NuGet Error NU3034
Package 'SamplePackage v1.0.0' from source 'https://contoso.com/index.json': signatureValidationMode is set to require, so packages are allowed only if signed by trusted signers; however, no trusted signers were specified.
Package 'SamplePackage v1.0.0' from source 'https://contoso.com/index.json': The package signature certificate fingerprint does not match any certificate fingerprint in the allow list.
Package 'SamplePackage v1.0.0' from source 'https://contoso.com/index.json': This repository indicated that all its packages are repository signed; however, it listed no signing certificates.
Package 'SamplePackage v1.0.0' from source 'https://contoso.com/index.json': This package was not repository signed with a certificate listed by this repository.
Issue
There is a missing allow list, or the package signer does not match any signer in the list. This list could either be sent by the repository or specified in the trustedSigners section of the nuget.config.
Solution
If in require mode, only packages signed by a trusted signer will pass validation. Otherwise, contact the repository where this was downloaded from to let them know they have a package that does not comply with the repository signing security guidelines.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for