Discussed below are the change highlights included in these releases, but we also have a full set of release notes available for each product release:

:choco-info: NOTE

If you use Chocolatey Licensed Extension it is recommended that you install v6.2.0 of Chocolatey Licensed Extension to use all the new functionality that has been added to Chocolatey CLI v2.3.0.

Deprecation of the unpackself Command

The decision has been taken to deprecate the unpackself command, and it will be completely removed in the next major version of Chocolatey CLI.

This is a command that was never intended for usage outside the installation of Chocolatey CLI, so we do not envision that anyone will be impacted by this deprecation, however, if you feel you will be impacted, please reach out.

New Enhanced Exit Codes

Chocolatey CLI has a feature named useEnhancedExitCodes, which is disabled by default, that allows Chocolatey CLI to output additional exit codes, on top of the usual 0, 1, or -1. These enhanced exit codes are typically used when scripting Chocolatey CLI into a larger workflow, and taking additional action when a specific outcome has occurred. This release of Chocolatey CLI increases the number of places where enhanced exit codes are output, including in the apikey, config, feature, pin, source, and upgrade commands. See the output of choco [command] -h for specific information about the enhanced exit codes available for each command.

Improvement to Installation of Chocolatey CLI

When Chocolatey CLI was uplifted to require .NET Framework 4.8, there was a noticeable change to how the installation happened. If you were installing on a machine that didn't already have .NET Framework 4.8 installed, the script would perform that installation, but it would then immediately prompt for a reboot, and then the installing user would need to run the installation script again. This was far from ideal, and thanks to a change from @JPRuskin, this is no longer required. Instead, when installing on a machine that doesn't already have .NET Framework 4.8 installed, the installation script will install it, but it will also immediately install the Chocolatey CLI files, and then it will prompt for a reboot (as this is still a requirement). After the reboot, Chocolatey CLI can be used straight away, without the need to re-run the installation script.

Allow Bypassing of Pinned Package(s) During Upgrade

A long-standing request in Chocolatey CLI was around the usage of the choco pin command. For example, let's say that you complete the following:

choco install windirstat
choco pin add --name="windirstat"

or you shorten the above to the following:

choco install windirstat --pin

Going forward, any time you attempt to run either of the following:

choco upgrade all
choco upgrade windirstat

Chocolatey CLI will not allow this action to happen, since the package has been pinned. It is doing exactly what has been asked of it. However, if you really do want to upgrade the package, you would have to do the following:

choco pin remove --name="windirstat"
choco upgrade windirstat
choco pin add --name="windirstat"

In this release of Chocolatey CLI, the above three commands can be condensed to the following single command:

choco upgrade windirstat --ignore-pinned

The end result will be that the package is upgraded, and will also still be pinned.

Install all Packages From a Source

A well known feature for Chocolatey CLI is the ability to run the following command:

choco upgrade all

Which will upgrade all the currently installed packages to the latest available versions.

In this release of Chocolatey CLI, you can now also run the following:

choco install all --source <your-custom-source-url>

This would allow the installation of all the packages on a custom source that you specify. This could potentially be very useful for initial machine setup/configuration, where all the required packages are stored on a custom feed.

Usage of this command is not allowed against the Chocolatey Community Repository, as installing over 10,000 packages at the same time isn't recognized as a necessary use case 😄.

Package Hash Verification Check

Security is important to everyone, and we at Chocolatey Software, Inc. do everything that we can to ensure that usage of Chocolatey CLI remains as safe as possible.

One new addition to Chocolatey CLI to help with security is the usePackageHashValidation feature, which you can enable using:

choco feature enable --name="usePackageHashValidation"

This will verify that the hash of the package file (the .nupkg) matches what is reported from the server that it is being installed from.

This feature will only work when the feed that is being used, reports the stored package hash.

New choco rule Command

Within Chocolatey CLI, there are a number of validation rules that are run every time the choco pack command is run. These validation rules are there to ensure that packages meet a minimum bar in terms of requirements. On top of this, with the release of the Chocolatey Community Validation Extension, it is possible to have a number of other validation rules in play during the choco pack and choco push commands.

However, prior to this release of Chocolatey CLI, there was no way to be able to "see" what validation rules are being applied. The introduction of the choco rule command changes that by making it possible to list out all the validation rules that are in action, and also to get additional information about a specific rule. Run choco rule -h to get full information, or visit the docs.

Show Remembered Arguments for a Package

Since version 0.20.0 of Chocolatey GUI, it has been possible to view the remembered package arguments for a given package. This ability can be very useful when reviewing how packages were installed, in order to ensure that they are done the same way on another machine, for example.

In this new release of Chocolatey CLI, it is now possible to get the same information by running the choco info <packageName> --local-only command.

Prevent Usage of --ignore-pinned Through Chocolatey Agent

Within this v2.3.0 release of Chocolatey CLI, a new command line option called --ignore-pinned has been added. After discussion with the team, the decision was taken that this command line option should be one of the Background Service Restricted Options, since it could provide a mechanism to by-pass the configuration that has been put in place by a System Administrator. Any attempt to use the --ignore-pinned option when running in Self Service mode will be blocked. This addition was the main impetus for the v6.2.0 release of Chocolatey Licensed Extension, and v2.1.3 of Chocolatey Agent.

Thank you to @TheCakeIsNaOH!!!

In this release of Chocolatey CLI, @TheCakeIsNaOH had no fewer than 11 Pull Requests merged! This is quite simply amazing, thank you!

Also, they already have another 5 Pull Requests lined up for the next release 😄!

For future release announcements, we are working on the ability to call out everyone who has helped with a release. Keep an eye out for that happening in the release notes that we store on GitHub, and on our docs site!

Release Notes

For more information on the changes, features, improvements and bug fixes that were included in these releases, please see the release notes:

Learn More

comments powered by Disqus

Written By:

Gary Ewan Park

Principal Software Engineer

Gary is a Microsoft MVP in Developer Technologies and also GitHub Star. Throughout his career, Gary has always looked to see how things can be automated, using the mantra that if you do the same thing more than twice, it is time for automation.

Share On
Posted In
Popular Tags
View All Tags
Recent Posts
More Posts