NuGet Manager

A .NET package management skill covering NuGet package installation, version management, dependency resolution, private feed configuration, and package publishing for .NET projects.

What Is This?

Overview

This skill provides comprehensive NuGet package management guidance including searching, installing, updating, and removing packages, managing package sources, resolving dependency conflicts, configuring private feeds, and publishing custom packages to NuGet.org or private registries. It covers both simple single-project scenarios and complex multi-project solutions requiring coordinated dependency strategies.

Who Should Use This

Perfect for .NET developers managing project dependencies, DevOps engineers configuring package feeds, library authors publishing NuGet packages, and teams standardizing dependency management across .NET solutions.

Why Use It?

Problems It Solves

.NET projects accumulate dependencies that need regular updates, conflict resolution, and security patching. Without systematic package management, teams face version conflicts, vulnerable dependencies, and inconsistent package sources across developer machines. These issues compound over time, making upgrades increasingly difficult and introducing security exposure that automated tooling can reliably prevent.

Core Highlights

• Package Operations - Install, update, remove, and restore packages via CLI
• Version Management - Pin versions, set ranges, and handle major updates safely
• Dependency Resolution - Identify and resolve transitive dependency conflicts
• Private Feeds - Configure authenticated feeds for internal packages
• Package Publishing - Create and publish NuGet packages to registries

How to Use It?

Basic Usage

Ask Claude about NuGet package management, and this skill guides CLI operations.

Scenario 1: Package Management

Ask Claude: "Add Serilog to my .NET project and configure it"

Claude will guide:

dotnet add package Serilog --version 3.1.1
dotnet add package Serilog.Sinks.Console

dotnet list package

dotnet list package --outdated

dotnet add package Serilog --version 4.0.0

dotnet remove package Serilog.Sinks.File

dotnet restore

Scenario 2: Private Feed Configuration

Tell Claude: "Configure a private NuGet feed for our team"

Claude will set up:

<!-- nuget.config -->
<?xml version="1.0" encoding="utf-8"?>
<configuration>
  <packageSources>
    <clear />
    <add key="nuget.org" value="https://api.nuget.org/v3/index.json" />
    <add key="CompanyFeed" value="https://pkgs.dev.azure.com/company/_packaging/internal/nuget/v3/index.json" />
  </packageSources>
  <packageSourceCredentials>
    <CompanyFeed>
      <add key="Username" value="az" />
      <add key="ClearTextPassword" value="%NUGET_PAT%" />
    </CompanyFeed>
  </packageSourceCredentials>
</configuration>

Real-World Examples

Security Audit

A financial services team audited NuGet dependencies across 30 microservices. Identifying 12 packages with known vulnerabilities, they used batch update scripts to patch all services within a single sprint. Integrating vulnerability scanning directly into their CI pipeline ensured no new issues were introduced in subsequent releases.

Internal Package Library

An enterprise team published 50+ internal NuGet packages to Azure Artifacts. Standardized package versioning and automated CI publishing reduced duplicate code across projects by 40%.

Advanced Tips

Central Package Management

Use Directory.Packages.props to centralize version management across a multi-project solution. This ensures all projects reference the same package versions, eliminates version drift between related services, and makes solution-wide upgrades a single-file change rather than a project-by-project effort.

Vulnerability Scanning

Integrate dotnet list package --vulnerable into CI pipelines to catch security issues before deployment. Fail builds when high-severity vulnerabilities are detected.

When to Use It?

Use Cases

• Dependency Setup - Add packages to new or existing .NET projects
• Version Updates - Upgrade packages while maintaining compatibility
• Security Patching - Identify and fix vulnerable dependencies
• Feed Management - Configure private and authenticated package sources
• Package Publishing - Create and distribute internal NuGet packages

Related Topics

When you ask Claude these questions, this skill will activate:

• "How do I add a NuGet package?"
• "Update .NET dependencies"
• "Configure private NuGet feed"
• "Publish NuGet package to registry"

Important Notes

Requirements

• .NET SDK 6.0+ installed
• NuGet CLI or dotnet CLI for package operations
• Network access to NuGet.org or configured package feeds
• Azure DevOps or GitHub Packages for private feed hosting

Usage Recommendations

Do:

• Pin major versions - Use version ranges to prevent breaking updates
• Audit regularly - Check for outdated and vulnerable packages monthly
• Use central management - Centralize versions in multi-project solutions
• Automate updates - Use Dependabot or Renovate for automatic PR creation

Don't:

• Don't use floating versions - Wildcards cause unreproducible builds
• Don't ignore warnings - Package compatibility warnings indicate real issues
• Don't commit packages - Use .gitignore to exclude the packages folder

Limitations

• Transitive dependency conflicts may require manual resolution
• Private feed authentication varies between CI platforms
• Package restore speed depends on feed availability and cache state
• Some legacy packages target older .NET Framework versions only