Has anybody found a way to stop Xcode from automatically updating MyProject.xcodeproj/project.xcworkspace/xcshareddata/swiftpm/Package.resolved whenever the project is opened?
When building from a command line, there is a flag that can be passed, -disableAutomaticPackageResolution, but there doesn't seem to be a way to achieve the same behaviour when just opening a project file with Xcode.
I'm surprised that the default behaviour is to automatically update dependencies - no other dependency manager that I know of does that.
EDIT: This doesn't seem to happen always, seems to be specific to a branch.
I doesn’t update them unless the current pins are somehow invalid (which makes it look to Xcode as though you just edited the manifest since last time).
I suspect there is something unique about the particular branch that confuses Xcode into thinking the pins are stale. If you manually look at the .resolved file’s JSON, does it look correct and complete? For example, one thing that has caused that for me—at least in earlier toolchains—is when a package graph has the same package referred to both with and without .git at the end of the URL.
I'm poking around trying to find an answer to this problem still, as our Package.resolved file looks good (per @SDGGiesbrecht 's recommendation on what to check into). I've also ensured that Package.resolved is getting checked in properly. I'm at a loss on how to prevent this, and I'm not sure how the problem isn't more prevalent! I'm wondering if there's just something configured wrong on our end.
As @Srdan_Rasic mentions, it seems like this happens when Xcode attempts to update dependencies when we switch branches, which could be useful if the .resolved file were different; however, Xcode is clearly disregarding the current status of the .resolved file and attempting to do an update regardless of any changes, which is definitely not useful.
Currently, our options seem to be:
Pin our dependency versions explicitly. This should fix things (unless there's another strange Xcode issue with SPM), but is terribly inconvenient for obvious reasons.
Reset/revert the file changes when we don't want them, which is basically every time we switch branches. This is how we do it today. We switch branches, wait for Xcode to resolve packages, and check git status to see if it updated stuff.
I do not know. Figuring it out would probably require seeing the actual project in question. If your project is open source, you could post a link. Otherwise you may have to try getting confidential help through Apple’s developer program.
This not only happens with a particular branch. I have a project (sorry, can't share) that it's comprised of other projects (frameworks mostly) and every time the project is open (xcworkspace) SPM updates packages. You can just quit xcode and re-open it and it will update it. (why?!). And this is not new, this happens since SPM inception and we are now in xcode v14.x and still the issue hasn't been resolved.
Hard to believe that is something not noticeable for other devs.
I've reviewed all locations have .git and there are no repeated packages, in fact, the only package I have with SPM is firebase.
I'd suggest that xcode would have a defaults property (disableAutomaticPackageResolution) where we could set its value and xcode would comply with it. Easy!
I've experienced a similar issue - in my case the cause is that a dependency I've vendored with a local .xcframework, has its own nested dependency, and that package is being overwritten in my project's Package.resolved file with a new location URL, version, and revision SHA.
So far I'm unable to see where the 3rd party xcframework sets its nested dependency and/or how to stop it overwriting my Package.resolved file. There's no package file inside the xcframework (that I can find anyway).
On our team, or Package.resolved will get changed randomly to add or remove the .git extension for the URLs of some packages. Even though we are all using the same version of Xcode (15.2) we get different behaviors. This has happened for years, though.
We had the ".git" Package issue for a long time in a large project. It turned out we had differing "git" URLs in our Package.swift files and in our Xcode project file. This made it look like it was randomly resolving to different url conventions -- in fact there seemed to be a race condition in which one it would select.
Once we made sure to use the same git url convention everywhere, the problem went away. They must be the same format in all Package.swift files for a given URL, including nested, and the Xcode config. Note you need to sometimes clear all the Swift packages caches on a machine after fixing the URLs to see it working properly.