Description
Update Moq, NSubstitute & FakeItEasy dependencies to patch the following vulnerabilities:
- Package 'System.Net.Http' 4.3.0 has a known high severity vulnerability, GHSA-7jgj-8wvc-jh57
- Package 'System.Text.RegularExpressions' 4.3.0 has a known high severity vulnerability, GHSA-cmhx-cq75-c4mj
The vulnerabilities above are not big deal as this is test related library but would be nice if VS doesn't yell at me.
VS v. 17.12.0 NuGet audits transitive packages
VS starts flagging transitive nuget package references. To fix this on my end I will set the NuGetAuditMode to direct for now but would be nice not to have to.
I've had to change the TargetFramework to net8 to achieve the result above.
Moq - currently used 4.8.0, minimum version with fix 4.18.0, latest 4.20.72
Moq -> NETStandard.Library 1.6.1
NSubstitute - currently used 4.2.1, minimum version with fix 4.18.0, latest 5.3.0
NSubstitute -> Castle.Core 4.4.1 -> NETStandard.Library 1.6.1
FakeItEasy - currently used 5.1.1, minimum version with fix 8.0.0, latest 8.3.0
FakeItEasy -> Castle.Core 4.3.1 -> NETStandard.Library 1.6.1
Will be happy to create a PR if needed.