The NuGet Blog

The latest news, updates, and insights from the NuGet team

HTTPS everywhere

Safety guaranteed As an ongoing effort to make HTTPS everywhere a reality for NuGet, we have taken a number of steps to help protect your everyday package management experiences. Earlier this year, a security fact sheet from The White House reinforced companies to take action to secure our software supply chains. HTTPS and SSL not only ...

NuGet.org will continue to support TLS 1.0 and 1.1 until further notice

Last November, we shared our two-stage plan for deprecating TLS 1.0/1.1 on NuGet.org and actions you can take today to ensure your systems use TLS 1.2. In that post, we announced that NuGet.org would remove support for TLS 1.0/1.1 in April 2020. However, since then, our customers have faced a variety of challenges in the wake of the COVID-19 ...

Deprecating TLS 1.0 and 1.1 on NuGet.org

co-authored by Scott Bommarito At Microsoft, using the latest and secure encryption techniques is very important to us to ensure the security and privacy of our customers. TLS 1.0 and TLS 1.1, released in 1999 and 2006 respectively, are known to be vulnerable to a number of attacks including POODLE and BEAST. In the past, we removed ...

Improving the NuGet documentation experience on docs.microsoft.com

In late 2016, we started on the journey of improving the docs experience for NuGet with the revamped docs experience. Continuing that journey, today we are announcing the move to docs.microsoft.com/nuget. Given how NuGet has grown to become an integral part of the Visual Studio and .NET ecosystems, this move furthers the integration by ...

New experience for NuGet Documentation

Last month, we launched a preview of the revamped Nuget docs experience. We made a number of improvements: We would like to thank you for trying out the preview and giving us valuable feedback. We have incorporated your feedback and ironed out some wrinkles we found along the way. Today, we are going live with the new experience on ...