.NET Core 2 will be released on the 18th or 19th of September  

Bringing WebAssembly to the .NET Mainstream - Steve Sanderson, Microsoft

Many developers still consider WebAssembly to be a leading-edge, niche technology tied to low-level systems programming languages. However, C# and .NET (open-source, cross-platform technologies used by nearly one-third of all professional developers [1]) have run on WebAssembly since 2017. Blazor WebAssembly brought .NET into the browser on open standards, and is now one of the fastest-growing parts of .NET across enterprises, startups, and hobbyists. Next, with WASI we could let you run .NET in even more places, introducing cloud-native tools and techniques to a wider segment of the global developer community. This is a technical talk showing how we bring .NET to WebAssembly. Steve will demonstrate how it runs both interpreted and AOT-compiled, how an IDE debugger can attach, performance tradeoffs, and how a move from Emscripten to WASI SDK lets it run in Wasmtime/Wasmer or higher-level runtimes like wasmCloud. Secondly, you'll hear lessons learned from Blazor as an open-source project - challenges and misconceptions faced bringing WebAssembly beyond early adopters. [1] StackOverflow survey 2021 

<ItemGroup>
   <DotNetCliToolReference Include="Microsoft.EntityFrameworkCore.Tools.DotNet" Version="2.0.0" />
</ItemGroup>

warning : Using DotNetCliToolReference to reference 'Microsoft.EntityFrameworkCore.Tools.DotNet' is obsolete and can be removed from this project. This tool is bundled by default in the .NET Core SDK.
warning : Using DotNetCliToolReference to reference 'Microsoft.DotNet.Watcher.Tools' is obsolete and can be removed from this project. This tool is bundled by default in the .NET Core SDK.

 dotnet tool install -g example

 %USERPROFILE%\.dotnet\toolspkgs (Windows)
 $HOME/.dotnet/toolspkgs (macOS/Linux)

 %USERPROFILE%\.dotnet\tools

 ~/.dotnet/tools

Windows PowerShell:
setx PATH "$env:PATH;$env:USERPROFILE/.dotnet/tools"
Linux/macOS:
echo "export PATH=\"\$PATH:\$HOME/.dotnet/tools\"" >> ~/.bash_profile

<Project Sdk="Microsoft.NET.Sdk">  
   <PropertyGroup>
     <OutputType>Exe</OutputType>
     <IsPackable>true</IsPackable>
     <PackAsTool>true</PackAsTool>
     <TargetFramework>netcoreapp2.1</TargetFramework>
   </PropertyGroup>  
</Project>

 dotnet pack -c Release

 dotnet tool install -g package-name

Security Advisory Notices

CVE-2019-1077 Visual Studio Extension Auto Update Vulnerability

An elevation of privilege vulnerability exists when the Visual Studio Extension auto-update process improperly performs certain file operations. An attacker who successfully exploited this vulnerability could delete files in arbitrary locations. To exploit this vulnerability, an attacker would require unprivileged access to a vulnerable system. The security update addresses the vulnerability by securing locations the Visual Studio Extension auto-update performs file operations in.

CVE-2019-1075 ASP.NET Core Spoofing Vulnerability

A spoofing vulnerability exists in ASP.NET Core that could lead to an open redirect. An attacker who successfully exploited the vulnerability could redirect a targeted user to a malicious website. To exploit the vulnerability, an attacker could send a link that has a specially crafted URL and convince the user to click the link.

The security update addresses the vulnerability by correcting how ASP.NET Core parses URLs. Details can be found in the .NET Core release notes.

CVE-2019-1113 WorkflowDesigner XOML deserialization allows code execution

A XOML file referencing certain types could cause random code to be executed when the XOML file is opened in Visual Studio. There is now a restriction on what types are allowed to be used in XOML files. If a XOML file containing one of the newly unauthorized types is opened, a message is displayed explaining that the type is unauthorized.

For further information, please refer to https://support.microsoft.com/en-us/help/4512190/remote-code-execution-vulnerability-if-types-are-specified-in-xoml.

PowerShell 7.3 is built on top of .NET 7 and as a non-LTS (Long Term Support) release will be supported for 18 months. PowerShell 7.2 is still the current LTS (3-year supported) release of PowerShell. 

Port Microsoft Concurrency Visualizer SDK to .NET Standard and NuGet

Today, we are releasing the .NET March 2021 Updates. These updates contains reliability and security improvements. See the individual release notes for details on updated packages.

You can download 5.0.4 , 3.1.13, 2.1.26 versions for Windows, macOS, and Linux, for x86, x64, Arm32, and Arm64.

• Installers and binaries: 5.0.4 | 3.1.13 | 2.1.26
• Release notes: 5.0.4 | 3.1.13 | 2.1.26
• Container images
• Linux packages: 5.0.4 | 3.1.13 | 2.1.26
• Release feedback/issues
• Known issues: 5.0 | 3.1 | 2.1  

Support for the .NET 6 SDK, including Hot Reload  

Simple Injector is an easy-to-use Dependency Injection (DI) library for .NET 4+  

One of the major new capabilities for developers in Windows 10 version 1511 is the final release of Windows.UI.Composition. This was in preview in the 10240 SDK but has now reached full release in this new update.