Nuget - 是否在源代码管理中存储包？

Question

我们目前没有使用nuget作为我们的依赖项，更喜欢采用old-skool方式并将它们全部放在libs文件夹中并从那里引用。我知道。所以1990年代。

无论如何，nuget总是让我感到有点不安......你知道，依赖云和所有这一切。因此，我发现自己主要同意Mark Seeman（见http://blog.ploeh.dk/2014/01/29/nuget-package-restore-considered-harmful/）谁说：

  

就个人而言，我总是禁用该功能，而是检查我的存储库中的所有包。这从来没有给我任何问题。

麻烦的是，在版本3中已经发生了变化，您无法将解决方案与解决方案一起存储，如下所述：https://oren.codes/2016/02/08/project-json-all-the-things/。哪一种搞砸了将它们检查成源代码。

那么，我在这里什么都不担心？我应该从nuget中喝酒，还是与Seeman先生和呃谨慎一起喝酒？

Answer 1

Storing NuGet packages in source control is a really, really bad idea. I accidentally did it once and I ended up bloating my source code considerably, and that was before .NET Core...

Drink deep from the NuGet well. Most software components are packaged in a similar way these days (NPM, Bower etc). The referenced blog post is two years old and package management is changing rapidly in the .NET world, so here's some of my experience lately.

• NuGet packages can't be deleted from nuget.org. They can be hidden, but if your application requests a hidden package it will download it as normal. It'll never disappear into the void.
• 'Enable Package Restore' is no longer glitchy because it's now a default option in NuGet 2.7+. You have no choice anymore.
• Packages are no longer stored per solution but per machine, which will save a ton of bandwidth and will decrease the initial fetch period when building.
• If you build a new project using .NET Core, you will have dozens more packages as the entire BCL will be available as NuGet packages. Do you really want to check-in all the System.* packages into source code?