Manual updates 20240913 Binderator bumping fixed

[moljac]

Currently Binderator bumps even dependencyOnly = true which is incorrect resulting in NugetVersions which do not exist and resulting in following config file

config.json

This PR fixes this behavior and fetches latest version from nuget.org.

config.json

Added Console output too.

[jpobst]

You're correct that we should not be blindly bumping these. In fact, I don't think there's any reason to change these now, as they are all intended to be fixed versions. If we update them to the latest version from NuGet then binderator will report that it cannot find the fixed versions that it needs and we'll have to revert those bumps as well.

I think we just need to have the tooling ignore them, and we change them manually on the rare occasion they need to change:
#964

[moljac]

I don't think there's any reason to change these now, as they are all intended to be fixed versions.

Exact/pinned version dependencies are rare. I did manually update dependencies every 3-4 updates, because it was manual task and cumbersome.

If we update them to the latest version from NuGet then binderator will report that it cannot find the fixed versions that it needs and we'll have to revert those bumps as well.

True for exact/pinned version dependencies which are few. And this is what I did in this PR.
It

1. bumped bindings
2. updated dependencies to latest published on nuget
3. manually reverted exact/pinned versions

I think we just need to have the tooling ignore them, and we change them manually on the rare occasion they need to change:

Yes. I did ignore those, but it can happen that some dependencies are not needed anymore and can be removed.

see:

32b2c11

I did this step of removing all dependencies and let binderator "recalculate" new dependencies twice a year.

Ignoring updating dependencies and thus introducing older versions of dependencies could also cause

#764

Now that we have everything in one binderator config file, only exact/pinned version dependencies will remain as dependencies, so updating dependencies problem is solved partially by merging to configs.

[jpobst]

I'm not entirely following what you are advocating here:

Exact/pinned version dependencies are rare.

True for exact/pinned version dependencies which are few.

Now that we have everything in one binderator config file, only exact/pinned version dependencies will remain as dependencies

We only have exact/pinned version dependencies left in config.json, so if we update them to the latest version on NuGet we will always have to revert them. There are no dependencies left that should have their version changed automatically.

some dependencies are not needed anymore and can be removed

If this is the problem we want to solve, I think we should have binderator track which dependencies in the config.json it doesn't use to build the dependency graph. It could then report them as unneeded. However, we only have 6 dependencies left in config.json, so it may not be worth writing the code to do that.