Description:
Castle.Windsor 6.0.0 currently depends on Microsoft.Extensions.DependencyModel which pulls System.Text.Encodings.Web 6.0.0. This version has known security vulnerabilities and is incompatible with .NET 8 best practices.
Expected behavior:
For .NET 8 projects, Castle.Windsor should use System.Text.Encodings.Web 8.0.x
Current dependency chain:
Castle.Windsor 6.0.0 → Microsoft.Extensions.DependencyModel → System.Text.Encodings.Web 6.0.0
Environment:
- .NET 8.0
- Castle.Windsor 6.0.0
Suggested fix:
Update Microsoft.Extensions.DependencyModel to version 8.0.x
Description:
Castle.Windsor 6.0.0 currently depends on Microsoft.Extensions.DependencyModel which pulls System.Text.Encodings.Web 6.0.0. This version has known security vulnerabilities and is incompatible with .NET 8 best practices.
Expected behavior:
For .NET 8 projects, Castle.Windsor should use System.Text.Encodings.Web 8.0.x
Current dependency chain:
Castle.Windsor 6.0.0 → Microsoft.Extensions.DependencyModel → System.Text.Encodings.Web 6.0.0
Environment:
Suggested fix:
Update Microsoft.Extensions.DependencyModel to version 8.0.x