Vulnerability in RestSharp

[RobJDavey]

The current release of eBay.OAuth.Client has a dependency on RestSharp >= 110.2.0. RestSharp versions < 112.0.0 have a vulnerability in them. See: https://github.com/advisories/GHSA-4rr6-2v9v-wcpc

This results in a build time warning:

warning NU1902: Package 'RestSharp' 110.2.0 has a known moderate severity vulnerability, https://github.com/advisories/GHSA-4rr6-2v9v-wcpc

While the >= 110.2.0 doesn't prevent you from upgrading to 112.0, upgrading to this version results in

Method not found: 'RestSharp.RestResponse RestSharp.RestClientExtensions.Execute(RestSharp.RestClient, RestSharp.RestRequest, System.Threading.CancellationToken)'.

due to breaking changes within RestSharp.

As a result, it's currently not possible for anyone using the eBay.OAuth.Client to remove this warning from their codebase.

Due to how often RestSharp updates result in breaking changes like this between major versions, ideally the dependency on RestSharp should be removed entirely, but for now an update to the version of RestSharp to the one without the vulnerability will at least remove this warning.