From 2c466251a5e995babfe60712927b0e38c3fe7a37 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 24 Apr 2025 17:54:58 +0000
Subject: [PATCH] fix:
 5-AccessControl/1-call-api-roles/API/TodoListAPI/TodoListAPI.csproj to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-DOTNET-SYSTEMNETHTTP-60045
- https://snyk.io/vuln/SNYK-DOTNET-SYSTEMNETHTTP-60046
- https://snyk.io/vuln/SNYK-DOTNET-SYSTEMNETHTTP-72439
- https://snyk.io/vuln/SNYK-DOTNET-SYSTEMTEXTREGULAREXPRESSIONS-174708
- https://snyk.io/vuln/SNYK-DOTNET-SYSTEMNETHTTP-60047
- https://snyk.io/vuln/SNYK-DOTNET-MESSAGEPACK-8229907
- https://snyk.io/vuln/SNYK-DOTNET-SYSTEMSECURITYCRYPTOGRAPHYXML-2977914
- https://snyk.io/vuln/SNYK-DOTNET-SYSTEMNETHTTP-60048
---
 .../1-call-api-roles/API/TodoListAPI/TodoListAPI.csproj       | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/5-AccessControl/1-call-api-roles/API/TodoListAPI/TodoListAPI.csproj b/5-AccessControl/1-call-api-roles/API/TodoListAPI/TodoListAPI.csproj
index 4eab0792..5c89bc03 100644
--- a/5-AccessControl/1-call-api-roles/API/TodoListAPI/TodoListAPI.csproj
+++ b/5-AccessControl/1-call-api-roles/API/TodoListAPI/TodoListAPI.csproj
@@ -14,8 +14,8 @@
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
     </PackageReference>
-    <PackageReference Include="Microsoft.Identity.Web" Version="1.25.1" />
-    <PackageReference Include="Microsoft.VisualStudio.Web.CodeGeneration.Design" Version="6.0.6" />
+    <PackageReference Include="Microsoft.Identity.Web" Version="2.5.0" />
+    <PackageReference Include="Microsoft.VisualStudio.Web.CodeGeneration.Design" Version="6.0.14" />
     <PackageReference Include="Microsoft.AspNetCore.Mvc.Razor.RuntimeCompilation" Version="6.0.6" Condition="'$(Configuration)' == 'Debug'" />
   </ItemGroup>