Update package refs because of vulnerable dependencies (#347)

Fixes: [Microsoft Security Advisory CVE-2024-43485 | .NET Denial of Service Vulnerability](dotnet/announcements#329)
MahApps · Oct 15, 2024 · 172f7f4 · 172f7f4
2 parents b17e4fd + c5b5b68
commit 172f7f4
Show file tree

Hide file tree

Showing 7 changed files with 23 additions and 24 deletions.
diff --git a/.config/dotnet-tools.json b/.config/dotnet-tools.json
@@ -3,7 +3,7 @@
   "isRoot": true,
   "tools": {
     "cake.tool": {
-      "version": "2.3.0",
+      "version": "3.2.0",
       "commands": [
         "dotnet-cake"
       ]

diff --git a/README.md b/README.md
@@ -79,13 +79,13 @@ It's not necessary, but you can use these Icons together with [MahApps.Metro](ht
 
 ## Want to say thanks?
 
-This framework is free and can be used for free, open source and commercial applications.
+This library is free and can be used in open source and commercial applications.
 
-It's tested and contributed by many people... So mainly hit the :star: button, that's all... thx :squirrel: (:dollar:, :euro:, :beer: or some other gifts are also being accepted...).
+It's tested, contributed and used by many people... So mainly hit the :star: button, that's all... thx :squirrel: (:dollar:, :euro:, :beer: or some other gifts are also being accepted...).
 
-Please give also a star to all available icon repositories.
+Please don't forget to give also a star to all available icon repositories.
 
-[Become a sponsor](https://github.com/sponsors/punker76) and show your support to this open source project.
+<!-- [Become a sponsor](https://github.com/sponsors/punker76) and show your support to this open source project. -->
 
 ## IconPacks Browser
 

diff --git a/appveyor.yml b/appveyor.yml
@@ -23,11 +23,11 @@ skip_tags: true
 image: Visual Studio 2022
 test: false
 
-# install:
+install:
+  - ps: Invoke-WebRequest 'https://dot.net/v1/dotnet-install.ps1' -OutFile 'dotnet-install.ps1'
+  - ps: ./dotnet-install.ps1 -Version 8.0.403 -InstallDir "C:\Program Files\dotnet"
 # Install Windows SDK 10.0.18362
 # - ps: .\build\Install-WindowsSDK.ps1
-# - ps: Invoke-WebRequest 'https://dot.net/v1/dotnet-install.ps1' -OutFile 'dotnet-install.ps1'
-# - ps: ./dotnet-install.ps1 -Version 8.0.100 -InstallDir "C:\Program Files\dotnet"
 
 pull_requests:
   do_not_increment_build_number: false

diff --git a/build.cake b/build.cake
@@ -5,12 +5,11 @@
 #tool dotnet:?package=NuGetKeyVaultSignTool&version=3.2.3
 #tool dotnet:?package=AzureSignTool&version=4.0.1
 #tool dotnet:?package=GitReleaseManager.Tool&version=0.17.0
-#tool dotnet:?package=XamlStyler.Console&version=3.2206.4
+#tool dotnet:?package=XamlStyler.Console&version=3.2404.2
 
 #tool vswhere&version=2.8.4
 
 #tool nuget:?package=GitVersion.CommandLine&version=5.12.0
-#addin nuget:?package=Cake.Figlet&version=2.0.1
 
 ///////////////////////////////////////////////////////////////////////////////
 // ARGUMENTS
@@ -47,11 +46,10 @@ if (isLocal == false || verbosity == Verbosity.Verbose)
 
 GitVersion gitVersion = GitVersion(new GitVersionSettings { OutputType = GitVersionOutput.Json });
 
-var isPullRequest = (isAppVeyorBuild && AppVeyor.Environment.PullRequest.IsPullRequest) || (isGitHubActionsBuild && GitHubActions.Environment.PullRequest.IsPullRequest);
-
+var isPrerelease = gitVersion.NuGetVersion.Contains("-");
 var branchName = gitVersion.BranchName;
-var isDevelopBranch = StringComparer.OrdinalIgnoreCase.Equals("develop", branchName);
-var isReleaseBranch = StringComparer.OrdinalIgnoreCase.Equals("main", branchName);
+
+var isPullRequest = (isAppVeyorBuild && AppVeyor.Environment.PullRequest.IsPullRequest) || (isGitHubActionsBuild && GitHubActions.Environment.PullRequest.IsPullRequest);
 
 var latestInstallationPath = VSWhereLatest(new VSWhereLatestSettings { IncludePrerelease = false });
 var msBuildPath = latestInstallationPath.Combine("./MSBuild/Current/Bin");
@@ -75,16 +73,17 @@ Setup(ctx =>
     {
         throw new NotImplementedException($"{repoName} will only build on Windows because it's not possible to target WPF and Windows Forms from UNIX.");
     }
-
-    Information(Figlet("MahApps.Metro"));
-    Information(Figlet("IconPacks"));
+    
+    Spectre.Console.AnsiConsole.Write(new Spectre.Console.FigletText("MahApps.Metro"));
+    Spectre.Console.AnsiConsole.Write(new Spectre.Console.FigletText("IconPacks"));
 
     Information("Informational   Version: {0}", gitVersion.InformationalVersion);
     Information("SemVer          Version: {0}", gitVersion.SemVer);
     Information("AssemblySemVer  Version: {0}", gitVersion.AssemblySemVer);
     Information("MajorMinorPatch Version: {0}", gitVersion.MajorMinorPatch);
     Information("NuGet           Version: {0}", gitVersion.NuGetVersion);
     Information("IsLocalBuild           : {0}", isLocal);
+    Information("IsPrerelease           : {0}", isPrerelease);
     Information("Branch                 : {0}", branchName);
     Information("Configuration          : {0}", configuration);
     Information("MSBuildPath            : {0}", msBuildPath);
@@ -135,11 +134,11 @@ Task("Build")
             .WithProperty("PackageOutputPath", MakeAbsolute(PACKAGE_DIR).ToString())
             .WithProperty("RepositoryBranch", branchName)
             .WithProperty("RepositoryCommit", gitVersion.Sha)
-            .WithProperty("Version", isReleaseBranch ? gitVersion.MajorMinorPatch : gitVersion.NuGetVersion)
+            .WithProperty("Version", gitVersion.NuGetVersion)
             .WithProperty("AssemblyVersion", gitVersion.AssemblySemVer)
             .WithProperty("FileVersion", gitVersion.AssemblySemFileVer)
             .WithProperty("InformationalVersion", gitVersion.InformationalVersion)
-            .WithProperty("ContinuousIntegrationBuild", isReleaseBranch ? "true" : "false")
+            .WithProperty("ContinuousIntegrationBuild", isLocal ? "false": "true")
             );
 });
 
@@ -309,7 +308,7 @@ Task("CreateRelease")
     GitReleaseManagerCreate(token, "MahApps", repoName, new GitReleaseManagerCreateSettings {
         Milestone         = gitVersion.MajorMinorPatch,
         Name              = gitVersion.AssemblySemFileVer,
-        Prerelease        = isDevelopBranch,
+        Prerelease        = isPrerelease,
         TargetCommitish   = branchName,
         WorkingDirectory  = "."
     });

diff --git a/global.json b/global.json
@@ -1,6 +1,6 @@
 {
     "sdk": {
-        "version": "8.0.100",
+        "version": "8.0.403",
         "rollForward": "feature"
     },
     "msbuild-sdks": {

diff --git a/src/Directory.build.props b/src/Directory.build.props
@@ -63,7 +63,7 @@
 
     <!-- Add the references for all projects and targets -->
     <ItemGroup>
-        <PackageReference Include="JetBrains.Annotations" Version="2023.*" PrivateAssets="All" IncludeAssets="build;compile" />
+        <PackageReference Include="JetBrains.Annotations" Version="2024.*" PrivateAssets="All" IncludeAssets="build;compile" />
     </ItemGroup>
 
     <ItemGroup>

diff --git a/src/MahApps.Metro.IconPacks.Core/MahApps.Metro.IconPacks.Core.csproj b/src/MahApps.Metro.IconPacks.Core/MahApps.Metro.IconPacks.Core.csproj
@@ -12,8 +12,8 @@
     <ItemGroup>
         <Reference Include="System.Web" Condition="'$(TargetFramework)' == 'net462' or '$(TargetFramework)' == 'net47'" />
         <Reference Include="System.Web.Extensions" Condition="'$(TargetFramework)' == 'net462' or '$(TargetFramework)' == 'net47'" />
-        <PackageReference Include="System.Text.Json" Version="6.0.9" Condition="'$(TargetFramework)' == 'net6.0-windows'" />
-        <PackageReference Include="System.Text.Json" Version="8.0.3" Condition="'$(TargetFramework)' == 'net8.0-windows' or '$(TargetFramework)' == 'uap10.0.18362'" />
+        <PackageReference Include="System.Text.Json" Version="6.0.10" Condition="'$(TargetFramework)' == 'net6.0-windows'" />
+        <PackageReference Include="System.Text.Json" Version="8.0.5" Condition="'$(TargetFramework)' == 'net8.0-windows' or '$(TargetFramework)' == 'uap10.0.18362'" />
     </ItemGroup>
 
     <!-- WPF Items include -->