Nuget package dependencies. Does it work the way it should?

Asked 26/10, 2011 at 20:48 Answered 27/1, 2012 at 17:48

RavenDb latest version is installed as a nuget package. It references Newtonsoft.Json 4.0.2. I'm trying to install TweetSharp. I get this log:

M> Install-Package TweetSharp
Attempting to resolve dependency 'Hammock (≥ 1.2.3)'.
Attempting to resolve dependency 'Newtonsoft.Json (≥ 4.0.1)'.
Successfully installed 'Hammock 1.2.6'.
Successfully installed 'Newtonsoft.Json 4.0.3'.
Successfully installed 'TweetSharp 2.0.8'.
Install failed. Rolling back...
Install-Package : Updating 'Newtonsoft.Json 4.0.2' to 'Newtonsoft.Json 4.0.3'
   failed. Unable to find a version of 'RavenDB-Embedded' that is compatible with
   'Newtonsoft.Json 4.0.3'.

As you can see, even if TweetSharp just needs 'Newtonsoft.Json (≥ 4.0.1)', nuget wants to install version 4.0.3 which can not work with RavenDb.

I tried to install previous versions of TweetSharp but it does not change anything.

Any way to circumvent this?

Yorkshire answered 26/10, 2011 at 20:48 Comment(0)

Sounds like a possible bug in NuGet. Please log an issue in the NuGet bug tracker: http://nuget.codeplex.com/workitem/list/basic

If TweetSharp is fine with NewtonSoft.Json 4.0.2, then the install should not have failed. In your bug, can you post the exact versions that caused this problem. For example:

List of installed packages with exact version installed. List of dependencies for each package and the specific version range they specify. And the exact version of TweetSharp you're trying to install. That'll help us look at the issue more quickly. Thanks!

My guess is we have some default logic that tries to upgrade packages to the latest bug fix release. In this case, we tried that, but it causes another dependency to fail. In that case, we should have known that and not tried to upgrade.

Gyre answered 26/10, 2011 at 23:7 Comment(4)

Are you sure about that? The latest version of RavenDB requires 4.0.2 of Newtonsoft.Json and doesn't allow for a newer version. – Cue 27/10, 2011 at 4:53

@BuildStarted I think what you say is exactly what I said. Because RavenDb can't tolerate 4.0.3, the update process fails. – Yorkshire 27/10, 2011 at 11:53

Ah, I see where the problem lies. I'm having the same issue where a package needs 4.0.3 but won't upgrade because of RavenDB and I thought it was the same issue :) – Cue 27/10, 2011 at 14:20

Perhaps it's a bit aggressive. Perhaps folks shouldn't introduce breaking changes when changing the Patch version number. :) – Gyre 6/11, 2011 at 0:47

This is down to the semantic versioning that NuGet has had since (I think) 1.6. It's explained in more detail here but the basic idea is that if your dependency hasn't updated either the major or the minor revision number then they'll assume that it's a bugfix and not a breaking change.

So in this case the decision to install 4.0.3 instead of 4.0.1 was made.

You can run install-package with -ignoredependencies I would have thought that if you'd had 4.0.2 installed it wouldn't try to update you (because 4.0.2 satisfies the dependency).

Catacaustic answered 27/1, 2012 at 17:48 Comment(0)

Recommended topics

Hot tags