Static code analysis tool reported a high operational risk on the currently used package version of Microsoft.AspNet.WebApi.WebHost. Upgrade version to resolve dependencies on prerelease version of packages.

[dipumonharidask]

VERSION:

5.6.0

STEPS TO REPRODUCE:

Install the latest version of Swashbuckle nuget ie. 5.6.0

EXPECTED RESULT:

Microsoft.AspNet.WebApi.WebHost should be referred the version 5.2.7 or the latest.

ACTUAL RESULT:

Microsoft.AspNet.WebApi.WebHost version used in project is 4.0.20710.

ADDITIONAL DETAILS

The Microsoft.AspNet.WebApi.WebHost with version 4.0.20710 has some operational risks associated on black duck hub scan. Below transient dependencies of Microsoft.AspNet.WebApi.WebHost were reported as these versions were outdated.

Microsoft ASP.NET Web API Client Libraries v4.0.20710 |
Microsoft ASP.NET Web API Core Libraries v4.0.20710
Microsoft ASP.NET Web API Web Host v4.0.20710
Microsoft HTTP Client Libraries v2.0.20710

These packages are reporting operational risks due to very old package referenced.

Can the package Microsoft.AspNet.WebApi.WebHost be upgraded to latest?

Thanks in advance.

[dipumonharidask]

#1416 PR addresses this.