Outdated Newtonsoft.Json.dll (10.0.3) bundled in NuGet package Delegate.XrmDefinitelyTyped 6.6.1 triggers security scanners

[CorneliaDV]

Hello,

we are using XrmDefinitelyTyped via the NuGet package Delegate.XrmDefinitelyTyped (currently version 6.6.1 as published on nuget.org).

While upgrading our tooling, we noticed that the package content still includes
Newtonsoft.Json.dll version 10.0.3 (under content/XrmDefinitelyTyped).

This causes vulnerability findings in modern security scanners, which require a newer Newtonsoft.Json version (13.x).
For example, Wiz reports Newtonsoft.Json.dll version 10.0.3 as a high-severity vulnerability and recommends updating to version 13.x (e.g. 13.0.1).

We verified that:

• XrmDefinitelyTyped.exe itself is version 6.6.1
• The bundled Newtonsoft.Json.dll inside the NuGet package is still 10.0.3

Would it be possible to update the Newtonsoft.Json dependency used/bundled by the tool and publish a new NuGet package version?

Thank you!