releases/ClaudeDo
2
0
Fork 0
Code Issues 1 Pull Requests 2 Actions Packages Projects Releases 12 Wiki Activity

Dependency audit: vulnerable packages detected #9

New Issue
Open
opened 2026-06-15 06:01:18 +00:00 by gitea-actions · 1 comment
gitea-actions bot commented 2026-06-15 06:01:18 +00:00
Copy Link

Automated weekly dependency audit found vulnerable packages.

./src/ClaudeDo.App/ClaudeDo.App.csproj


The following sources were used:
   https://api.nuget.org/v3/index.json
   https://git.kuns.dev/api/packages/kuns/nuget/index.json

Project `ClaudeDo.App` has the following vulnerable packages
   [net8.0]: 
   Transitive Package        Resolved   Severity   Advisory URL                                     
   > Tmds.DBus.Protocol      0.90.3     High       https://github.com/advisories/GHSA-xrw6-gwf8-vvr9

./tests/ClaudeDo.Data.Tests/ClaudeDo.Data.Tests.csproj


The following sources were used:
   https://api.nuget.org/v3/index.json
   https://git.kuns.dev/api/packages/kuns/nuget/index.json

Project `ClaudeDo.Data.Tests` has the following vulnerable packages
   [net8.0]: 
   Transitive Package                    Resolved   Severity   Advisory URL                                     
   > System.Net.Http                     4.3.0      High       https://github.com/advisories/GHSA-7jgj-8wvc-jh57
   > System.Text.RegularExpressions      4.3.0      High       https://github.com/advisories/GHSA-cmhx-cq75-c4mj

./tests/ClaudeDo.Installer.Tests/ClaudeDo.Installer.Tests.csproj


The following sources were used:
   https://api.nuget.org/v3/index.json
   https://git.kuns.dev/api/packages/kuns/nuget/index.json

Project `ClaudeDo.Installer.Tests` has the following vulnerable packages
   [net8.0-windows7.0]: 
   Transitive Package                    Resolved   Severity   Advisory URL                                     
   > System.Net.Http                     4.3.0      High       https://github.com/advisories/GHSA-7jgj-8wvc-jh57
   > System.Text.RegularExpressions      4.3.0      High       https://github.com/advisories/GHSA-cmhx-cq75-c4mj

./tests/ClaudeDo.Worker.Tests/ClaudeDo.Worker.Tests.csproj


The following sources were used:
   https://api.nuget.org/v3/index.json
   https://git.kuns.dev/api/packages/kuns/nuget/index.json

Project `ClaudeDo.Worker.Tests` has the following vulnerable packages
   [net8.0]: 
   Transitive Package                    Resolved   Severity   Advisory URL                                     
   > System.Net.Http                     4.3.0      High       https://github.com/advisories/GHSA-7jgj-8wvc-jh57
   > System.Text.RegularExpressions      4.3.0      High       https://github.com/advisories/GHSA-cmhx-cq75-c4mj

View workflow run

Automated weekly dependency audit found vulnerable packages. #### `./src/ClaudeDo.App/ClaudeDo.App.csproj` ``` The following sources were used: https://api.nuget.org/v3/index.json https://git.kuns.dev/api/packages/kuns/nuget/index.json Project `ClaudeDo.App` has the following vulnerable packages [net8.0]: Transitive Package Resolved Severity Advisory URL > Tmds.DBus.Protocol 0.90.3 High https://github.com/advisories/GHSA-xrw6-gwf8-vvr9 ``` #### `./tests/ClaudeDo.Data.Tests/ClaudeDo.Data.Tests.csproj` ``` The following sources were used: https://api.nuget.org/v3/index.json https://git.kuns.dev/api/packages/kuns/nuget/index.json Project `ClaudeDo.Data.Tests` has the following vulnerable packages [net8.0]: Transitive Package Resolved Severity Advisory URL > System.Net.Http 4.3.0 High https://github.com/advisories/GHSA-7jgj-8wvc-jh57 > System.Text.RegularExpressions 4.3.0 High https://github.com/advisories/GHSA-cmhx-cq75-c4mj ``` #### `./tests/ClaudeDo.Installer.Tests/ClaudeDo.Installer.Tests.csproj` ``` The following sources were used: https://api.nuget.org/v3/index.json https://git.kuns.dev/api/packages/kuns/nuget/index.json Project `ClaudeDo.Installer.Tests` has the following vulnerable packages [net8.0-windows7.0]: Transitive Package Resolved Severity Advisory URL > System.Net.Http 4.3.0 High https://github.com/advisories/GHSA-7jgj-8wvc-jh57 > System.Text.RegularExpressions 4.3.0 High https://github.com/advisories/GHSA-cmhx-cq75-c4mj ``` #### `./tests/ClaudeDo.Worker.Tests/ClaudeDo.Worker.Tests.csproj` ``` The following sources were used: https://api.nuget.org/v3/index.json https://git.kuns.dev/api/packages/kuns/nuget/index.json Project `ClaudeDo.Worker.Tests` has the following vulnerable packages [net8.0]: Transitive Package Resolved Severity Advisory URL > System.Net.Http 4.3.0 High https://github.com/advisories/GHSA-7jgj-8wvc-jh57 > System.Text.RegularExpressions 4.3.0 High https://github.com/advisories/GHSA-cmhx-cq75-c4mj ``` [View workflow run](https://git.kuns.dev/releases/ClaudeDo/actions/runs/151)
gitea-actions bot commented 2026-06-22 06:01:17 +00:00
Copy Link

Automated weekly dependency audit found vulnerable packages.

./src/ClaudeDo.App/ClaudeDo.App.csproj


The following sources were used:
   https://api.nuget.org/v3/index.json
   https://git.kuns.dev/api/packages/kuns/nuget/index.json

Project `ClaudeDo.App` has the following vulnerable packages
   [net8.0]: 
   Transitive Package                Resolved   Severity   Advisory URL                                     
   > SQLitePCLRaw.lib.e_sqlite3      2.1.6      High       https://github.com/advisories/GHSA-2m69-gcr7-jv3q

./src/ClaudeDo.Data/ClaudeDo.Data.csproj


The following sources were used:
   https://api.nuget.org/v3/index.json
   https://git.kuns.dev/api/packages/kuns/nuget/index.json

Project `ClaudeDo.Data` has the following vulnerable packages
   [net8.0]: 
   Transitive Package                Resolved   Severity   Advisory URL                                     
   > SQLitePCLRaw.lib.e_sqlite3      2.1.6      High       https://github.com/advisories/GHSA-2m69-gcr7-jv3q

./src/ClaudeDo.Installer/ClaudeDo.Installer.csproj


The following sources were used:
   https://api.nuget.org/v3/index.json
   https://git.kuns.dev/api/packages/kuns/nuget/index.json

Project `ClaudeDo.Installer` has the following vulnerable packages
   [net8.0-windows7.0]: 
   Transitive Package                Resolved   Severity   Advisory URL                                     
   > SQLitePCLRaw.lib.e_sqlite3      2.1.6      High       https://github.com/advisories/GHSA-2m69-gcr7-jv3q

./src/ClaudeDo.Ui/ClaudeDo.Ui.csproj


The following sources were used:
   https://api.nuget.org/v3/index.json
   https://git.kuns.dev/api/packages/kuns/nuget/index.json

Project `ClaudeDo.Ui` has the following vulnerable packages
   [net8.0]: 
   Transitive Package                Resolved   Severity   Advisory URL                                     
   > SQLitePCLRaw.lib.e_sqlite3      2.1.6      High       https://github.com/advisories/GHSA-2m69-gcr7-jv3q

./src/ClaudeDo.Worker/ClaudeDo.Worker.csproj


The following sources were used:
   https://api.nuget.org/v3/index.json
   https://git.kuns.dev/api/packages/kuns/nuget/index.json

Project `ClaudeDo.Worker` has the following vulnerable packages
   [net8.0]: 
   Transitive Package                Resolved   Severity   Advisory URL                                     
   > SQLitePCLRaw.lib.e_sqlite3      2.1.6      High       https://github.com/advisories/GHSA-2m69-gcr7-jv3q

./tests/ClaudeDo.Data.Tests/ClaudeDo.Data.Tests.csproj


The following sources were used:
   https://api.nuget.org/v3/index.json
   https://git.kuns.dev/api/packages/kuns/nuget/index.json

Project `ClaudeDo.Data.Tests` has the following vulnerable packages
   [net8.0]: 
   Transitive Package                    Resolved   Severity   Advisory URL                                     
   > SQLitePCLRaw.lib.e_sqlite3          2.1.6      High       https://github.com/advisories/GHSA-2m69-gcr7-jv3q
   > System.Net.Http                     4.3.0      High       https://github.com/advisories/GHSA-7jgj-8wvc-jh57
   > System.Text.RegularExpressions      4.3.0      High       https://github.com/advisories/GHSA-cmhx-cq75-c4mj

./tests/ClaudeDo.Installer.Tests/ClaudeDo.Installer.Tests.csproj


The following sources were used:
   https://api.nuget.org/v3/index.json
   https://git.kuns.dev/api/packages/kuns/nuget/index.json

Project `ClaudeDo.Installer.Tests` has the following vulnerable packages
   [net8.0-windows7.0]: 
   Transitive Package                    Resolved   Severity   Advisory URL                                     
   > SQLitePCLRaw.lib.e_sqlite3          2.1.6      High       https://github.com/advisories/GHSA-2m69-gcr7-jv3q
   > System.Net.Http                     4.3.0      High       https://github.com/advisories/GHSA-7jgj-8wvc-jh57
   > System.Text.RegularExpressions      4.3.0      High       https://github.com/advisories/GHSA-cmhx-cq75-c4mj

./tests/ClaudeDo.Ui.Tests/ClaudeDo.Ui.Tests.csproj


The following sources were used:
   https://api.nuget.org/v3/index.json
   https://git.kuns.dev/api/packages/kuns/nuget/index.json

Project `ClaudeDo.Ui.Tests` has the following vulnerable packages
   [net8.0]: 
   Transitive Package                Resolved   Severity   Advisory URL                                     
   > SQLitePCLRaw.lib.e_sqlite3      2.1.6      High       https://github.com/advisories/GHSA-2m69-gcr7-jv3q

./tests/ClaudeDo.Worker.Tests/ClaudeDo.Worker.Tests.csproj


The following sources were used:
   https://api.nuget.org/v3/index.json
   https://git.kuns.dev/api/packages/kuns/nuget/index.json

Project `ClaudeDo.Worker.Tests` has the following vulnerable packages
   [net8.0]: 
   Transitive Package                    Resolved   Severity   Advisory URL                                     
   > SQLitePCLRaw.lib.e_sqlite3          2.1.6      High       https://github.com/advisories/GHSA-2m69-gcr7-jv3q
   > System.Net.Http                     4.3.0      High       https://github.com/advisories/GHSA-7jgj-8wvc-jh57
   > System.Text.RegularExpressions      4.3.0      High       https://github.com/advisories/GHSA-cmhx-cq75-c4mj

View workflow run

Automated weekly dependency audit found vulnerable packages. #### `./src/ClaudeDo.App/ClaudeDo.App.csproj` ``` The following sources were used: https://api.nuget.org/v3/index.json https://git.kuns.dev/api/packages/kuns/nuget/index.json Project `ClaudeDo.App` has the following vulnerable packages [net8.0]: Transitive Package Resolved Severity Advisory URL > SQLitePCLRaw.lib.e_sqlite3 2.1.6 High https://github.com/advisories/GHSA-2m69-gcr7-jv3q ``` #### `./src/ClaudeDo.Data/ClaudeDo.Data.csproj` ``` The following sources were used: https://api.nuget.org/v3/index.json https://git.kuns.dev/api/packages/kuns/nuget/index.json Project `ClaudeDo.Data` has the following vulnerable packages [net8.0]: Transitive Package Resolved Severity Advisory URL > SQLitePCLRaw.lib.e_sqlite3 2.1.6 High https://github.com/advisories/GHSA-2m69-gcr7-jv3q ``` #### `./src/ClaudeDo.Installer/ClaudeDo.Installer.csproj` ``` The following sources were used: https://api.nuget.org/v3/index.json https://git.kuns.dev/api/packages/kuns/nuget/index.json Project `ClaudeDo.Installer` has the following vulnerable packages [net8.0-windows7.0]: Transitive Package Resolved Severity Advisory URL > SQLitePCLRaw.lib.e_sqlite3 2.1.6 High https://github.com/advisories/GHSA-2m69-gcr7-jv3q ``` #### `./src/ClaudeDo.Ui/ClaudeDo.Ui.csproj` ``` The following sources were used: https://api.nuget.org/v3/index.json https://git.kuns.dev/api/packages/kuns/nuget/index.json Project `ClaudeDo.Ui` has the following vulnerable packages [net8.0]: Transitive Package Resolved Severity Advisory URL > SQLitePCLRaw.lib.e_sqlite3 2.1.6 High https://github.com/advisories/GHSA-2m69-gcr7-jv3q ``` #### `./src/ClaudeDo.Worker/ClaudeDo.Worker.csproj` ``` The following sources were used: https://api.nuget.org/v3/index.json https://git.kuns.dev/api/packages/kuns/nuget/index.json Project `ClaudeDo.Worker` has the following vulnerable packages [net8.0]: Transitive Package Resolved Severity Advisory URL > SQLitePCLRaw.lib.e_sqlite3 2.1.6 High https://github.com/advisories/GHSA-2m69-gcr7-jv3q ``` #### `./tests/ClaudeDo.Data.Tests/ClaudeDo.Data.Tests.csproj` ``` The following sources were used: https://api.nuget.org/v3/index.json https://git.kuns.dev/api/packages/kuns/nuget/index.json Project `ClaudeDo.Data.Tests` has the following vulnerable packages [net8.0]: Transitive Package Resolved Severity Advisory URL > SQLitePCLRaw.lib.e_sqlite3 2.1.6 High https://github.com/advisories/GHSA-2m69-gcr7-jv3q > System.Net.Http 4.3.0 High https://github.com/advisories/GHSA-7jgj-8wvc-jh57 > System.Text.RegularExpressions 4.3.0 High https://github.com/advisories/GHSA-cmhx-cq75-c4mj ``` #### `./tests/ClaudeDo.Installer.Tests/ClaudeDo.Installer.Tests.csproj` ``` The following sources were used: https://api.nuget.org/v3/index.json https://git.kuns.dev/api/packages/kuns/nuget/index.json Project `ClaudeDo.Installer.Tests` has the following vulnerable packages [net8.0-windows7.0]: Transitive Package Resolved Severity Advisory URL > SQLitePCLRaw.lib.e_sqlite3 2.1.6 High https://github.com/advisories/GHSA-2m69-gcr7-jv3q > System.Net.Http 4.3.0 High https://github.com/advisories/GHSA-7jgj-8wvc-jh57 > System.Text.RegularExpressions 4.3.0 High https://github.com/advisories/GHSA-cmhx-cq75-c4mj ``` #### `./tests/ClaudeDo.Ui.Tests/ClaudeDo.Ui.Tests.csproj` ``` The following sources were used: https://api.nuget.org/v3/index.json https://git.kuns.dev/api/packages/kuns/nuget/index.json Project `ClaudeDo.Ui.Tests` has the following vulnerable packages [net8.0]: Transitive Package Resolved Severity Advisory URL > SQLitePCLRaw.lib.e_sqlite3 2.1.6 High https://github.com/advisories/GHSA-2m69-gcr7-jv3q ``` #### `./tests/ClaudeDo.Worker.Tests/ClaudeDo.Worker.Tests.csproj` ``` The following sources were used: https://api.nuget.org/v3/index.json https://git.kuns.dev/api/packages/kuns/nuget/index.json Project `ClaudeDo.Worker.Tests` has the following vulnerable packages [net8.0]: Transitive Package Resolved Severity Advisory URL > SQLitePCLRaw.lib.e_sqlite3 2.1.6 High https://github.com/advisories/GHSA-2m69-gcr7-jv3q > System.Net.Http 4.3.0 High https://github.com/advisories/GHSA-7jgj-8wvc-jh57 > System.Text.RegularExpressions 4.3.0 High https://github.com/advisories/GHSA-cmhx-cq75-c4mj ``` [View workflow run](https://git.kuns.dev/releases/ClaudeDo/actions/runs/155)
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
claude
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: releases/ClaudeDo#9
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?