4.6 has been released!
ProGet is a Universal Package Manager that lets you host and manage not only your in-house packages, but also an ever growing list of external repositories including PowerShell, Bower, RubyGems, NuGet, Npm, and many more! It was designed from the ground-up to be fast and easy to use, for both personal, and enterprise use.
Upgrading? Make sure to check out Upgrade Notes for ProGet 4.6
Introducing Vulnerability Scanning
ProGet Enterprise, Basic, and Load-Balanced now support Vulnerability scanning. ProGet integrates with third-party providers, that scans data, and flag packages with known vulnerabilities. We are shipping with Vor Security as a built-in source, with more sources coming soon.
Using ProGet along side a vulnerability provider gives you the ability to set user privileges, enforcing who is allowed to assess the vulnerabilities severity, and what action those assessments will entail. Keep in mind, just because there is a vulnerability associated with a package, doesn't automatically mean it will impact your feed as a whole. You may choose to ignore, block the package from being downloaded, or proceed with caution, as well as any assessment types you choose to set yourself. For an in-depth explanation, check out the Configuring a Vulnerability Source tutorial.