Why are nuget pkg versions editable after release is created & deployed?

I’m on Octopus 3.2.6 and I’m noticing that a nuget pkg version number can be edited on a release that is currently deployed to an environment. Shouldn’t this be disallowed?

According to https://octopus.com/blog/releases-and-snapshots, “When a release is created, it is read-only. You can edit the release number (since it’s really just a label) and the release notes, but you can’t change the package versions once a release has been deployed.”

I just logged on to my octopus instance to test this, and was easily able to edit the nuget pkg versions for an existing release that’s already been deployed to my dev/qa/stg/prod environments (currently deployed there too). This just seems dangerous to allow the editing of pkg versions after the release has been deployed… Is this a bug in the current octopus version, or am I just looking at this all wrong?

Hi,

Thanks for getting in touch! We indeed used to do this with our NuGet Packages. Back in 2012 when that post was written, it was our strong belief that it should be the case. However community and customer pressure showed that it was important that a few things in the snapshot had to be more flexible (mostly due to their own processes).

Regards,
Daniel