Deprecation and vulnerability filters on Installed tab #9660
Comments
|
Assigned to @drewgillies as we will have similar issues for vulnerability feature |
nkolev92
added
Functionality:VisualStudioUI
Priority:2
|
fyi @donnie-msft @chgill-MSFT |
|
Filtering is pretty minimal... and we've recently discussed this with the nuget.org changes that are going on. We also don't show deprecation in the details pane on solution package manager UI: #8568 |
|
Found this issue via https://developercommunity.visualstudio.com/t/nuget-package-manager-ui-reports-you-have-1-deprec/957820?viewtype=solutions and through https://developercommunity.visualstudio.com/t/nuget-package-manager-doesnt-indicate-that-a-packa/539006 I do not have any deprecated packages listed under the Installed tab, despite a yellow warning triangle saying so. Initially, I thought I had gone mad and/or hadn't dranken enough caffeine this morning to see the tiny yellow warning triangle in a list of ~100 packages. But then I meticulously scrolled through every package and saw nothing. Even more frustrating is that the VS Output window for Package Manager does not mention this. Nor does running I also don't see anything in the VS Error List for NUXXXX for an warning code related to deprecated packages. When I search MS Docs for the specific error code so that I can flag the warning as an error, I can't seem to find such a warning code - so how does nuget know that its a warning icon to display? |
|
I have a suspicion that this is flagging NU1605 as a "deprecated package" warning, based on reading the output of I went through all the Nuget Errors and Warnings this morning, and deprecated package doesn't seem to be there. |
|
Found it - the yellow warning icon is on the far right of the package, next to the version. It is not in the place I would have expected. I was looking at the status for the package, which is on the left. @anangaur I think, when your team works on this issue, it would be great if they handle the scenario where the package is both the latest stable and also deprecated. See this scenario with package FluentValidation.Mvc5 as a test case:
<ItemGroup>
<PackageReference Include="FluentValidation.Mvc5" Version="8.6.1" />
</ItemGroup> |
|
/cc: @chgill-MSFT |
|
@jzabroski consider giving the issue an upvote! My understanding is the deprecation icon is located there to be next to the Installed Version #, since deprecation is per version. |
|
Respectfully, that doesn't match my expectations or seems inconsistent with the rest of the UI, since the blue and green icons also communicate version statuses and are next to the package icon. This was a poor design choice that should be refactored rather than defended. |
|
Regarding the NU1605 comment, deprecation is not surfaced in restore. The 2 are orthogonal. |
|
Hi @jzabroski - so it sounds there are 3 issues you have with the NuGet deprecation experience:
For number 1 - Would it be help if deprecated and vulnerable packages are automatically moved to the top of the Installed tab package list? For number 2 - The reason we have separate indicators is because it may be valuable to know that an update is available when a package version is deprecated, however I completely understand your point that deprecated feels like a package status similar to the ones for the icon overlays. Is this what your ideal experience would look like (ignoring the roughness of the mockup):
For number 3 - I believe we've considered this before by moved away from it due to potential performance implications. @nkolev92 can correct me if I'm wrong. |
|
dominoFire
changed the title
dominoFire
changed the title
|
This will be addressed by #12704 |
nkolev92
changed the title
|
#12867 is a sub issue for this as well |
From: https://developercommunity.visualstudio.com/comments/1068668/view.html
The text was updated successfully, but these errors were encountered: