Skip to content

NuGet-6.7.md

Latest commit

 

History

History
166 lines (110 loc) · 10.5 KB

NuGet-6.7.md

File metadata and controls

166 lines (110 loc) · 10.5 KB
title NuGet 6.7 Release Notes
description Release notes for NuGet 6.7 including new features, bug fixes, and DCRs.
author jeffkl
ms.author jeffkl
ms.date 7/31/2023
ms.topic conceptual

NuGet 6.7 Release Notes

NuGet distribution vehicles:

NuGet version Available in Visual Studio version Available in .NET SDK(s)
6.7 Visual Studio 2022 version 17.7 7.0.4001
6.7.1 Visual Studio 2022 version 17.7 7.0.4061

1 Installed with Visual Studio 2022 with.NET Core workload

Summary: What's New in 6.7.1

  • [Security]: Microsoft Security Advisory CVE-2024-0057 | NuGet Client Security Feature bypass Vulnerability - #12653

Summary: What's New in 6.7

  • Package Source Mapping status for selected package in Details Pane - #12586

  • Add VulnerabilityInfo APIs into NuGet.Protocol - #12518

  • Signing: raise actionable message on Linux if verification results in untrusted failure - #12459

  • [Feature]: Show which package versions are vulnerable in the VS PMUI package details pane version dropdown - #11127

Issues fixed in this release

DCRs:

  • There are no visual indicators for the Package Source Mapping status in details pane - #12609

  • VS Options shortcut from PMUI for PackageSourceMappings doesn't scroll to or select the Package - #12608

  • Install/Update buttons are enabled in Details Pane when the PackageSourceMapping is not found - #12607

  • Add nullable annotations to NuGet.Frameworks - #12570

  • NuGet should use a different property for the platform version for C++/CLI - #12521

  • NuGet should use HttpClientHandler.PreAuthentication to reduce HTTP 401's - #12514

Bugs:

  • Create SingleFileProvider and use it for content files - #12706

  • Restore task dumps stack because TaskCanceledException should be OperationCanceledException - #12700

  • Improve nuget.exe restore error message when passing file globs - #12691

  • NuGet: LockFileUtils.GetLockFileItems boxing enumerator - #12684

  • Preview Window needs some strings reworded and margins adjusted - #12681

  • PackageSpecificWarningProperties classes do redundant collection lookups - #12678

  • Specify SelectionCriteria list capacity correctly - #12667

  • Avoid value lookup in foreach loop over dictionary's keys - #12666

  • NuGet: VersionRangeFormatter.GetNormalizedString bypassing StringBuilderCache via use of string.format - #12664

  • NuGet: LockFileFormat.ReadTargetLibrary using string.split on a simple pattern - #12663

  • Performance: Don't allocate as many Task instances - #12659

  • Replace unreliable assembly location code with reliable one - #12650

  • PackageSpec should use an empty RuntimeGraph instead of a new one - #12649

  • TargetFrameworkInformation.Clone calls ToDictionary on a type that is already a dictionary, TargetFrameworkInformation.Clone resizes a dictionary it already knows the destination size - #12648

  • PackageSpecReferenceDependencyProvider.GetLibrary unnecessarily resizes a List<T> that it doesn't even need - #12647

  • ResolverUtility.FindLibraryCachedAsync should use a struct as lookup - #12646

  • ContentItemCollection.PopulateItemGroups unnecessarily causing resizes of List<T>, ContentItemCollection.PopulateItemGroups boxing List<T>.Enumerator - #12645

  • PackageSpec.Clone and LibraryDependency.Clone overwrite collections created by their constructors. - #12642

  • RestoreOperationLogger.ReportProgressAsync repeatedly requests UI thread time - #12640

  • Avoid repeated Enum.ToString() in PackageSpecWriter.SetDependencies - #12638

  • ETW events should use default '/' instead of '_' - #12631

  • Parsing NuGetVersion causes significant GC pressure - #12630

  • The vulnerable label doesn’t show in the “version” dropdown box of “Browse” tab when searching for vulnerable packages - #12623

  • nuget restore fails for solution filters not in same directory as the solution it references. - #12562

  • VersionRangeFormatter should use StringBuilderPool - #12551

  • Reduce allocations in VirtualFileInfo.Name - #12550

  • Reduce allocations when getting hash code of LibraryModel.LibraryRange - #12549

  • NuGet.Build.Tasks.Console should roll forward to newer runtimes - #12528

  • SourceRepository.GetResource throws if type is not an exact match - #12455

  • [Bug]: Disable the option to update version when using VersionOverride in CPM - #12230

  • [Bug]: dotnet nuget push not detecting apikey for 3rd party symbol server - #11846

  • X-NuGet-Warning doesn't work when using proxy due to missing ServerWarningLogHandler - #5004

List of commits in this release

Community contributions

Thank you to all the contributors who helped make this NuGet release awesome!

  • danmoseley
    • 5276 fix crash on cancel in Restore task
  • oleksandr-didyk
    • 5196 add review comment to sb files
  • drewnoakes
    • 5200 Reduce allocations in ContentItemCollection
  • Erarndt
    • 5202 Avoid allocations while parsing NuGetVersion from strings
  • jerhon
    • 5197 Fix issue with solution filters not restoring when in different folder than referenced solution
  • NikolaMilosavljevic
    • 5228 Add System.Security.Cryptography.Xml dependency
  • DevPaulLiu
    • 5206 Use default '/' split symbol in ETW events.
  • drewnoakes
    • 5201 Reduce allocations in PackageSpecReferenceDependencyProvider
  • drewnoakes
    • 5199 Reduce allocations in TargetFrameworkInformation.Clone
  • Erarndt
    • 5217 Ensure only one logging task is active at a time
  • Erarndt
    • 5219 Update PackageSpec.Clone and LibraryDependency.Clone to avoid allocations
  • Erarndt
    • 5215 Add AsString() for LibraryDependencyTarget and LibraryIncludeFlags
  • NikolaMilosavljevic
    • 5207 Add dependencies for PVP flow
  • NikolaMilosavljevic
    • 5193 Target net8.0 for source-build
  • mthalman
    • 5180 Exclude WPF projects from source-build
  • NikolaMilosavljevic
    • 5190 Enable source-build pre-built detection
  • drewnoakes
    • 5146 Show diagnostic beneath unresolved package/project reference in Solution Explorer
  • 0xced
    • 5021 Log warnings from server also when using an http proxy (X-NuGet-Warning)
  • jwfx
    • 5122 Fall back to using API key also for pushing symbol packages if nothing else was specified as parameter or config
  • MichaelSimons
    • 5132 Remove MinimalTargetFrameworksExeSigning from MinimalTargetFrameworksExeSigning in source-build
  • dfederm
    • 5125 Add RollForward to NuGet.Build.Tasks.Console
  • atamagaii
    • 5107 Add missing RegistrationsBaseUrls to prevent exceptions when loading valid Service Indexes.