ProGet: Your Private NuGet Server or Proxy
NuGet is the place for .NET development. But you have less control when when a third party owns and curates your packages, unrestricted package access can open the door for problems in your code, and hosting private NuGet packages is impossible through NuGet.org and seriously limited with nuget.server.
ProGet supports as many NuGet feeds as you and your organization need.
ProGet was born as private NuGet server in 2012 to support .NET developers who couldn’t be interrupted by NuGet Gallery downtime or who needed a private repository. In the years since its first release, ProGet has grown from a NuGet specialist into a package and container superhero.
Keep Proprietary Packages Private
First-party storage for first-party packages.
Sharing packaged code via the NuGet Gallery can save time, because you get expert code from someone else. But modern development also relies on proprietary .nupkg packages for internal use only. Private NuGet server solutions like BaGet, LiGet, and our ProGet give you the privacy you need.
ProGet provides a secure, private home for first-party NuGet packages with easy internal package-sharing.
A single ProGet license does more work than dozens of nuget.server instances. One ProGet customer experienced regular outages and crashes to the over 30 nuget.server instances they needed. Now, they rely on just one ProGet installation and experience zero downtime.
And with Symbol and Source Server available out-of-the-box, you can maintain your internally created packages with zero extra work.
Security and Access Controls
Nuget.server lacks even minimal security and user restrictions. Especially for large companies, no restrictions means security problems.
Feed-level privileges in ProGet give granular control over your development assets. And with feed-level privilege controls (automatically, if you integrate with AD/LDAP), you can define who may take what action in each feed, keeping different teams’ work as separate as you need.
Maintain security and organization by keeping production-ready and -unready packages totally separate. Instead of a single type of NuGet feed, ProGet offers additional NuGet feed-types to indicate package status:
• Public (for third-party, production-unready packages)
• Private (for first-party packages)
• Validated (for approved, production-ready packages)
By separating packages by quality, ProGet lets you add an additional layer of “insurance,” protecting Production from human error or misunderstandings.
ProGet provides a private server for your NuGet packages without the limitations of nuget.server.
Get Third-party Packages Fast
First-party storage or caching for third-party packages.
When you need third-party, open-source packages, but your organization doesn’t allow access to sites like NuGet.org, you need a proxy.
ProGet can “stand in front of” NuGet as your proxy to get 100% of the NuGet packages you need with 0% direct contact with the site.
Unrestricted development hurts business. If developers can go to NuGet.org to pull and use any package, risk to your production instance increases. A proxy like ProGet adds security and safety by letting you filter out unacceptable packages.
Package and metadata caching avoid developer interruptions. Cache locally to reduce response times and ensure your third-party packages are available even if NuGet.org is running slow or goes down. ProGet as your NuGet proxy also avoids the embarrassment and possible legal troubles of bringing unacceptable packages into your organization.
Access NuGet.org packages with greater security and more consistent up-time with ProGet.
More than a Proxy
If ProGet was just a proxy or a private NuGet server, it’d be great at it. But ProGet does so much more to add security and reliability to your .NET development.
Keep your NuGet packages separated by team or by quality without difficult, time-consuming package-sharing. Package promotion copies a package between feeds in just three clicks. And a package promotion pipeline restricts the ‘promote to’ feed, adding an extra layer of privilege controls.
Further indicate production-ready packages while keeping packages immutable with repackaging. Once a package has passed pre-release testing, ProGet lets you easily repackage it as release-quality.
Connect to multiple sources like OSS Index and WhiteSource to automatically detect package vulnerabilities, and use ProGet to define risk (allow, block, caution, custom) for each vulnerability type on an ongoing basis.
License Detection and Blocking
Protect yourself and your organization from the liability of unwanted licenses. License detection and blocking in ProGet reads package metadata to alert you of licenses present. You can then configure ProGet to block (or allow) certain license types, like GNU-3.
Let ProGet automatically record deployment information from BuildMaster or OctopusDeploy. See where package versions have been deployed and find vulnerable servers more quickly when a vulnerability is discovered in a package.
Solve Your .NET Development Frustrations
Using current research, stories from ProGet users, and the advice of our own engineers, we assembled the most common NuGet complaints and explain how a private repository like ProGet helps.
This content helps you identify your main NuGet problems and learn whether a private server is the right choice for you.