.NET project file analyzers community

Proj0004: Run NuGet security audits automatically

When enabled, GitHub’s vulnerability database is consulted to check for security issues that come with using any of the referenced packages.

More information: https://learn.microsoft.com/en-us/nuget/concepts/auditing-packages

Non-compliant

<Project Sdk="Microsoft.NET.Sdk">

  <PropertyGroup>
    <TargetFramework>net8.0</TargetFramework>
	<NuGetAudit>false</NuGetAudit>
  </PropertyGroup>

</Project>

Compliant

<Project Sdk="Microsoft.NET.Sdk">

  <PropertyGroup>
    <TargetFramework>net8.0</TargetFramework>
    <NuGetAudit>true</NuGetAudit>
  </PropertyGroup>

</Project>

This site is open source. Improve this page.