Revert "Loosen version comparisons in loading assemblies (#7042)" #7415
Conversation
This reverts commit 3bb10b7.
|
I was able to reproduce the root issue and use the dlls built from this PR to validate the flow. |
|
Just FYI, this broke my custom build tasks when a team member updated VS to 17.3.1 which installed the .net 6.0.4 sdk. Build was fixed by updating nuget packages for Microsoft.Build.* and Microsoft.CodeAnalysis.*. But updating Microsoft.Build.Locator to 1.5.3 ran into this issue: microsoft/MSBuildLocator#176 This was a rather annoying situation to be in. .net 6.0.4 changed the assembly load behavior, which breaks the build, so I have to update nuget packages, but the updated nuget packages have bugs that break that build. This is most definitely not the first time that changes were made to MSBuild and shipped with minor point releases that ended up breaking my build. I basically have to forbid everyone on my team from ever updating Visual Studio unless/until I give them the go ahead. Otherwise, inevitably, someone will update and not be able to build and I'll have to drop what I'm doing and spend two days researching and resolving obscure issues. Maybe we could be more conscious of this and try to not have so many breaking changes in MSBuild in minor version .net / VS releases? |
This reverts commit 3bb10b7.
Fixes dotnet/sdk#23498
Work item (Internal use):
Summary
The linked commit changed MSBuild Assembly resolution to be in line with .NET Assembly resolution, but this had adverse impact on an SDK scenario that led to the wrong version of certain pre-packaged DLLs being loaded compared to previous versions of the runtime. In this case, System.Security.Cryptography.ProtectedData triggered the incorrect loading behavior.
Customer Impact
Restore operations that use NuGet feeds with encrypted passwords began failing. There are workarounds like saving the passwords in cleartext, but this is not an ideal workaround.
Regression?
This regressed behavior from 6.0.1xx and earlier series SDKs.
Testing
We still need to work with impacted customers to verify that this change fixes the underlying issue, but investigations point to yes.
Risk
Per @rainersigwald this is low risk. It was a nice-to-have that addressed a couple annoying issues, but we can regroup and take another pass at it for a later release.