Redundant SCA reports

[aep-sunlife]

dotnet build shows the same CVE's twice, sometimes 4x or more.

That doesn't scale well for practical applications, which often exhibit hundreds of CVE's.

The redundant logging is noisy and makes it difficult to navigate the information. At cloud scale, the redundant log lines constitute measurable waste in terms of I/O and storage fees.

Using .NET 8.0.401.

Trace

$ dotnet build
  Determining projects to restore...
/Users/lo40/go/src/bitbucket.us.sunlife/SecOps/hello-world-csharp/hello-world-csharp.csproj : error NU1903: Warning As Error: Package 'Npgsql' 8.0.2 has a known high severity vulnerability, https://github.com/advisories/GHSA-x9vc-6hfv-hg8c
  Failed to restore /Users/lo40/go/src/bitbucket.us.sunlife/SecOps/hello-world-csharp/hello-world-csharp.csproj (in 131 ms).

Build FAILED.

/Users/lo40/go/src/bitbucket.us.sunlife/SecOps/hello-world-csharp/hello-world-csharp.csproj : error NU1903: Warning As Error: Package 'Npgsql' 8.0.2 has a known high severity vulnerability, https://github.com/advisories/GHSA-x9vc-6hfv-hg8c
    0 Warning(s)
    1 Error(s)

Time Elapsed 00:00:00.45

hello.csproj

<Project Sdk="Microsoft.NET.Sdk">
    <PropertyGroup>
        <OutputType>Exe</OutputType>
        <TargetFramework>net8.0</TargetFramework>
        <RootNamespace>hello_world_csharp</RootNamespace>
        <ImplicitUsings>enable</ImplicitUsings>
        <Nullable>enable</Nullable>
        <TreatWarningsAsErrors>true</TreatWarningsAsErrors>
    </PropertyGroup>
    <ItemGroup>
        <PackageReference Include="Npgsql" Version="8.0.2" />
    </ItemGroup>
</Project>