Showing results for October 2014 - .NET Blog

Microsoft Security Bulletin MS14-059 – Important: Vulnerability in ASP.NET MVC Could Allow Security Feature Bypass (2990942) This is the first release from Microsoft that uses Security Updates for .NET NuGet Libraries Support. This feature enables Microsoft to update app-deployed .NET NuGet libraries, for machines with the .NET Framework 4.5...

We are releasing a preview of ASP.NET Identity 2.2.0-alpha1. The main focus in this release was to fix bugs and address performance issues.Download this releaseYou can download ASP.NET Identity from the NuGet gallery. You can install or update these packages using the NuGet Package Manager Console, like this:Install-Package Microsoft.AspNet.Identit...

As we work on the designs for getting NuGet in the platform, it has become clear that NuGet needs better support for carrying arbitrary artifacts in packages and exposing them for consumption after the initial package installation. Conventional Manifests Since NuGet's initial release, it has supported conventional manifests and only a few concept...

Microsoft just released a new security update to be automatically applied to machines configured to use Microsoft Update.  The security bulletin is available here: https://technet.microsoft.com/en-us/library/security/ms14-059Unfortunately, some ASP.NET MVC 3 and 4 VS projects can no longer build after the update is applied. These projects will...

Today, the Visual Studio team announced the release of Visual Studio 2013 Update 4 RC.  Our team added a few useful features and did some bug fixing in this update to improve the web development experience. Microsoft ASP.NET and Web Tools 2013.4 RC JSON Editor Improvement We made a few improvements in the JSON editor, including performance ...

I recently declared that NuGet is "Broken By Design." Now, that was hyperbolic; I don't really think NuGet is broken. In fact, I'm very pleased with NuGet (and proud of it). But I wanted to make the point that NuGet's approach both earned it success but also came at a cost. NuGet can't presently offer some expected package management features becau...

The .NET team released a security bulletin today as part of the monthly “patch Tuesday” cycle. Microsoft Security Bulletin MS14-057 - Critical, Vulnerabilities in the .NET Framework could allow remote code execution (3000414)  This security update resolves three privately reported vulnerabilities in Microsoft .NET Framework. The ...

The NuGet packages for Microsoft.ASPNET.Facebook 1.1 are now live on the NuGet gallery!Download this releaseYou can install or update the NuGet packages for Microsoft.ASPNET.Facebook 1.1 using the NuGet Package Manager Console, like this: What’s in this release?In this release, we enabled better support for the Safari browser and added a n...

In VS2013 RTM, we shipped a not well known feature for _references.js file: /// <autosync enabled="true" />. If we specify /// <autosync enabled="true" /> in the beginning of ~/scripts/_references.js, then any addition, rename, deletion of JavaScript files in the project will automatically change the content in thi...

On January 13, 2011, NuGet 1.0 was released with ASP.NET MVC 3. On June 19, 2012, NuGet 2.0 shipped in the box with all editions of Visual Studio 2012 (including the free ones). That was a little over 2 years ago, and NuGet's adoption has been steadily increasing since then. Here are some interesting figures for recent NuGet usage from nuget.org: ...