skip to content
Relatively General .NET

NuGet Packages: security risks and best practices

by Gérald Barré

posted on: December 02, 2024

NuGet packages offer a convenient way to share code, but many developers download them without reviewing the contents or verifying updates when new versions are released. When you install a NuGet package, you are:Downloading code from unknown authors that has likely not been thoroughly reviewed by

Dramatically faster package restores with .NET 9’s new NuGet resolver

by Jeff Kluge

posted on: November 27, 2024

.NET 9 introduces a new NuGet dependency graph resolver that dramatically improves package restore performance for large repositories. Learn how this reimagined approach reduces restore times from 30 minutes to just 2 minutes by creating a more efficient dependency graph with fewer nodes.

RavenDB Cloud

by Oren Eini

posted on: November 26, 2024

RavenDB Cloud has a whole bunch of new features that were quietly launched over the past few months. I discuss them in this post. It turns out that the team keeps on delivering new stuff, faster than I can write about it.The following new auto-scaling feature is a really interesting one because it is pretty simple to understand and has some interesting implications for production.You need to explicitly enable auto-scaling on your cluster. Here is what that looks like:Once you enabled auto-scaling - which usually takes under a minute - you can click the Configure button to set your own policies:Here is what this looks like:The idea is very simple, we routinely measure the load on the system, and if we detect a high CPU threshold for a long time, we’ll trigger scaling to the next tier (or maybe higher, see the Upscaling / Downscaling step options) to provide additional resources to the system. If there isn’t enough load (as measured in CPU usage), we will downscale back to the lowest instance type. Conceptually, this is a simple setup. You use a lot of CPU, and you get a bigger machine that has more resources to use, until it all balances out. Now, let’s talk about the implications of this feature. To start with, it means you only pay based on your actual load, and you don’t need to over-provision for peak load. The design of this feature and RavenDB in general means that we can make scale-up and scale-down changes without any interruption in service. This allows you to let auto-scaling manage the size of your instances.In the image above, you may have noticed that I’m using the PB line of products (PB10 … PB50). That stands for burstable instances, which consume CPU credits when in use. How this interacts with auto-scaling is really interesting.As you use more CPU, you consume all the CPU credits, and your CPU usage becomes high. At this point, auto-scaling kicks in and moves you to a higher tier. That gives you both more baseline CPU credits and a higher CPU credits accrual rate. Together with zero downtime upscaling and downscaling, this means you can benefit from the burstable instances' lower cost without having to worry about running out of resources.Note that auto-scaling only applies to instances within the same family. So if you are running on burstable instances, you’ll get scaling from burstable instances, and if you are running on the P series (non-burstable), your auto-scaling will use P instances.Note that we offer auto-scaling for development instances as well. However, a development instance contains only a single RavenDB instance, so auto-scaling will trigger, but the instance will be inaccessible for up to two minutes while it scales. That isn’t an issue for the production tier.

OpenAPI document generation in .NET 9

by Mike Kistler

posted on: November 25, 2024

Introducing the New OpenAPI Document Generation Feature in .NET 9. Let's take a look at what it is, how to use it, and how it streamlines API development in .NET.

Update dependencies in nuspec file using Renovate

by Gérald Barré

posted on: November 25, 2024

While nuspec files are not as common as they used to be, they are still used in some projects when you have special needs. For instance, Meziantou.DotNet.CodingStandard uses a nuspec file to create a package that supports all TFMs. Renovate is a tool to keep your dependencies up-to-date. It support