Skip to content
| Marketplace
Sign in
Azure DevOps>Azure Pipelines>NuGet Vulnerability Scan

NuGet Vulnerability Scan

Jonas Stjernström

|
4 installs
| (2) | Free
Build task to run a NuGet vulnerability scan using dotnet

Build extension to run dotnet list package --vulnerable and fail the build on found vulnerabilities.

NOTE Only works with .NET 5 and later.

How to use

After installing the extension it will be available as a build task to add to your build pipelines.

After adding the task to a build pipeline you have to configure the task by setting the working directory in which to scan for vulnerabilities, and the minimum level the task will fail at. The default level is set to High.

To add the task to a pipeline, the following options exist.

- task: NuGetVulnerabilityScan@1
  inputs:
    path: '${Build.SourcesDirectory}'
    transitive: true
    level: 'high'
Variable Required Description
path Yes The path where to run the dotnet list package command
transitive No If transitive dependencies should be scanned, default is false
level Yes Which level a build will break on if found. Available options are low, moderate, high and critical
  • Contact us
  • Jobs
  • Privacy
  • Terms of use
  • Trademarks
© 2023 Microsoft