NuGet 6.12 Release Notes
NuGet distribution vehicles:
| NuGet version | Available in Visual Studio version | Available in .NET SDK(s) |
|---|---|---|
| 6.12 | Visual Studio 2022 version 17.12 | 9.0.1xx1 |
1 Installed with Visual Studio 2022 with any .NET workload
Known Issues
- Project and package in the same graph with the same name but different dependencies may lead to incorrect versions of the dependencies of that id #13888
- VS PM UI shows warning icon about package vulnerability even after upgrade #13866
- dotnet nuget why reports missing argument, even though it ran #13908
Summary: What's New in 6.12.1
NuGet 6.12.1 is available in Visual Studio 17.12.0 and the .NET 9.0.101 SDK.
Issues fixed in this release
- Deserializing an empty version range in a package dependency fails in .NET SDK 9.0.100-rc.2 #13869
Summary: What's New in 6.12
NuGet 6.12.0 is available in the .NET 9.0.100 SDK.
Add new graph resolution algorithm for better performance with large graphs - #13692
Owner profile hyperlinks needed in Details Pane of PM UI - #13686
Audit security vulnerabilities without adding nuget.org as package source - #12698
Deprecate SHA-1 fingerprints usage in NuGet Sign commands in favor of SHA-2 family fingerprints #13891
Deprecate http usage: Promote from warning to error - #13289
Breaking changes
NuGetAudit should check transitive packages by default when the .NET 9 SDK is installed #13293
Change NuGetAuditMode default to all for non-SDK style projects - #13584
Issues fixed in this release
Bubble-up Known Vulnerability Indicators in Solution Explorer for Transitive Packages - #13636
Enable
dotnet nuget whyon non-SDK style projects - #13576NuGetAuditSuppress for packages.config - #13575
Enable Transitive Dependencies for Solution-level in Visual Studio - #13216
Roll-out new breaking change process for SDK tools, respect SdkAnalysisLevel - #13309
Add property for toggling the to the previous NuGet resolver: RestoreUseLegacyDependencyResolver - #13700
Reduce allocations in TokenSegment.TryMatch - #12728
Use
SDKAnalysisLevelin restore "https everywhere: promote from warning to error" - #13546tweak wording of NU1603 - #13446
Default Package icon shown even when embedded icon file exists on disk - #13766
Navigation telemetry for hyperlinks: License, ReportAbuse, Readme, ProjectUrl - #13749
Navigation telemetry for Owner Profile URLs in PM UI - #13738
PM UI should show transitive path - #13574
NuGetVersion should use a factory to intern parsed versions - #13532
Remove NuGet.Packaging.Core code - #13385
PM UI transitive dependencies should display all transitive dependencies, not just ones brought in through packages directly installed in a project - #13060
Remove deprecated field "owners" from VS UI Details Pane - #10666
"Value cannot be null; Parameter name: source" displays in error list when clicking installed tab in PM UI - #13801
New dependency resolver does not properly handle missing package versions when using CPM - #13788
Saving PackageManagementFormat throws Nullable object must have a value. - #13773
ProjectReference causing PM UI to error with "Value cannot be null. Parameter name: frameworkIdentifier" - #13737
LockFileUtils.CreateLockFileTargetProject allocates a lot - #13712
ConvertToProjectPaths causes extra allocations due to yield usage - #13677
dotnet add package with CPM installs a different version than what gets restored - #13657
dotnet list packagedoes not work if project is using central package management system, after upgrading to.NET 8.0- #13632Add a log code NuGetAuditSuppress duplicate items - #13620
Solution Explorer search can be broken by skipped dataflow updates - #13619
Add nullability declarations to ResolverUtility and RemoteWalkContext - #13617
Use of Obsolete X509Certificate2 ctor - #13612
nuget restore warnings can't be suppressed with NoWarn in Visual Studio - #13571
Restore may write nulls to project.assets.json - #13563
VS 17.10 - Error building projects with CPM explicitly enabled if ManagePackageVersionsCentrally is set to false in Directory.Build.props - #13560
PERF: Version and VersionRange allocations are very prevalent in profiles of Roslyn solution load - #13559
PERF: LockFileFormat is filled completely when common callers only need some of the data - #13558
PERF: Unnecessary construction of LockFileItem.Properties dictionary - #13557
Narator does not read the value of
allowInsecureConnections- #13555NuGet fails because of invalid characters in User-Agent header - #13531
'why' and 'config' command does not show up in 'dotnet nuget --help' output - #13517
allocation: nuget.protocol.dll!NuGet.Protocol.HttpCacheUtility+<CreateCacheFileAsync>d__.MoveNext|nuget.protocol.dll!NuGet.Protocol.PackageDependencyGroupConverter.ReadJson - #13445
Reduce allocations in ContentItemCollection - #12657
When a source isn't accessible, service index cannot be read issues suppress the internal message making it difficult to understand the root cause - #12530
[Bug]: Extra space at start of package description in tooltip - #12105
Map branch name from sourcelink to RepositoryBranch for NuGet pack - #13625
List of commits in this release
Community contributions
Thank you to all the contributors who helped make this NuGet release awesome!
- akoeplinger
- ToddGrun
- KirillOsenkov
- 6008 Always debug RestoreTask and RestoreEx when environment variable is set
- vernou
- 5982 Fix restore when a package is installed with a version specified in CPM
- mthalman
- 5959 Allow override of System.Formats.Asn1 package version
- MattKotsenas
- 5923 Map SourceBranchName from sourcelink to RepositoryBranch for NuGet pack