Secure Supply Chain Analysis flagged this repository as having some csproj files, but no nuget.config. I'm adding a nuget.config that is mostly boilerplate, but declares a single PackageSource, CppWinRT's internal Azure Artifacts feed, which has an upstream to nuget.org.
I'd like to avoid breaking local builds for non-MSFT folks, but NuGet feeds isn't exactly an area that I've dabbled with. If there's a non-MSFT person, or anybody with a machine that can't authenticate to https://microsoft.pkgs.visualstudio.com/_packaging/CppWinRT/nuget/v3/index.json, I'm interested to hear if you're able to build the csproj files in this repo.
While I was looking at NuGet stuff, I decided to modify the PR pipeline default to not publish to the internal feed. This can still be overridden if the user chooses.
Secure Supply Chain Analysis flagged this repository as having some csproj files, but no nuget.config. I'm adding a nuget.config that is mostly boilerplate, but declares a single PackageSource, CppWinRT's internal Azure Artifacts feed, which has an upstream to nuget.org.
I'd like to avoid breaking local builds for non-MSFT folks, but NuGet feeds isn't exactly an area that I've dabbled with. If there's a non-MSFT person, or anybody with a machine that can't authenticate to https://microsoft.pkgs.visualstudio.com/_packaging/CppWinRT/nuget/v3/index.json, I'm interested to hear if you're able to build the csproj files in this repo.
While I was looking at NuGet stuff, I decided to modify the PR pipeline default to not publish to the internal feed. This can still be overridden if the user chooses.