[5.1] Move NuGet.config to the root + add vuln info#3123
Conversation
| <NuGetCmd>$(NuGetRoot)nuget.exe</NuGetCmd> | ||
| <!-- Respect environment variable for the .NET install directory if set; otherwise, use the current default location --> | ||
| <TreatWarningsAsErrors>true</TreatWarningsAsErrors> | ||
| <WarningsNotAsErrors>$(WarningsNotAsErrors);NU1901;NU1902;NU1903;NU1904;NU1905</WarningsNotAsErrors> |
There was a problem hiding this comment.
@cheenamalhotra doesn't this cause the CI build to pass even if there are dependency vulnerability warnings?
There was a problem hiding this comment.
I believe it enables us and open source contributors to capture warnings and address vulnerabilities when feasible without breaking builds. For any high/critical vulnerability, it will be captured by CG anyways so we will be addressing them on priority.
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## release/5.1 #3123 +/- ##
===============================================
+ Coverage 71.96% 71.99% +0.03%
===============================================
Files 293 293
Lines 61647 61647
===============================================
+ Hits 44364 44385 +21
+ Misses 17283 17262 -21
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
Ports PRs: #2443 and #3024 to release/5.1 branch