Open xt0rted opened 6 months ago
I'm still hitting this in all of my repos when my testing group tries to update (it's come up in other groups too, but this is the one it consistently happens in). The issue seems to be due to Verify.Xunit
needing a higher version of xunit
than is installed, but xunit
should be updated as part of this group update so 🤷
updater | dotnet build in GetAllPackageDependenciesAsync failed. STDOUT: MSBuild version 17.9.6+a4ecab324 for .NET
updater | Determining projects to restore...
updater | /tmp/package-dependency-resolution_IWgzgy/Project.csproj : error NU1107: Version conflict detected for xunit.extensibility.core. Install/reference xunit.extensibility.core 2.7.1 directly to project Project to resolve this issue.
updater | /tmp/package-dependency-resolution_IWgzgy/Project.csproj : error NU1107: Project -> Verify.Xunit 24.1.0 -> xunit.extensibility.execution 2.7.1 -> xunit.extensibility.core (= 2.7.1)
updater | /tmp/package-dependency-resolution_IWgzgy/Project.csproj : error NU1107: Project -> xunit 2.7.0 -> xunit.core 2.7.0 -> xunit.extensibility.core (= 2.7.0).
updater | Failed to restore /tmp/package-dependency-resolution_IWgzgy/Project.csproj (in 386 ms).
updater |
updater | Build FAILED.
updater |
updater | /tmp/package-dependency-resolution_IWgzgy/Project.csproj : error NU1107: Version conflict detected for xunit.extensibility.core. Install/reference xunit.extensibility.core 2.7.1 directly to project Project to resolve this issue.
updater | /tmp/package-dependency-resolution_IWgzgy/Project.csproj : error NU1107: Project -> Verify.Xunit 24.1.0 -> xunit.extensibility.execution 2.7.1 -> xunit.extensibility.core (= 2.7.1)
updater | /tmp/package-dependency-resolution_IWgzgy/Project.csproj : error NU1107: Project -> xunit 2.7.0 -> xunit.core 2.7.0 -> xunit.extensibility.core (= 2.7.0).
updater | 0 Warning(s)
updater | 1 Error(s)
updater |
updater | Time Elapsed 00:00:01.44
Something else that's annoying about this is unless I look in the dependabot run logs I have no idea there was even an issue and packages were skipped over. I feel like along with a list of the packages updated there should also be a list of packages with issues so you can see that info immediately and know that things are out of date and need attention. Some times packages are skipped over like this and the PR builds and is merged not even realizing 3 other packages haven't been updated for the last 2 months because there's errors in the log but nothing in the PR and no alerts anywhere on the site about it.
@xt0rted A few hours after your most recent comment PR #9507 was merged which should handle exactly this scenario. Are you still seeing this error in your repo?
Is there an existing issue for this?
Package ecosystem
nuget
Package manager version
No response
Language version
.NET SDK 8.0.202
Manifest location and content before the Dependabot update
https://github.com/xt0rted/dotnet-startup-projects/blob/aeee53717e182c592fec1ff5eda214fed7e7d1a7/test/Tests.csproj
dependabot.yml content
https://github.com/xt0rted/dotnet-startup-projects/blob/main/.github/dependabot.yml
Updated dependency
The update should have made the following changes:
What you expected to see, versus what you actually saw
A PR should have been opened, instead the dependabot run failed with multiple errors. With the old non-.net based updater this would have opened a PR. Since the new version is using the dotnet cli/nuget it's not possible because it's doing one at a time and there's a mismatch between their versions. But if they're updated in a group, as the VS GUI does or hand editing the file, then it works just fine.
This is the PR that was opened but which doesn't build https://github.com/xt0rted/dotnet-startup-projects/pull/167
https://github.com/xt0rted/dotnet-startup-projects/network/updates/799629162
Native package manager behavior
Updating these 3 packages together via the Visual Studio UI works without any issue or warnings, the same is true for hand editing the project file and then doing
dotnet restore
ordotnet build
.I'm not sure how to do this with the default dotnet cli because
dotnet add package ...
only works with one at a time, while tools likedotnet-outdated
work with multiple at a time but aren't official or included in the SDk.Images of the diff or a link to the PR, issue, or logs
No response
Smallest manifest that reproduces the issue