Comparison with Dependabot
Why should you use NuKeeper instead of Dependabot?
NuKeeper was created when no automated tool existed for .NET. We wrote a tool we needed, but we were also very happy to see Microsoft recognize this need and provide official support in the form of offering Dependabot for free. We do use Dependabot! It's a great service. However, there's some scenarios it still does not handle.
- Your source control provider is not GitHub
- You do not have permissions to install GitHub applications
- You want to work with a local checkout directly
- You have an internal NuGet feed that Dependabot cannot reach
- You need to filter and update packages by name
- You need to update .NET Framework ("Classic") projects
- You still use
packages.config - You want to inspect inspect .NET code for outdated packages, to list them or gather report or metrics, but not take automated action.
Dependabot works with project files directly, treating them (mostly) as plain xml. NuKeeper uses .NET tooling to interact with them - NuGet libraries to read, then NuGet.exe or dotnet to execute changes. The result is much closer to how installing packages through Visual Studio behaves. Practically, impact on recent .NET Core packages is negligible, but it can be a significant difference when dealing with .NET Framework projects.
