-
Notifications
You must be signed in to change notification settings - Fork 249
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
In deprecation UI, alternate package with "*" range shows >= 0.0.0 #8795
Comments
The intention was never to show a version if it’s not specified (*). Definitely a bug (not a feature) ;-) |
@anangaur what is the suggestion then, to use Should we spell out |
My be just the package ID? |
As a developer, I'm fine with seeing the original I think we should set the precedent that version# is a critical part of the ID for a package. We are changing other strings to say "package version is vulnerable", not just "package X is vulnerable". |
My comment on showing just the package ID was for cases where it's 'any version' or '*'. For other cases where a version is specified, we should definitely show the version. |
Yes, understood. Just that I think we have to state any, rather than |
I would be fine with 'any version' or similar text as well :). 0.0.0 feels odd. FYI - @chgill-MSFT |
I should point out that there is no option for "*" or "any version" when deprecating a package. You can only suggest specific versions of an alternative package or suggest using the latest version. The PMUI currently shows (>=0.0.0) when "Latest" is selected as the suggested version which is the opposite of the intent 😅 From https://www.nuget.org/packages/Contoso.nuget.example/1.2.3: NuGet.org doesn't show the version of the alternate package when "Latest" is selected by the owner because latest stable is typically the assumed best choice when no version is specified (it's what we show by default in the PMUI Browse and Updates tabs). When you click on the linked package name - it automatically open the alternate package details page to the latest stable version. When the package author has chosen "Latest" I think we have 3 choices to consider:
Our decision here may also mean we should open an issue to be more specific on NuGet.org as well 😉 What do y'all think? - @anangaur |
Copying my response from the closed issue: @dominoFire IMO we should just open the package details window to the default version given their search preferences. If they have Include prerelease enabled, then show the latest stable/prerelease version. If they have Include prerelease disabled, then show the latest stable version. This is already how browse works in the PMUI today in normal search scenarios. NuGet.org works a little differently, but I think somewhat incidentally. On NuGet.org the alternate package deprecation link goes to nuget.org/packages// with no version specified which goes to the latest stable version. On NuGet.org, there's nowhere to specify a preference for prerelease or stable versions on the package details page - only in search. TL;DR Let's do what's most natural to the PMUI already which isn't exactly what NuGet.org does. In the case of Don't show any version - open the linked package to the latest stable or latest including prerelease depending on if "Include prerelease" is enabled. |
@dominoFire any update on this? Seems like a nice polish :) |
Details about Problem
NuGet product used: Package Manager Console
NuGet version: 5.5.0.6293
VS version: 16.5.0 Preview 1.0 [29430.205.master]
OS version: Windows 10 Version 1909
Worked before? Yes with 5.4.0.6271
Likely changed behavior with NuGet/NuGet.Client#3079.
Detailed repro steps so we can see the same problem
It shows
>= 0.0.0
. I think this is confusing because 0.0.0 is not a real version on most packages and is kind of a side-effect of*
having a minimum version of 0.0.0 in memory.Other suggested things
Screenshot
Compare to nuget.org:
/cc @xavierdecoster @nkolev92 @scottbommarito @anangaur @xavierdecoster
The text was updated successfully, but these errors were encountered: