Our development team is starting to run into vertical dependency issues. I've been on teams that used Ivy to deal with this, but NuGet seems to be a far superior solution for Visual Studio 2010 / C#.
What scares me about NuGet is it makes it so开发者_如何学运维 easy to publish to the global feed. If this happens accidentally, at best, I am going to get fired. At worst . . .
I am hoping someone can vet the following plan and tell me if I'm opening myself up to a disaster. Also, any advice to improve the workflow would be appreciated.
I am under the assumption, that if I never use the "push" command, and/or I never enter an API Key, NuGet cannot publish to the public repository. Is this true?
I will install a Package feed on our private intranet, where the package feed is created as described here: http://haacked.com/archive/2011/03/31/hosting-simple-nuget-package-feed.aspx
I will alter our CruiseControl/TeamCity builds to generate a new .nupkg file on every build, and push them to the ~packages directory.
Team members will be forced to install the NuGet plugin, and point it towards the private repository.
I am under the assumption, that if I never use the "push" command, and/or I never enter an API Key, NuGet cannot publish to the public repository. Is this true?
If you don't enter an API key you are 100% safe. You can type push all day long and it won't do a thing.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论