net472 to netstandard1.3 -> extra diagnostics dll
See original GitHub issueRepro steps:
- Extract ds.zip somewhere
dotnet build
theapp
project- Look at bin\Debug\net472, notice extra S.D.DiagnosticSource.dll
This is coming transitively from the netstandard.library 1.6.1 implicit ref in lib.csproj. Recall that netstandard1.x projects don’t get privateassets=“all” applied to that.
But, regardless, why does this assembly survive conflict resolution, etc. net472 should be able to consume netstandard1.x without app-local framework assemblies.
I’m not sure if this is a regression, but I’m very surprised that I haven’t heard about it before, so it may well have crept in.
Issue Analytics
- State:
- Created 4 years ago
- Reactions:1
- Comments:9 (9 by maintainers)
Top Results From Across the Web
NET Standard
It describes and provides access to the ~40 .NET libraries and associated APIs that define .NET Standard. You can reference additional packages ...
Read more >How does .NET 4.7.2 manage redirects for a dependency ...
The DLL that I wanted to consolidate to (the one being used by all other modules, i.e., file version 4.6.26919.2) is not assembly...
Read more >System.Diagnostics.TraceSource 4.3.0
Provides classes that help you trace the execution of your code. Developers should prefer the classes in the ETW-based System.Diagnostics.
Read more >https://support.postsharp.net/api/v1/request/23710...
1> Task "MSBuild" 1> Additional Properties for project "JasperAPI.csproj": 1> TargetFramework=net472 1> Building with tools version "15.0".
Read more >Nuget package installer does not install dependencies (.net ...
I have a test project, wherin I'm using PeanutButter.TempDb.MySql (I'm also the owner/maintainer of the PeanutButter.* packages). This package depends on:.
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
I agree here. I’m closing this since I haven’t seen other reports and we can reopen if there are any. There are other more severe issues with the 1.6.1 reference, though. https://github.com/dotnet/sdk/issues/2261
It seems that fixing that would fix this, so I’ll close and let the discussion of risk reward focus on the more severe issue.
Also, in past discussions, it seems we’re ok bumping 2.0.x to latest for 2.0+ projects, but not 1.6.x -> latest for 1.x projects as 1.x projects manifest their dependency. I am actually averse to all implicit bumps in principle, but that is not what I see recorded as the policy in past issues. It also seems that 2.0.x won’t actually bring substantially different dependencies to 1.x projects like 1.6.1 did over 1.6.0 so I may be overindexing on that.
(Maybe unpopular opinion, but I regret all implicit versioning. I wish that project files specified all versions and that we relied on features to tell you if you had insecure versions in your project files, and prompted you to upgrade. Even for self-contained apps.)