Every once in a while, a security problem comes up that needs patching. We couldn’t find a clear and concise Microsoft document that describes that process, so we asked Barry directly.
We thought it might be useful to document our conversation here.
Regardless what you are building, you ultimately have two types of dependencies:
Functionality that is part of the .NET runtime/SDK Functionality you reference via a Nuget package. This might be a Microsoft package that is not part of the shared runtime (e.