This article demonstrates how can we automate NuGet Package updates for a solution in Azure DevOps CI pipeline.
We will use and install dotnet-outdated-tool in a CI pipeline in Azure DevOps to automate this process to a large extent.
dotnet-outdated-tool is a dotnet CLI tool that can be used for updating Nuget packages. It will automatically change package versions. But It won’t create any pull request. It will directly update version in csproj. Also, we will get to know out of date packages details and if required we can choose to fail CI build so that the respective team can look into that and upgrade version in code by initiating a pull request.
Let’s see below step-by-step implementation for dotnet-outdated-tool in Azure Devops –
STEP 1 – Setup new CI Pipeline
We will create a new CI pipeline using classic editor to implement this quickly. Let’s add couple of simple task like restore, build and publish, etc. that we generally used in CI pipeline.
![]()
STEP 2 - Configure task in CI Pipeline
Add Command Line task and modify the script sections as mentioned below.
![]()
Let’s add a .NET Core task but command should be “custom” and custom command should be “outdated”.
![]()
Arguments are one of the important params. For example, if we don’t want a specific package to be upgraded, we can mention like -- exclude Microsoft.EntityFrameworkCore
Below are the arguments that we can use based on our needs. Reference has been taken from here.
Usage: dotnet outdated [options] <Path>
Arguments:
Path The path to a .sln, .csproj or .fsproj file, or to a directory containing a .NET Core solution/project. If none is specified, the current directory will be used.
Options:
--version Show version information
-?|-h|--help Show help information
-i|--include-auto-references Specifies whether to include auto-referenced packages.
-pre|--pre-release <PRERELEASE> Specifies whether to look for pre-release versions of packages. Possible values: Auto (default), Always or Never.
-vl|--version-lock <VERSION_LOCK> Specifies whether the package should be locked to the current Major or Minor version. Possible values: None (default), Major or Minor.
-t|--transitive Specifies whether it should detect transitive dependencies.
-td|--transitive-depth <TRANSITIVE_DEPTH> Defines how many levels deep transitive dependencies should be analyzed. Integer value (default = 1)
-u|--upgrade[:<TYPE>] Specifies whether outdated packages should be upgraded. Possible values for <TYPE> is Auto (default) or Prompt.
-f|--fail-on-updates Specifies whether it should return a non-zero exit code when updates are found.
-inc|--include <FILTER_INCLUDE> Specifies to only look at packages where the name contains the provided string. Culture and case insensitive. If provided multiple times, a single match is enough to include a package.
-exc|--exclude <FILTER_EXCLUDE> Specifies to only look at packages where the name does not contain the provided string. Culture and case insensitive. If provided multiple times, a single match is enough to exclude a package.
-o|--output <OUTPUT_FILENAME> Specifies the filename for a generated report. (Use the -of|--output-format option to specify the format. JSON by default.)
-of|--output-format <OUTPUT_FILE_FORMAT> Specifies the output format for the generated report. Possible values: json (default) or csv.
-ot|--older-than <NUMBER_OF_DAYS> Only include package versions that are older than the specified number of days.
--ignore-failed-sources Treat package source failures as warnings.
Now Save and Run the pipeline.
STEP 3 – Test and Checks the Updated Nuget version
Once we run the pipeline, it will automatically upgrade packages. Let’s check the published artifacts to make sure if it is updated or not.
![]()
If we compare the outcome, we can see that it’s updated.
![]()
Awesome! We have seen how we can use dotnet-outdated-tool in Azure Pipelines to automate the process of updating NuGet packages. Hope you found this article useful.
YAML Pipeline: This is for reference purposes for those who are not using classic pipeline.
jobs:
- job: Job_1
displayName: Agent job 1
pool:
vmImage: windows-2019
steps:
- checkout: self
- task: DotNetCoreCLI@2
displayName: dotnet restore
inputs:
command: restore
projects: '**/*.sln'
feedRestore: <<Artifact>>/<<Feed-Name>>
displayName: CLS Install dotnet-outdated-tool
inputs:
script: >
dotnet tool install -g dotnet-outdated-tool
- task: DotNetCoreCLI@2
displayName: dotnet custom
inputs:
command: custom
projects: '**/*.sln'
custom: outdated
arguments: --upgrade
- task: DotNetCoreCLI@2
displayName: dotnet build
inputs:
projects: '**/*.sln'
- task: CopyFiles@2
displayName: 'Copy Files to: $(Build.ArtifactStagingDirectory)'
inputs:
TargetFolder: $(Build.ArtifactStagingDirectory)
- task: PublishBuildArtifacts@1
displayName: 'Publish Artifact: drop'
...
Happy Learning!