Proj0306: Avoid local package sources

Package sources should be verifiable and reliable. A local package source is most likely neither of those.

Non-compliant 

<configuration>

  <packageSources>
    <clear />
    <add key="nuget.org" value="C:/NuGet/packages" />
  </packageSources>

</configuration>

Compliant 

<configuration>

  <packageSources>
    <clear />
    <add key="nuget.org" value="https://api.nuget.org/v3/index.json" />
  </packageSources>

</configuration>

Edit this page on GitHub.