[Snyk] Security upgrade NUnit3TestAdapter from 3.16.1 to 5.0.0#9
[Snyk] Security upgrade NUnit3TestAdapter from 3.16.1 to 5.0.0#9madisonmay wants to merge 2 commits intomasterfrom
Conversation
…ere.Connector.Tests.csproj to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-DOTNET-SYSTEMTEXTREGULAREXPRESSIONS-174708
…ere.Connector.Tests.csproj to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-DOTNET-SYSTEMTEXTREGULAREXPRESSIONS-174708
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
| <PackageReference Include="Moq" Version="4.16.0" /> | ||
| <PackageReference Include="NUnit" Version="3.12.0" /> | ||
| <PackageReference Include="NUnit3TestAdapter" Version="3.16.1" /> | ||
| <PackageReference Include="NUnit3TestAdapter" Version="5.0.0" /> |
There was a problem hiding this comment.
Major breaking version upgrade may cause build/test failures
High Severity
NUnit3TestAdapter 5.0.0 introduces new transitive dependencies (Microsoft.Testing.Platform.MSBuild and Microsoft.Testing.Extensions.VSTestBridge >= 1.5.3) that didn't exist in 3.16.1. These Microsoft Testing Platform packages may be incompatible with the project's Microsoft.NET.Test.Sdk 16.5.0 and netcoreapp3.1 target framework, potentially causing build failures or tests not being discovered/executed. The NUnit version also remains at 3.12.0 while the adapter embeds engine 3.18.1. Snyk itself flags this as a breaking change.
Additional Locations (1)
2 participants
Snyk has created this PR to fix 1 vulnerabilities in the nuget dependencies of this project.
Snyk changed the following file(s):
Indico.AutomationAnywhere.Connector.Tests/Indico.AutomationAnywhere.Connector.Tests.csprojVulnerabilities that will be fixed with an upgrade:
SNYK-DOTNET-SYSTEMTEXTREGULAREXPRESSIONS-174708
Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Regular Expression Denial of Service (ReDoS)
Note
Low Risk
Low risk because this only changes a test-time dependency, but the major-version bump could affect local/CI test discovery or execution.
Overview
Upgrades
NUnit3TestAdapterinIndico.AutomationAnywhere.Connector.Tests.csprojfrom3.16.1to5.0.0(Snyk-driven security update), with no production/runtime code changes.Written by Cursor Bugbot for commit 7f002a1. This will update automatically on new commits. Configure here.