Home: Packaging with SemVer 2.0 version give warning - disable that?

Created on 24 Feb 2017 · 11Comments · Source: NuGet/Home

Details about Problem

NuGet product used (NuGet.exe | VS UI | Package Manager Console | dotnet.exe):
NuGet version (x.x.x.xxx):
dotnet.exe --version (if appropriate):

dotnet nuget --version
NuGet Command Line
4.0.0.0

dotnet msbuild
Microsoft (R) Build Engine version 15.1.545.13942
Copyright (C) Microsoft Corporation. All rights reserved.

dotnet --info
.NET Command Line Tools (1.0.0-rc4-004771)

Product Information:
 Version:            1.0.0-rc4-004771
 Commit SHA-1 hash:  4228198f0e

Runtime Environment:
 OS Name:     Windows
 OS Version:  10.0.14393
 OS Platform: Windows
 RID:         win10-x64
 Base Path:   [Custom]\dotnet-dev-win-x64.1.0.0-rc4-004771\sdk\1.0.0-rc4-004771

Detailed repro steps so we can see the same problem

Create simple library project with dotnet new classlib
Make it cross-targeting, e.g. <TargetFrameworks>netstandard1.6;net46</TargetFrameworks>
Pack it up with:

dotnet restore
dotnet msbuild /t:pack /p:PackageVersion=0.1.0-alpha.2017022412385174

Packaging works, but I'm warned about usage of SemVer 2.0 notation, while that is my desire to use. Warning hint that it should be possible to disable, but not how. And the proposed solution really don't appeal to me.

\buildCrossTargeting\NuGet.Build.Tasks.Pack.targets(104,5): warning : Issue found with package 'Starcounter.Weaver'. 
\buildCrossTargeting\NuGet.Build.Tasks.Pack.targets(104,5): warning : Issue: Package version not supported on legacy clients.
\buildCrossTargeting\NuGet.Build.Tasks.Pack.targets(104,5): warning : Description: The package version '0.1.0-alpha.2017022412385174' uses SemVer 2.0.0 or components of SemVer 1.0.0 that are not supported on legacy clients. This message can be ignored if the package is not intended for older clients. 
\buildCrossTargeting\NuGet.Build.Tasks.Pack.targets(104,5): warning : Solution: Change the package version to a SemVer 1.0.0 string. If the version contains a release label it must start with a letter.

I've searched other issues and I've lurked \Sdks\NuGet.Build.Tasks.Pack\buildCrossTargeting\NuGet.Build.Tasks.Pack.targets and even checked PackTask, but to no prevail.

Source

per-samuelsson

👍2

Most helpful comment

In latest versions, you should be able to make this work with NoWarn in VS or directly in CSPROJ.

2.1.300 shipped today (with .NET Core 2.1 release train).

Doing this, I was able to:

Create simple library project with dotnet new classlib
Make it cross-targeting, e.g. netstandard1.6;net46

dotnet pack /p:PackageVersion=0.1.0-alpha.2017022412385174

Output:
Restoring packages for C:temp\NuGetHome4687\NuGetHome4687.csproj...
Restore completed in 352.3 ms for C:temp\NuGetHome4687\NuGetHome4687.csproj.
NuGetHome4687 -> C:temp\NuGetHome4687\bin\Debug\net46\NuGetHome4687.dll
NuGetHome4687 -> C:temp\NuGetHome4687\bin\Debug\netstandard1.6\NuGetHome4687.dll
Successfully created package 'C:temp\NuGetHome4687\bin\Debug\NuGetHome4687.0.1.0-alpha.2017022412385174.nupkg'.
C:\Program Files\dotnet\sdk\2.1.300\Sdks\NuGet.Build.Tasks.Pack\buildCrossTargeting\NuGet.Build.Tasks.Pack.targets(198,5): warning NU5105: The package version '0.1.0-alpha.2017022412385174' uses SemVer 2.0.0 or components of SemVer 1.0.0 that are not supported on legacy clients. Change the package version to a SemVer 1.0.0 string. If the version contains a release label it must start with a letter. This message can be ignored if the package is not intended for older clients.

Adding NoWarn to the csproj in a propertygroup:
<NoWarn>NU5105</NoWarn>
Makes that warning go away.

@asbjornu - that should solve it for you, right? That should work since VS 15.4 (don't know the SDK Version that shipped then...) --- so I would hope you wouldn't need to lock back to 2.1.4

rrelyea on 30 May 2018

👍5

All 11 comments

I use /p:NoPackageAnalysis=true to disable this when creating SemVer 2.0.0 packages.

https://github.com/NuGet/NuGet.Client/blob/dev/src/NuGet.Core/NuGet.Build.Tasks.Pack.Library/Pack.targets#L131

Hopefully we can get rid of this warning in the future, for now it is there just to let users know incase they didn't realize the it was a SemVer 2.0.0 version.

emgarten on 24 Feb 2017

👍2

@emgarten @per-samuelsson small correction. use /p:NoPackageAnalysis=true . also you can just do dotnet pack instead of dotnet msbuild /t:pack

rohit21agrawal on 24 Feb 2017

@rohit21agrawal good catch, I updated the syntax :smile:

emgarten on 24 Feb 2017

@rohit21agrawal @emgarten,

Thanks, I kind of felt there where a missing piece on my part. 👍

Regarding msbild /t:pack vs just pack I just wanted to be explicit, I thought the later was just a shorthand for the former.

Again, thanks.

per-samuelsson on 25 Feb 2017

With NoPackageAnalysis=true, what else would I possibly miss? Ideally I'd just be able to suppress this one warning without suppressing all package analysis.

jnm2 on 26 May 2017

👍4

Currently suppressing a single package analysis warning isn't possible.

@rohit21agrawal if pack started using the new warning codes it might be possible to suppress these in the same way restore warnings will be suppressed.

emgarten on 26 May 2017

I got the same warning with dotnet pack (SDK 2.0)

The only way to suppress these warnings was to use dotnet pack /p:NoPackageAnalysis=true

neman on 5 Oct 2017

As @jnm2, I too wonder what NoPackageAnalysis=true actually does. The documentation isn't very helpful:

Specifies that pack should not run package analysis after building the package.

What is "package analysis"? What other "features" besides emitting this warning are we turning off when package analysis is turned off?

I also think this "solution" is turning the problem on its head: Why is dotnet pack failing builds with this error anyway? It turns up as an error in our builds, not as a warning. And we are not targeting old versions that can't handle SemVer 2.0, so it's a warning we don't care about anyway.

As far as I can tell, this problem is new with SDK version 2.x, so why can't we go back to how it was before when this warning wasn't emitted at all? At least ensure that it's actually just emitted as a warning and not as an error, please.

asbjornu on 25 May 2018

👍2

@asbjornu Hmm, what's the version string you're trying to use? I ask because I hit this recently several times. If you're getting an actual error and not a warning, I think you might want to change your version string.

For example, with SemVer 2 you don't want to have a leading zero in a prerelease label segment which has numeric chars only, because of the way sorting works.
The error message in this example case seems pretty uselessly vague and leads you to think NuGet is being a stick in the mud over SemVer 1 vs 2 support for the sake of old clients, as usual, but that particular error is actually a good catch. If only the error message contained some sort of idea of what the actual syntax error is. I went for months thinking I was waiting for NuGet to support SemVer 2. :-)

jnm2 on 25 May 2018

OK, I think we have gotten to the bottom of this erratic behavior. After some testing, this is our findings:

| SDK Version | TreatWarningsAsErrors | Console | Exit code |
| -------------|-------------------------|---------|-----------|
| 2.1.201 | false | Nothing | 0 |
| 2.1.201 | true | Error | 1 |
| 2.1.4 | false | Warning | 0 |
| 2.1.4 | true | Warning | 0 |

If we bind to version 2.1.4 in global.json, we can get the non-erring behavior:

{
  "sdk": {
    "version": "2.1.4"
  }
}

asbjornu on 30 May 2018