Lee Coward

@livarcocc @KathleenDollard - as a safety gate, would it be desirable for each verb to report what it will be uninstalled with a y/n prompt? This could be 'suppressed' with...

I would think this relates to the tool. @KathleenDollard, since she wrote the description.

@darakian - looking at the questions. RE: [CVE-2019-0545](https://github.com/advisories/GHSA-2xjx-v99w-gqf3) / https://github.com/dotnet/announcements/issues/94, the announcement provides the following. Package name | Vulnerable versions | Secure versions ------------ | ------------------- | ------------------------- Microsoft.NETCore.App (System.Net.Http)...

Gotcha, yes, capturing the NetCore.app and 'included' package is confusing. Could the GitHub advisory follow a similar pattern to the .NET advisory? e.g. NetCore.App (System.Net.Http).

Answers to a few of the outstanding questions: > [CVE-2020-0606](https://github.com/advisories/GHSA-r4mw-gxf7-vxr9) / https://github.com/dotnet/announcements/issues/149 - Should reference https://www.nuget.org/packages/Microsoft.WindowsDesktop.App.Ref? Yes. This is somewhat analogous to the NetCore.App vs affected underlying component discussion. >...

The problem is that while `packagename*` works when the dependency is expressed in a deb, doing the same from a bash script or directly with the package manager does not...

@jaredpar PTAL?

netstandard-targeting-pack-2.1 is now available at https://packages.microsoft.com/ubuntu/22.04/prod/pool/main/n/

Thanks, @KalleOlaviNiemitalo. What I'm referring to with AspNetCore 2.2 is that a number of new features were added which are not in 2.1 creating a support culdesac. Some AspNetCore /...

@schemburkar - I understand the distinction you're pointing out. We want to use the NuGet feature so that the marking is leveraged by appropriate tools (VS, etc) as seamlessly as...