I'm hoping that a more secure ADFS experience/workflow can be created. I would like to see a situation where an administrator can restrict token-based authentication for feed consumers and the consumers can use some sort of Nuget ADFS CredentialProvider to authenticate against the feed. (Perhaps with single-use, short-lived tokens generated by the provider?) That way when an AD account is disabled there is no need to secondarily disable a myget account.3 votes
Have you tried our new MyGet Credential Provider for Visual Studio 2017 yet? http://docs.myget.org/docs/reference/credential-provider-for-visual-studio
We are working on improving that very experience, so we’re very eager to hear your feedback on this.
At the moment all permissions are assigned on per user basis which requires significant effort if you have more than a handful of users or/and a several feeds.
- Could you rovide a way of assigning permission on per group/role basis so it is enough to assign user to a single role/group and then they get access to required resources ?
- Could you also add ability to assign newly authenticated users to a default group/role
There are some external tools I'd like to use during my build that are distributed by chocolate.org. Do\could you support build.bat using choco to install those tools on the build machine? I'm assuming the build machines are snapshot VMs that get reverted after each build? That would also be nice to know\have documented.1 vote
Which tools would you be needing?
My build produces six different build logs that I would like to examine for each build. You could identify them by suffix. Mine are suffixed with diag, detailed, normal, error, summary, and warning. Or you could choose a suffix. Say anything ending in build.log. They get big so maybe you only need to retain them for a few days.1 vote
Not an easy one for us to do short-term, for now we recommend writing to STDOUT
I'd like be able to highlight multiple versions of a package and then perform the same operation on all of them.
We've got a bunch of packages that were uploaded and shouldn't have been. At the moment it takes about a chunk of time to delete each one, with lots of waiting for pages to refresh. Because the delete doesn't give automatic feedback I then have to keep track of the ones I've already deleted.9 votes
The current version of MyGet looks a bit like a product that has grown organically from something quite small and simple into something that appears to be large and complex. That's at least the impression I get.
So I would highly appreciate if you could take a step back, look at the site with a bird's eye view and create a new information architecture, design and user experience. Inspect every current function, rip it out from where it is today and put back into a place where it feels more at home and where it can be found more intuitively.4 votes
On package details page, when new versions are available, it would be great to be able to choose a version from a list (last version may be selected by default).6 votes
In automatic package update feature, it would be great to be able to choose what kind of new version can be added automatically (PATCH, MINOR, MAJOR).6 votes
Please support Windows Azure Active Directory for private feeds.10 votes
Pin all packages of a particular version1 vote
A build could succeed, including tests without generating any nuget packages. I should be nice to have a check in the build properties of each project which defined if a build should succeed when a nuget package is creator or not.10 votes
Hey X and M,
I like the product so far but the Add Package window definitely needs some improvement or a total makeover even. The autocomplete in the search bar is also flaky to scroll through.
Why not give the option to actually search and select from the resulting packages?1 vote
Bitbucket has a feature called "Deployment keys" which is primarily used for build services because they give read-only access to repositories, and does not count as an user license.
This would be great for small teams that uses bitbucket's free plan for 5 users, because we don's have to create a "fake" readonly user for myget's Build service.
I know that we can use our personal accounts as authentication, but I would rather not :-)16 votes
Build Service: it should be nice to be notified (email) when no build is trigger after a push operation.
Now you only get a notification if you start a manual within 5 minutes after the last build. I would like to get an email when this is happening after a git push operation3 votes
Situation: TeamCity build definitions with project names that contain capital letters. There are build templates that use the project name variable to do all sorts of things, from pulling from GitHub through to publishing packages.
MyGet forces all feed names to be lower-case, which means that we can't use project name variables to push to a MyGet feed.1 vote
It would be good to see what other packages in myget that has dependencies to the package currently being viewed.5 votes
Ability to create "Service" users who don't have an email address and aren't linked tro an identity provider
I would like to set up user accounts for our Build Servers that publish packages and our Octopus Deploy server that needs read only access to our Package Feeds.
Currently I can't set this up as the users in question are obviously not people and don't have email addresses for them.8 votes
We are thinking of making API keys “scoped”, so that you can create an API key that, for example, can only consome and/or push to a given feed. Would that work?
The scenario goes like this: An enterprise wants to have private feeds, that only customers that paid for a package can access them. Different customers need to have different credentials.
i've seen that myget enterprise only has "developer" users.
is there something already implemented that helpes to this scenario?
Clients may be hundreds for a team of 10 developers.
It appears that when someone adds a package to a proxied feed that I own, that it shows me as the person who added the package. Is it would be great if this was attributed to the actual user who originally caused the package to be added to the proxied feed.1 vote
Would it make sense to make this a MyGet system user instead? The reason is some users may not have permission to add packages to a feed and it would be confusing to see they actually added a package this way.
- Don't see your idea?