Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Revert changes to NuGetAuditMode defaults #13945

Closed
zivkan opened this issue Nov 19, 2024 · 1 comment · Fixed by NuGet/NuGet.Client#6161
Closed

Revert changes to NuGetAuditMode defaults #13945

zivkan opened this issue Nov 19, 2024 · 1 comment · Fixed by NuGet/NuGet.Client#6161
Assignees
@zivkan
Labels
Area:NuGetAudit Functionality:Restore Priority:1 High priority issues that must be resolved in the current sprint. Type:DCR Design Change Request
Milestone
6.12

Comments

@zivkan
Copy link
Member

zivkan commented Nov 19, 2024
edited by aortiz-msft
Loading

NuGet Product(s) Affected

Visual Studio Package Management UI, Visual Studio Package Manager Console, MSBuild.exe, dotnet.exe

Current Behavior

In .NET 9 preview 6, and VS 17.12 preview 1, we changed NuGetAuditMode to all, so it will report both transitive and direct packages with known vulnerabilities.

Desired Behavior

Restore .NET 8 SDK & VS 17.11's default to only report known vulnerabilities in directly referenced packages.
@zivkan zivkan added Priority:1 High priority issues that must be resolved in the current sprint. Type:DCR Design Change Request Functionality:Restore Area:NuGetAudit labels Nov 19, 2024
@zivkan zivkan self-assigned this Nov 19, 2024
@zivkan zivkan mentioned this issue Nov 19, 2024
Merged
3 tasks
@zivkan zivkan added this to the 6.12 milestone Nov 21, 2024
@zivkan zivkan closed this as completed Nov 21, 2024
@zivkan zivkan mentioned this issue Nov 25, 2024
Merged
3 tasks
@v-elenafeng v-elenafeng mentioned this issue Dec 2, 2024
Open
@WeihanLi
Copy link

WeihanLi commented Dec 6, 2024

Is it because it caused too many breaks?

# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees

@zivkan zivkan

Labels
Area:NuGetAudit Functionality:Restore Priority:1 High priority issues that must be resolved in the current sprint. Type:DCR Design Change Request
Projects
None yet
Milestone
6.12
Development

Successfully merging a pull request may close this issue.

Revert NuGetAuditMode to .NET 8 defaults NuGet/NuGet.Client
2 participants
@zivkan @WeihanLi