The NuGet Blog

The latest news, updates, and insights from the NuGet team will permanently remove support for TLS 1.0 and 1.1 on June 15th
Last November, we shared our two-stage plan for deprecating TLS 1.0/1.1 on in which we stated that the permanent removal of TLS 1.0/1.1 support would occur in April 2020. However, in April, to avoid disrupting customers in the midst of the COVID-19 pandemic, we announced that we would continue to support TLS 1.0/1.1 until further not Security Illustration will continue to support TLS 1.0 and 1.1 until further notice
Last November, we shared our two-stage plan for deprecating TLS 1.0/1.1 on and actions you can take today to ensure your systems use TLS 1.2. In that post, we announced that would remove support for TLS 1.0/1.1 in April 2020. However, since then, our customers have faced a variety of challenges in the wake of the COVID-19 p
Deprecating TLS 1.0 and 1.1 on
co-authored by Scott Bommarito At Microsoft, using the latest and secure encryption techniques is very important to us to ensure the security and privacy of our customers. TLS 1.0 and TLS 1.1, released in 1999 and 2006 respectively, are known to be vulnerable to a number of attacks including POODLE and BEAST. In the past, we removed support f
Deprecating packages on
We are excited to announce that now supports package deprecation. This has been a long standing ask that will help the ecosystem use supported packages. As a package publisher on, you can now deprecate packages that are obsolete, legacy, or buggy. You can also suggest an alternate package to your deprecated package. This le
New and improved NuGet Search is here!
It’s been a long time coming, and today we are excited to announce the new and improved search on leveraging Azure Search. We want to start this post with a huge thanks to you, the NuGet community, for providing feedback. We have aggregated all feedback around search result relevance into one mega issue. We used this as the startin
Surfacing GitHub Usage for packages on
There are several criteria you can use today to evaluate NuGet packages. We received feedback that you would like even more information to help choose the right packages. We're excited to introduce GitHub Usage on, which allows you to explore top GitHub repositories that depend on the package you are looking at. Why surface GitHub
NuGet Spring 2019 Roadmap
We published our last NuGet roadmap in June last year. Many of the features announced were major additions to NuGet and we have been hard at work to implement those over the last few months. In this post, we will start by summarizing the features we have completed and then peek into the next wave of work planned. Looking back Here are some f
Enable repeatable package restores using a lock file
With PackageReference, NuGet always tries to produce the same closure of package dependencies if the input package reference list has not changed. However, there are a few scenarios where it may not be able to do so. While these cases are limited, we received multiple requests to completely lock down the full package dependency graph for proje
Lock down your dependencies using configurable trust policies
For the past several months we have focused on various features to improve package security and trust. Around a year back, we had announced our plans on various signing functionalities that we have been implementing at a steady pace. We enabled package author signing and repository signing earlier this year. Continuing on the signing
Improved package debugging experience with the symbol server
Starting today, you can publish symbol packages to the symbol server. With as a single service provider for libraries and symbols, package authors and consumers will have a streamlined publishing and consumption experience. With a single place for managing authentication and identity, you can be sure that both the package a