Skip to content

Commit

Permalink
(chocolatey#3461) Prevent downgrade of dependency
Browse files Browse the repository at this point in the history
  • Loading branch information
@corbob
corbob committed Aug 15, 2024
1 parent fe1a67b commit 554ed07
Showing 1 changed file with 20 additions and 0 deletions.
20 changes: 20 additions & 0 deletions src/chocolatey/infrastructure.app/services/NugetService.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -809,6 +809,16 @@ Version was specified as '{0}'. It is possible that version
var packageToUninstall = packagesToUninstall.FirstOrDefault(p => p.PackageMetadata.Id.Equals(packageDependencyInfo.Id, StringComparison.OrdinalIgnoreCase));
if (packageToUninstall != null)
{
// Are we attempting a downgrade? We need to ensure it's allowed...
if (!config.AllowDowngrade && packageToUninstall.Identity.HasVersion && packageDependencyInfo.HasVersion && packageDependencyInfo.Version < packageToUninstall.Identity.Version)
{
var logMessage = StringResources.ErrorMessages.UnableToDowngrade.FormatWith(packageToUninstall.Name, packageToUninstall.Version, Environment.NewLine);
var nullResult = packageResultsToReturn.GetOrAdd(packageToUninstall.Name, packageToUninstall);
nullResult.Messages.Add(new ResultMessage(ResultType.Error, logMessage));
this.Log().Error(ChocolateyLoggers.Important, logMessage);
continue;
}

shouldAddForcedResultMessage = true;
BackupAndRunBeforeModify(packageToUninstall, config, beforeModifyAction);
packageToUninstall.InstallLocation = pathResolver.GetInstallPath(packageToUninstall.Identity);
Expand Down Expand Up @@ -1576,6 +1586,16 @@ public virtual ConcurrentDictionary<string, PackageResult> Upgrade(ChocolateyCon
{
if (packageToUninstall != null)
{
// Are we attempting a downgrade? We need to ensure it's allowed...
if (!config.AllowDowngrade && packageToUninstall.Identity.HasVersion && packageDependencyInfo.HasVersion && packageDependencyInfo.Version < packageToUninstall.Identity.Version)
{
var logMessage = StringResources.ErrorMessages.UnableToDowngrade.FormatWith(packageToUninstall.Name, packageToUninstall.Version, Environment.NewLine);
var nullResult = packageResultsToReturn.GetOrAdd(packageToUninstall.Name, packageToUninstall);
nullResult.Messages.Add(new ResultMessage(ResultType.Error, logMessage));
this.Log().Error(ChocolateyLoggers.Important, logMessage);
continue;
}

var oldPkgInfo = _packageInfoService.Get(packageToUninstall.PackageMetadata);

BackupAndRunBeforeModify(packageToUninstall, oldPkgInfo, config, beforeUpgradeAction);
Expand Down

0 comments on commit 554ed07

Please sign in to comment.