The NuGet Blog

How to Scan NuGet Packages for Security Vulnerabilities

drewgillies March 2, 2021 Mar 2, 2021 03/2/21

Today, we are announcing the public availability of NuGet’s vulnerability features that you can use to ensure your projects are vulnerability free and if not, to take action to securing your software supply chain.

State of the NuGet Ecosystem

Jiachen Jiang March 1, 2021 Mar 1, 2021 03/1/21

Recently, our team launched our first quarterly user survey for NuGet.org. With over 500 responses, we wanted to spend some time to share with you what we've learned in these last few months.

The NuGet.org repository signing certificate will be updated as soon as March 15th, 2021

Christopher Gill February 25, 2021 Feb 25, 2021 02/25/21

The current NuGet.org repository signing certificate will be updated as soon as March 15th, 2021. If you validate that packages are repository signed by NuGet.org, you will need to take steps to avoid disruptions when installing packages from NuGet.org.

Happy 10th Birthday, NuGet!

Christopher Gill January 13, 2021 Jan 13, 2021 01/13/21

NuGet 1.0 was released on January 13th, 2011 – 10 years and 4 major version releases ago. Since then, NuGet.org has grown to host a large and vibrant package ecosystem with over 230 thousand unique packages.

Custom V2 OData queries will be deprecated March 9, 2021

Jiachen Jiang December 2, 2020 Dec 2, 2020 12/2/20

We announced the deprecation of custom V2 OData queries (#37) last year and conducted a dry run in early November to ensure that there are no surprises for users. Going forward, we plan to bring all new features and improvements only to the newer V3 APIs. As part of this strategy, we will begin blocking select endpoints used by 3rd party ...

Getting Started With NuGet 5.8

Jon Douglas November 13, 2020 Nov 13, 2020 11/13/20

NuGet 5.8 is one of many releases in our .NET unification journey. Our NuGet tooling helps developers discover new .NET packages to use for their .NET applications, while making package management easier during your daily development.

The Microsoft author signing certificate will be updated as soon as November 1st, 2020

Christopher Gill October 22, 2020 Oct 22, 2020 10/22/20

The current Microsoft author signing certificate will be updated as soon as November 1st, 2020. If you validate that packages are author signed by Microsoft, you will need to take steps to avoid disruptions when installing Microsoft packages.

View dependent packages on NuGet.org

Christopher Gill August 20, 2020 Aug 20, 2020 08/20/20

We're excited to announce that you can now view dependent packages in the new Used By section on NuGet.org, yet another major improvement to the package evaluation experience!

Advanced search on NuGet.org

Mohamed Riad Gahlouz August 7, 2020 Aug 7, 2020 08/7/20

We are excited to announce that NuGet.org now supports one of our top customer asks - advanced search! You can now use a multitude of sorting and filtering criteria to help find the best NuGet packages for your needs!

NuGet.org will permanently remove support for TLS 1.0 and 1.1 on June 15th

Christopher Gill May 25, 2020 May 25, 2020 05/25/20

Last November, we shared our two-stage plan for deprecating TLS 1.0/1.1 on NuGet.org in which we stated that the permanent removal of TLS 1.0/1.1 support would occur in April 2020. However, in April, to avoid disrupting customers in the midst of the COVID-19 pandemic, we announced that we would continue to support TLS 1.0/1.1 until further ...