Skip to content

Commit 0d3df96

Browse files
OliaGzivkan
OliaG
and
zivkan
authored
Updated messaging according to reverting Audit default mode. (#3364)
* Updated messaging according to reverting Audit default mode. * Update docs/release-notes/NuGet-6.12.md Co-authored-by: Andy Zivkovic <[email protected]> --------- Co-authored-by: Andy Zivkovic <[email protected]>
1 parent e813422 commit 0d3df96

File tree

2 files changed

+4
-4
lines changed

2 files changed

+4
-4
lines changed

docs/concepts/Auditing-Packages.md

Lines changed: 1 addition & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -43,13 +43,10 @@ We recommend that audit is configured at a repository level.
4343

4444
| MSBuild Property | Default | Possible values | Notes |
4545
|------------------|---------|-----------------|-------|
46-
| NuGetAuditMode | all | `direct` and `all` | If you'd like to audit top-level dependencies only, you can set the value to `direct`. NuGetAuditMode is not applicable for packages.config projects. |
46+
| NuGetAuditMode | direct | `direct` and `all` | If you'd like to audit top-level dependencies only, you can set the value to `direct`. NuGetAuditMode is not applicable for packages.config projects. |
4747
| NuGetAuditLevel | low | `low`, `moderate`, `high`, and `critical` | The minimum severity level to report. If you'd like to see `moderate`, `high`, and `critical` advisories (exclude `low`), set the value to `moderate` |
4848
| NuGetAudit | true | `true` and `false` | If you wish to not receive security audit reports, you can opt-out of the experience entirely by setting the value to `false` |
4949

50-
Note: In .NET 8, the default value of NuGetAuditMode is `direct`.
51-
Therefore, setting [SdkAnalysisLevel](/dotnet/core/project-sdk/msbuild-props#sdkanalysislevel) to `8.0.400` changes the default value of NuGetAuditMode accordingly.
52-
5350
#### Audit Sources
5451

5552
Restore downloads a server's [`VulnerabilityInfo` resource](../api/vulnerability-info.md) to check against the list of packages each project is using.

docs/release-notes/NuGet-6.12.md

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,9 @@ ms.topic: conceptual
77

88
# NuGet 6.12 Release Notes
99

10+
> [!NOTE]
11+
> In response to developers' feedback to ensure builds continuity when updating to .NET SDK 9, we have reverted the default value of NuGetAuditMode to `direct` in Visual Studio 17.12.3 and .NET 9.0.101.
12+
1013
NuGet distribution vehicles:
1114

1215
| NuGet version | Available in Visual Studio version | Available in .NET SDK(s) |

0 commit comments

Comments
 (0)