Merge pull request #2 from I-RzR-I/fix/Fix-CVE-2024-32655

Upgrade libs version (cve fix)

docs/CHANGELOG.md

@@ -1,4 +1,8 @@
-### **1.0.1.8361** 
+### **v1.0.2.6703** 
+-> Update lib version for 'Npgsql', with `CVE-2024-32655` fix;<br />
+-> Update some libs version related to previous update;<br />
+
+### **v1.0.1.8361** 
 -> Change property mapper (map by property/column name);<br />
 -> Add EF DbContextExtension (that load neccessary information);<br />
 -> Add tests for simple select query and adjust mapper.<br />

src/DbObjectExecutor.Attribute/DbObjectExecutor.Attribute.csproj

@@ -57,22 +57,22 @@
   </ItemGroup>
 
   <ItemGroup Condition="'$(TargetFramework)' == 'net5.0'">
-    <PackageReference Include="Npgsql" Version="5.0.0" />
+    <PackageReference Include="Npgsql" Version="5.0.18" />
   </ItemGroup>
 
   <ItemGroup Condition="'$(TargetFramework)' == 'net6.0'">
-    <PackageReference Include="Npgsql" Version="6.0.0" />
+    <PackageReference Include="Npgsql" Version="6.0.11" />
   </ItemGroup>
 
   <ItemGroup Condition="'$(TargetFramework)' == 'net7.0'">
-    <PackageReference Include="Npgsql" Version="7.0.0" />
+    <PackageReference Include="Npgsql" Version="7.0.7" />
   </ItemGroup>
 
   <ItemGroup Condition="'$(TargetFramework)' == 'net8.0'">
-    <PackageReference Include="Npgsql" Version="8.0.0" />
+    <PackageReference Include="Npgsql" Version="8.0.3" />
   </ItemGroup>
   <ItemGroup Condition="'$(TargetFramework)' == 'netstandard2.0' Or '$(TargetFramework)' == 'netstandard2.1'">
-    <PackageReference Include="Npgsql" Version="4.1.12" />
+    <PackageReference Include="Npgsql" Version="4.1.13" />
   </ItemGroup>
 
   <ItemGroup>

src/DbObjectExecutor.Imp.EntityFramework/DbObjectExecutor.Imp.EntityFramework.csproj

@@ -36,20 +36,20 @@
   <ItemGroup>
     <Compile Include="..\shared\GeneralAssemblyInfo.cs" Link="Properties\GeneralAssemblyInfo.cs" />
   </ItemGroup>
-  <ItemGroup Condition=" '$(TargetFramework)' == 'netstandard2.0' &#xD;&#xA;             Or '$(TargetFramework)' == 'netstandard2.1' &#xD;&#xA;             Or '$(TargetFramework)' == 'net5.0' ">
+  <ItemGroup Condition=" '$(TargetFramework)' == 'netstandard2.0' Or '$(TargetFramework)' == 'netstandard2.1' Or '$(TargetFramework)' == 'net5.0' ">
     <PackageReference Include="Microsoft.EntityFrameworkCore.Relational" Version="3.1.32" />
   </ItemGroup>
 
   <ItemGroup Condition=" '$(TargetFramework)' == 'net6.0' ">
-    <PackageReference Include="Microsoft.EntityFrameworkCore.Relational" Version="6.0.0" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Relational" Version="6.0.29" />
   </ItemGroup>
 
   <ItemGroup Condition=" '$(TargetFramework)' == 'net7.0' ">
-    <PackageReference Include="Microsoft.EntityFrameworkCore.Relational" Version="7.0.0" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Relational" Version="7.0.18" />
   </ItemGroup>
 
   <ItemGroup Condition=" '$(TargetFramework)' == 'net8.0' ">
-    <PackageReference Include="Microsoft.EntityFrameworkCore.Relational" Version="8.0.0" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Relational" Version="8.0.4" />
   </ItemGroup>
 
   <ItemGroup>

src/DbObjectExecutor/DbObjectExecutor.csproj

@@ -53,7 +53,7 @@
     <PackageReference Include="System.ComponentModel.Annotations" Version="5.0.0" />
   </ItemGroup>
 
-  <ItemGroup Condition="'$(TargetFramework)' == 'netstandard2.1'&#xD;&#xA;             Or '$(TargetFramework)' == 'net5.0'&#xD;&#xA;              Or '$(TargetFramework)' == 'net6.0'&#xD;&#xA;               Or '$(TargetFramework)' == 'net7.0'&#xD;&#xA;                Or '$(TargetFramework)' == 'net8.0'">
+  <ItemGroup Condition="'$(TargetFramework)' == 'netstandard2.1' Or '$(TargetFramework)' == 'net5.0' Or '$(TargetFramework)' == 'net6.0' Or '$(TargetFramework)' == 'net7.0' Or '$(TargetFramework)' == 'net8.0'">
     <PackageReference Include="Microsoft.Extensions.DependencyInjection.Abstractions" Version="3.1.32" />
   </ItemGroup>
 </Project>

src/RzR.Shared.Entity.sln

@@ -35,6 +35,8 @@ Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "DbObjectExecutor.Imp.Entity
 EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "DbObjectExecutorWithDITest", "tests\DbObjectExecutorWithDITest\DbObjectExecutorWithDITest.csproj", "{B91EE4B2-DD8E-49DD-8478-3D1000D3D2E2}"
 EndProject
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "DbObjectExecutorWithDINet6Test", "tests\DbObjectExecutorWithDINet6Test\DbObjectExecutorWithDINet6Test.csproj", "{0AF07CBD-1B26-494B-A3EE-DF301F8B249F}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -77,6 +79,10 @@ Global
 		{B91EE4B2-DD8E-49DD-8478-3D1000D3D2E2}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{B91EE4B2-DD8E-49DD-8478-3D1000D3D2E2}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{B91EE4B2-DD8E-49DD-8478-3D1000D3D2E2}.Release|Any CPU.Build.0 = Release|Any CPU
+		{0AF07CBD-1B26-494B-A3EE-DF301F8B249F}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{0AF07CBD-1B26-494B-A3EE-DF301F8B249F}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{0AF07CBD-1B26-494B-A3EE-DF301F8B249F}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{0AF07CBD-1B26-494B-A3EE-DF301F8B249F}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
@@ -89,18 +95,20 @@ Global
 		{8A5F2768-BD6E-4E11-8B48-92FAEF7A1844} = {E737BE4D-6DFF-4A67-A3D9-2AC58BFBBC07}
 		{CE93444B-6F0B-40CF-A24B-767ADD839C6E} = {E737BE4D-6DFF-4A67-A3D9-2AC58BFBBC07}
 		{B91EE4B2-DD8E-49DD-8478-3D1000D3D2E2} = {E737BE4D-6DFF-4A67-A3D9-2AC58BFBBC07}
+		{0AF07CBD-1B26-494B-A3EE-DF301F8B249F} = {E737BE4D-6DFF-4A67-A3D9-2AC58BFBBC07}
 	EndGlobalSection
 	GlobalSection(ExtensibilityGlobals) = postSolution
-		BuildVersion_UseUniversalClock = True
-		BuildVersion_ConfigurationName = Release
-		BuildVersion_AssemblyInfoFilename = shared\GeneralAssemblyInfo.cs
-		BuildVersion_StartDate = 2023/4/30
-		BuildVersion_UpdateFileVersion = True
-		BuildVersion_UpdateAssemblyVersion = True
-		BuildVersion_BuildVersioningStyle = None.None.Increment.TimeStamp
 		SolutionGuid = {4B5BD8B8-58AD-47B4-B85A-E7242D47B9FE}
+		BuildVersion_BuildVersioningStyle = None.None.Increment.TimeStamp
+		BuildVersion_UpdateAssemblyVersion = True
+		BuildVersion_UpdateFileVersion = True
+		BuildVersion_StartDate = 2023/4/30
+		BuildVersion_AssemblyInfoFilename = shared\GeneralAssemblyInfo.cs
+		BuildVersion_ConfigurationName = Release
+		BuildVersion_UseUniversalClock = True
 	EndGlobalSection
 	GlobalSection(SharedMSBuildProjectFiles) = preSolution
+		tests\SharedDbObjectExecutorInitInfo\SharedDbObjectExecutorInitInfo.projitems*{0af07cbd-1b26-494b-a3ee-df301f8b249f}*SharedItemsImports = 5
 		tests\SharedDbObjectExecutorInitInfo\SharedDbObjectExecutorInitInfo.projitems*{0f2aafc5-883f-4763-9d14-13224402016a}*SharedItemsImports = 13
 		tests\SharedDbObjectExecutorInitInfo\SharedDbObjectExecutorInitInfo.projitems*{67bf3c35-63c1-4c3b-8a53-44d5432f129e}*SharedItemsImports = 5
 		tests\SharedDbObjectExecutorInitInfo\SharedDbObjectExecutorInitInfo.projitems*{8a5f2768-bd6e-4e11-8b48-92faef7a1844}*SharedItemsImports = 5

src/shared/GeneralAssemblyInfo.cs

@@ -38,6 +38,6 @@
 [assembly: AssemblyMetadata("ContactName", "RzR")]
 [assembly: AssemblyMetadata("ContactEmail", "ddpRzR@hotmail.com")]
 [assembly: NeutralResourcesLanguage("en-US", UltimateResourceFallbackLocation.MainAssembly)]
-[assembly: AssemblyVersion("1.0.1.8361")]
-[assembly: AssemblyFileVersion("1.0.1.8361")]
-[assembly: AssemblyInformationalVersion("1.0.1.8361")]
+[assembly: AssemblyVersion("1.0.2.6703")]
+[assembly: AssemblyFileVersion("1.0.2.6703")]
+[assembly: AssemblyInformationalVersion("1.0.2.6703")]

src/tests/DbObjectExecutor.Imp.EntityFrameworkNet6Test/DbObjectExecutor.Imp.EntityFrameworkNet6Test.csproj

@@ -11,11 +11,11 @@
 
   <ItemGroup>
     <PackageReference Include="Microsoft.SqlServer.SqlManagementObjects" Version="170.23.0" />
-    <PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="6.0.28">
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="6.0.29">
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
     </PackageReference>
-    <PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="6.0.28" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="6.0.29" />
     <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.5.0" />
     <PackageReference Include="MSTest.TestAdapter" Version="2.2.10" />
     <PackageReference Include="MSTest.TestFramework" Version="2.2.10" />

src/tests/DbObjectExecutorWithDINet6Test/DbObjectExecutorWithDINet6Test.csproj

@@ -0,0 +1,30 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <TargetFramework>net6.0</TargetFramework>
+
+    <IsPackable>false</IsPackable>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.5.0" />
+    <PackageReference Include="MSTest.TestAdapter" Version="2.2.10" />
+    <PackageReference Include="MSTest.TestFramework" Version="2.2.10" />
+    <PackageReference Include="coverlet.collector" Version="3.2.0" />
+    <PackageReference Include="Microsoft.SqlServer.SqlManagementObjects" Version="170.23.0" />
+    <PackageReference Include="System.Data.SqlClient" Version="4.8.6" />
+    <PackageReference Include="Microsoft.Data.SqlClient" Version="5.2.0" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="6.0.1" />
+    <PackageReference Include="Microsoft.Extensions.DependencyInjection.Abstractions" Version="6.0.1" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <ProjectReference Include="..\..\DbObjectExecutor.Imp.EntityFramework\DbObjectExecutor.Imp.EntityFramework.csproj" />
+  </ItemGroup>
+
+  <Import Project="..\SharedDbObjectExecutorInitInfo\SharedDbObjectExecutorInitInfo.projitems" Label="Shared" />
+
+</Project>

src/tests/DbObjectExecutorWithDINet6Test/InitInfo.cs

@@ -0,0 +1,39 @@
+// ***********************************************************************
+//  Assembly         : RzR.Shared.Entity.DbObjectExecutorWithDITest
+//  Author           : RzR
+//  Created On       : 2024-04-01 22:08
+// 
+//  Last Modified By : RzR
+//  Last Modified On : 2024-04-01 22:08
+// ***********************************************************************
+//  <copyright file="InitInfo.cs" company="">
+//   Copyright (c) RzR. All rights reserved.
+//  </copyright>
+// 
+//  <summary>
+//  </summary>
+// ***********************************************************************
+
+using DbObjectExecutor;
+using DbObjectExecutor.Abstractions;
+using Microsoft.Extensions.DependencyInjection;
+using Microsoft.VisualStudio.TestTools.UnitTesting;
+
+namespace DbObjectExecutorWithDINet6Test
+{
+    [TestClass]
+    public class InitInfo
+    {
+        protected IDbObjectBuilder _dbObjectBuilder;
+
+        [TestInitialize]
+        public void Init()
+        {
+            var sp = new ServiceCollection();
+            sp.RegisterDbObjectBuilder();
+
+            var serviceProvider = sp.BuildServiceProvider();
+            _dbObjectBuilder = serviceProvider.GetRequiredService<IDbObjectBuilder>();
+        }
+    }
+}

src/tests/DbObjectExecutorWithDINet6Test/Tests/SpGetRecordPagedTests.cs

@@ -0,0 +1,73 @@
+#region U S A G E S
+
+using DbObjectExecutor.Enums;
+using DbObjectExecutor.Mapper.Extensions.DbDataReader;
+using Microsoft.VisualStudio.TestTools.UnitTesting;
+using SharedDbObjectExecutorInitInfo.DataBaseTool;
+using SharedDbObjectExecutorInitInfo.Models;
+using System.Collections.Generic;
+using System.Data.SqlClient;
+
+#endregion
+
+namespace DbObjectExecutorWithDINet6Test.Tests
+{
+    [TestClass]
+    public class SpGetRecordPagedTests : InitInfo
+    {
+        [TestMethod]
+        public void SpGetRecordPaged_ManuallyReader_Success_Test()
+        {
+            var result = new List<SpGetRecordPagedDto>();
+            var objConn = new SqlConnection(DataBaseHelper.ConnectionStringDefaultMsSql);
+
+            _dbObjectBuilder.SetInitInfo(DataBaseObjectNames.spGetRecordPaged, objConn, DbExecutorType.Procedure);
+            _dbObjectBuilder.SetIn("Skip", "0");
+            _dbObjectBuilder.SetIn("Take", "5");
+            _dbObjectBuilder.SetIn("OrderBy", "Name");
+            _dbObjectBuilder.SetIn("Where", "");
+            _dbObjectBuilder.SetOut("RowsCount", out var outNextId, 0);
+
+            _dbObjectBuilder.Execute(reader =>
+            {
+                if (reader.HasRows)
+                    while (reader.Read())
+                        result.Add(new SpGetRecordPagedDto
+                        {
+                            Id = int.Parse(reader["Id"].ToString() ?? "-1"),
+                            Code = reader["Code"].ToString(),
+                            Name = reader["Name"].ToString(),
+                            IsActive = reader["IsActive"].ToString() == "1"
+                        });
+            });
+
+            _dbObjectBuilder.Dispose();
+
+            Assert.IsNotNull(outNextId.Value);
+            Assert.IsTrue(outNextId.Value > 0);
+            Assert.IsTrue(result.Count == 5);
+        }
+
+        [TestMethod]
+        public void SpGetRecordPaged_ManuallyReader_Success_Test_1()
+        {
+            var result = new List<SpGetRecordPagedDto>();
+            var objConn = new SqlConnection(DataBaseHelper.ConnectionStringDefaultMsSql);
+
+            _dbObjectBuilder.SetInitInfo(DataBaseObjectNames.spGetRecordPaged, objConn, DbExecutorType.Procedure);
+            _dbObjectBuilder.SetIn("Skip", "0");
+            _dbObjectBuilder.SetIn("Take", "5");
+            _dbObjectBuilder.SetIn("OrderBy", "Name");
+            _dbObjectBuilder.SetIn("Where", "");
+            _dbObjectBuilder.SetOut("RowsCount", out var outNextId, 0);
+
+            _dbObjectBuilder.Execute(reader => result = reader.ToList<SpGetRecordPagedDto>());
+
+            _dbObjectBuilder.Dispose();
+
+            Assert.IsNotNull(outNextId.Value);
+            Assert.IsTrue(outNextId.Value > 0);
+            Assert.IsTrue(result.Count == 5);
+        }
+    }
+}

src/tests/DbObjectExecutorWithDINet6Test/Tests/SpNewTableIdTests.cs

@@ -0,0 +1,49 @@
+using DbObjectExecutor.Enums;
+using Microsoft.VisualStudio.TestTools.UnitTesting;
+using SharedDbObjectExecutorInitInfo.DataBaseTool;
+using System.Data.SqlClient;
+
+namespace DbObjectExecutorWithDINet6Test.Tests
+{
+    [TestClass]
+    public class SpNewTableIdTests : InitInfo
+    {
+        [TestMethod]
+        public void SpNewTableId_Own_Transaction_Success_Test()
+        {
+            var objConn = new SqlConnection(DataBaseHelper.ConnectionStringDefaultMsSql);
+
+            _dbObjectBuilder.SetInitInfo(DataBaseObjectNames.spNewTableId, objConn, DbExecutorType.Procedure).UseTransaction();
+            _dbObjectBuilder.SetIn("TableName", "TblX");
+            _dbObjectBuilder.SetOut("NextId", out var outNextId, -1);
+
+            _dbObjectBuilder.ExecuteNonQuery();
+
+            _dbObjectBuilder.CommitTransaction()
+                .Dispose();
+
+            Assert.IsNotNull(outNextId.Value);
+            Assert.IsTrue(outNextId.Value > -1);
+        }
+
+        [TestMethod]
+        public void SpNewTableId_Separate_Transaction_Success_Test()
+        {
+            var objConn = new SqlConnection(DataBaseHelper.ConnectionStringDefaultMsSql);
+            objConn.Open();
+            var trans = objConn.BeginTransaction();
+
+            _dbObjectBuilder.SetInitInfo(DataBaseObjectNames.spNewTableId, objConn, DbExecutorType.Procedure).UseTransaction(trans);
+            _dbObjectBuilder.SetIn("TableName", "TblX");
+            _dbObjectBuilder.SetOut("NextId", out var outNextId, 0);
+
+            _dbObjectBuilder.ExecuteNonQuery();
+
+            _dbObjectBuilder.CommitTransaction()
+                .Dispose();
+
+            Assert.IsNotNull(outNextId.Value);
+            Assert.IsTrue(outNextId.Value > -1);
+        }
+    }
+}