-
Notifications
You must be signed in to change notification settings - Fork 253
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Reevaluate the packages lock file + transitive project versions #7935
Comments
A bit of background: The packages.lock.json model has 3 types of dependencies.
Now a few things that cannot be understood from the lock file:
Relevant: https://github.com/NuGet/NuGet.Client/pull/2701/files#diff-4f61fe90f26719aa002d997eb1a92576 "NuGet.Packaging": {
"type": "Project",
"dependencies": {
"Newtonsoft.Json": "9.0.1",
"NuGet.Configuration": "5.0.0-preview3",
"NuGet.Versioning": "5.0.0-preview3"
}
}, Now after fixing a few bugs with the evaluation: We now have the lock file up to date check verify that the project reference graph is the same. The reason for this is because if we tried validating the versions, it would fail every CI build in locked mode. tl;dr; The version for projects listed in the dependencies section is useless. Removing it would require potentially changing the model of the lock file is written. I don't expect any issues if we were to fix this in 5.2 though. If it breaks the model, we increment the file version. If it doesn't break the model, switching between versions could create noise, but eventually it should disappear. |
Safe to say, this won't make it in 5.1. :) |
Related: #8465 |
Currently if you have a transitive projects, the transitive project will have a requested version for the project.
This would mean every project version change will require a lock file regeneration.
//cc @anangaur
@joelverhagen @zivkan @dominoFire @rrelyea
The text was updated successfully, but these errors were encountered: