dotnet nuget add source

       This article applies to: ✔️ .NET Core 3.1.200 SDK and later versions

NAME

       dotnet-nuget-add-source - Add a NuGet source.

              Use package sources that you trust.

SYNOPSIS

              dotnet nuget add source <PACKAGE_SOURCE_PATH> [--name <SOURCE_NAME>] [--username <USER>]
                  [--password <PASSWORD>] [--store-password-in-clear-text]
                  [--valid-authentication-types <TYPES>] [--configfile <FILE>] [--allow-insecure-connections]

              dotnet nuget add source -h|--help

DESCRIPTION

       The  dotnet nuget add source command adds a new package source to your NuGet configuration
       files.

              [!WARNING] When adding multiple package sources, be  careful  not  to  introduce  a
              dependency confusion vulnerability.

ARGUMENTS

       • PACKAGE_SOURCE_PATH

         Path to the package source.

OPTIONS

       • --configfile <FILE>

         The  NuGet  configuration  file  (nuget.config) to use.  If specified, only the settings
         from this file will be used.  If not specified, the  hierarchy  of  configuration  files
         from  the  current  directory  will  be  used.   For  more information, see Common NuGet
         Configurations.

       • --allow-insecure-connections

         Allows HTTP connections for adding or updating packages.  This  method  is  not  secure.
         Available since .NET 9 SDK.

       • -n|--name <SOURCE_NAME>

         Name of the source.

       • -p|--password <PASSWORD>

         Password to be used when connecting to an authenticated source.

         Be  aware  that  encrypted  passwords are only supported on Windows.  Moreover, they can
         only be decrypted on the same machine and by the  same  user  who  originally  encrypted
         them.

       • --store-password-in-clear-text

         Enables storing portable package source credentials by disabling password encryption.

         [!WARNING]   Storing  passwords  in  clear  text  is  strongly  discouraged.   For  more
         information on managing credentials securely, refer to the security best  practices  for
         consuming packages from private feeds.

       • -u|--username <USER>

         Username to be used when connecting to an authenticated source.

       • --valid-authentication-types <TYPES>

         Comma-separated  list  of valid authentication types for this source.  Set this to basic
         if the server advertises NTLM or Negotiate and your credentials must be sent  using  the
         Basic  mechanism,  for  instance  when using a PAT with on-premises Azure DevOps Server.
         Other valid values include negotiate, kerberos, ntlm, and digest, but these  values  are
         unlikely to be useful.

EXAMPLES

       • Add nuget.org as a source:

                dotnet nuget add source https://api.nuget.org/v3/index.json -n nuget.org

       • Add c:\packages as a local source:

                dotnet nuget add source c:\packages

       • Add a source that needs authentication:

                dotnet nuget add source https://someServer/myTeam -n myTeam -u myUsername -p myPassword

       • Add a source that needs authentication (then go install credential provider):

                dotnet nuget add source https://azureartifacts.microsoft.com/myTeam -n myTeam

SEE ALSO

       • Security best practices for managing package source credentials

       • Package source sections in NuGet.config files

       • sources command (nuget.exe)

                                            2024-10-02                 dotnet-nuget-add-source(1)