Nuget Package SHA-512 hash is different on each build

[Sirozha1337]

Hi, I'm having a problem with enabling Nuget LockFiles for my projects. It seems that every time I build a package it results in a different hash in the *.nupkg.sha512 file, which prevents the app using the package from resolving it due to hash mismatch.

I tried building the package with <ContinuousIntegrationBuild>true</ContinuousIntegrationBuild> property in .csproj and providing an argument /p:ContinuousIntegrationBuild=true to the dotnet build command but still every time I build a package its contentHash is different even though there were no changes to the code.

Can somebody help me understand what am I doing wrong?

What I want to achieve is this:

1. I make changes to my NugetDependecy project
2. I build NugetDependcy project and put the package into a local folder
3. I make changes to use the new package in my Dependent project and generate LockFile
4. I push NugetDependecy project to a repo
5. CI builds the package and puts it into a remote Nuget source
6. I push Dependent project to a repo
7. CI builds the project resolving the dependency from a remote Nuget source

Currently the last step fails because the SHA of the NugetDependency is different on steps 2 and 5. It also doesn't seem like an issue with CI, because I'm getting different values by just rebulding my local project.

After closely examining the contents of the package it seems that there two files that are changing between builds:

• package/services/metadata/core-properties/*.psmdcp
• _rels/.rels

The first one uses a guid for the name and the second one references this name. So I guess my question boils down to this: how can I force a static name for this file, so that it stops changing my package signatures?

[Sirozha1337]

Ok, I found my answer: #8601

What I want to achieve is currently not possible because deterministic build was removed.