Allow Pack to pin only project references
See original GitHub issueDescription
Currently, the pack command allows for specifying lock-dependencies
to force all generated dependencies to be specific (picked up from the paket.lock
file) rather than use the version specification from the paket.dependencies
file.
However, the version specification of generated project reference dependencies is also controlled by this setting. If lock-dependencies
is specified, the project reference versions are pinned (=), but if it is not specified, they are minimums (>=). A new setting could be introduced (pinned-project-references
) to allow for the project references to be pinned while still using the version specification from paket.dependencies
for any external dependencies.
Repro steps
This is a feature request.
Expected behavior
The two settings lock-dependencies
and pinned-project-references
would work together as follows:
Neither pinned-project-references
nor lock-dependencies
specified:
External dependencies: Version specification picked up from paket.dependencies
.
Project references: Version specification is minimum (>=).
pinned-project-references
is specified, but lock-dependencies
is not specified:
External dependencies: Version specification picked up from paket.dependencies
.
Project references: Version specification is pinned (=).
lock-dependencies
is specified (pinned-project-references
does not matter):
External dependencies: Version specification picked up from paket.lock
(pinned).
Project references: Version specification is pinned (=).
Actual behavior
Either external dependencies and project references must both be pinned, or neither be pinned.
Known workarounds
There is no known workaround.
Related information
N/A
Issue Analytics
- State:
- Created 7 years ago
- Comments:19 (17 by maintainers)
Top GitHub Comments
Revisiting the discussion above, I do not believe a more complex setting for controlling project dependencies should be pursued. In the interest of keeping things simple, I believe this setting alone (on or off) allows for the two most common scenarios to be handled automatically when using automatic dependencies inferred from project references.
If projects within a solution are guaranteed to maintain backwards compatibility, then the default setting (
pin-project-references
not being specified) yields the current behavior, which is desired.However, if backwards compatibility between the projects within a solution is not guaranteed, then a user upgrading a package for one of the projects should be forced to upgrade to the corresponding version for any other packages built from the same solution to ensure they all stay in sync. The (=) specification is the only way to enforce this, and would be able to be specified using this new
pin-project-references
setting.Closing