Skip to content

[release/9.0] Nominally upgrade Microsoft.Build.Framework to 17.8.3 #34636

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Sep 9, 2024
Merged

[release/9.0] Nominally upgrade Microsoft.Build.Framework to 17.8.3 #34636

merged 1 commit into from
Sep 9, 2024

Conversation

AndriySvyryd
Copy link
Member

No description provided.

@AndriySvyryd AndriySvyryd requested review from artl93, SamMonoRT and a team September 9, 2024 19:44
@SamMonoRT SamMonoRT requested a review from ericstj September 9, 2024 19:55
@AndriySvyryd AndriySvyryd mentioned this pull request Sep 9, 2024
Closed
@roji
Copy link
Member

roji commented Sep 9, 2024

Thanks @AndriySvyryd, maybe do this for the analyzers package too, to not have problematic versions anywhere in it dependency graph?

@AndriySvyryd
Copy link
Member Author

@roji Can you be more specific? EFCore.Analyzers doesn't bring in Microsoft.Build.Framework or System.Drawing.Common

@AndriySvyryd AndriySvyryd merged commit f2d9534 into release/9.0 Sep 9, 2024
7 checks passed
@AndriySvyryd AndriySvyryd deleted the BuildMeACVE branch September 9, 2024 22:17
@roji
Copy link
Member

roji commented Sep 10, 2024

@roji Can you be more specific? EFCore.Analyzers doesn't bring in Microsoft.Build.Framework or System.Drawing.Common

Ah sorry... EFCore.Analyzers does depend on an older version of Microsoft.CodeAnalysis (4.8.0) and I thought that brought in transitive dependencies with security advisories, but that indeed doesn't seem to be the case.

@ericstj
Copy link
Member

ericstj commented Sep 11, 2024

This change needs to be made in main as well.

@ericstj ericstj mentioned this pull request Sep 11, 2024
Merged
@AndriySvyryd
Copy link
Member Author

@ericstj That's handled by #34621

ericstj pushed a commit that referenced this pull request Sep 12, 2024
@AndriySvyryd @ericstj
[release/9.0] Nominally upgrade Microsoft.Build.Framework to 17.8.3 (#…
8c110fb 
…34636)
@ericstj
Copy link
Member

ericstj commented Sep 12, 2024

Oh, interesting, you do codeflow differently in EFCore - understood. For runtime we make the change in main first then backport.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@halter73 halter73 halter73 approved these changes

@artl93 artl93 artl93 approved these changes

@SamMonoRT SamMonoRT SamMonoRT approved these changes

@ericstj ericstj Awaiting requested review from ericstj

Assignees
No one assigned
Labels
Servicing-approved
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@AndriySvyryd @roji @ericstj @halter73 @artl93 @SamMonoRT