Strong names #285
Comments
|
Why do you want strong-named packages? |
|
Our packages utilize strong naming, yet we encounter warnings because the Nito assemblies we reference are not signed. Specifically, the warnings pertain to Starting with .NET 5+, strong names no longer offer advantages, leaving warnings as the only concern. |
|
Strong naming causes numerous serious maintenance issues for package maintainers, and for this reason I'm not going to strong name any of my libraries. For more details, see #229 (comment) My real question is, why do you strong-name? What benefit of strong naming are you depending on? |
|
Previously, the focus was on .NET Framework and some GAC usage. However, you make a valid argument. Perhaps now is the opportune moment to move away from using strong names. |
|
As a reason to use strong names (out-with those of us still maintaining large net framework based applications), we use them to identify assemblies containing injectable services that we develop (rather than scanning all assemblies), and to filter and list assemblies that are part of the product, separately from those that are our framework or 'third' party, such as for About pages, or to list dependent licenses and acknowledgements etc. |
|
You might not always be in full control of the stack that you are working on. For example when you are building extensions / addons to products that mandate signing (e.g. Visual Studio itself). IMO, expecting open-source libraries to sign their assemblies might not be realistic. There are several workarounds for when you need your dependencies to be signed. One workaround for example is to reference StrongNamer nuget. It's a build-time only dependency that relies on targets to find and sign all your dependencies |
Can strong names be assigned to all Nito packages? From what I gather, they were available previously.
The text was updated successfully, but these errors were encountered: