I would like to know if the generic repositories in JFrog Artifactory have support for something similar as NodeJS's ~ and ^ operator in the package.json.
Let say I am uploading the following artifacts to a generic repository:
foo-1.0.0 # stable release for 1.0 series
foo-1.0.1 # first bug fix release for 1.0 series
foo-1.1.0 # stable release for 1.1 series
foo-1.1.1 # first bug fix release for 1.1 series
Is there some REST API or AQL query that I can use to specify a particular version based on a query, e.g.: ~1.0.0 would get me 1.0.1 and if later I upload 1.0.2 it would give me 1.0.2?
See What's the difference between tilde(~) and caret(^) in package.json? for a description about NodeJS ~ and ^ operators.
There is no built in support for such semver operators in AQL or the REST API.
You can get the latest version of an artifact in a generic repository, you can use the Artifact Latest Version Search Based on Properties API method (which requires annotating the artifacts with a version property).
Related
I am configuring semantic versioning with GitLab for my dotnet core apps and netstandard 2.0 packages.
After reading quite a bit of opinions, some of them contradictory, this is what is clear to me.
A semantic version should be something like
M.m.P.B-abc123 where
M is major version
m is minor version
P is patch version
B is build version (optional)
-abc123 is suffix (optional) in case I use pre-releases. It must start with letter
So the following package versions would be valid:
1.0.0
1.0.1.20190301123
1.0.1.20190301123-beta
1.0.1-rc1
I have the following gitlab script for my versioning
#Stages
stages:
- ci
- pack
#Global variables
variables:
GITLAB_RUNNER_DOTNET_CORE: mcr.microsoft.com/dotnet/core/sdk:2.2
NUGET_REPOSITORY: $NEXUS_NUGET_REPOSITORY
NUGET_API_KEY: $NEXUS_API_KEY
NUGET_FOLDER_NAME: nupkgs
#Docker image
image: $GITLAB_RUNNER_DOTNET_CORE
#Jobs
ci:
stage: ci
script:
- dotnet restore --no-cache --force
- dotnet build --configuration Release
- dotnet vstest *Tests/bin/Release/**/*Tests.dll
pack-beta-nuget:
stage: pack
script:
- export VERSION_SUFFIX=beta$CI_PIPELINE_ID
- dotnet pack *.sln --configuration Release --output $NUGET_FOLDER_NAME --version-suffix $VERSION_SUFFIX --include-symbols
- dotnet nuget push **/*.nupkg --api-key $NUGET_API_KEY --source $NUGET_REPOSITORY
except:
- master
pack-nuget:
stage: pack
script:
- dotnet restore
- dotnet pack *.sln --configuration Release --output $NUGET_FOLDER_NAME
- dotnet nuget push **/*.nupkg --api-key $NUGET_API_KEY --source $NUGET_REPOSITORY
only:
- master
This generates packages such as:
1.0.0 for master branch (stable or production ready) and 1.0.0-beta1234567 for any other branch.
The problem with my approach is that I have VS solutions with multiple projects, each project will be a nuget package and each one has its own version. Sometimes I modify one project but not the other, therefore in theory I shouldn't need to produce a new artifact of the project that I didn't touch nor a new version, of course.
Right now my nuget repository prevents overwriting packages, so If there is a XXX.YYY 1.0.0 and I generate another XXX.YYY 1.0.0 and push it to the repository, it will throw an error and the pipeline will fail.
I have thought that maybe it's not such a bad idea to generate a new package each time I run the CI/CD pipeline, so I considered introducing the build number and have something like XXX.YYY 1.0.0.12345 and, even if I don't touch anything there, the next time a new package XXX.YYY 1.0.0.123499 would be produced.
Is this a correct approach in a continuous deployment scenario? or should I look for a way to make my script smarter and not to produce a new artifact if there is already one with the same version in my nuget repository?
Assuming it's ok to use build numbers always, how do I make sure that only the build number is retrieved from the pipeline but the M.m.P version numbers remain in my csproj as per the following?
<Project Sdk="Microsoft.NET.Sdk">
<PropertyGroup>
<TargetFramework>netstandard2.0</TargetFramework>
<Description>Whatever</Description>
<VersionPrefix>1.0.1</VersionPrefix>
</PropertyGroup>
</Project>
I would need something like:
dotnet pack *.sln --configuration Release -p:PackageVersion=$FIXED_VERSION.$CI_PIPELINE_ID --output nupkg
but I don't know how to retrieve the <VersionPrefix> content from the csproj through the CLI.
Any advice, good read or solution for my approach assuming it's valid?
Thanks
The problem with my approach is that I have VS solutions with multiple projects, each project will be a nuget package and each one has its own version. Sometimes I modify one project but not the other, therefore in theory I shouldn't need to produce a new artifact of the project that I didn't touch nor a new version, of course.
Since a continuous integration pipeline is unable to determine if your code should be a new minor or major version you will always have to determine which semantic version your package should get. This makes the whole process a lot easier.
The guys from visual studio team services have this to say about it:
Immutability and unique version numbers
In NuGet, a particular package is identified by its name and version number. Once you publish a package at a particular version, you can never change its contents. But when you’re producing a CI package, you can’t know whether it will be version 1.2.3 or just a step along the way towards 1.2.3. You don’t want to burn the 1.2.3 version number on a package that still needs a few bug fixes.
SemVer to the rescue! In addition to Major.Minor.Patch, SemVer provides for a prerelease label. Prerelease labels are a “-” followed by whatever letters and numbers you want. Version 1.0.0-alpha, 1.0.0-beta, and 1.0.0-foo12345 are all prerelease versions of 1.0.0. Even better, SemVer specifies that when you sort by version number, those prerelease versions fit exactly where you’d expect: 0.99.999 < 1.0.0-alpha < 1.0.0 < 1.0.1-beta.
Xavier’s blog post describes “hijacking” the prerelease tag to use for CI. We don’t think it’s hijacking, though. This is exactly what we do on Visual Studio Team Services to create our CI packages. We’ll overcome the paradox by picking a version number, then producing prereleases of that version. Does it matter that we leave a prerelease tag in the version number? For most use cases, not really. If you’re pinning to a specific version number of a dependent package, there will be no impact, and if you use floating version ranges with project.json, it will mean a small change to the version range you specify.
Source: https://devblogs.microsoft.com/devops/versioning-nuget-packages-cd-1/
As stated first you still need to pick a version yourself for you new package. For the process before the actual publishing of the final package (master branch in your case) you can use the pre release tag to include the build number as the pre release tag.
Without doing anything smart this will publish a new package for every pipeline that is run. The people at visual studio team services and I do not think that this is a bad thing but this will be up to everyone's personal taste
I know it's a little bit late, but maybe others in the future also ask this question.
For background: I work in a small company and we started in the NodeJS world with NPM packages. After a while we also started building with .NET Core and we kind of adapted some things from the JavaScript world. A tool we used heavily is Semantic Release. It automates versioning by parsing commit messages. So you (and everyone developing on the project) use a special format for commits with a prefix type like fix, feat, chore and so on, and Semantic Release parses every commit message since the last release and determines the next version number.
Since in JS world you have to only update the package.json file it kinda works out of the box but for .NET there is a little bit more work to do.
We use the Directory.Build.props file to set the version like you would do with package.json (but it would work in a csproj file too).
Now Semantic Release works with plugins and one plugin we wrote can update files with the version number. So we use it to update the verson number in Directory.Build.Props. But instead of the version in the file you could also directly give the version number to the dotnet nuget cli but we found it more convenient to have it in the file.
So here's the flow we use for our (internal) NuGet packages:
configure Semantic Release to update the version number in Directory.Build.props file (before creating the package)
create the nuget package (we have another plugin for that, but you could just use the exec plugin during the prepare stage of SR
publish the nuget package during the publish stage of SR
The CI script would then just a call to npx semantic-release in an environment that has NPM as well as the .NET SDK available (we use container images for that).
Especially for OP's situation it would be a little bit more complicated, since multiple projects exists in one repository and SR is made to work in a single repository since it works with git tags to determine the last version. So I would advise to split it in multiple repositories.
The benefits are:
automation of release whenever there is a new feature/bugfix
automation of version numbers that adhere to Semantic Versioning (and is unopinionated)
automatically generate a Changelog along with every release
depending on the Git Platform you can also create releases (there are plugins for GitHub, GitLab and others)
you can configure SR to create pre-releases in certain branches, for example you can have an alpha or beta or develop branch
you could also add the commit hash to the NuGet package so everyone using it would know exactly what is bundled in it
Semantic Release creates a commit with the updated package.json (you can configure it to also include the updated Directory.Build.props and I would advise to do so)
And all you have to do is to configure it one time and enforce a special Commit Message style (which one is not so important, you can configure SR accordingly).
I'm trying to use semantiv versioning for one of my .Nuget Packages (.Net Core 2)
The Version looks like this 1.0.0-my_fancy_branch.123.
As you can guess, I try to set the branch name and the current BuildId as a prerelease tag.
Unfortunately, dotnet build spews this error:
... is not a valid version string.
But why? The absolutely great documentation of dotnet push / nuget does not list any forbidden characters.
And I thought PIP is obtuse...
According to the reference on NuGet package versions, NuGet uses Semantic Versioning 2.0.0 starting with NuGet 4.3.0. In earlier versions only a subset of SemVer 2.0.0 is supported, but this may still give a hint where the problem with the specified version is.
In Section 9 (about pre-release versions) it is specified that "Identifiers MUST comprise only ASCII alphanumerics and hyphen [0-9A-Za-z-].". Hence, I guess that the problems in your case are the underscores in the pre-release version.
I just did a fresh install of Fedora 25 (followed by an install of dotnet core 1.1) to explore the possibilities of doing some dotnet core development in an linux environment. On attempting to add my first package I received the following error:
No executable found matching command "dotnet-add"
I have seen some similar errors in other SO posts, but nothing that seems to be helping this issue. I attached some images below of the error, dotnet version info, system path, and dotnet location.
Thanks ahead of any tips!
You have installed a version of the dotnet SDK ("CLI" / dotnet-dev package) of the preview2 time, which is still project.json based. This version of the CLI does not contain the dotnet add set of verbs. These were publicly released with the 1.0.0 version. (at the time of writing, the current version of the SDK / CLI is 1.0.4).
Depending on which instructions you followed to install the components, make sure to update to new versions of the SDK / CLI (e.g. microsoft's install instructions for Fedora).
Note that the version of the SDK / CLI is a different one that the version of the runtime(s) on the machine.
Had the same trouble running VS 2017 Version 15.3.5 found a very helpful article
http://thedatafarm.com/data-access/no-executable-found-matching-command-dotnet-ef/
My Basic problem is the tooling is split into two:
One for CLI: Microsoft.EntityFrameworkCore.Tools.DotNet
One for Powershell: Microsoft.EntityFrameworkCore.Tools
It is rather tedious when trying to get dependencies of local Meteor packages up-to-date.
Currently, they are specified in package.js like and I have to check for latest version of each dependency used and update manually.
E.g.
api.use([
'alanning:roles#1.2.14',
'aldeed:simple-schema#1.5.3',
'aldeed:collection2#2.8.0',
'iron:router#1.0.12',
'useraccounts:iron-routing#1.12.4'
]);
Can meteor-tool do this or is there a better way to update packages' dependencies, especially useful when you have multiple local packages in a project.
There is no real value in bumping the dependency version in package.js, as I mentioned in my comment. It could lead to the counter effect and break version resolution.
The expectation is to mention the minimal compatible version (with the same major version number). When your local package is updated, its .versions file is updated as well, which may hint the build system which version of the dependency is the preferred one to use (the one that your package was built with).
The closest thing that I can give as an answer is this quote of David Greenspan* taken from the Meteor forums:
We have made some small improvements to meteor update over time, but
we don't have a way for a package to ask for one of its dependencies
to be upgraded more aggressively. meteor update with no arguments will
take patch updates to indirect dependencies, but not minor versions. I
recently improved the messages that meteor update prints, so in the
next release, it should tell you if an indirect dependency is not at
the latest version after it runs (rather than printing the very wrong
message "All packages are at their latest compatible versions").
If you bump the minor version of a package, I think the expectation at
the moment is that you will republish the packages that depend on it
if you want their users to get the new version (after running the
tests to make sure all is well).
So, when the author of a package you depend on releases a new:
patch version: no need for you to do anything. The new version should be used automatically.
minor version: check that everything works and release a new patch version, as to acknowledge the new version.
major version: things are expected to break. Make the required changes and release according to semver rules.
I would not count on things behaving as they do right now, as the packaging system undergoes pretty significant rework in order to be more compatible with NPM (including the ability to directly require NPM packages from Meteor apps and packages), expected to be included in v1.3.
* (actually, Sacha Greif posted the quote).
This is from the docs:
In general, you must specify a package's version (e.g.,
'accounts#1.0.0' to use version 1.0.0 or a higher compatible version
(ex: 1.0.1, 1.5.0, etc.) of the accounts package). If you are sourcing
core packages from a Meteor release with versionsFrom, you may leave
off version names for core packages. You may also specify constraints,
such as my:forms#=1.0.0 (this package demands my:forms at 1.0.0
exactly), or my:forms#1.0.0 || =2.0.1 (my:forms at 1.x.y, or exactly
2.0.1).
So the answer is, it will not update your package.js script but it will download the latest compatible versions, depend on your settings.
Usually my QML files start with import QtQuick 2.4 and other imports. How can I know which is the latest version of the imported modules without having to guess by type and build?
You basically don't have to know. By importing a particular version, you merely declare that you don't need the additional functionality of any potentially newer version. That doesn't mean that you won't use a newer version if one is available - it simply means that your code will refuse to run if only an older version than the one you need is present.
So, you should only change the imported module version if you happen to use the functionality (members, classes, etc.) from a newer version. That's all. And you will know exactly what version you need, since you're using the functionality you read about in the documentation. The documentation will state what module version it applies to.
The documentation for a given Qt Quick module from the Qt that you're using will state this - no need for release notes.
The QML module version information can be found in a file called plugins.qmltypes.
These files use JSON to store information (as far as I am aware).
In these files Qt uses the "exports" specifier to export the name and version of a module.
Example:
exports: ["QtQuick/Accessible 2.0"]
The example shows the version of the QtQuick.Accessible module.
The plugins.qmltypes are stored in a directory of the same name as base level module.
In the case of the example this would be QtQuick.
Base level modules are grouped under a directory titled qml.
That is "usually" located in a directory called qtx (in some case Qt).
Where x is the installed major version of Qt (in my case it would be qt5).
That means the plugins.qmltypes has a path that looks something like this:
/qt5/qml/QtQuick/plugins.qmltypes
The reason im explaining this bottoms up cause the rest of the path is dependent on how you installed Qt:
Package manager (portage) amd64 install path:
/usr/lib64/qt5/qml/
pip PySide6 install path:
~/.local/lib/python3.9/site-packages/PySide6/Qt/qml/
pip PyQt6 install path:
~/.local/lib/python3.9/site-packages/PyQt6/Qt6/qml
~/.local/lib/python3.9/site-packages/PyQt6/Qt6/qml
Package manager (apt) aarch64 install path:
/usr/lib64/aarch64-{forgot this part}-/qt5/qml/
I figure the version out in bulk with:
grep -r "exports:.*\\]" <insert install/OS dependent path>/qml/* | less
This doesnt grab multiple exports that are spread over multiple lines thought.
Since QML comes in 2 major versions when in doubt you could import version 1.0 or 2.0.