How to specify specific dependency version in nuspec?

87
votes

I'm creating my first nuget package. I added a dependency with a version that is not the latest version. However, I don't want to update to the latest version of this dependency. Is it possible to instruct it to use the specific version?

<dependencies>
  <dependency id="NHibernate" version="3.2.0.3001" />
</dependencies>

When I install the package I see this:

Attempting to resolve dependency 'NHibernate (≥ 3.2.0.3001)'.

This creates the following when I install the package.

<packages>
  <package id="Iesi.Collections" version="3.2.0.4000" />
  <package id="NHibernate" version="3.2.0.4000" />
</packages>

I'd really like to see something like this: Attempting to resolve dependency 'NHibernate (3.2.0.3001)'.

4
c#.netnugetnuget-package
You can do this as answered below. But bear in mind that anyone who uses your package and also uses NHibernate, (or any other dependency where you have specified exact package version) then cannot update this for any reason unless you let them. This is a bad state of affairs. A "locked version" bit us recently: In our case the version-locked package was not NHib but a unrelated package. Locking version may be necessary if there are genuine breaking changes in an upstream library, but in our case that we had there were not; just overuse of this syntax. So if you use it, use it with caution! - Anthony

4 Answers

135
votes

You should be able to force an exact version with brackets:

<dependency id="NHibernate" version="[3.2.0.3001]" />

Full info on the formats you can use are on the NuGet site, here:

http://docs.nuget.org/docs/reference/version-range-specification

28
votes

From the NuGet docs site, the complete notations:

enter image description here

2
votes

From the user side, you can also constrain the upgrade by specifying allowedVersions in the packages.config. http://docs.nuget.org/docs/reference/versioning#Constraining_Upgrades_To_Allowed_Versions

2
votes

According to http://nuget.codeplex.com/wikipage?title=Dependency%20Resolution and other sources, simply specifying the lower bound as

<dependencies>
  <dependency id="NHibernate" version="3.2.0.3001" />
</dependencies>

will result in the highest revision/patch level of the lowest major/minor version matching that version.

Unless I completely misunderstand the documentation, this would match the highest 3.2.* version but not 3.3.* or greater versions unless no 3.2.* version could be found.

If there is some reason why 3.2.0.3001 is the only version against which you wish to depend, you may find that your package is not compatible with other packages which also depend on NHibernate for example because the other package depends on NHibernate [3.2.0.3002,3.3) which means at least 3.2.0.3002 but lower than 3.3.