soroush.asadi
cfff934bdd
The transitive SQLitePCLRaw.lib.e_sqlite3 2.1.11 (via EF Core 10 Sqlite) is flagged High by GHSA-2m69-gcr7-jv3q, and the 2.x line has no patched release (first_patched_version: null). Pin SQLitePCLRaw.bundle_e_sqlite3 3.0.3, which is outside the vulnerable range (<= 2.1.11). Runtime-verified: EnsureCreated and a DB read both succeed; `dotnet list package --vulnerable` is now clean. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>