Update check-vulnerabilities.ps1 to error out if dotnet command fails and update build project dependencies

[Francisco-Gamino]

Issue describing the changes in this PR

This PR contains the following changes:

• Fixes If restore fails, CI script should exit with an error #3783
• Updated check-vulnerabilities.ps1 to validate the packages for the following projects are up-to-date:
  "$PSScriptRoot/src/Azure.Functions.Cli/Azure.Functions.Cli.csproj" "$PSScriptRoot/test/Azure.Functions.Cli.Tests/Azure.Functions.Cli.Tests.csproj"
  "$PSScriptRoot/build/Build.csproj"
• Updated project dependencies for Build.csproj

Pull request checklist

• My changes do not require documentation changes
  • Otherwise: Documentation issue linked to PR
• My changes do not need to be backported to a previous version
  • Otherwise: Backport tracked by issue/PR #issue_or_pr
• I have added all required tests (Unit tests, E2E tests)

[Francisco-Gamino]

/cc @mattchenderson @FinVamp1

[Francisco-Gamino]

Hello @kshyju @mattchenderson -- Could you please review this PR? Thank you.

[mattchenderson]

/azp run

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[mattchenderson]

One small comment about next work that should be tracked, but that does not need to block this specific PR.

[mattchenderson]

Thinking aloud, I wonder if we would want to parallelize these upstream of the call into the script, I suppose that's supported by the parameter being included here. But we should probably ensure that gets tracked, as it will be much more efficient.

[jviau]

I am fine with these changes, but I do want to point out with .NET8 SDK this is built into the restore process (configurable via msbuild properties). Additionally, we have component governance running for this repo which will flag these CVEs.

I'm not a big fan of hard failures for CVEs in the pipeline. I prefer being given some time to address the CVEs before all our pipelines are blocked (thus impacting ongoing work).