[Snyk] Security upgrade CrispyWaffle from 8.2.149 to 8.2.185

[guibranco]

User description

Snyk has created this PR to fix 1 vulnerabilities in the nuget dependencies of this project.

Snyk changed the following file(s):

• Src/VTEX.Health/VTEX.Health.csproj

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Inefficient Algorithmic Complexity SNYK-DOTNET-SYSTEMTEXTJSON-8168848	721

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

---

Description

• Upgraded CrispyWaffle package to address security vulnerabilities.
• This upgrade resolves the issue identified as SNYK-DOTNET-SYSTEMTEXTJSON-8168848 with a score of 721.

---

Changes walkthrough 📝

	Relevant files
Dependencies	VTEX.Health.csproj Upgrade CrispyWaffle package to fix vulnerabilities            Src/VTEX.Health/VTEX.Health.csproj Upgraded CrispyWaffle package from version 8.2.149 to 8.2.185. +1/-1

---

💡 Penify usage:
Comment /help on the PR to get a list of all available Penify tools and their descriptions

[penify-dev]

PR Review 🔍

⏱️ Estimated effort to review [1-5]	1, because the changes are straightforward and involve a simple version upgrade of a package.
🧪 Relevant tests	No
⚡ Possible issues	No
🔒 Security concerns	No

[penify-dev]

PR Code Suggestions ✨

Category	Suggestion	Score
Testing	Run tests to confirm that the upgrade does not cause any regressions Consider running tests after the upgrade to ensure that the new version does not introduce any regressions or issues in the application. Src/VTEX.Health/VTEX.Health.csproj [24] +<PackageReference Include="CrispyWaffle" Version="8.2.185" /> - Suggestion importance[1-10]: 9 Why: Running tests after an upgrade is essential to confirm that the new version does not cause regressions, making this a highly relevant and important suggestion.	9
Compatibility	Verify compatibility of the upgraded package with the current codebase Ensure that the upgrade to version 8.2.185 of CrispyWaffle is compatible with your existing codebase and dependencies, as upgrading packages can sometimes introduce breaking changes. Src/VTEX.Health/VTEX.Health.csproj [24] +<PackageReference Include="CrispyWaffle" Version="8.2.185" /> - Suggestion importance[1-10]: 8 Why: This suggestion addresses a crucial aspect of package management, ensuring that the upgrade does not introduce breaking changes, which is important for maintaining application stability.	8
Documentation	Review release notes for insights on changes in the new package version Check the release notes for CrispyWaffle version 8.2.185 to understand any new features, bug fixes, or potential deprecations that may affect your project. Src/VTEX.Health/VTEX.Health.csproj [24] +<PackageReference Include="CrispyWaffle" Version="8.2.185" /> - Suggestion importance[1-10]: 7 Why: Reviewing release notes is a good practice to understand changes in the new package version, although it is slightly less critical than running tests or ensuring compatibility.	7
	Update documentation to align with the new package version If applicable, update any related documentation or configuration files to reflect the changes made by upgrading to CrispyWaffle version 8.2.185. Src/VTEX.Health/VTEX.Health.csproj [24] +<PackageReference Include="CrispyWaffle" Version="8.2.185" /> - Suggestion importance[1-10]: 6 Why: Updating documentation is important for maintainability, but it is a less immediate concern compared to testing and compatibility checks after an upgrade.	6

[github-actions]

Infisical secrets check: ✅ No secrets leaked!

💻 Scan logs

2:05AM INF scanning for exposed secrets...
2:05AM INF 293 commits scanned.
2:05AM INF scan completed in 264ms
2:05AM INF no leaks found

[codacy-production]

Coverage summary from Codacy

See diff coverage on Codacy

Coverage variation	Diff coverage
✅ +0.00% (target: -1.00%)	✅ ∅

Coverage variation details

	Coverable lines	Covered lines	Coverage
Common ancestor commit (0a129dc)	1774	4	0.23%
Head commit (7589cd3)	1774 (+0)	4 (+0)	0.23% (+0.00%)

Coverage variation is the difference between the coverage for the head and common ancestor commits of the pull request branch: <coverage of head commit> - <coverage of common ancestor commit>

Diff coverage details

	Coverable lines	Covered lines	Diff coverage
Pull request (#329)	0	0	∅ (not applicable)

Diff coverage is the percentage of lines that are covered by tests out of the coverable lines that the pull request added or modified: <covered lines added or modified>/<coverable lines added or modified> * 100%

See your quality gate settings    Change summary preferences

_{Codacy stopped sending the deprecated coverage status on June 5th, 2024. Learn more}

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

[AppVeyorBot]

✅ Build VTEX-SDK-dotnet 2.3.1142 completed (commit 757ffc5faa by @gstraccini[bot])

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 0.22%. Comparing base (0a129dc) to head (7589cd3).
Report is 1 commits behind head on main.

Additional details and impacted files

@@          Coverage Diff          @@
##            main    #329   +/-   ##
=====================================
  Coverage   0.22%   0.22%           
=====================================
  Files        117     117           
  Lines       1774    1774           
  Branches      75      75           
=====================================
  Hits           4       4           
+ Misses      1770    1768    -2     
- Partials       0       2    +2     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.