2

We have a huge Visual Studio solution with many projects (SDK style). In order to simplify the update/maintenance we introduced the central package management feature with a Directory.Packages.props file including:

  <PropertyGroup>
    <CentralPackageTransitivePinningEnabled>true</CentralPackageTransitivePinningEnabled>
    <ManagePackageVersionsCentrally>true</ManagePackageVersionsCentrally>
  </PropertyGroup>

and all our references like:

  <ItemGroup>
    <PackageVersion Include="Microsoft.Build.Tasks.Git" Version="1.1.1" />
    <PackageVersion Include="NUnit" Version="3.13.3" />
    ...
  </ItemGroup>

So transitive pinning is currently enabled. The output of the projects in the solution will end up in one dedicated folder (the same folder for all our projects).

Now we have the following problem with the transitive package version handling. As example

PROJ1 -> Nuget Package "A" (Version 1.0) -> Nuget Package "B" (Version 2.0) 
PROJ2 -> Nuget Package "X" (Version 1.0) -> Nuget Package "B" (Version 2.1) 
PROJ3 -> Nuget Package "K" (Version 1.0) -> Nuget Package "B" (Version 2.0) 
PROJ4 -> Nuget Package "E" (Version 1.0) -> Nuget Package "U" (Version 7.0)

So as you can see the PROJ2 has a transitive dependency to Package "B" in Version 2.1 and some other projects have a transitive dependency to Package "B" in Version 2.0.

How can we enforce that the highest version of the Package "B" is used for all projects? During build we can see that the output sometimes contains the version 2.0 and sometimes the version 2.1.

I already tried to add a nuget.config file to the solution with the following content:

  <config>
    <add key="dependencyVersion" value="Highest" />
  </config>

But this doesn't work either.

Franz Gsell
  • 1,425
  • 2
  • 13
  • 22

1 Answers1

2

Define the highest version in the Directory.Packages.props file, e.g.

<PackageVersion Include="PackageB" Version="2.1.0">

This will make NuGet use 2.1 everywhere, including transitive dependencies; it's what the CentralPackageTransitivePinningEnabled=true setting is for. You can't currently set wildcards or ranges in PackageVersion.

You can override the central version in projects with an OverrideVersion attribute in PackageReference. For example, if you want to force a downgrade to PackageB version 2.0.0.

See also: https://github.com/NuGet/Home/issues/11516

Erik Hart
  • 1,114
  • 1
  • 13
  • 28
  • 1
    Thanks for your update - yes this is exactly what we are doing right now. In addition we created a small powershell script which checks all dependencies in all used nuget packages and informs if same transitive package is used in different versions. In this case we add the package with corresponding version to the Directory.Packages.props – Franz Gsell Mar 28 '23 at 18:40