Create region headings & Audit Sources is collapsed until needed in VS Options (#7010)

Author: donnie-msft

src/NuGet.Clients/NuGet.PackageManagement.VisualStudio/Options/PackageSourcesPage.cs

@@ -18,9 +18,10 @@ namespace NuGet.PackageManagement.VisualStudio.Options
     public class PackageSourcesPage : NuGetExternalSettingsProvider, IExternalSettingValidator
     {
         internal const bool DefaultNuGetAudit = false;
-        internal const string MonikerPackageSources = "packageSources";
-        internal const string MonikerAuditSources = "auditSources";
-        internal const string MonikerMachineWideSources = "machineWidePackageSources";
+        internal const string MonikerPackageSources = "packageSources.notMachineWide";
+        internal const string MonikerAuditSources = "nuGetAudit.auditSources";
+        internal const string MonikerNuGetAudit = "nuGetAudit.enableCheckbox";
+        internal const string MonikerMachineWideSources = "machineWide.machineWidePackageSources";
         internal const string MonikerPackageSourceId = "packageSourceId"; // Unique identifier for the package source
         internal const string MonikerSourceName = "sourceName";
         internal const string MonikerSourceUrl = "sourceUrl";
@@ -69,6 +70,17 @@ public override async Task<ExternalSettingOperationResult<T>> GetValueAsync<T>(s
 
                         return GetValuePackageSources<T>(packageSources);
                     }
+                case MonikerNuGetAudit:
+                    {
+                        var auditSources = await Task.Run(
+                            () => LoadAuditSources(),
+                            cancellationToken);
+                        if (auditSources.Count > 0)
+                        {
+                            return await ConvertValueOrThrow<T>(true);
+                        }
+                        return await ConvertValueOrThrow<T>(DefaultNuGetAudit);
+                    }
                 case MonikerAuditSources:
                     {
                         var auditSources = await Task.Run(
@@ -103,6 +115,8 @@ public override async Task<ExternalSettingOperationResult> SetValueAsync<T>(stri
 
                 switch (moniker)
                 {
+                    case MonikerNuGetAudit:
+                        return (ExternalSettingOperationResult)ExternalSettingOperationResult.Success.Instance;
                     case MonikerPackageSources:
                         var packageSourcesList = (IReadOnlyList<IDictionary<string, object>>)value;
                         return await Task.Run(

src/NuGet.Clients/NuGet.Tools/Resources.Designer.cs

@@ -261,4 +261,10 @@
   <data name="Text_AuditSources_Title" xml:space="preserve">
     <value>Audit sources</value>
   </data>
+  <data name="Text_AuditSources_Checkbox" xml:space="preserve">
+    <value>Use separate sources for vulnerability audit</value>
+  </data>
+  <data name="Text_MachineWidePackageSource_Description" xml:space="preserve">
+    <value>Machine‑wide package sources are provisioned by Visual Studio workloads and can only be enabled or disabled.</value>
+  </data>
 </root>

src/NuGet.Clients/NuGet.Tools/Resources.resx

@@ -130,7 +130,7 @@
     <value>NuGet Package Manager</value>
   </data>
   <data name="114" xml:space="preserve">
-    <value>Package Sources</value>
+    <value>Sources</value>
   </data>
   <data name="115" xml:space="preserve">
     <value>General</value>
@@ -156,4 +156,4 @@
   <data name="4" xml:space="preserve">
     <value>plk</value>
   </data>
-</root>
+</root>

src/NuGet.Clients/NuGet.Tools/VSPackage.resx

@@ -132,6 +132,11 @@
         <target state="translated">Povolit nezabezpečená připojení</target>
         <note />
       </trans-unit>
+      <trans-unit id="Text_AuditSources_Checkbox">
+        <source>Use separate sources for vulnerability audit</source>
+        <target state="new">Use separate sources for vulnerability audit</target>
+        <note />
+      </trans-unit>
       <trans-unit id="Text_AuditSources_Description">
         <source>Audit sources provide vulnerability data during restore without acting as package sources. If no audit sources are configured, NuGet Audit uses package sources. [Learn more about audit sources](https://learn.microsoft.com/nuget/reference/nuget-config-file#auditsources)</source>
         <target state="translated">Zdroje auditu poskytují během obnovování data ohrožení zabezpečení, aniž by se chovaly jako zdroje balíčků. Pokud nejsou nakonfigurované žádné zdroje auditu, NuGet Audit použije zdroje balíčků. [Další informace o zdrojích auditu](https://learn.microsoft.com/nuget/reference/nuget-config-file#auditsources)</target>
@@ -172,6 +177,11 @@
         <target state="translated">Zdroje HTTP nejsou bezpečné. Zvažte místo toho použití protokolu HTTPS. Možnost AllowInsecureConnections je povolená a umožňuje přístup HTTP. Pro bezpečnější možnosti navštivte [https://aka.ms/nuget-https-everywhere](https://aka.ms/nuget-https-everywhere).</target>
         <note />
       </trans-unit>
+      <trans-unit id="Text_MachineWidePackageSource_Description">
+        <source>Machine‑wide package sources are provisioned by Visual Studio workloads and can only be enabled or disabled.</source>
+        <target state="new">Machine‑wide package sources are provisioned by Visual Studio workloads and can only be enabled or disabled.</target>
+        <note />
+      </trans-unit>
       <trans-unit id="Text_PackageSourceEnabled_Header">
         <source>Enabled</source>
         <target state="translated">Povoleno</target>

src/NuGet.Clients/NuGet.Tools/xlf/Resources.cs.xlf

@@ -132,6 +132,11 @@
         <target state="translated">Unsichere Verbindungen zulassen</target>
         <note />
       </trans-unit>
+      <trans-unit id="Text_AuditSources_Checkbox">
+        <source>Use separate sources for vulnerability audit</source>
+        <target state="new">Use separate sources for vulnerability audit</target>
+        <note />
+      </trans-unit>
       <trans-unit id="Text_AuditSources_Description">
         <source>Audit sources provide vulnerability data during restore without acting as package sources. If no audit sources are configured, NuGet Audit uses package sources. [Learn more about audit sources](https://learn.microsoft.com/nuget/reference/nuget-config-file#auditsources)</source>
         <target state="translated">Überwachungsquellen liefern während der Wiederherstellung Sicherheitsrisikodaten, ohne als Paketquellen zu fungieren. Wenn keine Überwachungsquellen konfiguriert sind, verwendet NuGet Audit Paketquellen. [Weitere Informationen zu Überwachungsquellen](https://learn.microsoft.com/nuget/reference/nuget-config-file#auditsources)</target>
@@ -172,6 +177,11 @@
         <target state="translated">HTTP-Quellen sind unsicher. Erwägen Sie stattdessen die Verwendung von HTTPS. „AllowInsecureConnections“ ist aktiviert und erlaubt den HTTP-Zugriff. Sicherere Optionen finden Sie unter [https://aka.ms/nuget-https-everywhere](https://aka.ms/nuget-https-everywhere).</target>
         <note />
       </trans-unit>
+      <trans-unit id="Text_MachineWidePackageSource_Description">
+        <source>Machine‑wide package sources are provisioned by Visual Studio workloads and can only be enabled or disabled.</source>
+        <target state="new">Machine‑wide package sources are provisioned by Visual Studio workloads and can only be enabled or disabled.</target>
+        <note />
+      </trans-unit>
       <trans-unit id="Text_PackageSourceEnabled_Header">
         <source>Enabled</source>
         <target state="translated">Aktiviert</target>

src/NuGet.Clients/NuGet.Tools/xlf/Resources.de.xlf

@@ -132,6 +132,11 @@
         <target state="translated">Permitir conexiones no seguras</target>
         <note />
       </trans-unit>
+      <trans-unit id="Text_AuditSources_Checkbox">
+        <source>Use separate sources for vulnerability audit</source>
+        <target state="new">Use separate sources for vulnerability audit</target>
+        <note />
+      </trans-unit>
       <trans-unit id="Text_AuditSources_Description">
         <source>Audit sources provide vulnerability data during restore without acting as package sources. If no audit sources are configured, NuGet Audit uses package sources. [Learn more about audit sources](https://learn.microsoft.com/nuget/reference/nuget-config-file#auditsources)</source>
         <target state="translated">Los orígenes de auditoría proporcionan datos sobre vulnerabilidades durante la restauración sin actuar como orígenes de paquetes. Si no se configuran orígenes de auditoría, NuGet Audit utiliza orígenes de paquetes. [Más información sobre los orígenes de auditoría](https://learn.microsoft.com/nuget/reference/nuget-config-file#auditsources)</target>
@@ -172,6 +177,11 @@
         <target state="translated">Las fuentes HTTP no son seguras. Considere utilizar HTTPS en su lugar. 'AllowInsecureConnections' está habilitado, lo que permite el acceso HTTP. Para obtener opciones más seguras, consulte [https://aka.ms/nuget-https-everywhere](https://aka.ms/nuget-https-everywhere).</target>
         <note />
       </trans-unit>
+      <trans-unit id="Text_MachineWidePackageSource_Description">
+        <source>Machine‑wide package sources are provisioned by Visual Studio workloads and can only be enabled or disabled.</source>
+        <target state="new">Machine‑wide package sources are provisioned by Visual Studio workloads and can only be enabled or disabled.</target>
+        <note />
+      </trans-unit>
       <trans-unit id="Text_PackageSourceEnabled_Header">
         <source>Enabled</source>
         <target state="translated">Habilitado</target>

src/NuGet.Clients/NuGet.Tools/xlf/Resources.es.xlf

@@ -132,6 +132,11 @@
         <target state="translated">Autorisez les connexions non sécurisées</target>
         <note />
       </trans-unit>
+      <trans-unit id="Text_AuditSources_Checkbox">
+        <source>Use separate sources for vulnerability audit</source>
+        <target state="new">Use separate sources for vulnerability audit</target>
+        <note />
+      </trans-unit>
       <trans-unit id="Text_AuditSources_Description">
         <source>Audit sources provide vulnerability data during restore without acting as package sources. If no audit sources are configured, NuGet Audit uses package sources. [Learn more about audit sources](https://learn.microsoft.com/nuget/reference/nuget-config-file#auditsources)</source>
         <target state="translated">Les sources d’audit fournissent des données de vulnérabilité lors de la restauration sans agir comme sources de package. Si aucune source d’audit n’est configurée, NuGet Audit utilise les sources de package. [En savoir plus sur les sources d’audit](https://learn.microsoft.com/nuget/reference/nuget-config-file#auditsources)</target>
@@ -172,6 +177,11 @@
         <target state="translated">Les sources HTTP ne sont pas sécurisées. Envisagez d'utiliser HTTPS à la place. L'option « AllowInsecureConnections » est activée, ce qui permet l'accès au protocole HTTP. Pour des options plus sécurisées, consultez [https://aka.ms/nuget-https-everywhere](https://aka.ms/nuget-https-everywhere).</target>
         <note />
       </trans-unit>
+      <trans-unit id="Text_MachineWidePackageSource_Description">
+        <source>Machine‑wide package sources are provisioned by Visual Studio workloads and can only be enabled or disabled.</source>
+        <target state="new">Machine‑wide package sources are provisioned by Visual Studio workloads and can only be enabled or disabled.</target>
+        <note />
+      </trans-unit>
       <trans-unit id="Text_PackageSourceEnabled_Header">
         <source>Enabled</source>
         <target state="translated">Activé</target>

src/NuGet.Clients/NuGet.Tools/xlf/Resources.fr.xlf

@@ -132,6 +132,11 @@
         <target state="translated">Consentire connessioni non sicure</target>
         <note />
       </trans-unit>
+      <trans-unit id="Text_AuditSources_Checkbox">
+        <source>Use separate sources for vulnerability audit</source>
+        <target state="new">Use separate sources for vulnerability audit</target>
+        <note />
+      </trans-unit>
       <trans-unit id="Text_AuditSources_Description">
         <source>Audit sources provide vulnerability data during restore without acting as package sources. If no audit sources are configured, NuGet Audit uses package sources. [Learn more about audit sources](https://learn.microsoft.com/nuget/reference/nuget-config-file#auditsources)</source>
         <target state="translated">Le origini di controllo forniscono dati sulle vulnerabilità durante il ripristino senza svolgere la funzione di origini di pacchetti. Se non sono configurate origini di controllo, NuGet Audit usa origini di pacchetti. [Altre informazioni sulle origini di controllo](https://learn.microsoft.com/nuget/reference/nuget-config-file#auditsources)</target>
@@ -172,6 +177,11 @@
         <target state="translated">Le origini HTTP non sono sicure. Prendere in considerazione l’uso di HTTPS. ‘AllowInsecureConnections’ è abilitato e consente l’accesso HTTP. Per opzioni più sicure, vedere [https://aka.ms/nuget-https-everywhere](https://aka.ms/nuget-https-everywhere).</target>
         <note />
       </trans-unit>
+      <trans-unit id="Text_MachineWidePackageSource_Description">
+        <source>Machine‑wide package sources are provisioned by Visual Studio workloads and can only be enabled or disabled.</source>
+        <target state="new">Machine‑wide package sources are provisioned by Visual Studio workloads and can only be enabled or disabled.</target>
+        <note />
+      </trans-unit>
       <trans-unit id="Text_PackageSourceEnabled_Header">
         <source>Enabled</source>
         <target state="translated">Abilitato</target>

src/NuGet.Clients/NuGet.Tools/xlf/Resources.it.xlf

@@ -132,6 +132,11 @@
         <target state="translated">安全ではない接続を許可する</target>
         <note />
       </trans-unit>
+      <trans-unit id="Text_AuditSources_Checkbox">
+        <source>Use separate sources for vulnerability audit</source>
+        <target state="new">Use separate sources for vulnerability audit</target>
+        <note />
+      </trans-unit>
       <trans-unit id="Text_AuditSources_Description">
         <source>Audit sources provide vulnerability data during restore without acting as package sources. If no audit sources are configured, NuGet Audit uses package sources. [Learn more about audit sources](https://learn.microsoft.com/nuget/reference/nuget-config-file#auditsources)</source>
         <target state="translated">監査ソースは、パッケージ ソースとして機能することなく、復元中に脆弱性データを提供します。監査ソースが構成されていない場合、NuGet Audit はパッケージ ソースを使用します。[監査ソースに関する詳細情報](https://learn.microsoft.com/nuget/reference/nuget-config-file#auditsources)</target>
@@ -172,6 +177,11 @@
         <target state="translated">HTTP ソースは安全ではありません。代わりに HTTPS の使用を検討してください。'AllowInsecureConnections' が有効になっており、HTTP アクセスが許可されています。より安全なオプションについては、[https://aka.ms/nuget-https-everywhere](https://aka.ms/nuget-https-everywhere) を参照してください。</target>
         <note />
       </trans-unit>
+      <trans-unit id="Text_MachineWidePackageSource_Description">
+        <source>Machine‑wide package sources are provisioned by Visual Studio workloads and can only be enabled or disabled.</source>
+        <target state="new">Machine‑wide package sources are provisioned by Visual Studio workloads and can only be enabled or disabled.</target>
+        <note />
+      </trans-unit>
       <trans-unit id="Text_PackageSourceEnabled_Header">
         <source>Enabled</source>
         <target state="translated">有効</target>