Suppose I want to publish a NuGet package on nuget.org.
It depends, for example, on Newtonsoft.Json. So I installed this dependency in .nuspec and included the version number of N..Json 1 (for arguments).
If N..Json moves to 2, and people using my package also switch to 2, then they are now in the marinade because my package wants 1 and they use 2?
Presumably, to add my package in the first place, they will either have to not install N..Json, or, if so, be in the exact version of my package.
I guess the particular version is bad. So I omit the version, but now my package may break in the future if N..Json breaks the changes.
Instead, I am adding a range to my .nuspec , and now I'm partially there.
But have I not put a ceiling on all my clients on what maximum version of N..Json can they use?
Do I need to constantly monitor the versions of packages that my package uses and ensure that I test for the rest of my life?
Is there some kind of system on NuGet.org that can warn me that my package is lagging or may affect other people's circuit breakers?
What happens if clients try to globally update N..Json to the end, will it be obvious that my package is a blocker?
What are established best practices?
source share