Update NuGet packages

[net-framework-updater]

Summary

Packages update (CI)

Commits

• 8f70c69 - net-framework-updater[bot] - 2025-11-17 12:58:13
  Packages update (CI)

Files

Src/EditoraInovacao.MVC/packages.config | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)

[github-actions]

Build: 🔰 Building EditoraInovacao.MVC.sln

[korbit-ai]

By default, I don't review pull requests opened by bots. If you would like me to review this pull request anyway, you can request a review via the /korbit-review command in a comment.

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[guibranco]

Automatically approved by gstraccini[bot]

[korbit-ai]

I was unable to write a description for this pull request. This could be because I only found files I can't scan.

[github-actions]

Infisical secrets check: ✅ No secrets leaked!

💻 Scan logs

12:58PM INF scanning for exposed secrets...
12:58PM INF 169 commits scanned.
12:58PM INF scan completed in 47.8ms
12:58PM INF no leaks found

[socket-security]

Caution

Review the following alerts detected in dependencies.

According to your organization's Security Policy, you must resolve all "Block" alerts before proceeding. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Block		Dynamic code execution: nuget microsoft.win32.systemevents Location: Package overview From: Src/EditoraInovacao.MVC/packages.config → nuget/crispywaffle@4.3.71 → nuget/microsoft.win32.systemevents@6.0.0 ℹ Read more on: This package | This alert | What is dynamic code execution? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Avoid packages that use dynamic code execution like eval(), since this could potentially execute any code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore nuget/microsoft.win32.systemevents@6.0.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		System shell access: nuget microsoft.win32.systemevents Location: Package overview From: Src/EditoraInovacao.MVC/packages.config → nuget/crispywaffle@4.3.71 → nuget/microsoft.win32.systemevents@6.0.0 ℹ Read more on: This package | This alert | What is shell access? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should avoid accessing the shell which can reduce portability, and make it easier for malicious shell access to be introduced. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore nuget/microsoft.win32.systemevents@6.0.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Dynamic code execution: nuget system.drawing.common Location: Package overview From: Src/EditoraInovacao.MVC/packages.config → nuget/crispywaffle@4.3.71 → nuget/system.drawing.common@6.0.0 ℹ Read more on: This package | This alert | What is dynamic code execution? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Avoid packages that use dynamic code execution like eval(), since this could potentially execute any code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore nuget/system.drawing.common@6.0.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		System shell access: nuget system.drawing.common Location: Package overview From: Src/EditoraInovacao.MVC/packages.config → nuget/crispywaffle@4.3.71 → nuget/system.drawing.common@6.0.0 ℹ Read more on: This package | This alert | What is shell access? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should avoid accessing the shell which can reduce portability, and make it easier for malicious shell access to be introduced. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore nuget/system.drawing.common@6.0.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Filesystem access: nuget system.drawing.common Location: Package overview From: Src/EditoraInovacao.MVC/packages.config → nuget/crispywaffle@4.3.71 → nuget/system.drawing.common@6.0.0 ℹ Read more on: This package | This alert | What is filesystem access? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: If a package must read the file system, clarify what it will read and ensure it reads only what it claims to. If appropriate, packages can leave file system access to consumers and operate on data passed to it instead. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore nuget/system.drawing.common@6.0.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

[github-actions]

Build: 🎯 Build succeeded

[github-actions]

Build: ✅ Successfully builded EditoraInovacao.MVC.sln.

Warnings: ⚠️

C:\Program Files\Microsoft Visual Studio\2022\Enterprise\MSBuild\Current\Bin\amd64\Microsoft.Common.CurrentVersion.targets(2433,5): warning MSB3245: Could not resolve this reference. Could not locate the assembly "System.Diagnostics.EventLog, Version=7.0.0.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51". Check to make sure the assembly exists on disk. If this reference is required by your code, you may get compilation errors. [D:\a\EditoraInovacao.MVC\EditoraInovacao.MVC\Src\EditoraInovacao.MVC\EditoraInovacao.MVC.csproj]
C:\Program Files\Microsoft Visual Studio\2022\Enterprise\MSBuild\Current\Bin\amd64\Microsoft.Common.CurrentVersion.targets(2433,5): warning MSB3245: Could not resolve this reference. Could not locate the assembly "System.Security.Permissions, Version=7.0.0.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51". Check to make sure the assembly exists on disk. If this reference is required by your code, you may get compilation errors. [D:\a\EditoraInovacao.MVC\EditoraInovacao.MVC\Src\EditoraInovacao.MVC\EditoraInovacao.MVC.csproj]
C:\Program Files\Microsoft Visual Studio\2022\Enterprise\MSBuild\Current\Bin\amd64\Microsoft.Common.CurrentVersion.targets(2433,5): warning MSB3245: Could not resolve this reference. Could not locate the assembly "System.Web.Helpers, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35". Check to make sure the assembly exists on disk. If this reference is required by your code, you may get compilation errors. [D:\a\EditoraInovacao.MVC\EditoraInovacao.MVC\Src\EditoraInovacao.MVC\EditoraInovacao.MVC.csproj]

[korbit-ai]

I was unable to write a description for this pull request. This could be because I only found files I can't scan.