Improve the auditing documentation by making it more prescriptive

[nkolev92]

This is being done as per our discussion during the preparedness meeting.

Makes things more assertive for the exclusion of advisories.
I think there are more improvements that can be done here, but those might be more significant and harder to follow.
Summary of the changes I've done:

• Call out that audit sources are supported in 7.0.
• Move ExcludingAdivisories below Warning Codes. The ordering is based on the idea is that warning codes are a more basic concept than advisory
• Move the running audit in CI section to the bottom. Move the what to do in case of advisory section higher in the doc.
• Add details about when to use NuGetAuditSuppress.

[learn-build-service-prod]

Learn Build status updates of commit 65590c7:

✅ Validation status: passed

File	Status	Preview URL	Details
docs/concepts/Auditing-Packages.md	✅Succeeded	View

For more details, please refer to the build report.

[Copilot]

Pull Request Overview

This PR reorganizes the Auditing Packages documentation to improve logical flow and readability. The changes focus on restructuring content without altering the core information provided.

• Moves the "Excluding advisories" section to follow the "Warning codes" section for better contextual placement
• Relocates the "Running NuGet Audit in CI" section toward the end of the document
• Updates a table entry to reference NuGet 7.0 and Visual Studio 2026
• Adds a new subsection explaining when to exclude advisories
• Consolidates MCP server information into the existing list of remediation options

[learn-build-service-prod]

Learn Build status updates of commit 438f87c:

✅ Validation status: passed

File	Status	Preview URL	Details
docs/concepts/Auditing-Packages.md	✅Succeeded	View

For more details, please refer to the build report.

[learn-build-service-prod]

Learn Build status updates of commit 6330b5a:

✅ Validation status: passed

File	Status	Preview URL	Details
docs/concepts/Auditing-Packages.md	✅Succeeded	View

For more details, please refer to the build report.

[learn-build-service-prod]

PoliCheck Scan Report

The following report lists PoliCheck issues in PR files. Before you merge the PR, you must fix all severity-1 and severity-2 issues. The AI Review Details column lists suggestions for either removing or replacing the terms. If you find a false positive result, mention it in a PR comment and include this text: #policheck-false-positive. This feedback helps reduce false positives in future scans.

✅ No issues found

More information about PoliCheck

Information: PoliCheck | Severity Guidance | Term
For any questions: Try searching the learn.microsoft.com contributor guides or post your question in the Learn support channel.

[jebriede]

LGTM!

[learn-build-service-prod]

PoliCheck Scan Report

The following report lists PoliCheck issues in PR files. Before you merge the PR, you must fix all severity-1 and severity-2 issues. The AI Review Details column lists suggestions for either removing or replacing the terms. If you find a false positive result, mention it in a PR comment and include this text: #policheck-false-positive. This feedback helps reduce false positives in future scans.

✅ No issues found

More information about PoliCheck

Information: PoliCheck | Severity Guidance | Term
For any questions: Try searching the learn.microsoft.com contributor guides or post your question in the Learn support channel.

[learn-build-service-prod]

Learn Build status updates of commit 6a5e8af:

✅ Validation status: passed

File	Status	Preview URL	Details
docs/concepts/Auditing-Packages.md	✅Succeeded	View

For more details, please refer to the build report.