- Stop producing the 'Universe' lineup package
- Removes all PackageLineup code
- Use full msbuild on Windows
- Fix invalid reference to internal.aspnetcore.sdk in 2.1.x
- Fix shared folder references for PackageArchive task.
The removes the need to ship packages for assemblies which are part of Microsoft.AspNetCore.App. The implementation of this requires first building packages, and then modifying .nuspec's and categorizing packages as "noship". This will be cleaned up in the future as we continue to refactor the way this repository builds.
This should unblock the consumption of the latest .NET Core SDK, which includes breaking changes in MSBuild. We don't _really_ need the MSBuild APIs which were broken because ProdCon v1 is dead. This removes the unused ProdCon v1 tasks and targets.
* Replace the aspnet/JsonPatch git submodule and merge the master branch of its source to this repo
* Likewise for aspnet/DotNetTools
* And aspnet/HtmlAbstractions
* merge latest infrastructure changes from the release/2.2 branch
This changes DataProtection to build as projects instead of a pseudo-submodule. It replaces Package and ProjectReference with <Reference> items which custom targets then resolve.
Changes:
* This removes MSBuild targets which invoke `docker` commands to build
deb and rpm installers
* Remove installer targets from the KoreBuild context. Put them into
separate project files
* Simplify the targets used to build installers by reducing duplicate
variable names and deeply nested MSBuild contexts
* Remove unused dependencies from the Docker build context
Changes:
* Sign shared fx zips
* Sign metapackages
* Disable signing on inner repo builds and instead sign all packages at the end
* Add a list of files from other Microsoft teams which can be excluded from signing
* Add a list of 3rd party assemblies which are bundled in the shared frameworks.
This refactors the targets used to build the shared framework and its .zip files. There are lots of reasons motivating this: Arcade convergence, migration to VSTS, making it easier to build this locally, etc.
Changes:
* Moves move content of build/Sharedfx.{props/targets} into eng/targets/SharedFx.Common.{props/targets}
* Update the build to produce a `runtime.$rid.Microsoft.AspNetCore.App` package (not just the one with symbols in it)
* Refactor the targets which produce .tar.gz/.zip files into separate projects in `src/Installers/`
* Refactor installers, unit tests, and the framework projects to use ProjectReference to flow dependencies between different parts of the build.
* Makes it easier to build the shared framework locally (for the inner dev loop, you can run `dotnet build -p src/Framework/Microsoft.AspNetCore.App/src/ -r win-x64`)
* Add build definition for Azure DevOps
* Put code for metapackages in a subfolder
* Update targets to prepare for submodules merging into this repo
* Add source code for windows installer
* Add source code for Debian installers
As a part of converging repos, we no longer need this code. It is currently buggy and slow, and we can get away without by hard-coding the repo graph (which rarely changes)
* Add Microsoft.AspNetCore.BuildTools.ApiCheck as an external dependency
* Move the global.json files temporarily to avoid loading the wrong version of Internal.AspNetCore.Sdk
Our policy since 1.0.0 has been to always cascade version updates in the packages we own. e.g. if Logging has a product change in 2.1.x, then Kestrel, EF Core, Mvc, etc also re-ship with the updated Logging dependency. This has been done for a variety of reasons:
* NuGet does not show updates for transitive dependencies, only direct ones
* NuGet does resolves the lowest compatible transitive dependencies
* ASP.NET Core ships to both .NET Framework (where transitive dependency version matters) and .NET Core (where it matters less if you use the shared framework)
While transitive dependencies is still an important scenario, this practice of always patching has led to bigger issues.
* High probability users will unintentionally upgrade out of the shared framework: #3307
* Conflicts with metapackages that attempt to use exact version constraints: aspnet/Universe#1180
* A quality perception issue: the high volume of new versions in servicing updates with only metadata changes has created the impression that new versions of packages may not be very important. It's also made it appear like there are more issues product than there really are.
* High volume of packages changing with only metadata changes. Of the last 301 packages published in a servicing update, only 11 contained actual changes to the implementation assemblies. (3.5%)
This change implements a system to verify a new, non-cascading versioning policy for servicing updates. This required changes to repos to pin version variables to that matter per-repo,
and to remove some of the restrictions and checks.
Incidentally, this should make defining new patches easier because it automatically determines which packages are or are not patching in the release.