Nuget packages.config and specific version

8
votes

I am trying to create a Nuget package from my project following this guide http://docs.nuget.org/docs/creating-packages/creating-and-publishing-a-package

I have successfully created a nuspec and nupkg. My project contains a dependency to Json.NET which I installed via Nuget. However, I want to specify a specific version of Json.NET to use, version 4.0.7. I added the below to my nuspec:

<dependencies>
  <dependency id="Newtonsoft.Json" version="[4.0.7]" />
</dependencies>

When I run nuget pack it seems to detect I have a packages.config 

Using 'MyProject.nuspec' for metadata.
Found packages.config. Using packages listed as dependencies.

This seems to completely ignore my defined dependency in the nuspec as installing the Nuget package lists the dependencies as >= 4.0.7 which pulls in the latest version 4.0.8.

How can I stop this or preferably keep Nuget pulling in dependencies from the packages.config but allow me to overwrite specific dependencies?

2
c#nuget

2 Answers

19
votes

I hit the same issue. You need to define an exact version like this 

<dependencies>
<dependency id="Newtonsoft.Json" version="[4.0.7,4.0.7]" />
</dependencies>

So that will ensure when the project pulls in the dependencies it will be = 4.0.7 not >= 4.0.7

3
votes

The way you specified your version is correct; as shown in our versioning docs, [1.0] means 'version == 1.0'. The behavior you're describing would be a bug, but I couldn't reproduce the bug. What I did:

  • Created a class library
  • Added Json.NET via NuGet (it installed 4.0.8)
  • Exec'd nuget spec
  • Added <dependencies><dependency id="Newtonsoft.Json" version="[4.0.7]" /> to the .nuspec
  • Exec'd nuget pack
  • Opened the package in Package Explorer; it shows the dependency as '= 4.0.7'
  • Installed my package in a new project; it shows the dependency as '= 4.0.7' and installs 4.0.7

screen capturescreen capture 2

Perhaps you aren't using the latest version of nuget.exe or the NuGet Visual Studio extension? When you say it "lists the dependency", where are you seeing that? When your package is installed, in Package Explorer, or somewhere else?