Ory.Kratos.Client and possible the other clients have 'RestSharp' outdated .net 10 / .net 9 which breaks if you upgrade Restsharp

[DavidNorena]

Preflight checklist

• I could not find a solution in the existing issues, docs, nor discussions.
• I agree to follow this project's Code of Conduct.
• I have read and am following this repository's Contribution Guidelines.
• I have joined the Ory Community Slack.
• I am signed up to the Ory Security Patch Newsletter.

Ory Network Project

No response

Describe the bug

In .net 10 that now gives warnings about security issues on builds we are getting this

warning NU1902: Package 'RestSharp' 110.2.0 has a known moderate severity vulnerability, GHSA-4rr6-2v9v-wcpc Ory.Kratos.Client depends on it.

But the bad part is lets suppose in the same project you depend on RestSharp latest version as well, it breaks Ory.Kratos.Client.

Reproducing the bug

1. Install Ory.Kratos.Client on a new project using .net 10 try to build and you will get this warning Ory.Kratos.Client.
2. Install latest version of restsharp and it breaks completely the Ory.Kratos.Client normal usage.

Relevant log output

/home/xxx/test/Integrations.Tests/Integrations.Tests.csproj : warning NU1902: Package 'RestSharp' 110.2.0 has a known moderate severity vulnerability, https://github.com/advisories/GHSA-4rr6-2v9v-wcpc

Relevant configuration

Version

v25.4.0

On which operating system are you observing this issue?

Linux

In which environment are you deploying?

Kubernetes

Additional Context

No response

[kirill-gerasimenko-da]

We have the same problem for a lot of time. We either have to put a great effort into refactoring the code (getting rid of the official client completely) or live with the vulnerability :(

[vinckr]

Is the same issue in Ory.Client ?