The NuGet Blog

How to Scan NuGet Packages for Security Vulnerabilities

March 2, 2021 Mar 2, 2021 03/2/21

Drew Gillies

Today, we are announcing the public availability of NuGet’s vulnerability features that you can use to ensure your projects are vulnerability free and if not, to take action to securing your software supply chain.

State of the NuGet Ecosystem

March 1, 2021 Mar 1, 2021 03/1/21

Jiachen Jiang

Recently, our team launched our first quarterly user survey for NuGet.org. With over 500 responses, we wanted to spend some time to share with you what we've learned in these last few months.

The NuGet.org repository signing certificate will be updated as soon as March 15th, 2021

February 25, 2021 Feb 25, 2021 02/25/21

Christopher Gill

The current NuGet.org repository signing certificate will be updated as soon as March 15th, 2021. If you validate that packages are repository signed by NuGet.org, you will need to take steps to avoid disruptions when installing packages from NuGet.org.

Happy 10th Birthday, NuGet!

January 13, 2021 Jan 13, 2021 01/13/21

Christopher Gill

NuGet 1.0 was released on January 13th, 2011 – 10 years and 4 major version releases ago. Since then, NuGet.org has grown to host a large and vibrant package ecosystem with over 230 thousand unique packages.

Custom V2 OData queries will be deprecated March 9, 2021

December 2, 2020 Dec 2, 2020 12/2/20

Jiachen Jiang

We announced the deprecation of custom V2 OData queries (#37) last year and conducted a dry run in early November to ensure that there are no surprises for users. Going forward, we plan to bring all new features and improvements only to the newer V3 APIs. As part of this strategy, we will begin blocking select endpoints used by 3rd party ...

Getting Started With NuGet 5.8

November 13, 2020 Nov 13, 2020 11/13/20

Jon Douglas

NuGet 5.8 is one of many releases in our .NET unification journey. Our NuGet tooling helps developers discover new .NET packages to use for their .NET applications, while making package management easier during your daily development.

The Microsoft author signing certificate will be updated as soon as November 1st, 2020

October 22, 2020 Oct 22, 2020 10/22/20

Christopher Gill

The current Microsoft author signing certificate will be updated as soon as November 1st, 2020. If you validate that packages are author signed by Microsoft, you will need to take steps to avoid disruptions when installing Microsoft packages.

View dependent packages on NuGet.org

August 20, 2020 Aug 20, 2020 08/20/20

Christopher Gill

We're excited to announce that you can now view dependent packages in the new Used By section on NuGet.org, yet another major improvement to the package evaluation experience!

Advanced search on NuGet.org

August 7, 2020 Aug 7, 2020 08/7/20

Mohamed Riad Gahlouz

We are excited to announce that NuGet.org now supports one of our top customer asks - advanced search! You can now use a multitude of sorting and filtering criteria to help find the best NuGet packages for your needs!

NuGet.org will permanently remove support for TLS 1.0 and 1.1 on June 15th

May 25, 2020 May 25, 2020 05/25/20

Christopher Gill

Last November, we shared our two-stage plan for deprecating TLS 1.0/1.1 on NuGet.org in which we stated that the permanent removal of TLS 1.0/1.1 support would occur in April 2020. However, in April, to avoid disrupting customers in the midst of the COVID-19 pandemic, we announced that we would continue to support TLS 1.0/1.1 until further ...