Nuget

How to replace a Nuget package

1. Open your project's .csproj file.

2. If the vulnerability is in a direct dependency, replace the existing version in the <PackageReference> element (the following example is [email protected]):

  <ItemGroup>
    <PackageReference Include="Newtonsoft.Json" Version="12.0.2-sp1" />
  </ItemGroup>

3. If the vulnerability is in a transitive dependency, add an explicit <PackageReference> to pin it to the sealed version:

  <ItemGroup>
    <PackageReference Include="Newtonsoft.Json" Version="12.0.2-sp1" />
  </ItemGroup>
circle-exclamation

Last updated