Skip to content

Latest commit

 

History

History
98 lines (57 loc) · 4.82 KB

README.md

File metadata and controls

98 lines (57 loc) · 4.82 KB

NuGet Monitor

A Visual Studio extension that checks and notifies about available updates for the installed NuGet packages in the current solution.

Build Status Sponsor

Features

  • Checks for updates, deprecations and vulnerabilities when a solution is opened
  • Shows an info bar with the number of available updates, deprecations and vulnerabilities
  • Shows an info bar with vulnerabilities found in transient packages
  • Provides a package management tool window that gives an instant overview over all packages, with a lean and fast package update functionality
  • Works with .NET Framework projects and with .NET projects using PackageReference items

Supported Visual Studio versions

  • Visual Studio 2022

Installing

Visual Studio Marketplace Visual Studio Marketplace

GitHub Releases

Open VSIX Gallery

Usage

After a solution is loaded, available updates and possible issues are shown in the Solution Explorer

InfoBar

Dependent on the size of the solution it may take some time until the info bars appear.


Package Manager

The package manager can be opened via the entry in the Tools menu.

MenuEntry

The package manager shows all installed packages of the current solution. Updating a single package is just one click, multiple packages can be updated via the tool bar button after selecting the packages.

Compared to the original NuGet Package Manager updating packages is very fast, because the package version is instantly updated without validation against other packages - however version conflicts may show up only at the next build and have to be resolved manually.

ToolWindow

Shared package references, e.g. in the Directory.Build.props file, are handled gracefully, and will not be replaced by Update entries in every project.

CentralPackageManagement (PackageVersion entries) are supported as well.

A justification property can be added to PackageReference or PackageVersion entries, to e.g. document why a reference is pinned and can't be updated

<PackageReference Include="Newtonsoft.Json" Version="[13.0.1]" Justification="Can't update due to Visual Studio extension limitations">

A mitigation element can be added to suppress warnings for transitive dependencies that can't be updated due to project limitations but have been evaluated to not affect the product security.

<PackageMitigation Include="Newtonsoft.Json" Version="13.0.1" Justification="Can't update due to Visual Studio extension limitations">

Dependency Tree

This view allows to investigate how transitive dependencies are introduced into the projects.

It lists all transitive dependencies per project, and shows their ancestor tree, where the terminal bold entry is the package reference used in the project.

The context menu for every entry offers to copy ready made XML snippets for PackageReference, PackageVersion or PackageMitigation that can be directly inserted into the project file to fix transitive dependencies.

DependencyTree

Thanks

AnushaG2201

A big thanks goes to AnushaG2201!

I was playing with the idea for this extension for quite a while but never figured out how I would create this extension.

That is until I saw the Nuget-updates-notifier (GitHub) which gave me the remaining puzzle pieces, so that I could create my own version.

tom-englert

A big thanks goes to tom-englert!

A massive improvement PR really improved the quality of this extension.

Links

NuGet Client SDK / NuGet.Protocol

Visual Studio Extensibility Cookbook - Notifications

Invoke the Manage NuGet Packages dialog programmatically

UpdatR packages