Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

net472 to netstandard1.3 -> extra diagnostics dll

See original GitHub issue

Repro steps:

Extract ds.zip somewhere
dotnet build the app project
Look at bin\Debug\net472, notice extra S.D.DiagnosticSource.dll

This is coming transitively from the netstandard.library 1.6.1 implicit ref in lib.csproj. Recall that netstandard1.x projects don’t get privateassets=“all” applied to that.

But, regardless, why does this assembly survive conflict resolution, etc. net472 should be able to consume netstandard1.x without app-local framework assemblies.

I’m not sure if this is a regression, but I’m very surprised that I haven’t heard about it before, so it may well have crept in.

cc @dsplaisted @ericstj

Issue Analytics

State:
Created 4 years ago
Reactions:1
Comments:9 (9 by maintainers)

Top GitHub Comments

1reaction

nguerreracommented, Aug 23, 2019

but there’s an easy workaround: manually reference a newer NETStandard.Library package. If we heard about this impacting a customer and could quantify that impact against the risk that Nick suggests I’d push harder.

I agree here. I’m closing this since I haven’t seen other reports and we can reopen if there are any. There are other more severe issues with the 1.6.1 reference, though. https://github.com/dotnet/sdk/issues/2261

It seems that fixing that would fix this, so I’ll close and let the discussion of risk reward focus on the more severe issue.

Also, in past discussions, it seems we’re ok bumping 2.0.x to latest for 2.0+ projects, but not 1.6.x -> latest for 1.x projects as 1.x projects manifest their dependency. I am actually averse to all implicit bumps in principle, but that is not what I see recorded as the policy in past issues. It also seems that 2.0.x won’t actually bring substantially different dependencies to 1.x projects like 1.6.1 did over 1.6.0 so I may be overindexing on that.

1reaction

nguerreracommented, Aug 23, 2019

(Maybe unpopular opinion, but I regret all implicit versioning. I wish that project files specified all versions and that we relied on features to tell you if you had insecure versions in your project files, and prompted you to upgrade. Even for self-contained apps.)

Top Results From Across the Web

NET Standard

It describes and provides access to the ~40 .NET libraries and associated APIs that define .NET Standard. You can reference additional packages ...

How does .NET 4.7.2 manage redirects for a dependency ...

The DLL that I wanted to consolidate to (the one being used by all other modules, i.e., file version 4.6.26919.2) is not assembly...

System.Diagnostics.TraceSource 4.3.0

Provides classes that help you trace the execution of your code. Developers should prefer the classes in the ETW-based System.Diagnostics.

https://support.postsharp.net/api/v1/request/23710...

1> Task "MSBuild" 1> Additional Properties for project "JasperAPI.csproj": 1> TargetFramework=net472 1> Building with tools version "15.0".

Nuget package installer does not install dependencies (.net ...

I have a test project, wherin I'm using PeanutButter.TempDb.MySql (I'm also the owner/maintainer of the PeanutButter.* packages). This package depends on:.