# .NET — Daily DevOps & .NET > Comprehensive .NET coverage including C#, ASP.NET Core, performance optimization, latest framework features, updates, and development best practices. Source: https://daily-devops.net/tags/dotnet/ Generated: 2026-05-28 ## About this topic - [Topic landing page](https://daily-devops.net/tags/dotnet/): Comprehensive .NET coverage including C#, ASP.NET Core, performance optimization, latest framework features, updates, and development best practices. - [Back to all topics](https://daily-devops.net/tags/) - [Site index](https://daily-devops.net/llms.txt) ## Articles tagged ".NET" (76) - [I'm Done Making Empty Promises](https://daily-devops.net/posts/code-as-legacy-empty-promises/): // TODO: fix this properly. We'll refactor after the release. Tests when the API stabilizes. I've made every one of these promises. I'm done. - [My Biggest Enemy Writes My Code](https://daily-devops.net/posts/code-as-legacy-past-self/): Past Self is the most dangerous engineer on your team: skilled, well-intentioned, and gone when the bill comes due. This is about the code he left behind. - [Six Ways ILogger Silently Fails in Production](https://daily-devops.net/posts/your-ilogger-is-lying-to-you/): Half a day lost to BeginScope silently doing nothing in production. ILogger compiles, runs, produces no errors, and fails quietly in six distinct ways. - [The Code You Write Today Is Someone's Problem Tomorrow](https://daily-devops.net/posts/code-as-legacy/): Code is not just something you write—it is something you leave behind. After nearly two decades in production, here is what treating code as legacy means. - [Stop Pretending TimeProvider Doesn't Exist](https://daily-devops.net/posts/stop-pretending-timeprovider-doesnt-exist/): DateTime.UtcNow is a hidden dependency that breaks tests at midnight. .NET 8 shipped TimeProvider in 2023; two years on, most codebases still ignore it. - [Source Generators: The Build Performance Killer](https://daily-devops.net/posts/dotnet-source-generators-hidden-costs/): You added a NuGet package and your build jumped from 2 to 8 seconds. That package ships a source generator. Here is what it costs and how to find out. - [.claudeignore Doesn't Exist. Here's What Does.](https://daily-devops.net/posts/claudeignore-dotnet/): .claudeignore is a hallucination. Claude invented it, the internet spread it, and now Claude keeps recommending it. Here is what actually works in .NET. - [Your Privacy Docs Are Fiction: Let's Fix That with .NET CLI Tools](https://daily-devops.net/posts/privacy-audit-automation-dotnet-cli/): Quarterly audits can't catch PII added last Tuesday. Build .NET CLI tools that make compliance a build-time fact, not a spreadsheet fantasy. - [Security Tests That Prove Themselves](https://daily-devops.net/posts/cli-security-testing-audit/): Build xUnit and WebApplicationFactory security tests that emit timestamped evidence tied to commit hashes. Retire the SharePoint screenshot folder. - [Certified, Filed, Forgotten: The Compliance Trainwreck](https://daily-devops.net/posts/compliance-verification-dotnet-cli/): Consultants paid. Docs filed. Then compliance becomes a Word doc ritual until an audit exposes the drift. CLI tools fix what checklists never could. - [Who Ran That Migration? Audit Trails for .NET CLI Tools](https://daily-devops.net/posts/audit-trail-dotnet-cli-tools/): dotnet ef database update prints Success and forgets. Add structured logging, user identity, and correlation IDs so privileged CLI runs leave evidence. - [Purpose Limitation in API Design: Leaking Data You Shouldn't](https://daily-devops.net/posts/purpose-limitation-api-design/): Why your API returns too much personal data and how ASP.NET Core resource-based authorization enforces data minimization at the endpoint level. - ["We Store Secrets in appsettings.json": A Horror Story in Five Acts](https://daily-devops.net/posts/managed-identity-rbac-azure-resources/): That ClientSecret has been in your Git history since 2019. Here's how Azure Managed Identity eliminates credentials from your .NET apps entirely. - ["Just Delete the User": Famous Last Words Before the GDPR Audit](https://daily-devops.net/posts/right-to-erasure-implementation-patterns/): That delete request touches 17 systems you'd forgotten existed. Here's how to erase data across distributed systems without nuking your database. - [Privacy Health Checks: Beyond Database Connectivity](https://daily-devops.net/posts/privacy-health-checks-data-access-patterns/): Database connectivity is green, yet 15% of users have expired consents. Add IHealthCheck probes for consent, retention, and access anomalies. - [Green Dashboard, Dead Application](https://daily-devops.net/posts/health-checks-operational-monitoring/): HTTP 200 from /health while users see timeouts. The process runs, but the database pool is exhausted. Check what matters, not if it breathes. - [Your Stack Traces Are Love Letters to Attackers](https://daily-devops.net/posts/error-handling-security-information-disclosure/): That helpful stack trace in your API response is a roadmap for attackers. Learn secure error handling that logs everything but reveals nothing. - [Your Logout Button Is Lying: ASP.NET Session Security Done Right](https://daily-devops.net/posts/session-management-aspnet-authentication/): Most ASP.NET session configs pass code review but fail security audits. Learn what actually matters for cookie authentication and JWT tokens. - [Cookie Banners Won't Save You From ISO 27701](https://daily-devops.net/posts/consent-management-aspnet-identity/): Your "consent management" is probably a boolean column with no audit trail. Here's what ISO 27701 and GDPR Article 7 actually require in .NET. - [NuGet Packages: The Suppliers You Forgot to Audit](https://daily-devops.net/posts/dependency-management-nuget-security/): dotnet add package invites unvetted suppliers into production. Enforce Central Package Management, signature checks, and vulnerability scans. - [Stop Hoarding Personal Data in Entity Framework](https://daily-devops.net/posts/data-minimization-entity-framework/): Monolithic user entities make GDPR deletion impossible. Separate operational from personal data in EF Core with nullable, purpose-documented fields. - [Your Encryption Is Broken — .NET Data Protection Done Right](https://daily-devops.net/posts/cryptography-dotnet-data-protection/): XOR operations and hardcoded keys fail audits. Learn how .NET Data Protection API with Azure Key Vault delivers real cryptographic compliance. - [Your appsettings.json Is a Compliance Violation](https://daily-devops.net/posts/secrets-management-azure-keyvault/): That connection string in your config file violates ISO 27017. Azure Key Vault is not optional—it is the compliance minimum you have been ignoring. - [Audit Logging That Survives Your Next Security Incident](https://daily-devops.net/posts/audit-logging-azure-app-insights/): Most audit logs fail when incidents happen. Structured logging with Application Insights creates trails auditors accept and engineers actually use. - [Your [Authorize] Attribute Is Compliance Theater](https://daily-devops.net/posts/access-control-aspnet-core/): Your [Authorize] attributes fool developers but not auditors. ISO 27001 A.9 demands actual authorization — not role strings scattered across your codebase. - [Why ISO Standards Actually Matter for .NET Developers](https://daily-devops.net/posts/iso-standards-intro-dotnet-developers/): ISO/IEC 27001, 27017, and 27701 aren't compliance theater anymore—they're engineering requirements in cloud-native .NET that affect every code decision. - [ISO/IEC 27001, 27017 & 27701 for .NET Developers — The Complete Series](https://daily-devops.net/posts/iso-standards/): Nearly 30 articles map ISO/IEC 27001, 27017, and 27701 to concrete .NET and Azure: secrets, access control, GDPR erasure, and supply chain security. - [Real Professional Software Engineering in the AI Era](https://daily-devops.net/posts/real-professional-software-engineering-ai-era/): AI generates code instantly. Professionals spot when it is subtly wrong, debug failures AI cannot reason about, and see through the productivity narrative. - [The Feedback Loop That AI Can't Replace](https://daily-devops.net/posts/feedback-loop-ai-cant-replace/): Compilers validate logic, profilers expose performance lies, and production reveals every deferred decision. AI cannot close that feedback loop for you. - [Kubernetes Is Not a Platform Strategy](https://daily-devops.net/posts/kubernetes-not-platform-strategy/): Kubernetes orchestrates containers brilliantly. But governance, identity, and recovery live elsewhere—and ignoring those boundaries breaks production. - [Alphabet Soup: The Format Buffet Nobody Ordered](https://daily-devops.net/posts/alphabet-soup-file-formats/): CSV breaks on commas. YAML breaks on spaces. JSON breaks on trailing commas. TOML, TAML, TOON, CCL joined the chaos. Nobody wins. Here's why. - [Why Real Professionals Will Never Be Replaced by AI](https://daily-devops.net/posts/code-sharpens-thinking/): Typing code is trivial now—AI does it instantly. So why will real professionals never be replaced? Because vibe coding collapses under production reality. - [Most Software Teams Are Lying to Themselves—2026 Needs to Be Different](https://daily-devops.net/posts/happy-new-year-2026/): Stop promising to fix technical debt next quarter. .NET 10, analyzers, and tests are ready in 2026; only the engineering discipline is missing. - [2025 in Review: The Year .NET Stopped Lying to Itself](https://daily-devops.net/posts/dotnet-2025-year-in-review/): No runtime revolutions—Aspire, TUnit, and Testcontainers won by making distributed systems visible. Plus .NET's open source sustainability crisis. - [.NET CLI 10 – Microsoft Finally Realizes DevOps Exists](https://daily-devops.net/posts/dotnet-10-cli-devops/): .NET 10 CLI finally ships features DevOps teams needed years ago: built-in container builds, ephemeral tools, and machine-readable schemas across the SDK. - [Why Your Logging Strategy Fails in Production](https://daily-devops.net/posts/dotnet-advanced-logging/): Most .NET teams log 50MB per request and still can't diagnose the 3 AM outage. Fix the anti-patterns that turn observability into expensive noise. - [Stop Typing: The .NET CLI Tab Completion You've Been Missing](https://daily-devops.net/posts/dotnet-cli-expanding-scope-autocomplete/): .NET 10 ships native tab completion for the dotnet CLI. One command, no Register-ArgumentCompleter snippets, and your shell finally remembers. - [.NET Job Scheduling — Choosing the Right Framework](https://daily-devops.net/posts/dotnet-job-scheduling-7-comparative-review/): Side-by-side comparison of Hangfire, Quartz.NET, Coravel, NCronJob, and TickerQ with feature matrices and decision heuristics for .NET architects. - [.NET Job Scheduling — TickerQ and Modern Architecture](https://daily-devops.net/posts/dotnet-job-scheduling-6-tickerq/): How TickerQ uses source generation, EF Core, and a real-time dashboard to deliver reflection-free, async-first scheduling for modern cloud-native systems. - [Power of Ten Rules: More Relevant Than Ever for .NET](https://daily-devops.net/posts/dotnet-power-of-ten-rules/): Holzmann's safety-critical coding rules hit harder in modern C#: Roslyn analyzers, nullable types, and the type system enforce what C only wished. - [.NET Job Scheduling — NCronJob and Native Minimalism](https://daily-devops.net/posts/dotnet-job-scheduling-5-ncronjob/): NCronJob plugs into ASP.NET Core hosting to deliver zero-dependency, cron-based scheduling for microservices and containerized .NET deployments. - [.NET Job Scheduling — Coravel and Fluent Simplicity](https://daily-devops.net/posts/dotnet-job-scheduling-4-coravel/): How Coravel delivers lightweight, convention-driven scheduling without external dependencies, accelerating development for small to medium applications. - [.NET Job Scheduling — Quartz.NET for Enterprise Scale](https://daily-devops.net/posts/dotnet-job-scheduling-3-quartznet/): Quartz.NET delivers enterprise scheduling with clustering, advanced triggers, job calendars, and multi-datacenter coordination for high-volume workloads. - [.NET Job Scheduling — Hangfire and Persistent Reliability](https://daily-devops.net/posts/dotnet-job-scheduling-2-hangfire/): How Hangfire delivers persistent background processing with built-in dashboards, automatic retries, and distributed job execution for web applications. - [.NET Job Scheduling — The Landscape](https://daily-devops.net/posts/dotnet-job-scheduling-1-landscape/): Why background processing matters for cloud-native .NET, and how schedulers evolved from manual timers to robust, distributed orchestration engines. - [.NET Job Scheduling — The Complete Series](https://daily-devops.net/posts/dotnet-job-scheduling/): Seven articles comparing Hangfire, Quartz.NET, Coravel, NCronJob, and TickerQ—match each .NET job scheduler to the workloads it actually fits. - [NetEvolve.HealthChecks 5.0: 27+ Targeted Probes, Zero Boilerplate](https://daily-devops.net/posts/healthchecks-5-0/): HealthChecks 5.0 ships 27+ targeted AWS/Azure/GCP, graph, vector, streaming and AI probes and removes inheritance boilerplate via source generation. - [.NET 10 Testing: Microsoft Finally Fixed the Test Runner (Mostly)](https://daily-devops.net/posts/dotnet-10-testing/): Microsoft.Testing.Platform replaces VSTest in .NET 10. See what improves, what breaks, and why your global.json now matters in IDE and CI reliably. - [Code Metrics and Configuration: Beyond the Numbers Game](https://daily-devops.net/posts/code-metrics-configuration/): A critical look at .NET and Visual Studio code metrics, their configuration, and why context matters infinitely more than arbitrary thresholds. - [.NET 10: Boring by Design, Reliable by Default](https://daily-devops.net/posts/dotnet-10-released/): .NET 10 ships JIT physical promotion, AVX 10.2 loop vectorization, and C# 14 with LTS support through November 2028. Boring is finally the feature. - [.NET 10: Timing Is the New Technical Debt](https://daily-devops.net/posts/timing-is-the-new-technical-debt/): Why Q1 2026 .NET 10 migration is the most strategic move: proactive dependency management turns release-cycle timing from debt into advantage. - [.NET 10 and the Release Cycle Paradox](https://daily-devops.net/posts/dotnet-10-release-cycle-paradox/): .NET's predictable yearly cadence delivers stability and pressure at once: migration insights, cultural notes, and recommendations for .NET 10. - [Stop Breaking Multi-Targeting Builds with String Comparisons](https://daily-devops.net/posts/proper-use-of-targetframework-conditions/): String comparisons in TargetFramework conditions break multi-targeting builds. Here is why IsTargetFrameworkCompatible() exists and saves you hours. - [Modern Defensive Programming in .NET 8/9 with Throw Helpers](https://daily-devops.net/posts/modern-defensive-programming/): ArgumentNullException.ThrowIfNull modernizes .NET guard clauses; NetEvolve.Arguments gives a unified API across multi-framework target projects. - [Your Tests Are Lying — Mutation Testing in .NET](https://daily-devops.net/posts/tests-are-lying/): Stryker.NET exposes the blind spots line coverage hides—real lessons, richer examples, and a sustainable mutation testing flow for .NET DevOps. - [PackageDownload: NuGet's Forgotten Power Tool](https://daily-devops.net/posts/nuget-packagedownload-functionality/): PackageDownload solves a real problem most developers don't know exists. But its painful limitations reveal the cost of evolving mature platforms. - [Configuration-First Health Checks for Modern .NET](https://daily-devops.net/posts/netevolve-healthchecks/): Declarative, high-performance health checks for .NET driven by configuration—covers databases, queues, caches, and cloud services, not code. - [Stop Parsing the Same String Twice: CompositeFormat in .NET](https://daily-devops.net/posts/compositeformat-performance-boost/): Parse once, format a thousand times. CompositeFormat eliminates redundant parsing overhead and makes your .NET apps faster with one simple change. - [How SearchValues Saved Us From Scaling Hell](https://daily-devops.net/posts/searchvalues-saved-us-from-scaling-hell/): How SearchValues in .NET 8-10 delivered 5x faster string operations, reduced infrastructure costs, and evolved with multi-substring optimization. - [Clean Code: A Lip Service, Not a Standard](https://daily-devops.net/posts/clean-code-lip-service-not-a-standard/): How misunderstood Clean Code ideals harm .NET systems. Learn to recognize code quality failures and apply C# best practices for maintainable software. - [ConstantExpectedAttribute: Compile-Time Performance](https://daily-devops.net/posts/constant-expected-attribute/): How ConstantExpectedAttribute in .NET 7+ enables compile-time optimizations, better IDE support, and improved performance via constant signaling. - [Retiring Legacy .NET Projects: Risk, Cost, Forward Motion](https://daily-devops.net/posts/retiring-legacy-dotnet-projects/): Modernize legacy .NET systems with modular architecture, risk reduction, cost efficiency strategies, and practical patterns for measurable impact. - [TUnit — A Pragmatic Evaluation for .NET Teams](https://daily-devops.net/posts/tunit-a-pragmatic-evaluation-for-dotnet-teams/): A pragmatic TUnit evaluation for .NET teams - comparing performance, maintainability, and ecosystem readiness against MSTest, xUnit, and NUnit frameworks. - [Still Waiting for the Final Piece: C# 14 Comes Close](https://daily-devops.net/posts/still-waiting-for-the-final-piece/): C# 14’s new 'Extension Everything' syntax comes close to VB.NET’s ByRef magic—but not quite. A witty look at what’s still missing in modern .NET. - [The Generous Gift? Microsoft Extends .NET STS Support to 24 Months](https://daily-devops.net/posts/extended-dotnet-sts-support-timeframe/): Microsoft extended .NET STS support from 18 to 24 months. Examine what this policy change really means for developers, teams, and organizations. - [.NET 10 RC 1: Architectural Impact and C# 14](https://daily-devops.net/posts/dotnet10rc1-is-knocking-at-the-door/): .NET 10 RC 1 brings C# 14 features, major performance improvements, and architectural changes. Explore containerization, NativeAOT, and breaking changes. - [Visual Studio 2026 - Why AI-Native Tooling Will Matter](https://daily-devops.net/posts/visual-studio-2026/): Visual Studio 2026 brings AI-native tooling. Learn what professional .NET teams should expect and how enterprise architecture adapts to changes. - [Buzzword-Driven Development vs. Fundamental Software Quality](https://daily-devops.net/posts/buzzword-driven-development/): Why fundamental .NET software quality must never be sacrificed for trendy buzzwords, including recommended analyzers, settings, and practices. - [How to Use Copilot Without Becoming Its Puppet](https://daily-devops.net/posts/copilot-without-becoming-its-puppet/): Master GitHub Copilot as a productivity tool while maintaining your coding skills, critical thinking abilities, and commitment to software craftsmanship. - [Copilot Turns Junior Devs Into Syntax Secretaries](https://daily-devops.net/posts/copilot-turns-junior-devs-into-syntax-secretaries/): Explore how GitHub Copilot and AI assistants impact junior developer growth, focusing on learning fundamentals beyond syntax completion and automation. - [Vibe Coding in .NET: Creative Catalyst or Maintenance Risk?](https://daily-devops.net/posts/vibe-coding-isnt-wrong-its-unfinished/): Explore the balance between intuitive coding and structured development in .NET, examining when vibe coding helps and when it hinders project success. - [Understanding the C# `StringValues`: A Comprehensive Guide](https://daily-devops.net/posts/understanding-csharp-stringvalues/): Learn about C# StringValues type, its features, usage patterns, and performance benefits in efficiently handling string values in modern .NET applications. - [Managing Errors, Warnings, and Configurations in C# and .NET](https://daily-devops.net/posts/managing-errors-warnings-and-configurations/): Learn strategies for managing static code analysis warnings, improving code quality, configuring analyzers, and integrating into CI/CD pipelines. - [Introducing Nullability in Legacy .NET Code](https://daily-devops.net/posts/introducing-nullability-in-legacy-code/): Step-by-step guide for implementing nullable reference types in legacy .NET and C# codebases with practical strategies, patterns, and best practices. - [BuildingInsideVisualStudio: .NET Project Properties](https://daily-devops.net/posts/buildinginsidevisualstudio/): Learn how to use the BuildingInsideVisualStudio property in .NET to conditionally include packages, optimize builds, and streamline developer workflows. - [Manage NuGet Packages Centrally](https://daily-devops.net/posts/manage-nuget-packages-centrally/): Learn how to centrally manage NuGet packages in .NET solutions using Directory.Packages.props for better dependency management and version control. ## Optional - [Full site index for LLMs](https://daily-devops.net/llms.txt) - [Full content of all articles](https://daily-devops.net/llms-full.txt) - [RSS for this tag](https://daily-devops.net/tags/dotnet/feed.rss) - [Atom for this tag](https://daily-devops.net/tags/dotnet/feed.atom) - [JSON Feed for this tag](https://daily-devops.net/tags/dotnet/feed.json)