Merge pull request #3439 from NuGet/main

Merge to Live, June 2025

Author: nkolev92

docs/concepts/Security-Best-Practices.md

@@ -154,6 +154,27 @@ Being able to have information about your dependencies such as their license, tr
 
 For more information about Dependabot alerts & security updates, [see the following documentation](https://docs.github.com/en/github/managing-security-vulnerabilities/about-alerts-for-vulnerable-dependencies).
 
+## NuGet Configuration
+
+**📦 Package Consumer**
+
+Add a `nuget.config` file in the root of your project repository. This is considered a best practice as it promotes repeatability and ensures that different users have the same NuGet configuration.
+We recommend adding `clear` elements to ensure no user or machine specific configuration is applied. [Read more about how settings are applied](../consume-packages/configuring-nuget-behavior.md#how-settings-are-applied).
+
+For example:
+
+```xml
+<configuration>
+  <packageSources>
+    <clear />
+    <add key="nuget.org" value="https://api.nuget.org/v3/index.json" />
+  </packageSources>
+  <packageSourceMapping>
+    <clear />
+  </packageSourceMapping>
+</configuration>
+```
+
 ### NuGet feeds
 
 **📦 Package Consumer**

docs/consume-packages/Central-Package-Management.md

@@ -127,7 +127,7 @@ For an idea of how central package management may look like, refer to our [sampl
 
 You can automatically override a transitive package version even without an explicit top-level `<PackageReference />` by opting into a feature known as
 transitive pinning. This promotes a transitive dependency to a top-level dependency implicitly on your behalf when necessary.
-Note that downgrades are allowed when transitive pinning a package. If you attempt to pin a package to a lower version than the one requested by your dependencies, restore will raise a [NU1109](../reference/errors-and-warnings/NU1109.md) error.
+Note that downgrades are not allowed when transitive pinning a package. If you attempt to pin a package to a lower version than the one requested by your dependencies, restore will raise a [NU1109](../reference/errors-and-warnings/NU1109.md) error.
 
 You can enable this feature by setting the MSBuild property `CentralPackageTransitivePinningEnabled` to `true` in a project or in a `Directory.Packages.props`
 or `Directory.Build.props` import file:

docs/hosting-packages/Overview.md

@@ -1,6 +1,6 @@
 ---
 title: Overview of Hosting Your Own NuGet Feeds
-description: An overview of opens for hosting your own NuGet package feeds or galleries either locally or remotely.
+description: An overview of options for hosting your own NuGet package feeds or galleries either locally or remotely.
 author: JonDouglas
 ms.author: jodou
 ms.date: 3/2/2022

docs/nuget-org/nuget-org-faq.yml

@@ -90,12 +90,11 @@ sections:
           > NuGet.org recommends Alpine Linux users to upgrade to Alpine Linux 3.18.0 or newer. These versions support TCP fallback in the DNS resolver. If you use older versions of Alpine Linux that only support DNS over UDP, you may encounter DNS failures when accessing the [V3 API](https://learn.microsoft.com/nuget/nuget-org/overview-nuget-org#api-endpoint-for-nugetorg).
 
           If that version of NuGet client continues to fail, [contact support](https://www.nuget.org/policies/Contact) and provide additional connection troubleshooting information including:
-
+          - !!! Your geographical area
           - The package sources you're using
           - The version of NuGet client you're using
           - A restore log with detailed verbosity
           - MTR or a Fiddler traces (see below)
-          - Your geographical area
           - Whether your machine is behind a proxy or firewall?
           - Is your machine located on a cloud providers' data center (Azure, AWS etc)? If yes, please provide the name of the provider and the region.
 

docs/reference/errors-and-warnings/NU1701.md

@@ -15,9 +15,9 @@ f1_keywords:
 > Package 'packageId' was restored using 'TargetFrameworkA' instead the project target framework 'TargetFrameworkB'. This package may not be fully compatible with your project.
 
 ### Issue
-`PackageTargetFallback` / `AssetTargetFallback` was used to select assets from a package. The warning let users know that the assets may not be 100% compatible.
+`AssetTargetFallback` was used to select assets from a package. The warning let users know that the assets may not be 100% compatible.
 
 ### Solution
 Change the project's target framework to one that the package supports.
 
-[!INCLUDE [nugetsolver-tool](../../includes/nugetsolver-tool.md)]
+[!INCLUDE [nugetsolver-tool](../../includes/nugetsolver-tool.md)]