dotnet nuget add source

       This article applies to: ✔️ .NET Core 3.1.200 SDK and later versions

NAME

       dotnet-nuget-add-source - Add a NuGet source.

              Use package sources that you trust.

SYNOPSIS

              dotnet nuget add source <PACKAGE_SOURCE_PATH> [--name <SOURCE_NAME>] [--username <USER>]
                  [--password <PASSWORD>] [--store-password-in-clear-text]
                  [--valid-authentication-types <TYPES>] [--configfile <FILE>] [--allow-insecure-connections]

              dotnet nuget add source -h|--help

DESCRIPTION

       The dotnet nuget add source command adds a new package source to your NuGet configuration files.

              [!WARNING]  When  adding  multiple  package  sources,  be  careful  not  to introduce a dependency
              confusion vulnerability.

ARGUMENTS

       • PACKAGE_SOURCE_PATH

         Path to the package source.

OPTIONS

       • --configfile <FILE>

         The NuGet configuration file (nuget.config) to use.  If specified, only the  settings  from  this  file
         will  be  used.  If not specified, the hierarchy of configuration files from the current directory will
         be used.  For more information, see Common NuGet Configurations.

       • --allow-insecure-connections

         Allows HTTP connections for adding or updating packages.  This method is not secure.   Available  since
         .NET 9 SDK.

       • -n|--name <SOURCE_NAME>

         Name of the source.

       • -p|--password <PASSWORD>

         Password to be used when connecting to an authenticated source.

         Be  aware that encrypted passwords are only supported on Windows.  Moreover, they can only be decrypted
         on the same machine and by the same user who originally encrypted them.

       • --store-password-in-clear-text

         Enables storing portable package source credentials by disabling password encryption.

         [!WARNING] Storing passwords in clear text is strongly discouraged.  For more information  on  managing
         credentials securely, refer to the security best practices for consuming packages from private feeds.

       • -u|--username <USER>

         Username to be used when connecting to an authenticated source.

       • --valid-authentication-types <TYPES>

         Comma-separated  list  of  valid authentication types for this source.  Set this to basic if the server
         advertises NTLM or Negotiate and your credentials must be sent using the Basic mechanism, for  instance
         when using a PAT with on-premises Azure DevOps Server.  Other valid values include negotiate, kerberos,
         ntlm, and digest, but these values are unlikely to be useful.

EXAMPLES

       • Add nuget.org as a source:

                dotnet nuget add source https://api.nuget.org/v3/index.json -n nuget.org

       • Add c:\packages as a local source:

                dotnet nuget add source c:\packages

       • Add a source that needs authentication:

                dotnet nuget add source https://someServer/myTeam -n myTeam -u myUsername -p myPassword

       • Add a source that needs authentication (then go install credential provider):

                dotnet nuget add source https://azureartifacts.microsoft.com/myTeam -n myTeam

SEE ALSO

       • Security best practices for managing package source credentials

       • Package source sections in NuGet.config files

       • sources command (nuget.exe)

                                                   2024-10-02                         dotnet-nuget-add-source(1)