NuGet Configuration Settings

There are a bunch of NuGet configuration values which can be set via the nuget.config file. Below is the summary of the NuGet config keys and their usage.

Settings Key Name Description
Repository path "repositoryPath" Allows you to install the NuGet packages in the specified folder, instead of the default "$(Solutiondir)\Packages" folder.
This key can be added to the NuGet.config file manually or using the NuGet.exe Config -Set command.
More details here.

    <config>
     <add key="repositorypath" value="C:\Temp" />
    </config>
    
Package Restore "enabled" and "automatic" under the section "packageRestore" Allows you to restore missing packages from the NuGet source during build.
The environment variable "EnableNuGetPackageRestore" with a value of "true" can be used in place of the "enabled" key in the config file.
More details here.

    <packageRestore>
        <!-- Allow NuGet to download missing packages -->
        <add key="enabled" value="True" />

        <!-- Automatically check for missing packages during build in Visual Studio -->
        <add key="automatic" value="True" />
    </packageRestore>
    
Package sources "activePackageSource" , "packageSources" , "disabledPackageSources" Allows you to specify the list of sources to be used while looking for packages.
- "PackageSources" section has the list of package sources.
- "DisabledPackageSources" has the list of sources which are currently disabled currently.
- "ActivePackageSource" points to the currently active source. Speciying "(Aggregate source)" as the source value would imply that all the current package sources except for the disabled ones are active.

The values can be added to the config file directly or using the package manager settings UI ( which would in turn update the NuGet.config file) or using the NuGet.exe Sources command.

    <packageSources>
        <add key="NuGet official package source" value="https://nuget.org/api/v2/" />
        <add key="TestSource" value="C:\Temp" />
    </packageSources>
    <disabledPackageSources />
    <activePackageSource>
        <add key="All" value="(Aggregate source)"  />
    </activePackageSource>
    
Source control integration "disableSourceControlIntegration" under section "solution" Allows you to disable source control integration for the "Packages" folder. This key works at the solution level and hence need to be added to the NuGet.config file present in the "$(SolutionDir)\.nuget directory". Enabling package restore from VS would add the .nuget\nuget.config file automatically. More details here.
The default value for this key is true.

    <solution>
        <add key="disableSourceControlIntegration" value="true" />
    </solution>
    
Proxy settings "http_proxy" , "http_proxy.user", "http_proxy.password" Allows you to set the proxy settings to be used while connecting to your NuGet feed. More details here.
This key can be added using NuGet.exe Config -Set command.

It can also be set via environment variable "http_proxy". While setting env variable, the value should be specified in the format 'http://[username]:[password]@proxy.com'. Note, the "http_proxy.password" key value is encrypted before storing in the nuget.config file. Hence it can not be added manually by directly updating the config file.
Credentials for package source "Username", "Password" and "ClearTextPassword" under section "packageSourceCredentials" Allows you to set the credentials to access the given package source.
This key has to be set using the NuGet.exe Sources command.
The default behavior is to store the password encrypted in the config file.

NuGet.exe Sources Add -Name <feedName> -Source <pathToPackageSource> -UserName xxx -Password <secret>
NuGet.exe Sources Update -Name <feedName> -Source <pathToPackageSource> -UserName xxx -Password <secret>

This results in something similar to this:

        <packageSourceCredentials>
            <feedName>
                <add key="Username" value="xxx" />
                <add key="Password" value="...encrypted..." />
            </feedName>
        </packageSourceCredentials>
    
If you want to share the credentials with others then you might want to use the -StorePasswordInClearText option to disable password encryption.
Using this option allows you to store the password in clear text, for instance in your solution-local nuget.config using the new -Config option, and commit it to your VCS.

NuGet.exe Sources Add -Name <feedName> -Source <pathToPackageSource> -UserName xxx -Password <secret> -StorePasswordInClearText -Config <path to nuget.config>
NuGet.exe Sources Update -Name <feedName> -Source <pathToPackageSource> -UserName xxx -Password <secret> -StorePasswordInClearText -Config <path to nuget.config>

This results in something more readable (or even manually configurable):

        <packageSourceCredentials>
            <feedName>
                <add key="Username" value="xxx" />
                <add key="ClearTextPassword" value="secret" />
            </feedName>
        </packageSourceCredentials>
    
API Key to access package source Allows you to set the API Key corresponding to a specific package source.
This key has to be set via NuGet -SetApiKey.