[#2164] Added bump-after-update configuration to composer.json and updated docs.

[AlexSkrypnyk]

Closes #2164

Summary by CodeRabbit

Release Notes

• Documentation

  • Added comprehensive section on dependency version constraint management, including automatic bumping via Vortex, use cases for application projects vs libraries, and manual override options

• Configuration

  • Enabled automatic constraint bumping by default to keep dependency versions in sync with installed packages

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

Added bump-after-update: true configuration to composer.json and documented the dependency bumping feature in Drupal composer documentation. This configuration automatically updates version constraints in composer.json to match installed package versions after composer update operations.

Changes

Cohort / File(s)	Summary
Configuration composer.json	Added bump-after-update: true flag to the config section to enable automatic dependency constraint bumping after updates.
Documentation .vortex/docs/content/drupal/composer.mdx	Added "Dependency bumping" section explaining version constraint synchronization, use cases for application projects vs. libraries, manual bump commands, and configuration details for bump-after-update option.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~5 minutes

• Configuration flag: Verify bump-after-update: true aligns with project standards and Composer best practices
• Documentation accuracy: Confirm bump commands and configuration explanations are correct and consistent with Composer's official behavior

Poem

🐰 A bump here, a bump there,
Dependencies dancing through the air!
Vortex keeps the versions tight,
Composer constraints always right.
✨ hops with glee

Pre-merge checks and finishing touches

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and specifically summarizes the main changes: adding the bump-after-update configuration and updating documentation, which aligns directly with the changeset.
Linked Issues check	✅ Passed	The PR successfully implements the coding requirements from issue #2164: adds bump-after-update configuration to composer.json and updates the Drupal composer documentation as required.
Out of Scope Changes check	✅ Passed	All changes are directly aligned with issue #2164 requirements: configuration addition and documentation updates, with no extraneous modifications.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feature/2164-enforce-bump-deps

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 84c4d2c and eec4206.

⛔ Files ignored due to path filters (4)

• .vortex/installer/tests/Fixtures/handler_process/_baseline/composer.json is excluded by !.vortex/installer/tests/Fixtures/**
• .vortex/installer/tests/Fixtures/handler_process/hosting_acquia/composer.json is excluded by !.vortex/installer/tests/Fixtures/**
• .vortex/installer/tests/Fixtures/handler_process/hosting_project_name___acquia/composer.json is excluded by !.vortex/installer/tests/Fixtures/**
• .vortex/installer/tests/Fixtures/handler_process/starter_drupal_cms_profile/composer.json is excluded by !.vortex/installer/tests/Fixtures/**

📒 Files selected for processing (2)

• .vortex/docs/content/drupal/composer.mdx (2 hunks)
• composer.json (1 hunks)

🧰 Additional context used

📓 Path-based instructions (1)

composer.json

📄 CodeRabbit inference engine (CLAUDE.md)

composer.json: Define patch configurations in composer.json under 'extra.patches' section, supporting both local patches and external URLs
Document the issue being fixed in composer.json patch description and include issue URLs when available from drupal.org

Files:

• composer.json

🧠 Learnings (3)

📓 Common learnings

Learnt from: CR
Repo: drevops/vortex PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-11-24T21:29:10.896Z
Learning: Applies to composer.json : Document the issue being fixed in composer.json patch description and include issue URLs when available from drupal.org

📚 Learning: 2025-11-24T21:29:10.896Z

Learnt from: CR
Repo: drevops/vortex PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-11-24T21:29:10.896Z
Learning: Applies to composer.json : Define patch configurations in composer.json under 'extra.patches' section, supporting both local patches and external URLs

Applied to files:

• composer.json

📚 Learning: 2025-11-24T21:29:10.896Z

Learnt from: CR
Repo: drevops/vortex PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-11-24T21:29:10.896Z
Learning: Applies to composer.json : Document the issue being fixed in composer.json patch description and include issue URLs when available from drupal.org

Applied to files:

• .vortex/docs/content/drupal/composer.mdx

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (11)

• GitHub Check: build (0)
• GitHub Check: build (1)
• GitHub Check: vortex-test-workflow (2)
• GitHub Check: vortex-test-workflow (1)
• GitHub Check: vortex-test-workflow (4)
• GitHub Check: vortex-test-workflow (3)
• GitHub Check: vortex-test-workflow (0)
• GitHub Check: vortex-test-common
• GitHub Check: vortex-test-installer (8.4)
• GitHub Check: vortex-test-installer (8.3)
• GitHub Check: vortex-test-installer (8.2)

🔇 Additional comments (3)

composer.json (1)

95-95: Configuration correctly added and properly placed.

The bump-after-update configuration option is valid with value true, which automatically runs the bump command after composer update, appropriate for Drupal application projects.

.vortex/docs/content/drupal/composer.mdx (2)

17-58: Documentation of dependency bumping feature is clear and comprehensive.

The explanation correctly describes how bump-after-update automatically runs the bump command after composer update. The note block appropriately distinguishes between application projects and libraries, with practical guidance for each use case. All provided examples are valid Composer commands.

---

295-301: Configuration explanation is accurate and complete.

The documentation correctly lists all valid values: true, false, "dev" or "no-dev". The explanation of what each value does aligns with Composer's behavior, and the note that Vortex sets this to true by default for Drupal projects is appropriate.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 75.71%. Comparing base (84c4d2c) to head (eec4206).
⚠️ Report is 1 commits behind head on develop.

Additional details and impacted files

@@             Coverage Diff             @@
##           develop    #2165      +/-   ##
===========================================
- Coverage    76.37%   75.71%   -0.67%     
===========================================
  Files          110      103       -7     
  Lines         5685     5526     -159     
  Branches        44        0      -44     
===========================================
- Hits          4342     4184     -158     
+ Misses        1343     1342       -1     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.