I would like to block package download based on a vulnerability (or license) type.

I tried using nuget.exe delete command but it returns not found error

It would be great to have an API to automate certain tasks on MyGet!

The licenses view with pie chart is great, but I'd like to be able to download the license report as a CSV file. I need to provide a report of licenses for due diligence purposes and giving a login to MyGet to view it directly is not a viable option.

In short: Google Analytics for packages

It would be grat to have a series of metrics and statistics about my feed. Where do downloads of packages come from? Which version of NuGet are they using?

I'm hoping that a more secure ADFS experience/workflow can be created. I would like to see a situation where an administrator can restrict token-based authentication for feed consumers and the consumers can use some sort of Nuget ADFS CredentialProvider to authenticate against the feed. (Perhaps with single-use, short-lived tokens generated by the provider?) That way when an AD account is disabled there is no need to secondarily disable a myget account.

https://www.visualstudio.com/en-us/docs/package/nuget/auth

Hi,

At the moment all permissions are assigned on per user basis which requires significant effort if you have more than a handful of users or/and a several feeds.

• Could you rovide a way of assigning permission on per group/role basis so it is enough to assign user to a single role/group and then they get access to required resources ?


• Could you also add ability to assign newly authenticated users to a default group/role

Thanks

Pawel

There are some external tools I'd like to use during my build that are distributed by chocolate.org. Do\could you support build.bat using choco to install those tools on the build machine? I'm assuming the build machines are snapshot VMs that get reverted after each build? That would also be nice to know\have documented.

My build produces six different build logs that I would like to examine for each build. You could identify them by suffix. Mine are suffixed with diag, detailed, normal, error, summary, and warning. Or you could choose a suffix. Say anything ending in build.log. They get big so maybe you only need to retain them for a few days.

I'd like be able to highlight multiple versions of a package and then perform the same operation on all of them.
We've got a bunch of packages that were uploaded and shouldn't have been. At the moment it takes about a chunk of time to delete each one, with lots of waiting for pages to refresh. Because the delete doesn't give automatic feedback I then have to keep track of the ones I've already deleted.

The current version of MyGet looks a bit like a product that has grown organically from something quite small and simple into something that appears to be large and complex. That's at least the impression I get.

So I would highly appreciate if you could take a step back, look at the site with a bird's eye view and create a new information architecture, design and user experience. Inspect every current function, rip it out from where it is today and put back into a place where it feels more at home and where it can be found more intuitively.

On package details page, when new versions are available, it would be great to be able to choose a version from a list (last version may be selected by default).

In automatic package update feature, it would be great to be able to choose what kind of new version can be added automatically (PATCH, MINOR, MAJOR).

Please support Windows Azure Active Directory for private feeds.

Pin all packages of a particular version

A build could succeed, including tests without generating any nuget packages. I should be nice to have a check in the build properties of each project which defined if a build should succeed when a nuget package is creator or not.

Hey X and M,

I like the product so far but the Add Package window definitely needs some improvement or a total makeover even. The autocomplete in the search bar is also flaky to scroll through.
Why not give the option to actually search and select from the resulting packages?

Bitbucket has a feature called "Deployment keys" which is primarily used for build services because they give read-only access to repositories, and does not count as an user license.

https://confluence.atlassian.com/display/BITBUCKET/Use+deployment+keys

This would be great for small teams that uses bitbucket's free plan for 5 users, because we don's have to create a "fake" readonly user for myget's Build service.

I know that we can use our personal accounts as authentication, but I would rather not :-)

Now you only get a notification if you start a manual within 5 minutes after the last build. I would like to get an email when this is happening after a git push operation

Situation: TeamCity build definitions with project names that contain capital letters. There are build templates that use the project name variable to do all sorts of things, from pulling from GitHub through to publishing packages.

MyGet forces all feed names to be lower-case, which means that we can't use project name variables to push to a MyGet feed.