Suspend 1605/1608 during package update sequence?

[phatcher]

Details about Problem

NuGet product used: Package Manager Console

NuGet version: 4.6.2.5055

VS version (if appropriate): VS 2017 15.8.8

OS version: win10 v1803

I'm trying to update the version of Application Insights in an ASP.NET MVC project, however there are multiple packages and the version coupling is very tight i.e. components want associated components with the same exact version.

I need to update the packages using a command so I can integrate this into our DevOps process but the updates are blocked by NU1605/NU1608 warnings

I've checked and the projects do not have NU1605 as an error but the package manager console refuses to update the packages.

My question is how to issue commands that will update these packages, couple of choices...

1. Automatically update the dependencies as well
2. Allow suspension of checking via a command line option

The UI mode works correctly

Verbose Logs

Issuing update-package Microsoft.ApplicationInsights.Web (the suggested package in the documentation) gets

NU1605: Detected package downgrade: Microsoft.ApplicationInsights from 2.8.1 to 2.7.2. Reference the package directly from the project to select a different version. 
 MyApp.Api -> Microsoft.ApplicationInsights.Log4NetAppender 2.8.1 -> Microsoft.ApplicationInsights (>= 2.8.1) 
 MyApp..Api -> Microsoft.ApplicationInsights (>= 2.7.2)
NU1605: Detected package downgrade: Microsoft.ApplicationInsights from 2.8.1 to 2.7.2. Reference the package directly from the project to select a different version. 
 MyApp..Api -> Microsoft.ApplicationInsights.Web 2.8.1 -> Microsoft.ApplicationInsights (= 2.8.1) 
 MyApp..Api -> Microsoft.ApplicationInsights (>= 2.7.2)
NU1605: Detected package downgrade: Microsoft.ApplicationInsights.WindowsServer from 2.8.1 to 2.7.2. Reference the package directly from the project to select a different version. 
 MyApp.Api -> Microsoft.ApplicationInsights.Web 2.8.1 -> Microsoft.ApplicationInsights.WindowsServer (>= 2.8.1) 
 MyApp.Api -> Microsoft.ApplicationInsights.WindowsServer (>= 2.7.2)
NU1605: Detected package downgrade: Microsoft.AspNet.TelemetryCorrelation from 1.0.4 to 1.0.3. Reference the package directly from the project to select a different version. 
 MyApp.Api -> Microsoft.ApplicationInsights.Web 2.8.1 -> Microsoft.AspNet.TelemetryCorrelation (>= 1.0.4) 
 MyApp.Api -> Microsoft.AspNet.TelemetryCorrelation (>= 1.0.3)

update-package : An item with the same key has already been added.
At line:1 char:1
+ update-package Microsoft.ApplicationInsights.Web
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Update-Package], Exception
    + FullyQualifiedErrorId : NuGetCmdletUnhandledException,NuGet.PackageManagement.PowerShellCmdlets.UpdatePackageCommand

[jainaashish]

I've checked and the projects do not have NU1605 as an error but the package manager console refuses to update the packages.

Did you check in the project properties? May be it's set implicitly by project system... This is the only option to make sure this warning is not elevated as Error in order to succeed.

Also, it was wise to open this issue at https://github.com/Microsoft/ApplicationInsights-Home/issues/280 and I'd recommend to follow it up there to let them relax their dependencies constraint.

[phatcher]

@jainaashish I raised both as although it should be solvable by changing the 1605/1608 warnings I wanted to raise the issue that nuget itself should allow an override.

Otherwise we can get into a situation where to solve the issue I have to manually modify a large number of project files - I might want to keep the overall constraints but allow it to upgrade in this particular instance.

This makes it less useful as a package manager and makes automation very difficult, whereas with a per-command override it would allow for the update - if the resulting configuration is broken, that's my problem but the tool should do what I tell it to do.

[jainaashish]

Alternatively you can also use msbuild /t:restore and pass NoWarn property with list of warnings code which you want to skip. Something like /p:NoWarn=NU1506;NU1603. This is also available through dotnet.exe restore

IMHO I dont think we'd be able to get to this requirement of adding new option to PMC command to allow skipping specific warning codes in near future given our backlog. But if you want I'm happy to keep this open for tracking.

[nkolev92]

Hey @phatcher

Thanks for filing this issue.

Unfortunately at this point, I don't think it's feasible to suspend the NU1605 and NU1608 warnings.

When a package version is changed NuGet verifies that the complete package graph is still valid and to do that NuGet needs restore to succeed. If Nuget persists data that leads to invalid restore, NuGet will not be able to make subsequent compat checks correctly.

Given that NU1605 and NU1608 can already be suppresed from the commandline, I'd recommend you use that.

This is not to say we don't want to improve this experience, we are gonna focus on #6010 soon and that should some of the issues you were running into easier to fix.