dotnet restoreand make sure obj/project.assets.json has been created by the previous command, run
snyk test. For more information on building projects, check out Getting started with the CLI.
nuget install -OutputDirectory packagesand make sure the packages dir has been created by the previous command, run
snyk testwithout previously installing dependencies this will result in less accurate vulnerability results
packages.configwe will be able to automatically update the dependency version in your manifest file, provided there is an actual fix for it. You should then be able to easily review and merge your fixes.
PackageReference, we scan your
obj/project.assets.json; if you manage your dependencies using
packages.config, we scan the
packagesdirectory. This approach allows us to be very accurate.
truein the project file. And make sure to upgrade your environments (e.g. dev, prod) to the latest runtime version.