All geek questions in one place

When do I need to use binding redirects?

Project A uses log4net 1.2.13.0 and depends on the B library, which uses log4net 1.2.11.0 . If I do Package Manager Console> Add-BindingRedirect , I get the correct binding redirect in app.config :

  <dependentAssembly> <assemblyIdentity name="log4net" publicKeyToken="669e0ddf0bb1aa2a" culture="neutral" /> <bindingRedirect oldVersion="0.0.0.0-1.2.13.0" newVersion="1.2.13.0" /> </dependentAssembly>

I thought it was necessary to complete the assembly. But the assembly completes without being redirected. Here is what I see in the build log (a detailed set of details):

Single primary link is "log4net, Version = 1.2.13.0, Culture = neutral, PublicKeyToken = 669e0ddf0bb1aa2a". Using this version instead of the original version "1.2.11.0" in "C: \ Users \ vorou ​​\ code \ ConsoleApplication1 \ packages \ LibraryB.dll" because AutoUnify is "true".

What is AutoUnify? Which one is better, i.e. Are there any advantages to explicitly redirecting to .config?

In addition, as I recall, in some cases you need to add a binding redirect. Otherwise, the application will explode at runtime. What are these cases and why is AutoUnify magic not working for them?

UPD Here's an excerpt from MSDN near AutoUnify :

This parameter is used to build assemblies, such as DLLs, that cannot have a regular App.Config file. When true, the resulting dependency graph is automatically processed as if the App.Config file was passed to the AppConfigFile parameter. This App.Config virtual file has a bindingRedirect entry for each conflicting set of assemblies, so the highest version of the assembly is selected. The consequence of this is that there will never be a warning about conflicting assemblies, because every conflict will be resolved.

It seems that redirects in .config do not play any role in my case. The problem is that library B cannot satisfy these dependencies, and AutoUnify solves it so that the rule "pretends that there is a redirect rule."

+6
source share
1 answer

Top is a big topic; it cannot handle justice in one SO post. Thus, the rupture rate:

These types of fraud are necessary when you use multiple Nuget packages, and they have a common dependency. Like log4net or NewtonSoft.Json, very common libraries that do not have an installer that puts the assembly in the GAC.

The problem is that each Nuget package is likely to be built with a different version of these core support libraries. And such a package is unlikely to receive enough updates to save the current version with the latest version, the author of the package approves the version with which he tested his code. Thus, you can easily get one assembly in your assembly directory in which 1.2.11.0 is requested, and another which requests 1.2.13.0

This will not work. The CLR insists on the exact version when it loads the assembly. And must download it from your build directory and cannot rely on the GAC to deliver them. There can be only one copy of the DLL, it is inevitable that one of the package libraries is going to get the wrong version, and your program crashes. Not good, you have a problem that you cannot solve without restoring the Nuget package.

That referencing binding. This only affects runtime, not build time. He tells the CLR: β€œIf it asks for 1.2.11.0, just download 1.2.13.0 instead. Or, more generally, with this specific link redirect:β€œ if it asks for any version less than 1.2.13.0. ” that the package still works with this newer version. They quite often do it when only the version number is different. However, there are no difficult guarantees.

Another thing that needs to be decided is what happens during the build, which particular version of the library should be selected. Do you want 1.2.11.0 or 1.2.13.0? It does AutoUnify. Nothing complicated, he chooses a higher version.

+10
source

Source: https://habr.com/ru/post/985412/

More articles:


All Articles