Update Nu1302 documentation with more information #3363
Conversation
|
Learn Build status updates of commit 89bcb2a: 💡 Validation status: suggestions
docs/reference/errors-and-warnings/NU1302.md
For more details, please refer to the build report. Note: Your PR may contain errors or warnings or suggestions unrelated to the files you changed. This happens when external dependencies like GitHub alias, Microsoft alias, cross repo links are updated. Please use these instructions to resolve them. For any questions, please:
|
|
|
||
| > You are running the 'restore' operation with an 'HTTP' source: myHttpSource. NuGet requires HTTPS sources. To use an HTTP source, you must explicitly set 'allowInsecureConnections' to true in your NuGet.Config file. Please refer to https://aka.ms/nuget-https-everywhere for more information. | ||
|
|
||
| ### Issue | ||
|
|
||
| `myHttpSource` is an insecure HTTP source. We recommend using HTTPS sources instead. | ||
| `myHttpSource` is an insecure HTTP source. We recommend using an HTTPS sources instead. |
There was a problem hiding this comment.
| `myHttpSource` is an insecure HTTP source. We recommend using an HTTPS sources instead. | |
| `myHttpSource` is an insecure HTTP source. We recommend using an HTTPS source instead. |
|
|
||
| ### Solution | ||
|
|
||
| This can be fixed either by removing the HTTP source or disabling HTTP Errors for the specific source by using `allowInsecureConnections` option in your [NuGet config file](../../reference/nuget-config-file.md). | ||
| #### Option 1: Update the Source to Use HTTPS | ||
| If possible, update the package source to use `https://` instead of `http://`: |
There was a problem hiding this comment.
Add space after each heading.
It's a good idea to install markdown lint to help you catch these issues.
| ``` | ||
|
|
||
| #### Option 3: Consult SDK Analysis Level | ||
| Ensure that the project’s `SdkAnalysisLevel` allows HTTP sources: |
There was a problem hiding this comment.
We should probably link to the actual SdkAnalysisLevel docs. Similar to how this is done in the NU19* codes.
The value can be explicitly set to
directto revert back to .NET 8's default. Alternatively, the propertySdkAnalysisLevelcan be set to8.0.400to temporarily disable all new warnings and errors introduced in newer versions of the SDK. Specifically in this case, the default value ofNuGetAuditModeis changed back todirect.
The following Ensure that the project’s SdkAnalysisLevel allows HTTP sources: makes me think SdkAnalysisLevel is about supporting, but it's really about previous behavior.
SdkAnalysisLevel won't always work. The primary motivator behind it is a temporary usage until you address the problem later, so let's rephrase is in a way to reflect that.
Fixes: NuGet/Home#13603