gdivis
commented
2 years ago Hi,
What do you think about adding a switch to enable this behavior?
Closed crotondo-dap closed 2 years ago
gdivis
commented
2 years ago Hi,
What do you think about adding a switch to enable this behavior?
crotondo-dap
commented
2 years ago Hi,
thank you for your input. I have committed a pull request for this issue. Maybe you can have a look at it? Thanks.
gdivis
commented
2 years ago Thanks!
We'll take a look and try to get that merged in the next couple days.
gdivis
commented
2 years ago We've merged your changes and published a new pgscan. Sorry it took so long!
-Greg
The project.assets.json contains references of type 'package' and 'project' for a project. Pgscan only considers references of type 'package'. But if project references are provided as NuGet packages it would be preferable to publish the consumer information to these packages as well. Especially since project references are being added as package dependencies to the resulting .nupkg if a project gets packed (not matter which pack command is being used - 'dotnet pack' or 'msbuild -t:pack').
Let's take the following solution as an example:
The project 'Utilitites' has a package dependency to Newtonsoft.Json and a project dependency to 'Utilities.Core'.
The resulting project.assets.json of the project 'Utilities' contains the following libraries:
Both dependencies get listed as package dependencies in the metadata of 'Utilitites.nupkg':
'Utilitites' and 'Utilitites.Core' are both available as NuGet package on my ProGet server. Using 'pgscan report' gives the following output:
Therefore, 'pgscan publish' won't add 'Utilities' as consumer to the package 'Utilities.Core'.
The solution I have in mind is to remove the filter for the type ‚package‘ and to take all libraries into consideration.
Maybe you have already considered this scenario and have another solution in mind.