MyGet Blog

Package management made easier!

NAVIGATION - SEARCH

Cloning feeds is now supported

It happens that for some reason you require a full copy of an existing feed. You may want to do some upgrades. Maybe you just require your development feed to be copied as a production feed or vice-versa. Our latest deployment provides you with a fresh feature: cloning feeds.

From the feed list (www.myget.org/feed/list), simply click the “Clone” button next to a feed. Note that this will only be shown for feeds that are owned by you.

image

After a couple of minutes, your feed clone will be up and running.

image

Happy packaging!

Introducing a new profile page

Our latest service deployment features a fresh user profile page. You’ll be able to see everything you need by just clicking the Profile link. You’ll be able to see your feeds, linked identity providers, payment history and more.

image

You can also look at other user profiles. Simply browse to the MyGet gallery and you’ll be able to find out who’s behind a given public feed.

image

Yes, you’re seeing what we’re up to: in one of our next releases, we’ll be providing you with activity streams that give you an overview of what’s happening on a given feed or by a specific user.

Happy packaging!

Package retention policies

So you’re pushing your packages from your build server onto MyGet. That must result into a large number of packages! Or you want to keep only the latest 2 versions of a given package? Have no fear, package retention policies are here!

Under your feed, navigate to the Package Retention tab.

image

By default, we keep all package versions available on your feed. If you would like to do some automated housekeeping, you can now specify the number of stable and prerelease packages to keep on your feed. Whenever a package is added to your feed, we'll make sure these retention rules are respected.

Happy packaging!

Add packages from GitHub, BitBucket and CodePlex using MyGet build services

We’re pleased to announce some new features to MyGet build services. This feature allows you to add packages to your MyGet feed from any Git, Mercurial (hg) or Subversion repository out there. We’ll grab the sources, compile, package and make sure the result is listed on your feed. While still in beta, the feature is starting to take shape. In our latest release, we’ve shipped some interesting new features related to build services.

From your feed details page, you can navigate to build services. The “Add build source…” button has been around since the start and allows you to enter details of the source code repository manually. Because that can be a bit clumsy and since most public source code repositories out there have API’s available, we now support linking GitHub, BitBucket and CodePlex repositories with the click of a button!

image

After clicking one of these, you’ll be redirected to the code hosting provider for login.

image

After that, you can just check the projects you wish to add and link them automatically.

image

Apart from being able to easily link projects from GitHub, BitBucket and CodePlex, we also improved the build server itself a bit:

  • Support for portable libraries
  • TypeScript SDK 0.8.1.1 has been deployed
  • Private repositories on BitBucket now can be referenced
  • Git repositories with submodules can now be built (do note the submodule must be available over HTTP/HTTPS)

Happy packaging!

NuGet package restore from a secured feed

One of the most frequently asked questions at MyGet is the following one (we have pending updates to our FAQ section):

How do I set up NuGet package restore against a private MyGet feed requiring authentication?

This is also one of the things you might end up doing when debugging NuGet package restore issues.

For public feeds, you only need to change the repository URL in the nuget.targets file to let your build server know from where it needs to fetch the packages. For private feeds however, there are a few things you need to know.

Which credentials should I use?

At MyGet, we recommend you to create a separate account for your build agents and give it specific permission on your feed (e.g. readonly or read/write, but no additional permissions).

It is not a technical requirement though: you could simply use your personal account, but please be aware that in this case you share your credentials!

As you'll see in this post, you can store the credentials for the build service account on the build agent(s) without having to share them with anyone. Using a user's account for the build agent can break anyone's build if access for this user is revoked...

Visual Studio will prompt for credentials

As soon as you try to communicate with a secured package source in Visual Studio, it will prompt you for credentials. So why do you get the following build error when using package restore?

There's no non-interactive way to provide credential parameters

NuGet package restore relies on the NuGet.exe commandline tool by using the install command. The commandline will either prompt you for credentials (which isn't suitable for automated build scenarios), or will look for credentials in nuget.config file in %AppData%\NuGet\nuget.config (if you use the Non-Interactive option).

The latter looks like what you need in automated build scenarios, but requires you to store feed credentials on the machine, for the user account that will perform the build. This can become cumbersome if you have a multitude of solutions using this feature.

Hierarchical NuGet.config doesn't take credentials into account (yet!)

The latest version of NuGet has support for hierarchical nuget.config files, which is an attempt to overcome the need to store everything on the machine. It allows you to have a solution-level NuGet configuration which should be taken into account during package restore.

This means that feed URL and credentials could be stored next to your solution instead of being pre-configured in the user profile. However, credentials aren't picked up (yet), and there's no easy way to store them (encrypted) into any nuget.config file other than the one in your roaming user profile (explained in the next section of this post).

This is a known issue which seems to be fixed in vNext of NuGet. Check this Codeplex issue for more details. Not sure though whether this will be facilitated without having to copy-paste those encrypted credentials from one config to another.

You can store feed credentials in your user-profile NuGet.config

That's likely to be the easiest approach: as you register the package source URL, you might want to save the required credentials as well. This is however not exposed in the Visual Studio NuGet Package Manager extension, so you'll have to use the NuGet.exe commandline tool. The following gist illustrates a few of these options that should help you configure your secured feed, including credentials.