Exclude prereleases in upper version limit #16260
Closed
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Prerequisites
Description
Version 13 added a version range on project references by automatically adding the next major version, e.g.
[13.4.0, 14.0.0)
(see #14719). This prevents users from installing CMS components/packages of different major versions and/or for transitive dependencies to upgrade them.However, this NuGet version range doesn't exclude prereleases in the upper version limit. Most of the time this isn't an issue, because packages won't have a dependency on a CMS prerelease and NuGet won't update transitive dependencies to prerelease versions. With packages that target a new major CMS version though, this issue does become apparent, as mentioned in warrenbuckley/Examine-Peek#4: you can install this v14-only package on a v13 site, which will upgrade some transitive CMS packages to the v14 prerelease (resulting in compilation errors).
The standard Semver range
>= 13.0.0 <14.0.0
does exclude pre-preleases, but NuGet uses its own syntax and implementation that doesn't exclude pre-releases when[13.0.0, 14.0.0)
is used:This can be fixed by appending
-0
to the upper version limit (the lowest possible prerelease version), which is a nicer solution to using x.999999 like we did in v8:Umbraco-CMS/build/NuSpecs/UmbracoCms.nuspec
Lines 19 to 24 in 82b5e0b
With this applied, the version range excludes any prerelease version and thereby prevents you from installing any mixed CMS major version in a project:
If packages use a similar version range to limit the CMS version you can install it on, they should use the same syntax. So to only allow your package to be installed on a version 13 site, you should use:
[13.0.0, 14.0.0-0)
.The only downside to this approach is that the NuGet build target will raise a NU5104 warning about using a prerelease dependency when building a stable version of your own package. This is a false-positive, as it's not pulling in a prerelease version, but actually preventing you from installing it... I've added this to the
NoWarn
property to ignore it, although this might actually remove the warning for dependencies that are actually pulling in prereleases. We currently don't fail the build on these kind of warnings and the build contains too many warnings to be noticeable, so I think this is a fine trade-off to not add any more warnings.Testing can be done by checking the NuGet packages in the build output and verifying whether the dependencies contain the
-0
postfix on the upper version limit. Additionally, you can upgrade a v13 project using this build output and check if you now get aNU1107
error if ExaminePeek 1.0.0 (depending on v14.0.0-rc3) is installed: