Microsoft introduced the second update to their Long Term Support (LTS) version of .NET Core on 13th December, 3 months after releasing the first update to the platform. This included updates to .NET Core, ASP.NET Core and Entity Framework Core, and takes the overall version number to 1.0.3, though this number can be confusing, as you'll see shortly! You can read about the update in their blog post - I'm going to focus primarily on the ASP.NET Core changes here.

Understanding the version numbers

The first thing to take in with this update, is that it is only for the LTS track. .NET Core and ASP.NET Core follow releases in two different tracks: the safer, more stable, LTS version; and the alternative Fast Track Support (FTS) which sees new features at a higher rate.

Depending on your requirements for stability and the need for new features, you can stick to either the FTS or LTS track - both are supported. The important thing is that you make sure your whole application sticks to one or the other. You can't use some packages from the LTS track and some from the FTS track.

As of writing, the LTS version is at 1.0.3, which follows version numbers of the format 1.0.x. This, as expected implies it will only see patch/bug fixes. In contrast, the FTS version is currently at 1.1.0, which brings a number of additional features over the LTS branch. You can read more about the versioning story on the .NET blog.

Is this the second or third LTS update?

You may have noticed I said that this was the second update to the LTS track, even though we're up to update 1.0.3. That's because the .NET Core 1.0.2 update didn't actually change any code, it simply fixed an issue in the installer on macOS. So although the version number was bumped, there weren't actually any noticeable changes.

Package numbers don't match the ASP.NET Core version

This is where things start to get confusing.

ASP.NET Core is composed of a whole host of loosely coupled packages which can be added to your application to provide various features, as and when you need them. If you don't need a feature, you don't add it to your project. This contrasts with the previous model of ASP.NET in which you always had access to all of the features. It was more of a set-meal approach rather than the à la carte buffet approach of ASP.NET Core.

Each of these packages that make up ASP.NET Core - packages such as Microsoft.AspNetCore.Mvc, Microsoft.Extensions.Configuration.Abstractions, and Microsoft.AspNetCore.Diagnostics - follow semantic versioning. They version independently of one another, and of the framework as a whole.

ASP.NET Core has an overall version number, which for the LTS track is 1.0.3. However, just because the overall ASP.NET Core version has incremented, that doesn't mean that the underlying packages of which it is composed have necessarily changed. If a package has not changed, there is no sense in updating its version number, even though a new version of ASP.NET Core is being released.

Updating your project

Although Microsoft have take a perfectly reasonable approach with regard to this in theory, the reality of trying to keep up with these version changes is somewhat bewildering.

In order to stay supported, you have to ensure all your packages stay on the latest version of the LTS (or FTS) track of ASP.NET Core. But there isn't anywhere that actually lists out all the supported packages for a given overall version of ASP.NET Core, or provides an easy way to update all the packages in your project to the latest on the LTS track. And it's not easy to know what they should be - some packages may be on version 1.0.2, others 1.0.1 and some may still be 1.0.0. It's very hard to tell whether your project.json (or csproj) is all up-to-date.

In a recent post, Steve Gordon ran into exactly this problem when updating the allReady project to 1.0.3. He found he had to go through the NuGet Package Manager GUI in ASP.NET Core and update each of his dependencies independently. He couldn't use the 'Update All' button as this would update to the latest in the FTS track. Hopefully his suggestion of a toggle for selecting which track you wish to stick to will be implemented in VS2017!

As part of his post, he lists all the dependencies he had to update in his project.json in making the move. You also have to ensure you install the latest SDK from https://dot.net and update your global.json accordingly.

Steve lists a whole host of packages to update, but I wanted to try and provide a more comprehensive list, so I decided to take a look through each of the ASP.NET Core repos, and fetch the latest version of the packages for the LTS update.

Latest versions

The latest version of ASP.NET Core packages for version 1.0.3 are listed below. This list attempts to be exhaustive for the core packages in the Microsoft ASP.NET Core repos in GitHub. It's quite possible I've missed some out though - if so, let me know in the comments!

Note that not all of these packages will have changed in the 1.0.3 release (though it seems like most have), these are just the latest packages that it uses.

  "Microsoft.ApplicationInsights.AspNetCore" : "1.0.2",
  "Microsoft.AspNet.Identity.AspNetCoreCompat" : "0.1.1",
  "Microsoft.AspNet.WebApi.Client" : "5.2.2",
  "Microsoft.AspNetCore.Antiforgery" : "1.0.2",
  "Microsoft.AspNetCore.Authentication" : "1.0.1",
  "Microsoft.AspNetCore.Authentication.Cookies" : "1.0.1",
  "Microsoft.AspNetCore.Authentication.Facebook" : "1.0.1",
  "Microsoft.AspNetCore.Authentication.Google" : "1.0.1",
  "Microsoft.AspNetCore.Authentication.JwtBearer" : "1.0.1",
  "Microsoft.AspNetCore.Authentication.MicrosoftAccount" : "1.0.1",
  "Microsoft.AspNetCore.Authentication.OAuth" : "1.0.1",
  "Microsoft.AspNetCore.Authentication.OpenIdConnect" : "1.0.1",
  "Microsoft.AspNetCore.Authentication.Twitter" : "1.0.1",
  "Microsoft.AspNetCore.Authorization" : "1.0.1",
  "Microsoft.AspNetCore.Buffering" : "0.1.1",
  "Microsoft.AspNetCore.CookiePolicy" : "1.0.1",
  "Microsoft.AspNetCore.Cors" : "1.0.1",
  "Microsoft.AspNetCore.Cryptography.Internal" : "1.0.1",
  "Microsoft.AspNetCore.Cryptography.KeyDerivation" : "1.0.1",
  "Microsoft.AspNetCore.DataProtection" : "1.0.1",
  "Microsoft.AspNetCore.DataProtection.Abstractions" : "1.0.1",
  "Microsoft.AspNetCore.DataProtection.Extensions" : "1.0.1",
  "Microsoft.AspNetCore.DataProtection.SystemWeb" : "1.0.1",
  "Microsoft.AspNetCore.Diagnostics" : "1.0.1",
  "Microsoft.AspNetCore.Diagnostics.Abstractions" : "1.0.1",
  "Microsoft.AspNetCore.Diagnostics.Elm" : "0.1.1",
  "Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore" : "1.0.1",
  "Microsoft.AspNetCore.Hosting" : "1.0.1",
  "Microsoft.AspNetCore.Hosting.Abstractions" : "1.0.1",
  "Microsoft.AspNetCore.Hosting.Server.Abstractions" : "1.0.1",
  "Microsoft.AspNetCore.Hosting.WindowsServices" : "1.0.1",
  "Microsoft.AspNetCore.Html.Abstractions" : "1.0.1",
  "Microsoft.AspNetCore.Http" : "1.0.1",
  "Microsoft.AspNetCore.Http.Abstractions" : "1.0.1",
  "Microsoft.AspNetCore.Http.Extensions" : "1.0.1",
  "Microsoft.AspNetCore.Http.Features" : "1.0.1",
  "Microsoft.AspNetCore.HttpOverrides" : "1.0.1",
  "Microsoft.AspNetCore.Identity" : "1.0.1",
  "Microsoft.AspNetCore.Identity.EntityFrameworkCore" : "1.0.1",
  "Microsoft.AspNetCore.JsonPatch" : "1.0.0",
  "Microsoft.AspNetCore.Localization" : "1.0.1",
  "Microsoft.AspNetCore.MiddlewareAnalysis" : "1.0.1",
  "Microsoft.AspNetCore.Mvc" : "1.0.2",
  "Microsoft.AspNetCore.Mvc.Abstractions" : "1.0.2",
  "Microsoft.AspNetCore.Mvc.ApiExplorer" : "1.0.2",
  "Microsoft.AspNetCore.Mvc.Core" : "1.0.2",
  "Microsoft.AspNetCore.Mvc.Cors" : "1.0.2",
  "Microsoft.AspNetCore.Mvc.DataAnnotations" : "1.0.2",
  "Microsoft.AspNetCore.Mvc.Formatters.Json" : "1.0.2",
  "Microsoft.AspNetCore.Mvc.Formatters.Xml" : "1.0.2",
  "Microsoft.AspNetCore.Mvc.Localization" : "1.0.2",
  "Microsoft.AspNetCore.Mvc.Razor" : "1.0.2",
  "Microsoft.AspNetCore.Mvc.Razor.Host" : "1.0.2",
  "Microsoft.AspNetCore.Mvc.TagHelpers" : "1.0.2",
  "Microsoft.AspNetCore.Mvc.ViewFeatures" : "1.0.2",
  "Microsoft.AspNetCore.Mvc.WebApiCompatShim" : "1.0.2",
  "Microsoft.AspNetCore.Owin" : "1.0.1",
  "Microsoft.AspNetCore.Razor.Runtime" : "1.0.1",
  "Microsoft.AspNetCore.Routing" : "1.0.2",
  "Microsoft.AspNetCore.Routing.Abstractions" : "1.0.2",
  "Microsoft.AspNetCore.Server.IISIntegration" : "1.0.1",
  "Microsoft.AspNetCore.Server.IISIntegration.Tools" : "1.0.0-preview4-final",
  "Microsoft.AspNetCore.Server.Kestrel" : "1.0.2",
  "Microsoft.AspNetCore.Server.Kestrel.Https" : "1.0.2",
  "Microsoft.AspNetCore.Server.Testing" : "0.1.1",
  "Microsoft.AspNetCore.StaticFiles" : "1.0.1",
  "Microsoft.AspNetCore.TestHost" : "1.0.1",
  "Microsoft.AspNetCore.Testing" : "1.0.1",
  "Microsoft.AspNetCore.WebUtilities" : "1.0.1",
  "Microsoft.CodeAnalysis.CSharp" : "1.3.0",
  "Microsoft.DotNet.Watcher.Core" : "1.0.0-preview4-final",
  "Microsoft.DotNet.Watcher.Tools" : "1.0.0-preview4-final",
  "Microsoft.EntityFrameworkCore" : "1.0.2",
  "Microsoft.EntityFrameworkCore.Design" : "1.0.2",
  "Microsoft.EntityFrameworkCore.InMemory" : "1.0.2",
  "Microsoft.EntityFrameworkCore.Relational" : "1.0.2",
  "Microsoft.EntityFrameworkCore.Relational.Design" : "1.0.2",
  "Microsoft.EntityFrameworkCore.Relational.Design.Specification.Tests" : "1.0.2",
  "Microsoft.EntityFrameworkCore.Relational.Specification.Tests" : "1.0.2",
  "Microsoft.EntityFrameworkCore.Specification.Tests" : "1.0.2",
  "Microsoft.EntityFrameworkCore.SqlServer" : "1.0.2",
  "Microsoft.EntityFrameworkCore.SqlServer.Design" : "1.0.2",
  "Microsoft.EntityFrameworkCore.Sqlite" : "1.0.2",
  "Microsoft.EntityFrameworkCore.Sqlite.Design" : "1.0.2",
  "Microsoft.Extensions.Caching.Abstractions" : "1.0.1",
  "Microsoft.Extensions.Caching.Memory" : "1.0.1",
  "Microsoft.Extensions.Caching.Redis" : "1.0.1",
  "Microsoft.Extensions.Caching.SqlConfig.Tools" : "1.0.0-preview4-final",
  "Microsoft.Extensions.Caching.SqlServer" : "1.0.1",
  "Microsoft.Extensions.CommandLineUtils" : "1.0.1",
  "Microsoft.Extensions.Configuration" : "1.0.1",
  "Microsoft.Extensions.Configuration.Abstractions" : "1.0.1",
  "Microsoft.Extensions.Configuration.Binder" : "1.0.1",
  "Microsoft.Extensions.Configuration.CommandLine" : "1.0.1",
  "Microsoft.Extensions.Configuration.EnvironmentVariables" : "1.0.1",
  "Microsoft.Extensions.Configuration.FileExtensions" : "1.0.1",
  "Microsoft.Extensions.Configuration.Ini" : "1.0.1",
  "Microsoft.Extensions.Configuration.Json" : "1.0.1",
  "Microsoft.Extensions.Configuration.UserSecrets" : "1.0.1",
  "Microsoft.Extensions.Configuration.Xml" : "1.0.1",
  "Microsoft.Extensions.DependencyInjection" : "1.0.1",
  "Microsoft.Extensions.DependencyInjection.Abstractions" : "1.0.1",
  "Microsoft.Extensions.DependencyInjection.Specification.Tests" : "1.0.1",
  "Microsoft.Extensions.DependencyModel" : "1.0.0",
  "Microsoft.Extensions.DiagnosticAdapter": "1.0.1",
  "Microsoft.Extensions.FileProviders.Abstractions" : "1.0.1",
  "Microsoft.Extensions.FileProviders.Composite" : "1.0.1",
  "Microsoft.Extensions.FileProviders.Embedded" : "1.0.1",
  "Microsoft.Extensions.FileProviders.Physical" : "1.0.1",
  "Microsoft.Extensions.FileSystemGlobbing" : "1.0.1",
  "Microsoft.Extensions.Globalization.CultureInfoCache" : "1.0.1",
  "Microsoft.Extensions.Localization" : "1.0.1",
  "Microsoft.Extensions.Localization.Abstractions" : "1.0.1",
  "Microsoft.Extensions.Logging" : "1.0.1",
  "Microsoft.Extensions.Logging.Abstractions" : "1.0.1",
  "Microsoft.Extensions.Logging.Console" : "1.0.1",
  "Microsoft.Extensions.Logging.Debug" : "1.0.1",
  "Microsoft.Extensions.Logging.EventLog" : "1.0.1",
  "Microsoft.Extensions.Logging.Filter" : "1.0.1",
  "Microsoft.Extensions.Logging.Testing" : "1.0.1",
  "Microsoft.Extensions.Logging.TraceSource" : "1.0.1",
  "Microsoft.Extensions.ObjectPool" : "1.0.1",
  "Microsoft.Extensions.Options" : "1.0.1",
  "Microsoft.Extensions.Options.ConfigurationExtensions" : "1.0.1",
  "Microsoft.Extensions.PlatformAbstractions" : "1.0.0",
  "Microsoft.Extensions.Primitives" : "1.0.1",
  "Microsoft.Extensions.SecretManager.Tools" : "1.0.0-preview4-final",
  "Microsoft.Extensions.WebEncoders" : "1.0.1",
  "Microsoft.IdentityModel.Protocols.OpenIdConnect" : "2.0.0",
  "Microsoft.Net.Http.Headers" : "1.0.1",
  "Microsoft.VisualStudio.Web.BrowserLink.Loader" : "14.0.1"

Hopefully someone will find this useful when trying to work out which *&^#$% package they need to update!