ProGet: Your Private NuGet Server or Proxy
With ProGet as your team’s private NuGet server:
• increase control
• heighten security
• maintain access
When a third party owns and curates your packages, your team’s unrestricted packages access can introduce problems into your code. And the third-party NuGet Gallery cannot keep your private packages private.
Hosting Private NuGet Packages
Control and Security: Keep Proprietary Packages Private
First-party storage for first-party packages.
ProGet provides a single home for all feeds, while still keeping them separate, and its access controls adds extra security.
A single ProGet license does more work than dozens of nuget.server instances. One ProGet customer saw regular outages and crashes to their over 30 nuget.server instances. Now, they rely on a single ProGet installation and experience zero downtime.
With Symbol and Source Server available out-of-the-box, you can maintain your internally created packages with zero extra work. And connectors let you aggregate or separate feeds to meet your unique needs.
Keeping production-ready and -unready packages totally separate help you stay organized and avoid human error introducing problems in Production. ProGet offers different NuGet feed-types to indicate package quality:
• Public (for third-party, production-unready packages)
• Private (for first-party packages)
• Validated (for approved, production-ready packages)
When developers go to the NuGet Gallery and find a creative solution to solve a specific problem, they can inadvertently introduce new problems. Assign permissions to add security and reduce risk.
Access: Get Third-party Packages Fast
First-party storage or caching for third-party packages.
ProGet as your NuGet proxy gets your developers the packages they need while following organizational rules for security and privacy and letting you filter out unacceptable packages.
ProGet can “stand in front of” NuGet as your proxy to get 100% of the NuGet packages you need with 0% direct contact with the site.
Package and metadata caching avoid developer interruptions. Cache locally to reduce response times and ensure your third-party packages are available even if NuGet.org is running slow or goes down.
Additional Features for Efficiency and Safety
Keep your NuGet packages separated by team or by quality without difficult, time-consuming package-sharing. Package promotion copies a package between feeds in just three clicks. And a package promotion pipeline restricts the ‘promote to’ feed, adding an extra layer of privilege controls.
Further indicate production-ready packages while keeping packages immutable with repackaging. Once a package has passed pre-release testing, ProGet lets you easily repackage it as release-quality—so that exactly what was tested goes to production.
Connect to multiple sources like OSS Index and WhiteSource to automatically detect package vulnerabilities, and use ProGet to define risk (allow, block, caution, custom) for each vulnerability type on an ongoing basis.
License Detection and Blocking
In the world of GPL-3, protecting yourself protect yourself and your organization from liability and litigation is paramount. License detection and blocking in ProGet reads package metadata to alert you of licenses present. Then configure ProGet to block (or allow) certain license types, keeping unwanted licenses far away from production.
Let ProGet automatically record deployment information from BuildMaster or OctopusDeploy. See where package versions have been deployed and find vulnerable servers more quickly when a vulnerability is discovered in a package.
Solve Your .NET Development Frustrations
Using current research, stories from ProGet users, and the advice of our own engineers, we assembled the most common NuGet complaints and explain how a private repository like ProGet helps.
This content helps you identify your main NuGet problems and learn whether a private server is the right choice for you.