NuGet Blog

NuGet Package Signing

September 14, 2017

In our NuGet Fall 2017 Roadmap, we highlighted security as the main area of investment over the next few months. This blog post describes a major part of that roadmap in greater detail – package signing. We started talking about supporting signed packages on NuGet.org a while ago. For example, in 2015 we published a post on Package Signing as well as a related specification from the ASP.NET team, and more recently we described package signing as a part of our future plans in the post on NuGet Package Identity and Trust. We´ve received some great feedback from our various [...]

Read more...

Changes to NuGet.org service management, and performance improvements in China

September 07, 2017

NuGet.org, the package manager for .NET, was purpose-built as a global service with high scale performance regardless of the developer’s location. We are finding that this is not always the case, particularly for developers accessing the service from China, which is the second largest region for .NET developers. They frequently face higher download times resulting in poor restore performance and service outages. We have been actively investigating solutions to this problem. Based on our tests, developers in China should see up to 30x improvement in package download times and on average, a 10x improvement in overall package restore time. The [...]

Read more...

What's Nu in NuGet with Visual Studio 2017 version 15.3?

August 15, 2017

We are happy to announce an update to the NuGet client that comes bundled with Visual Studio 2017 version 15.3 RTW and .NET Core 2.0 SDK. This release introduces support for new scenarios such as .NET Core 2.0/.NET Standard 2.0, some new features, a series of bug fixes and performance improvements. You can see more details, known issues and workarounds associated with this release in our release notes. Here are some links to get started with using the latest NuGet functionality: Visual Studio 2017 version 15.3 .NET Core 2.0 NuGet.exe Visual Studio 2015 – NuGet Package Manager update (v3.6.0) TL;DR [...]

Read more...

NuGet Fall 2017 Roadmap

August 09, 2017

Over the past 6 months, the NuGet team has been working hard to ensure the growth of the .NET ecosystem. NuGet has grown significantly during this timeframe: NuGet.org is closing in on 4 billion packages served (up from a billion packages just a year ago), we have enabled new .NET scenarios such as .NET Standard 2.0, and have improved the overall user experience of package authors and consumers using the service. Yet, a lot more remains to be done. Along the way, we made some mistakes that our community has rightfully called us out on. We made changes to the [...]

Read more...

NuGet.org Gets a Facelift

July 18, 2017

It’s been a long time coming, and today we are excited to announce some big changes coming to NuGet.org. With almost 3 million monthly page views, NuGet.org is the gateway for .NET developers to find packages that accelerate their projects. However, as a package management website, so much more can be done. We decided to give NuGet.org a redesign and use it as a platform to build out new functionality. We’ve already begun to pull in a couple of new features, and have a bunch in the pipeline or planned for the future. In this post, we’ll discuss 3 things: [...]

Read more...

NuGet Package Identity and Trust

April 17, 2017

Update on 10/16/2017: Package ID Prefix Reservation is now live. The documentation can be found here. We want to start this post with a huge thanks to you, the NuGet community. Over the last several months we have been talking to many of you to get feedback on NuGet package identity and trust. We’ve learned so much from you and we hope that what we have planned addresses some of the top concerns you have expressed to us. One of the recurring messages we heard from you is that it is difficult to determine the origin of a package. More [...]

Read more...

NuGet is now fully integrated into MSBuild

March 16, 2017

In the past, NuGet packages were managed in two different ways - packages.config and project.json - each with their own sets of advantages and limitations. With Visual Studio 2017 and .NET Core, we have improved the NuGet package management experience by introducing the PackageReference feature in MSBuild. PackageReference brings new and improved capabilities such as deep MSBuild integration, improved performance for everyday tasks such as install and restore, multi-targeting and more. Try out PackageReference today! To get a piece of the PackageReference goodness, download Visual Studio 2017 and create a .NET Standard class library or .NET Core project. These projects [...]

Read more...

Announcing NuGet 4.0 RTM

March 08, 2017

Visual Studio 2017 comes with NuGet 4.0 which adds support for .NET Core, has a bunch of quality fixes and improves performance. This release also brings several improvements like support for PackageReference, NuGet commands as MSBuild targets, background package restores, and more. Downloads Visual Studio 2017 RTM is available for download here. The NuGet Package Manager extension is already built-in, so you do not have to install or update it. NuGet.exe 4.0 is also available for download as a separate component, here. NuGet Package Manager Extension in Visual Studio 2017 Starting with NuGet 4.0 in Visual Studio 2017, the NuGet [...]

Read more...

Introducing scoped API keys

February 02, 2017

Update 2/14 (05:00 PM PST): This feature is now live! Login to your nuget account and expand the API Keys section to see the new experience. Since last year, we have been working on several fronts to advance NuGet as a secure environment for package distribution. This post describes an experience that will allow you to have better control of API keys that you use to push packages. Please note that this experience is currently only available on our staging environment and will be deployed to Nuget.org once we have incorporated your feedback, as described below. Feature summary This feature [...]

Read more...

NuGet - Ending Windows XP support

January 19, 2017

At NuGet, we are constantly improving our security. One of the steps we are taking is to move our HTTPS end points to meet industry standards for algorithms and protocols. This means that connecting to nuget.org services from machines that don’t support modern cipher algorithms will no longer be supported (such as TLS 1.0 support in Windows XP). Windows XP reached end of OS support on April 8, 2014, and does not meet this minimum requirement. Therefore, we plan to end NuGet support for Windows XP on April 8, 2017. After support is discontinued, you will no longer be able [...]

Read more...

Previous |