From 9053053a35c33540eb2c7b63eeeb2bc0fe50efc8 Mon Sep 17 00:00:00 2001 From: Christian Kadluba <10721825+ckadluba@users.noreply.github.com> Date: Wed, 29 May 2024 00:36:01 +0200 Subject: [PATCH 1/5] Bumped minor version after release --- src/Serilog.Sinks.MSSqlServer/Serilog.Sinks.MSSqlServer.csproj | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Serilog.Sinks.MSSqlServer/Serilog.Sinks.MSSqlServer.csproj b/src/Serilog.Sinks.MSSqlServer/Serilog.Sinks.MSSqlServer.csproj index 28573ead..7ec2c5be 100644 --- a/src/Serilog.Sinks.MSSqlServer/Serilog.Sinks.MSSqlServer.csproj +++ b/src/Serilog.Sinks.MSSqlServer/Serilog.Sinks.MSSqlServer.csproj @@ -2,7 +2,7 @@ A Serilog sink that writes events to Microsoft SQL Server and Azure SQL - 6.6.1 + 6.6.2 Michiel van Oudheusden;Christian Kadluba;Serilog Contributors netstandard2.0;net462;net472;net6.0 true From 92a46afb087d1392990a4ba684745563097316da Mon Sep 17 00:00:00 2001 From: Christian Kadluba <10721825+ckadluba@users.noreply.github.com> Date: Tue, 20 Aug 2024 00:51:16 +0200 Subject: [PATCH 2/5] Updated SqlClient to fix vulnerabilities Updated Microsoft.Data.SqlClient to fix some of the vulnerabilities referenced in #544. --- Directory.Packages.props | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Directory.Packages.props b/Directory.Packages.props index 96e725cb..d7ed9123 100644 --- a/Directory.Packages.props +++ b/Directory.Packages.props @@ -11,7 +11,7 @@ - + From 764ca74ffbe0c9eb54cf01475cf5c01c93235e9a Mon Sep 17 00:00:00 2001 From: Christian Kadluba <10721825+ckadluba@users.noreply.github.com> Date: Tue, 20 Aug 2024 00:54:22 +0200 Subject: [PATCH 3/5] Updated codeql-action to v3 V2 is deprecated soon. --- .github/workflows/pr-analysis-codeql.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/pr-analysis-codeql.yml b/.github/workflows/pr-analysis-codeql.yml index f4fd9fcb..0c2b81b0 100644 --- a/.github/workflows/pr-analysis-codeql.yml +++ b/.github/workflows/pr-analysis-codeql.yml @@ -22,7 +22,7 @@ jobs: uses: actions/checkout@v3 - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@v3 with: languages: 'csharp' @@ -30,6 +30,6 @@ jobs: run: ./Build.ps1 -SkipTests - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@v3 with: category: "/language:csharp" From 36c5b4096f2670fceaa67a2dc59b94daf7b7e830 Mon Sep 17 00:00:00 2001 From: Christian Kadluba <10721825+ckadluba@users.noreply.github.com> Date: Tue, 20 Aug 2024 00:57:56 +0200 Subject: [PATCH 4/5] Bumped major version --- CHANGES.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/CHANGES.md b/CHANGES.md index afb0bc9f..67aa9c9c 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,3 +1,7 @@ +# 6.7.0 +* Fixed some of the vulnerabilities referenced in issue #544 by updating SqlClient dependency to 5.2.1 +* Update codeql-action to v3 before deprecation + # 6.6.1 * Fixed issue #515: Cannot use .AuditTo with SpanId or TraceId (thanks to @Kolthor and @vui611) * Fixed issue #530: Document default value of AllowNull From 0b57496d60b04a5f9bbd6606759ea462b1b553b6 Mon Sep 17 00:00:00 2001 From: Christian Kadluba <10721825+ckadluba@users.noreply.github.com> Date: Tue, 20 Aug 2024 00:58:31 +0200 Subject: [PATCH 5/5] Bumped major version --- src/Serilog.Sinks.MSSqlServer/Serilog.Sinks.MSSqlServer.csproj | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Serilog.Sinks.MSSqlServer/Serilog.Sinks.MSSqlServer.csproj b/src/Serilog.Sinks.MSSqlServer/Serilog.Sinks.MSSqlServer.csproj index 7ec2c5be..3e4e446c 100644 --- a/src/Serilog.Sinks.MSSqlServer/Serilog.Sinks.MSSqlServer.csproj +++ b/src/Serilog.Sinks.MSSqlServer/Serilog.Sinks.MSSqlServer.csproj @@ -2,7 +2,7 @@ A Serilog sink that writes events to Microsoft SQL Server and Azure SQL - 6.6.2 + 6.7.0 Michiel van Oudheusden;Christian Kadluba;Serilog Contributors netstandard2.0;net462;net472;net6.0 true