-
Notifications
You must be signed in to change notification settings - Fork 224
Support version ranges in project.json #1014
Comments
You need to have a version number for each non-project dependency. If the dependency is a NuGet package, it must have a version number. I think the |
Yes, use a specific version. There's no way to say always use the latest. |
Well, not yet 😄 |
If not yet, can I propose such feature? For example definition of dependency can look like:
or
Such feature is extremely useful in internal large projects. In my case we have more than 100 sln, which gives us up to 700 nuget. All of them can be produced daily (they aren't, but it is possible). Now we are using https://github.com/DarthFubuMVC/ripple which allows to specify "fixed" and "float" dependency - the concept of this is described here: http://fubuworld.com/ripple/gettingstarted/concepts/ What do you think about this? |
Don't really think it's the same for external dependencies and not realistic to just use the latest all the time. However, we do something similar with our projects (ASP.NET 5 is 30+ repositories) and for that we use snapshot versions (http://stackoverflow.com/a/5901460/45091). If you take a look at any of our projects: https://github.com/aspnet/Mvc/blob/dev/src/Microsoft.AspNet.Mvc.Core/project.json#L7 You'll see that it references That said, we will eventually support version ranges but I'd rather not conflate the 2 things. |
The only problem with this solution is when we are using external nuget like quite popular Newtosoft.Json or Microsoft libraries. The real life case is last System.Web.MVC upgrade. Because of security MS release a new version of above package. Using your solution for prerelease version will not resolve this problem, and the manual change is needed in every single project which use this package (in our case most of sln). The support for version ranges is in my opinion quite same, until we will force download latest version which is in range. |
How often to you float dependencies against released software not under your control? Seems like the minority case and version ranges will let you at least have some control over what versions get referenced. Just referencing the latest seems like a bad idea anyways. Especially if you jump across major versions. It's like saying you want the latest MVC which is a major breaking change from any previous MVC (basically a rewrite). |
To continue discussion: I forgot to mention that I use self-hosted nuget gallery, which allows me to control every version which internal developers use. To your question: "How often to you float dependencies against released software not under your control?" - maybe sound strange but quite often. Fortunately usually it is JavaScript libs, which isn't a big problem as regular dll. Anyway I don't want to use latest MVC, but I want to use latest MVC 8.0.X , so you are right that supporting version range will resolve my problems. So what do you think about version range support? I could try to take a look into this. |
I think it's something we have to do but to be honest, I'd rather we do it as the change will be very impactful to some of the stack. I'll put this bug in the RC milestone to investigate. |
We might also want to support the syntax that other package managers have: "dependencies": {
"Microsoft.AspNet.Mvc": "~6.0.0"
} Which means that you want to float 3rd number. |
But such syntax change should also have impact on |
Agreed, nuget uses the maven syntax. As long as we can translate to something nuspec likes we can use any syntax we want. |
Closing this as a dupe of #442 |
Needed to move Benchmarking and Profiling projects out of sub-directory Performance as Benchmarking could not locate a reference to Elasticsearch.Net, Nest or Tests projects. Raised an issue to check assumption - aspnet/dnx#3333. Removed dependency on NDesk.Options and include source file in Benchmarking project. Benchmarking needs to target dnxcore50 at the moment as it references Tests project. Update Newtonsoft.Json to 8.0.2. Not clear if there is a way to specify version ranges at present in project.json. See aspnet/dnx#1014 and aspnet/dnx#442. Nuget documentation states lowest version would be selected https://docs.nuget.org/Consume/ProjectJson-Format#project.json-usage build script Benchmark project now runs DNX solution builds of Benchmarking Fixed remaining warning
I am trying to force kpm restore for downloading latest nuget from feed. I did following steps:
C:\Users\[user]\.kpm\packages\Newtonsoft.Json
kpm restore
-> Newtonsoft.Json package wasn't downloadedkpm pack
-> reports an error:Sum up
Did I do something wrong? Or
project.json
dependencies are fixed to version number?I tried also using
*
in version number but I cannot make it work usually having error similar to below:'6.0.*' is not a valid version string.
The text was updated successfully, but these errors were encountered: