MyGet Blog

Package management made easier!

NAVIGATION - SEARCH

Using build services to create Chocolatey packages

Chocolatey is a Machine Package Manager, somewhat like apt-get, built with Windows in mind. It lets us install software onto our machine, supports updates and dependencies, much like NuGet or npm do. MyGet has always supported feeds containing Chocolatey packages, making it easy to distribute software packages across teams or with customers. In this post, we’ll show you a trick on how to build Chocolatey packages using MyGet build services. It’s the least we can do as a Belgian company – our country is known for chocolates after all…

MyGet Build Services has a convention-type build approach that will create NuGet, npm and VSIX packages whenever required files or project types are available. By adding a build.cmd or build.ps1 file, this convention can be overridden – just the thing we want to do to create Chocolatey packages.

Using a little bit of PowerShell, we can call into Chocolatey’s choco.exe which handles packaging and verification. The following can be copy/pasted in a build.ps1 file in the root of a GitHub, BitBucket or VSTS repository:

Write-Host "Building Chocolatey packages..." $nuspecs = Get-ChildItem -Path $PSScriptRoot -Filter *.nuspec -Recurse foreach ($nuspec in $nuspecs) { choco pack $nuspec.FullName } $artifactsFolder = "./artifacts" Remove-Item -Path $artifactsFolder -Force -Recurse -ErrorAction SilentlyContinue New-Item $artifactsFolder -Force -Type Directory | Out-Null Move-Item *.nupkg $artifactsFolder Write-Host "Finished building Chocolatey packages."

Once a build is triggered on MyGet, this script will execute and create (and upload) Chocolatey packages to our MyGet feed, which we can then install on our system.

Happy packaging!

Two of my packages are treated as one. Help!

Every once in a while, our support gets a question that is similar to the following:

When requesting the package details for some versions of the NuGet packages in our feed it seems like the service encounters an error preparing the ATOM document, also resulting in NuGet failing to download the package.

Here's an example URL: https://www.myget.org/F/chucknorris/api/v2/Packages(Id='MyPackage',Version='1.2.20160209.1-master')

Is something wrong with MyGet? Definitely not! Let’s look at the packages for this feed:

  • MyPackage 1.2.20160209.1-master
  • MyPackage 1.2.20160209.1-dev

Can you spot the error? It’s very subtle, so let us help here. The version number has three dots (“.”) in it, which means it should be treated as a major.minor.patch.build type of version number, which is numeric. MyGet takes the hint and will strip off the –master and –dev in the above versions, treating both packages as one.

Clearly, the intention here was to use Semantic Versioning (SemVer): the –master and –dev suffixes to the version number were intended to provide a label in the version number. But semantic versioning is in the form of major.minor.patch-label, which means one dot less in the version number should be used. So in this case, the packages should be re-versioned and re-uploaded with the correct version number.

Don’t you guys have validation for this? is one of the questions we’d expect. We do, but it’s opt-in because many of our users start out with non-SemVer packages on their feeds and we don’t want to block those from being uploaded either. From a feed’s Package Settings tab, enable the Forbid packages which are non-compliant with Semantic Version? option.

Forbid packages which are non-compliant with Semantic Version?

This will prevent malformed semantic versions from being uploaded to your feed and prevent the above error from ever happening to you.

Happy packaging!

Dropbox as a package source for NuGet, npm, Bower and VSIX packages

Wouldn’t it be awesome if creating a NuGet, npm, Bower or VSIX feed was as easy as just copying packages into a Dropbox folder? Awesomeness is here: we’ve added Dropbox as a package source type to MyGet. This allows us to link a Dropbox folder to a MyGet feed and automatically upload packages so they can be consumed with the popular package managers out there.

Synchronizing NuGet packages with Dropbox

The Dropbox package source makes it easy to move packages into MyGet. For example, migrating from a network share to MyGet is as easy as copy-paste. Have a build server that drops artifacts into a Dropbox folder? MyGet will add the synchronized artifacts to your feed. Right now we download packages from Dropbox on a schedule (every 15 minutes).

Give it a try and let us know how it goes – feedback is welcome through the comments below or via the MyGetTeam Twitter account.

Happy packaging!

Improved support for localized satellite NuGet packages

At MyGet, we live and breath a culture of componentization, and we are very happy to see package authors adopting and sharing these practices within their organizations. One of these practices is the usage of NuGet's localized NuGet packages feature. The adoption of localized satellite packages is a good indicator of package author maturity. Using a better practice should be rewarding and free of friction. One of our Dear Users provided us with great feedback on how he leveraged MyGet to release localized packages by pushing them upstream. However, some unnecessary friction was involved, which had to be removed.

Localized NuGet Packages

As a NuGet package author, you can provide a localized experience for your libraries. The NuGet client has supported the creation of localized satellite packages since version 1.8.

For those unfamiliar with the concept, here's a basic package graph demonstrating the idea:

My.Framework.1.0.0-alpha0001.nupkg

  • Meta package, installing My.Framework and all localized satellite packages
  • Depends on: all satellite packages (My.Framework.Core.nl, My.Framework.Core.fr, My.Framework.Core.el, ...)
My.Framework.Core.1.0.0-alpha0001.nupkg
  • Package containing an actual framework library (e.g. in lib/net45/My.Framework.Core.dll)
  • No dependencies for the sake of the demo (your libraries most likely have dependencies :))
My.Framework.Core.nl.1.0.0-alpha0001.nupkg
My.Framework.Core.fr.1.0.0-alpha0001.nupkg
My.Framework.Core.el.1.0.0-alpha0001.nupkg
  • 3 localized satellite packages for the My.Framework.Core package
  • Depends on the actual framework package being localized: My.Framework.Core.1.0.0-alpha0001.nupkg
  • Only contains localization resources (e.g. lib/net45/nl/My.Framework.Core.resources.dll, lib/net45/nl/My.Framework.Core.xml)
Or visualized in a graph, here's the dependency tree:


To facilitate discovery of these satellite packages, we added a convenient Localization tab on the package details page if localized satellite packages are detected.


Releasing localized NuGet packages

Ideally, releasing a package that has localized satellite packages from MyGet to another feed, should be a click of a button away, publishing the entire package-set at once. Optionally, one might also want to adjust the prerelease tag and release notes of this package set, either per package individually, or for all at once.

The Push Upstream feature (also check our docs) has been upgraded to now also detect package dependencies and localized satellite packages!

This means that, as in the above sample scenario, you can now publish the entire localized package-set in one go by pushing the My.Framework meta package upstream.


In addition, you can also edit (or simply remove!) the prerelease tag and/or release notes for each package individually, or for all of them at once!

Simply click the edit button  next to one of the packages, modify the fields, and click the water-drop icon  to apply the changes to all other packages in the dialog.


Of course, you can still exclude individual packages from this list if you want to by clicking the  button next to the respective package.

We love this kind of feedback and hope you find this change useful, so keep the feedback coming!

Happy Packaging!

Introducing debugging, source code and symbols for NuGet packages

Shortly after we launched MyGet, we teamed up with SymbolSource.org to provide support for .NET debugger symbols. Today, we’re happy to announce a second option: integrated MyGet symbols support! MyGet symbols support lets consumers of our NuGet packages step through the source code and integrate with Visual Studio and tools like WinDbg. Additionally, symbols and sources can be consumed from within MyGet as well.

Head over to our docs and learn how to get started with MyGet symbols support!

image

How do I get started?

Documentation is available that will help you get started with MyGet symbols very quickly. Symbols in .NET can be tricky sometimes, so if things don’t work out as expected we’ve also compiled a list of PDB troubleshooting tips.

To make things easy, the endpoint for pushing symbols packages is the same as that for your regular NuGet packages: https://www.myget.org/F/<feedname>/api/v2/package. MyGet will determine the type of package and act accordingly. This makes pushing symbols packages from your build server, like TeamCity or Visual Studio Team Services similar to pushing regular NuGet packages.

Where do my symbols packages go when I use MyGet Build Services?

For new feeds, symbols packages are pushed to your MyGet feed by default. For existing feeds, symbols will be uploaded to SymbolSource (if this was enabled). From the build configuration, you can select where to push symbols packages.

What happens to the SymbolSource integration?

SymbolSource integration is still available. Our customers asked very loudly for integrated symbols support, so we’re delivering on that. We are still providing the option to use SymbolSource with your MyGet feeds. In fact, they have some great new features planned as well!

Head over to our docs and learn how to get started with MyGet symbols support!

Happy packaging! (and efficient debugging, of course)

Package details showing GitHub project README

We’re happy to introduce a few user interface enhancements which have been available for all users of npm private feeds on MyGet. We’ve now rolled these out to the package details page for NuGet, npm, Bower and Vsix packages. These pages now display all “at-a-glance” information on the right. Package owners, authors, license information and downloads can be seen from here.

The wider part of the package details page now displays the README.md contents retrieved from GitHub. That is, if the GitHub repository is accessible for us. This makes it easier for consumers of your feed to see installation instructions, links to documentation and so on from the package details page.

MyGet showing GitHub readme contents on package details page

We're looking forward to hearing your feedback through the comments below. Or tweet us via @MyGetTeam.

Happy packaging!

Preview support for the NuGet V3 protocol

A few weeks back, NuGet 3.0 was released. It’s a redesign of the NuGet client targeted at Visual Studio 2015, with a number of improvements and changes from earlier versions of NuGet. One of the changes the NuGet team made was on the server side, with a new protocol. We’re happy to announce that MyGet now has preview support for this new protocol as well!

The new NuGet server-side API was first written about in April 2014. And even before that, there was a talk Evolution of NuGet at MonkeySpace 2013. In it, the NuGet team describes what the NuGet team envisioned: a faster and more reliable API for .NET developers to consume packages. When opening the NuGet Package Manager Dialog in Visual Studio 2015 this becomes very visible: the well-known OData V2 feeds feel slow. MyGet now supports the NuGet V3 protocol (in preview), sharing the vision the NuGet team laid out over 2 years ago and made happen a few weeks ago: make NuGet package management faster.

Note: make sure to read the entire blog post when using private feeds - the NuGet client that ships with Visual Studio 2015 NuGet only supports pre-authenticated V3 feeds. An update is available with full private feed support.

How to make use of the NuGet V3 protocol with MyGet?

The URL of a MyGet feed typically looks like this: https://www.myget.org/F/feedname/api/v2. For the V3 protocol, this URL becomes https://www.myget.org/F/feedname/api/v3/index.json. This feed can be registered in Visual Studio 2015. From the Tools | NuGet Package Manager | Package Manager Settings menu, we can select the Package Sources tab and add a V3 feed in the same way as a V2 feed can be added. We can give the feed a descriptive name, and enter its URL.

Registering MyGet V3 API NuGet

Once added, we can manage packages for our project or solution, and select the newly added feed from the dropdown.

MyGet feed with NuGet V3 API protocol

Does this also work with private (authenticated) feeds?

It’s perfectly possible to consume private (authenticated) feeds on MyGet using the new NuGet client in Visual Studio 2015. Unfortunately there is a bug in the client that makes this a little hard: if it has to prompt for credentials, consuming the feed will fail. The NuGet team confirmed a fix is ready to be released (in fact, an RC version is out), but in the meanwhile a pre-authenticated feed URL can be used to consume a private V3 feed.

A pre-authenticated feed comes in the following format: https://www.myget.org/F/feedname/auth/accesstoken/api/v3/index.json, where the feedname is of course the name of the feed, and accesstoken is one of the access tokens that can be managed via the MyGet website.

Can upstream feeds be proxied?

The MyGet V3 feeds support proxying upstream V2 feeds (not V3 yet). This allows for registering one V3 feed URL in Visual Studio while proxying one or more external (V2) feeds over the same URL. This greatly speeds up working with NuGet! Have a look at our documentation to learn more about feed proxying.

When browsing MyGet, you may notice the V3 feed URL is not being advertised anywhere. The reason for that is twofold: we’re offering the V3 protocol as a preview. We want to make sure the feed behaves the way it should. Second, we want to continue improving V3 protocol support, for example by enhancing support for proxying upstream feeds with upstream V3 sources.

We would love to hear your feedback via @MyGetTeam or through the comments below.

Happy packaging!

Automatically add NuGet, npm and Vsix packages from Visual Studio Online to MyGet

For over a year now, MyGet has had great Visual Studio Online (VSO) integration. We support adding VSO git repositories into build services, running convention-based builds that convert freshly pushed source code into NuGet, npm or Vsix packages. With the Visual Studio 2015 release cycle, Microsoft released a new build system for Visual Studio Online. The artifacts generated from a build can be automatically added to a MyGet feed by adding a Visual Studio Online package source, both from classic XAML-based VSO builds as well as the new build system.

From a MyGet feed, we can use the Package Sources | Add package source | Visual Studio Online build definition button to add a Visual Studio Online build definition. The first time we do this, we’ll have to grant access to our VSO instance.

MyGet Visual Studio build artifact

Once access is granted, MyGet will fetch a list of team projects and their builds. MyGet supports all sorts of build definitions, whether a classic XAML-based build or the new VSO “build vNext”. We can pick the team project we’re interested with, select the build definition, and depending on the VSO subscription we can also choose to post a message to a VSO team room whenever packages from a build are added to MyGet.

Publish NuGet package from Visual Studio Online to MyGet

Once we trigger a build in VSO, whether by checking in code or manually, MyGet will automatically add the generated artifacts to the current feed. Of course, we have to make sure our VSO build produces one or more .nupkg (NuGet), .tgz (npm) or .vsix (Vsix) artifacts (the Publish Build Artifacts build step will be needed for this). To run convention-based builds we can always use MyGet Build Services, too.

We're looking forward to hearing your feedback through the comments below. Or tweet us via @MyGetTeam.

Happy packaging!

Introducing MyGet Vsix support–Visual Studio Extensions and Roslyn

Last month, we introduced a limited preview for Visual Studio extensions (Vsix) on MyGet. Today, we’re proud to announce Vsix support has been enabled for all MyGet customers! In this blog post, we’ll see how we can use MyGet to build and distribute a Roslyn analyzer and code fix, as a NuGet package and a Visual Studio extension.

The full feature set we already have for NuGet, Bower and NPM is now also available for Vsix. You're able to manage extensions, add them from upstream feeds (ATOM only), granular permissions and user management, support for community feeds... If you need a staging feed or just a private VSIX gallery, this is the easiest way to get one. Using the VSO integration? We'll pick up the VSIX artifacts from your VSO build and automatically add them to your MyGet VSIX feed. Here’s an example.

(we also open sourced the example at https://github.com/myget/sample-roslyn-with-vsix)

Developing a Roslyn analyzer and code fix

Roslyn analyzers and code fixes allow development teams and individuals to enforce certain rules within a code base. Using code fixes, it’s also possible to provide automated “fixes” for issues found in code. When writing code that utilizes DateTime, it’s often best to use DateTime.UtcNow instead of DateTime.Now. The first uses UTC timezone, while the latter uses the local time zone of the computer the code runs on, often introducing nasty time-related bugs. Let’s write an analyzer that detects usage of DateTime.Now!

You will need Visual Studio 2015 RC and the Visual Studio 2015 RC SDK installed. You’ll also need the SDK Templates VSIX package to get the Visual Studio project templates. Once you have those, we can create a new Analyzer with Code Fix.

New Roslyn analyzer

A solution with 3 projects will be created: the analyzer and code fix, unit tests and a Vsix project. Let’s start with the first: detecting DateTime.Now in code an showing a diagnostic for it. It’s actually quite easy to do: we tell Roslyn we want to analyze IdentifierName nodes and it will pass them to our code. We can then see if the identifier is “Now” and the parent node is “DateTime”. If that’s the case, return a diagnostic:

public override void Initialize(AnalysisContext context) { context.RegisterSyntaxNodeAction(AnalyzeIdentifierName, SyntaxKind.IdentifierName); } private void AnalyzeIdentifierName(SyntaxNodeAnalysisContext context) { var identifierName = context.Node as IdentifierNameSyntax; if (identifierName != null) { // Find usages of "DateTime.Now" if (identifierName.Identifier.ValueText == "Now" && ((IdentifierNameSyntax)((MemberAccessExpressionSyntax)identifierName.Parent).Expression).Identifier.ValueText == "DateTime") { // Produce a diagnostic. var diagnostic = Diagnostic.Create(Rule, identifierName.Identifier.GetLocation(), identifierName); context.ReportDiagnostic(diagnostic); } } }

If we compile our solution and add the generated NuGet package to another project, DateTime.Now code will be flagged. But let’s implement the code fix first as well. We want to provide a code fix for the syntax node we just detected. And when we invoke it, we want to replace the “Now” node with “UtcNow”. A bit of Roslyn syntax tree fiddling:

public sealed override async Task RegisterCodeFixesAsync(CodeFixContext context) { var root = await context.Document.GetSyntaxRootAsync(context.CancellationToken).ConfigureAwait(false); var diagnostic = context.Diagnostics.First(); var diagnosticSpan = diagnostic.Location.SourceSpan; // Find "Now" var identifierNode = root.FindNode(diagnosticSpan); // Register a code action that will invoke the fix. context.RegisterCodeFix( CodeAction.Create("Replace with DateTime.UtcNow", c => ReplaceWithDateTimeUtcNow(context.Document, identifierNode, c)), diagnostic); } private async Task<Document> ReplaceWithDateTimeUtcNow(Document document, SyntaxNode identifierNode, CancellationToken cancellationToken) { var root = await document.GetSyntaxRootAsync(cancellationToken); var newRoot = root.ReplaceNode(identifierNode, SyntaxFactory.IdentifierName("UtcNow")); return document.WithSyntaxRoot(newRoot); }

That’s it. We now have an analyzer and a code fix. If we try it (again, by adding the generated NuGet package to another project), we can see both in action:

MyGet Roslyn analyzer VSIX and NuGet

Now let’s distribute it to our team!

Distributing a Roslyn analyzer and code fix using MyGet

Roslyn analyzers can be distributed in two formats: as NuGet packages, so they can be enabled for individual project, and as a Visual Studio extension so that all projects we work with have the analyzer and code fix enabled. You can build on a developer machine, a CI server or using MyGet Build Services. Let’s pick the latter as it’s the easiest way to achieve our goal: compile and distribute.

Create a new feed on www.myget.org. Next, from the Build Services tab, we can add a GitHub repository as the source. We’ve open-sourced our example at https://github.com/myget/sample-roslyn-with-vsix so feel free to add it to your feed as a test. Once added, you can start a build. Just like that. MyGet will figure out it’s a Roslyn analyzer and build both the NuGet package as well as the Visual Studio extension.

MyGet automated build of visual studio extension

Sweet! You can now add the Roslyn analyzer and code fix per-project, by installing the NuGet package from the feed (https://www.myget.org/F/datetime-analyzer/api/v2). ANd when registering it in Visual Studio (https://www.myget.org/F/datetime-analyzer/vsix/) by opening the Tools | Options... menu and the Environment | Extensions and Updates pane, you can also install the full extension.

Private VSIX feed with MyGet

Give it a try! More info is available from the Visual Studio extension landing page or the documentation on using MyGet’s Vsix features.

Happy packaging!

MyGet now offers NuGet, Npm and Bower registries

pmsWith our latest MyGet release, we’ve added support for npm and bower registries. We’ve always been very focused on building a great story around NuGet and decided it was time for Npm and Bower enthusiasts to get a similar experience.

Adding npm and Bower support was high on our wish list and that of our users. Many developers are doing only front-end development and need a public or private npm registry. Others are working with DNX (the new name for ASP.NET 5 or ASP.NET vNext) and combine NuGet, npm and Bower. It feels good to be able to support them all!

To help you get started, we’ve prepared a few short tutorials that help you get started on MyGet with these package managers:

Oh and build services now also packages node modules! Just point MyGet to your GitHub repository and we’ll package your npm packages, too.

We really look forward to hearing your feedback on this!

Happy packaging!