Skip to content

Update audit docs for .net 10 #3476

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Oct 7, 2025
Merged

Update audit docs for .net 10 #3476

merged 2 commits into from
Oct 7, 2025

Conversation

zivkan
Copy link
Member

@zivkan zivkan commented Oct 1, 2025

Fixes: NuGet/Home#14564

The docs were already updated to say that NuGetAuditMode has changed defaults when projects target .net 10 or higher. This PR updates the table giving an overview of features per version and adds a mention of dotnet package update --vulnerable.

@Copilot Copilot AI review requested due to automatic review settings October 1, 2025 07:13
@zivkan zivkan requested review from a team as code owners October 1, 2025 07:13
Copilot
Copilot AI reviewed Oct 1, 2025
View reviewed changes
Copy link
Contributor

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

Updates NuGet audit documentation to reflect .NET 10 changes, specifically the default behavior changes for NuGetAuditMode and new CLI commands for handling vulnerable packages.

  • Adds entry for NuGet 7.0/.NET 10 with default audit mode changes and new CLI command
  • Updates documentation date to reflect current changes
  • Enhances vulnerability remediation guidance with new dotnet package update --vulnerable command

Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.

@learn-build-service-prod Learn Build Service (PROD)
Copy link

PoliCheck Scan Report

The following report lists PoliCheck issues in PR files. Before you merge the PR, you must fix all severity-1 issues. Other issues are also a high priority. The AI Review Details column lists suggestions for either removing or replacing the terms. If you find a false positive result, mention it in a PR comment and include this text: #policheck-false-positive. This feedback helps reduce false positives in future scans.

✅ No issues found

More information about PoliCheck

Information: PoliCheck | Severity Guidance | Term
For any questions: Try searching the learn.microsoft.com contributor guides or post your question in the Learn support channel.

@learn-build-service-prod Learn Build Service (PROD)
Copy link

Learn Build status updates of commit 2df951e:

✅ Validation status: passed

File Status Preview URL Details
docs/concepts/Auditing-Packages.md ✅Succeeded View

For more details, please refer to the build report.

nkolev92
nkolev92 previously approved these changes Oct 1, 2025
View reviewed changes
donnie-msft
donnie-msft previously approved these changes Oct 1, 2025
View reviewed changes
@zivkan zivkan dismissed stale reviews from donnie-msft and nkolev92 via 85dfce6 October 3, 2025 03:43
@zivkan zivkan requested review from donnie-msft and nkolev92 October 3, 2025 03:44
@learn-build-service-prod Learn Build Service (PROD)
Copy link

PoliCheck Scan Report

The following report lists PoliCheck issues in PR files. Before you merge the PR, you must fix all severity-1 issues. Other issues are also a high priority. The AI Review Details column lists suggestions for either removing or replacing the terms. If you find a false positive result, mention it in a PR comment and include this text: #policheck-false-positive. This feedback helps reduce false positives in future scans.

✅ No issues found

More information about PoliCheck

Information: PoliCheck | Severity Guidance | Term
For any questions: Try searching the learn.microsoft.com contributor guides or post your question in the Learn support channel.

@learn-build-service-prod Learn Build Service (PROD)
Copy link

Learn Build status updates of commit 85dfce6:

✅ Validation status: passed

File Status Preview URL Details
docs/concepts/Auditing-Packages.md ✅Succeeded View

For more details, please refer to the build report.

@jeffkl jeffkl requested a review from seaniyer October 7, 2025 22:39
@zivkan zivkan merged commit f86c052 into main Oct 7, 2025
3 checks passed
@zivkan zivkan deleted the zivkan-audit branch October 7, 2025 23:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@nkolev92 nkolev92 nkolev92 approved these changes

@donnie-msft donnie-msft Awaiting requested review from donnie-msft

@seaniyer seaniyer Awaiting requested review from seaniyer

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Document NuGet Audit behavior for .NET 10

3 participants

@zivkan @nkolev92 @donnie-msft