dotnet-audit
1.0.3
dotnet tool install --global dotnet-audit --version 1.0.3
This package contains a .NET tool you can call from the shell/command line.
dotnet new tool-manifest
dotnet tool install --local dotnet-audit --version 1.0.3
This package contains a .NET tool you can call from the shell/command line.
#tool dotnet:?package=dotnet-audit&version=1.0.3
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
nuke :add-package dotnet-audit --version 1.0.3
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
What is it?
This is a simple tool for parsing dotnet commands to JSON format. The commands that are executed are
dotnet list package --include-transitive
dotnet list package --vulnerable --include-transitive
dotnet list package --include-transitive --outdated
dotnet list package --include-transitive --deprecated
Use it with dotnet-audit MyProject.sln
The results are on the following format:
[
{
"project": "VulnerableCoreApp",
"dependencies": [
{
"package": "Microsoft.AspNetCore.All",
"requested": "2.0.0",
"resolved": "2.0.0",
"latest": "2.2.8"
},
{
"package": "EntityFramework.BulkExtensions.EFCore",
"requested": "1.3.0",
"resolved": "1.3.0",
"deprecated": {
"requested": "1.3.0",
"resolved": "1.3.0",
"reason": "Legacy",
"alternative": "Z.EntityFramework.Extensions.EFCore>=0.0.0"
}
},
{
"package": "Microsoft.AspNetCore.All",
"requested": "2.0.0",
"resolved": "2.0.0",
"vulnerabilities": [
{
"requested": "2.0.0",
"resolved": "2.0.0",
"severity": "Moderate",
"advisoryUrl": "https://github.com/advisories/GHSA-3m2r-q8x3-xmf7"
},
{
"severity": "Moderate",
"advisoryUrl": "https://github.com/advisories/GHSA-cgpw-2gph-2r9g"
}
]
}
],
"transitive": [
{
"package": "Libuv",
"resolved": "1.10.0",
"latest": "4.5.4"
},
{
"package": "Microsoft.AspNetCore.Server.Kestrel.Core",
"resolved": "2.0.0",
"vulnerabilities": [
{
"resolved": "2.0.0",
"severity": "Moderate",
"advisoryUrl": "https://github.com/advisories/GHSA-3m2r-q8x3-xmf7"
},
{
"severity": "Moderate",
"advisoryUrl": "https://github.com/advisories/GHSA-cgpw-2gph-2r9g"
},
{
"severity": "Moderate",
"advisoryUrl": "https://github.com/advisories/GHSA-365p-96qv-xr7g"
}
]
},
{
"package": "WindowsAzure.Storage",
"resolved": "8.1.4",
"deprecated": {
"resolved": "8.1.4",
"reason": "Other",
"alternative": "Azure.Storage.Blobs >= 0.0.0"
}
}
]
}
]
Added
- Support for windows machines (tested with powershell)
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net5.0 is compatible. net5.0-windows was computed. net6.0 was computed. net6.0-android was computed. net6.0-ios was computed. net6.0-maccatalyst was computed. net6.0-macos was computed. net6.0-tvos was computed. net6.0-windows was computed. net7.0 was computed. net7.0-android was computed. net7.0-ios was computed. net7.0-maccatalyst was computed. net7.0-macos was computed. net7.0-tvos was computed. net7.0-windows was computed. net8.0 was computed. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. net9.0 was computed. net9.0-android was computed. net9.0-browser was computed. net9.0-ios was computed. net9.0-maccatalyst was computed. net9.0-macos was computed. net9.0-tvos was computed. net9.0-windows was computed. net10.0 was computed. net10.0-android was computed. net10.0-browser was computed. net10.0-ios was computed. net10.0-maccatalyst was computed. net10.0-macos was computed. net10.0-tvos was computed. net10.0-windows was computed. |
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.
This package has no dependencies.