New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Composer 2.2: selective update breaks on changed requirement #10394
Comments
@herndlm Nice detective work! So, I guess that change is filtering out too many "(not) impossible" packages now... |
Composer 2.2 contains a a bug/over-optimization, which causes the install with changed, but compatible requirements to error out on "conflicting" requirements. This commit puts a work-around for this in place, which still tries to use the caching for the Composer install as much as possible. It is recommended to revert this commit if/when the Composer bug has been fixed and a new version has been released. Ref: * Bug report: composer/composer#10394 * Probable cause: composer/composer#9620 * Similar fix in YoastSEO: Yoast/wordpress-seo@b399942
Just ran into another similar failure. The reproduction details are different, but I have the feeling it will have the same root cause: In this case, it's a package with a recursive dependency on itself, which was previously handled correctly, but isn't anymore. |
OK the reason the packages gets deleted is that PHPUnit 5.x requires I am not sure how to best fix this.. maybe we can only apply the optimization to packages which are locked and still required by locked packages or the root package.. Or maybe we just need to remove this optimization pass entirely. cc @driskell FYI |
Thanks for looking into this @Seldaek !
Or maybe only apply the optimization when the |
I think ignoring a locked package that isn't required by anything in the pool would resolve it. If it were required by anything in the pool it would, by the transitive allow, get unlocked. Just writing up a test and will raise a potential PR shortly. Will test it with this exact case too if I can. I think that's the only missed scenario - locked packages MAY actually get removed by an uninstall - if there's another scenario for locked package that needs to be taken into account let me know but racking my brain for a bit I can't think of another case where a locked package wouldn't end up still being locked after solver. |
…ackage that will be uninstalled Fixes composer#10394
…ackage that will be uninstalled Fixes composer#10394
…ackage that will be uninstalled Fixes composer#10394
…ackage that will be uninstalled Fixes composer#10394
…ackage that will be uninstalled Fixes composer#10394
…ackage that will be uninstalled Fixes composer#10394
…ackage that will be uninstalled Fixes composer#10394
…ackage that will be uninstalled Fixes composer#10394
Thanks @driskell for looking into this. I'll keep an eye out for more situations which could be related to this. |
This reverts commit 126ecf7. Composer 2.2.3 has been released which contains a fix for the overly greedy optimization pass which was introduced in Composer 2.2.0. With this fix in place, the previously introduced work-around for Composer 2.2 is no longer needed. Refs: * https://github.com/composer/composer/releases/tag/2.2.3 * composer/composer#10394
This reverts commit b399942. Composer 2.2.3 has been released which contains a fix for the overly greedy optimization pass which was introduced in Composer 2.2.0. With this fix in place, the previously introduced work-around for Composer 2.2 is no longer needed. Refs: * https://github.com/composer/composer/releases/tag/2.2.3 * composer/composer#10394
This reverts commit b399942. Composer 2.2.3 has been released which contains a fix for the overly greedy optimization pass which was introduced in Composer 2.2.0. With this fix in place, the previously introduced work-around for Composer 2.2 is no longer needed. Refs: * https://github.com/composer/composer/releases/tag/2.2.3 * composer/composer#10394
This reverts commit b3999428193d5cdcdd0758dcb7dc060e6992c507. Composer 2.2.3 has been released which contains a fix for the overly greedy optimization pass which was introduced in Composer 2.2.0. With this fix in place, the previously introduced work-around for Composer 2.2 is no longer needed. Refs: * https://github.com/composer/composer/releases/tag/2.2.3 * composer/composer#10394
I am still having issues when updating selectively with the flag |
Please just open a new one with details if you want assistance. This issue here was definitely fixed, so you must be hitting another bug. |
I am having the very same bug as described in the issue here. |
I have a dependency
|
As I said, please create a new issue and include a composer.json + possibly composer.lock otherwise we cannot reproduce this. |
Summary
There's a change in behaviour between Composer 2.1 and 2.2, where dependencies which were previously resolved without problem, now no longer get resolved.
Basic premise is a repo which has a committed
composer.lock
file and uses on-the-fly updates in the CI runs via GH Actions.These updates used to work fine, but are now broken and failing builds.
I've set up a reproduction sample here: https://github.com/jrfnl/composer-2.2-bug-poc
And the changed behaviour and full
-vvv
output can be seen in the GH Actions output: https://github.com/jrfnl/composer-2.2-bug-poc/actions/runs/1616471281My
composer.json
:When I run this command on PHP 8.0:
I get the following output:
And I expected this to happen:
The update to succeed without problems.
Other notes:
Additional things I've tried:
--with-dependencies
vs--with-all-dependencies
does not make a difference.update
command didn't help.--with ...
in the update command doesn't help.--no-install
instead of--no-update
in the first command doesn't help.Work-around which works
... but may not play nice with caching in GH Actions as much:
The text was updated successfully, but these errors were encountered: