You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This is a suggestion regarding the use of Moq as a security and privacy issue.
Moq has lost its trust because of some "spyware" code introduced in version 4.20. Even if that code might be removed from moq it still lost its trust and better use alternatives like NSubstitute. Take a look at this issue in Moq devlooped/moq#1372
This is for the best of all and especially for contributors.
The text was updated successfully, but these errors were encountered:
There was Moq in the Tests. DotNetCore.Cap.Test for example has PackageReference Include="Moq" Version="4.20.69" . The vulnerability consists of posting the email of the person who builds the test project. The project is safe from that but contributors that build and run the test locally are not.
Checked the test and is not used but still installed as a package. I don't know exactly what would happen in this case but better remove it entirely.
This is a suggestion regarding the use of Moq as a security and privacy issue.
Moq has lost its trust because of some "spyware" code introduced in version 4.20. Even if that code might be removed from moq it still lost its trust and better use alternatives like NSubstitute. Take a look at this issue in Moq devlooped/moq#1372
This is for the best of all and especially for contributors.
The text was updated successfully, but these errors were encountered: