Paket does not respect .nuspec dependency version rules

[dwilsonbst]

Apologies for poor formatting.

Description

When using a combination of Paket (for wix), and regular NuGet (for c#), I am noticing paket does not respect the minimum version run of the nuspec dependency versions. What ends up happening is it downloads the highest it can find.

Repro steps

Paket.dependencies file that looks like this:

source https://www.nuget.org/api/v2
source http://teamcity/guestAuth/app/nuget/v1/FeedService.svc

nuget PackageA 3.10.0
nuget PackageB ~> 1.0.0.0
nuget PackageC ~> 1.0.0.0
nuget PackagedD ~> 1.0.0.0
nuget PackageE ~> 2.11.997.0`

Nuspec that looks like this:

     <id>PackageE</id>
    <version>2.11.997.5</version>
    <title>PackageE</title>
    <authors>CompanyABC</authors>
    <owners>CompanyABC</owners>
    <requireLicenseAcceptance>false</requireLicenseAcceptance>
    <description>This is packageE</description>
    <copyright>CopyrightInfo</copyright>
    <dependencies>
      <dependency id="PackageZ" version="1.0.0.11" />
      <dependency id="PackageY" version="2.11.997.23" />
      <dependency id="PackageX" version="2.11.997.23" />
      <dependency id="PackageW" version="2.11.997.23" />
      <dependency id="PackageV" version="1.5.997.94" />
    </dependencies>
  </metadata>
</package>`

Expected behavior

I expect for paket.dependencies to find the highest version of PackageE within 2.11.997 as noted nuget PackageE ~> 2.11.997.0. This functions properly, however when it is pulling the dependencies from PackageE it does not respect the nuspec philosophy of Minimum version, inclusive with the notation provided.

Actual behavior

Paket pulls PackageE down with version 2.11.997.5 (correct).
Paket then tries to pull PackageE dependencies but pulls 2.11.998.276 (completely separate branch of code). It does that for the all of the dependencies.

LOG example:

Trying to resolve PackageZ >= 2.11.997.23 (from PackageE 2.11.997.5) 1> - fetching versions for PackageZ 1> getAllVersionsFromNugetODataFindById from url 'http://teamcity/guestAuth/app/nuget/v1/FeedService.svc/FindPackagesById()?id='PackageZ'' 1> - PackageZ 2.11.998.277 1> 6 packages in resolution. 8 requirements left 1> PackageX >= 2.11.997.23 (from PackageE 2.11.997.5) 1> - fetching versions for PackageX 1> getAllVersionsFromNugetODataFindById from url 'http://teamcity/guestAuth/app/nuget/v1/FeedService.svc/FindPackagesById()?id='PackageX'' 1> - PackageX 2.11.998.277

NOTE:
Above it's stating it's trying to resolve a package >= 2.11.997.23, however according to NuGet documentation Paket should resolve Less than or equal when no surrounding information is given. Ie. "2.11.997.23" means less than or equal and "[2.11.997.23]" exact match.

Known workarounds

Working on this, but I'm going to attempt to use the "[2.11.997.23]" notation to force an exact match, but I'm not sure how paket will treat that either.

[forki]

are you looking for this: https://fsprojects.github.io/Paket/nuget-dependencies.html#Min-modifier ?

[dwilsonbst]

I'm looking for Paket to resolve the highest version of PackageE following the ~> notation, so >= 2.11.997 < 2.11.998. Which it is doing correctly, but paket does not respect this packages dependencies listed in PackageE's nuspec. It pulls the absolute highest version it can find, and does not even say within the range of ~> notation that the parent package followed.

[forki]

mhm. I would need a real repro to debug this.

[dwilsonbst]

Ok, I'll package a zip up for you shortly and post it. Thanks for the quick reply. What exactly would you need besides the Pakate.dependencies, paket.references, and the nuspec?