Showing results for security - The NuGet Blog

Nov 4, 2024
0
0

OpenSSF Scorecard for .NET and the NuGet ecosystem

Ioana Amarande Avishay Balter Mélanie Guittet
Ioana,
Avishay,
Mélanie

OpenSSF Scorecard is a tool developed by the Open Source Security Foundation (OpenSSF) that provides automated security assessments for open-source projects. The primary goal of the Scorecard project is to help developers and users determine the security posture of open-source software by generating a score based on a series of security-related che...

NuGetSecurityOther announcements
Jul 17, 2024
11
4

NuGetAudit 2.0: Elevating Security and Trust in Package Management

Andy Zivkovic Jon Douglas
Andy,
Jon

Introduction In November 2023 (NuGet 6.8, Visual Studio 17.8, .NET SDK 8.0.100), we released NuGet Audit. NuGet Audit provides warnings during restore when a package with a known vulnerability is used by a project. More information about NuGet Audit, including detailed configuration options can be found on our learn website. New features are still...

NuGetFeature AnnouncementSecurity
Jul 16, 2024
0
3

Building a Safer Future – How NuGet is Tackling Software Supply Chain Threats

Jon Douglas
Jon Douglas

Despite significant technological progress in addressing complex security threats, the key to preventing the next attack lies in adhering to fundamental security principles. It's essential to ensure the software ecosystem is secure, focusing on protecting .NET developers who design, build, and maintain the critical software we all use. As the home...

NuGetNuGet.orgSecurity
Nov 17, 2023
4
3

Announcing NuGet 6.8 – Maintaining Security with Ease

Allie Barry
Allie Barry

NuGet 6.8 is included in Visual Studio 2022 and .NET 8.0 out of the box. You can also download NuGet 6.8 for Windows, macOS, and Linux as a standalone executable. Maintaining and understanding security status in your projects is now easier than ever in NuGet 6.8. We're happy to announce a plethora of new features to help you be aware potential vul...

NuGetFeature AnnouncementRelease announcement
Nov 8, 2021
6
0

Announcing NuGet 6.0 – Source Mapping, Package Vulnerabilities, Faster Solution Load, Oh My!

Jon Douglas
Jon Douglas

NuGet 6.0 - Source Mapping, Package Vulnerabilities, Faster Solution Load, Oh My! NuGet 6.0 is included in Visual Studio 2022 and .NET 6.0 out of the box. You can also download NuGet 6.0 for Windows, macOS, and Linux as a standalone executable. NuGet 6.0 is one of many releases in our .NET unification journey. Our NuGet tooling helps developers d...

Feature AnnouncementRelease announcementNuGet
Sep 15, 2021
4
0

Introducing Package Source Mapping

Nikolche Kolev
Nikolche Kolev

We're happy to announce the first preview release of Package Source Mapping with Visual Studio 2022 preview 4! Package Source Mapping gives you fine-grained control of where your packages come from by mapping every package in your solution to a target package source.

Feature AnnouncementNuGetSecurity
Mar 2, 2021
27
2

How to Scan NuGet Packages for Security Vulnerabilities

Drew Gillies
Drew Gillies

Today, we are announcing the public availability of NuGet’s vulnerability features that you can use to ensure your projects are vulnerability free and if not, to take action to securing your software supply chain.

NuGetNuGet.orgFeature Announcement
May 25, 2020
0
0

NuGet.org will permanently remove support for TLS 1.0 and 1.1 on June 15th

Christopher Gill
Christopher Gill

Last November, we shared our two-stage plan for deprecating TLS 1.0/1.1 on NuGet.org in which we stated that the permanent removal of TLS 1.0/1.1 support would occur in April 2020. However, in April, to avoid disrupting customers in the midst of the COVID-19 pandemic, we announced that we would continue to support TLS 1.0/1.1 until further notice. ...

NuGet.orgSecurity