NuGroom

Output Examples

Example console output from various NuGroom operations.

Scan & Report Output

NuGet feeds:
  - NuGet.org: https://api.nuget.org/v3/index.json
  - InternalFeed: https://pkgs.dev.azure.com/yourorg/_packaging/YourFeed/nuget/v3/index.json

Version warning level: Minor
Package-specific rules: 2 configured

Repository: MyRepository
--------------------------------------------------
  Project: /src/MyProject/MyProject.csproj
    - Serilog (Version: 2.12.0) [Feed: NuGet.org] โœ“ [https://www.nuget.org/packages/Serilog]
    - AutoMapper (Version: 11.0.1) [Feed: NuGet.org] โœ“ [OUTDATED]
    - MyCompany.Core (Version: 1.2.0) [Feed: InternalFeed] โœ“
    - InternalLib (Version: 1.0.0) [Not found on feeds]
      ๐Ÿ” Source: InternalLib in CoreLibraries (95% match)

PACKAGE SUMMARY
----------------
Serilog: 3 reference(s) across 1 version โœ“ [Feed: NuGet.org]
AutoMapper: 5 reference(s) across 2 versions โœ“ [OUTDATED] [Feed: NuGet.org]
  โ”œโ”€ v11.0.1: 3 reference(s)
  โ”œโ”€ v10.0.0: 2 reference(s)
  โ””โ”€ Multiple versions detected for AutoMapper
MyCompany.Core: 4 reference(s) across 1 version โœ“ [Feed: InternalFeed]
InternalLib: 2 reference(s) across 1 version [INTERNAL]

Total unique packages: 4
Available on NuGet.org: 2
Available on other feeds: 1
Internal packages (with source): 1
Outdated packages: 1

Version Warnings Output

VERSION WARNINGS
================================================================================

AutoMapper:
  โš  MyRepository/Project1.csproj
    Package version 10.0.0 differs from latest used version 11.0.1 (minor version difference)
  โš  MyRepository/Project2.csproj
    Package version 10.0.0 differs from latest available version 12.0.0 (major version difference)

--------------------------------------------------------------------------------
Total warnings: 2
Packages with warnings: 1
Major version differences: 1
Minor version differences: 1

Recommendations Output

PACKAGE UPDATE RECOMMENDATIONS
================================================================================
The following projects should update their package versions:

Newtonsoft.Json:
  Recommended version: 13.0.3

  โ€ข MyRepository/MyProject.csproj
    Current: 12.0.3 โ†’ Upgrade to: 13.0.3
    Upgrade to latest available version (currently major version behind)

  โ€ข MyRepository/AnotherProject.csproj
    Current: 11.0.1 โ†’ Upgrade to: 13.0.3
    Upgrade to latest available version (currently major version behind)

Serilog:
  Recommended version: 2.12.0

  โ€ข DifferentRepository/Logger.csproj
    Current: 2.10.0 โ†’ Upgrade to: 2.12.0
    Align with latest version used in solution (currently minor version behind)

--------------------------------------------------------------------------------
Total update recommendations: 3
Packages needing update: 2
Projects affected: 3
--------------------------------------------------------------------------------

Automated Update Output (Dry-Run)

================================================================================
DRY RUN - UPDATE PLAN (no changes will be made)
================================================================================
Update scope: Patch
Source branch: develop/*
Target branch pattern: develop/*
Feature branch prefix: feature/update-nuget-references
Required reviewers: lead@company.com
Optional reviewers: teammate@company.com

Repository: MyRepository
--------------------------------------------------
  /src/Core/Core.csproj (5 total dependencies)
    Azure.Storage.Blobs: 12.26.0 โ†’ 12.27.0
  /src/Api/Api.csproj (12 total dependencies)
    Azure.Storage.Blobs: 12.26.0 โ†’ 12.27.0
    CloudConvert.API: 1.4.0 โ†’ 1.4.1
  [Would create] Branch: feature/update-nuget-references-{timestamp} from develop/*
  [Would create] PR: "chore: update 3 NuGet package reference(s) (Patch scope)" โ†’ develop/*

Total: 3 update(s) across 1 repository(ies)
Would create 1 feature branch(es) and 1 pull request(s).
Run with --update-references (without --dry-run) to apply changes.

Package Sync Output (Dry-Run)

================================================================================
SYNC: Newtonsoft.Json โ†’ 13.0.1
================================================================================
Scanning 50 repository(ies) for Newtonsoft.Json...

Repository: MyRepository
--------------------------------------------------
  /src/Core/Core.csproj: 12.0.3 โ†’ 13.0.1
  /src/Api/Api.csproj: 11.0.1 โ†’ 13.0.1
  [Would create] Branch + PR to sync Newtonsoft.Json to 13.0.1

--------------------------------------------------------------------------------
DRY RUN: Would sync 1 repository(ies). 49 already at 13.0.1.
Run without --dry-run (or set "DryRun": false) to apply changes.

Vulnerability-Only Scan Output

When vulnerabilities are found (--list-vulnerabilities, exit code 1):

Found 3 vulnerable package reference(s):

  Newtonsoft.Json (used: 12.0.3)
    ๐Ÿšจ Severity: High [OSV] GHSA-5crp-9r3c-p9vr โ€” Improper handling of exceptional conditions
    ๐Ÿšจ Severity: High โ€” https://github.com/advisories/GHSA-5crp-9r3c-p9vr
    - MyRepository / src/MyApp/MyApp.csproj (12.0.3)
    - MyRepository / src/MyLib/MyLib.csproj (12.0.3)

  System.Text.Json (used: 6.0.0)
    ๐Ÿšจ Severity: Critical [OSV] GHSA-hh2w-p6rv-4g7w โ€” Denial of service via stack overflow
    - MyRepository / src/MyApp/MyApp.csproj (6.0.0)

When no vulnerabilities are found (exit code 0):

No vulnerabilities found.

See also: Features ยท Automated Updates

This site is open source. Improve this page.