nuget-warden 0.1.2

.NET 6.0 This package targets .NET 6.0. The package is compatible with this framework or higher. 
dotnet tool install --global nuget-warden --version 0.1.2
This package contains a .NET tool you can call from the shell/command line. 
dotnet new tool-manifest
                    


                            if you are setting up this repo
                        

                    

                
dotnet tool install --local nuget-warden --version 0.1.2
This package contains a .NET tool you can call from the shell/command line. 
#tool dotnet:?package=nuget-warden&version=0.1.2
                    


                    

                
nuke :add-package nuget-warden --version 0.1.2

๐Ÿ›ก๏ธ nuget-warden

nuget-warden is a cross-platform .NET CLI tool that scans your .csproj files for blocked NuGet packages, helping enforce security, licensing, and versioning policies in your builds.

It supports:

  • โœ… Direct PackageReference detection
  • โœ… NuGet-style version ranges (>=, <, [1.0.0], etc.)
  • โœ… YAML-based configuration
  • โœ… Fast execution (no dotnet restore required)
  • โœ… Easy integration into CI pipelines
  • โœ… Supports both traditional <PackageReference> and centralized <PackageVersion> via Directory.Packages.props.

๐Ÿ“ฆ Installation

Install as a global tool:

dotnet tool install nuget-warden

Or reference it locally in your repo as a tool if preferred.

๐Ÿš€ Usage

nuget-warden --help

Usage:
  nuget-warden [options]

Options:
  --config <path>         Path to blocked-packages.yaml file [default: blocked-packages.yaml]
  --project-dir <path>    Root directory to scan [default: current directory]
  --mode <direct|central> Scan mode: direct .csproj or central Directory.Packages.props [default: direct]
  --help                  Show help and usage information

Common examples:

# Default behavior (current directory and default config)
nuget-warden

# Scan a subfolder
nuget-warden --project-dir ./src

# Use a custom config file
nuget-warden --config ./configs/security.yaml

๐Ÿ”ง Configuration (blocked-packages.yaml)

Define packages and allowed version ranges using NuGet-style syntax:

packages:
  - id: "Moq"
    version: "[4.20.0,)"         # same as >= 4.20.0
  - id: "MassTransit"
    version: "[9.0.0,)"          # same as >= 9.0.0

You can use any valid NuGet version range syntax.

๐Ÿ›  How It Works

  1. Scans .csproj files in the specified directory.
  2. Parses direct <PackageReference> elements.
  3. Compares each package ID and version against the blocklist.
  4. Fails the build with helpful messages if blocked packages are found.

Note: It does not scan transitive dependencies โ€” only top-level ones declared in the project file.

๐Ÿ”€ Scan Modes

You can control how nuget-warden scans dependencies using the --mode option:

--mode <direct|central>

direct (default) โ€“ scans all .csproj files for direct <PackageReference> declarations.

central โ€“ scans a Directory.Packages.props file (for projects using Central Package Management).

Examples:

# Scan direct references in all .csproj files
nuget-warden --mode direct

# Scan central package versions from Directory.Packages.props
nuget-warden --mode central --project-dir ./src

โœ… Example Output

๐Ÿ” Scanning src/MyProject/MyProject.csproj...
โŒ Blocked: Moq 4.20.1 in 'MyProject.csproj' (matches '>=4.20.0')
โŒ Blocked: MassTransit 9.1.0 in 'MyProject.csproj' (matches '>=9.0.0')
๐Ÿšซ One or more blocked packages found.

๐Ÿงช Recommended Usage in CI

Add to your build scripts to enforce dependency policies:

nuget-warden --config ./blocked-packages.yaml --project-dir .
dotnet build

๐Ÿค Contributing

Pull requests are welcome! If you have suggestions for improvements, feel free to open an issue or PR.

๐Ÿงพ License

MIT License

Product Compatible and additional computed target framework versions.
.NET net6.0 is compatible.  net6.0-android was computed.  net6.0-ios was computed.  net6.0-maccatalyst was computed.  net6.0-macos was computed.  net6.0-tvos was computed.  net6.0-windows was computed.  net7.0 was computed.  net7.0-android was computed.  net7.0-ios was computed.  net7.0-maccatalyst was computed.  net7.0-macos was computed.  net7.0-tvos was computed.  net7.0-windows was computed.  net8.0 is compatible.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed.  net9.0 was computed.  net9.0-android was computed.  net9.0-browser was computed.  net9.0-ios was computed.  net9.0-maccatalyst was computed.  net9.0-macos was computed.  net9.0-tvos was computed.  net9.0-windows was computed.  net10.0 was computed.  net10.0-android was computed.  net10.0-browser was computed.  net10.0-ios was computed.  net10.0-maccatalyst was computed.  net10.0-macos was computed.  net10.0-tvos was computed.  net10.0-windows was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

This package has no dependencies.

Version Downloads Last Updated
0.1.2 205 4/14/2025
0.1.2-preview.2 163 4/14/2025
0.1.2-preview.1 141 4/9/2025
0.1.1 361 4/7/2025
0.1.1-preview.1 139 4/7/2025