search

dotnet / msbuild

The Microsoft Build Engine (MSBuild) is the build platform for .NET and Visual Studio.
https://docs.microsoft.com/visualstudio/msbuild/msbuild
MIT License
5.21k stars 1.35k forks source link

Analyzer for redundant NuGet packages #10226

Open KirillOsenkov opened 3 months ago

KirillOsenkov commented 3 months ago

SDK has been moving some NuGet references in the box, such as Microsoft.NetFramework.ReferenceAssemblies or Microsoft.SourceLink.AzureRepos.Git (etc)

If a codebase has an explicit package reference to, say, Microsoft.SourceLink.AzureRepos.Git 1.0.0, it will inherit an older version, that has this bug: https://github.com/dotnet/sdk/issues/37027

Would be nice to have an analyzer that detects this and suggests to remove an explicit reference, so that the built-in version takes precedence (that no longer has this bug)

AR-May commented 3 months ago

Team triage: This is a good idea, ideally this would be a custom analyzer in sdk.

baronfel commented 3 months ago

Agree with @AR-May - we should transfer to dotnet/SDK and apply the 'msbuild-analyzer-candidate' label.