Self-contained deployment runtime roll forward
.NET Core self-contained application deployments include both the .NET Core libraries and the .NET Core runtime. Starting in .NET Core 2.1 SDK (version 2.1.300), a self-contained application deployment publishes the highest patch runtime on your machine. By default,
dotnet publish for a self-contained deployment selects the latest version installed as part of the SDK on the publishing machine. This enables your deployed application to run with security fixes (and other fixes) available during
publish. The application must be re-published to obtain a new patch. Self-contained applications are created by specifying
-r <RID> on the
dotnet publish command or by specifying the runtime identifier (RID) in the project file (csproj / vbproj) or on the command line.
Patch version roll forward overview
dotnet commands that can run separately. The runtime choice is part of the
restore operation, not
build. If you call
publish, the latest patch version will be chosen. If you call
publish with the
--no-restore argument, then you may not get the desired patch version because a prior
restore may not have been executed with the new self-contained application publishing policy. In this case, a build error is generated with text similar to the following:
"The project was restored using Microsoft.NETCore.App version 2.0.0, but with current settings, version 2.0.6 would be used instead. To resolve this issue, make sure the same settings are used for restore and for subsequent operations such as build or publish. Typically this issue can occur if the RuntimeIdentifier property is set during build or publish but not during restore."
build can be run implicitly as part of another command, like
publish. When run implicitly as part of another command, they are provided with additional context so that the right artifacts are produced. When you
publish with a runtime (for example,
dotnet publish -r linux-x64), the implicit
restore restores packages for the linux-x64 runtime. If you call
restore explicitly, it does not restore runtime packages by default, because it doesn't have that context.
How to avoid restore during publish
restore as part of the
publish operation may be undesirable for your scenario. To avoid
publish while creating self-contained applications, do the following:
- Set the
RuntimeIdentifiersproperty to a semicolon-separated list of all the RIDs to be published.
- Set the
No-restore argument with dotnet publish options
If you want to create both self-contained applications and framework-dependent applications with the same project file, and you want to use the
--no-restore argument with
dotnet publish, then choose one of the following:
Prefer the framework-dependent behavior. If the application is framework-dependent, this is the default behavior. If the application is self-contained, and can use an unpatched 2.1.0 local runtime, set the
falsein the project file.
Prefer the self-contained behavior. If the application is self-contained, this is the default behavior. If the application is framework-dependent, and requires the latest patch installed, set
truein the project file.
Take explicit control of the runtime framework version by setting
RuntimeFrameworkVersionto the specific patch version in the project file.