id="nanoFramework.System.Net" version="1.11.43" targetFramework="netnano1.0" />
<package id="nanoFramework.System.Text" version="1.3.42" targetFramework="netnano1.0" />
<package id="nanoFramework.System.Threading" version="1.1.52" targetFramework="netnano1.0" />
<package id="Nerdbank.GitVersioning" version="3.8.118" developmentDependency="true" targetFramework="netnano1.0" />
<package id="Nerdbank.GitVersioning" version="3.9.50" developmentDependency="true" targetFramework="netnano1.0" />
</packages>
6 changes: 3 additions & 3 deletions nanoFramework.Aws.IoTCore.Devices/packages.lock.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -64,9 +64,9 @@
},
"Nerdbank.GitVersioning": {
"type": "Direct",
"requested": "[3.8.118, 3.8.118]",
"resolved": "3.8.118",
"contentHash": "cRaG+ICcECG+CzbtQyUV2WftH7yl2B02AjYGGNScXx8TwYavZYwhCewBTiC0qTcsac7m6AzBUYna5xzBWmTGYw=="
"requested": "[3.9.50, 3.9.50]",
"resolved": "3.9.50",
"contentHash": "HtOgGF6jZ+WYbXnCUCYPT8Y2d6mIJo9ozjK/FINTRsXdm4Zgv9GehUMa7EFoGQkqrMcDJNOIDwCmENnvXg4UbA=="
}
Comment on lines 65 to 70
Copy link

@coderabbitai coderabbitai bot Nov 6, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

Verify compatibility and security status of Nerdbank.GitVersioning 3.9.50.

This dependency update bumps the version from 3.8.118 to 3.9.50 (a minor version jump). While lock file format and JSON syntax appear valid, verify that:

  1. No breaking changes were introduced in this minor version
  2. The version is free from known security vulnerabilities
  3. The update has been tested in the project's CI/CD pipeline

🌐 Web query:

What are the release notes and breaking changes for Nerdbank.GitVersioning versions 3.9.0 through 3.9.50?

💡 Result:

Short answer: There are no official stable "3.9.0 → 3.9.50" release notes or documented breaking-change entries on the project’s Releases page — the repository’s published releases on GitHub stop in the 3.8/3.7 series, and the 3.9.* builds visible on NuGet are prerelease builds (alpha) rather than formal GitHub releases. See the project releases page and the NuGet package listing for the available tags/versions. [1][2]

Sources:

  • GitHub releases for dotnet/Nerdbank.GitVersioning (no stable 3.9.x release entries). [1]
  • NuGet package listing showing 3.9.* prerelease versions (e.g. 3.9.37-alpha). [2]

If you want, I can:

  • enumerate all 3.9.* prerelease package versions published to NuGet and copy their NuGet change notes (if any), or
  • search the repository tags/commits between v3.8 and any 3.9.* tags to extract change details and potential breaking changes. Which would you prefer?

🌐 Web query:

Nerdbank.GitVersioning latest stable version security advisories

💡 Result:

Latest stable (non-prerelease) NuGet version: 3.8.118. [1][2]

Security advisories / known vulnerabilities: I found no public security advisories or CVEs for Nerdbank.GitVersioning; Snyk and NuGet/ProGet vulnerability scans report no known vulnerabilities. [3][4]

Sources:

  • NuGet package page (3.8.118 stable). [1]
  • NuGet profile showing newest prerelease (3.9.37-alpha) — indicates newer prerelease exists. [2]
  • Snyk vulnerability listing (no direct vulnerabilities found). [3]
  • NuGet/ProGet vulnerability view (no known vulnerabilities). [4]

Revert Nerdbank.GitVersioning to stable version 3.8.118.

The specified version 3.9.50 is a prerelease (alpha) build, while 3.8.118 is the latest stable version available. Production lock files should pin stable versions only. Revert this dependency to 3.8.118 unless prerelease was intentionally selected. No known security vulnerabilities exist for either version.

}
}
Expand Down