Skip to content

Updated Drupal core and contrib modules.#165

Merged
AlexSkrypnyk merged 3 commits intodevelopfrom
feature/drupal-updates-april-2026
Apr 16, 2026
Merged

Updated Drupal core and contrib modules.#165
AlexSkrypnyk merged 3 commits intodevelopfrom
feature/drupal-updates-april-2026

Conversation

@AlexSkrypnyk
Copy link
Copy Markdown
Member

@AlexSkrypnyk AlexSkrypnyk commented Apr 16, 2026
edited by coderabbitai bot
Loading

Summary

Updated Drupal core from 11.3.5 to 11.3.7 and aligned the full Symfony stack to 7.4.8. Updated 57 packages in total, covering core, contrib modules, and developer tooling including Drush, Rector, PHPStan, and Behat. All changes are patch or minor releases with no breaking changes expected. No security advisories were reported.

Changes

  • Drupal core updated from 11.3.5 to 11.3.7 - a patch-level stability release.
  • Symfony framework components unified at 7.4.8 across the full HTTP and routing stack.
  • All 57 updated packages are patch or minor releases - no breaking changes expected.
  • Developer tooling refreshed including Rector, PHPStan, Behat, and coding standards.
  • No security vulnerability advisories found.

Key highlights

  • Drupal core 11.3.5 to 11.3.7 - two patch releases with bug fixes and stability improvements.
  • Symfony components unified at 7.4.8 - covers HTTP kernel, routing, mailer, serializer, validation, and more.
  • Symfony polyfills bumped from 1.33.0 to 1.36.0 (minor) for PHP 81/83 compatibility layers.
  • Drush updated from 13.7.1 to 13.7.2 with Consolidation library patches.
  • Rector 2.3.9 to 2.4.2 (minor) and PHPStan 2.1.44 to 2.1.49 for improved static analysis.
  • Behat ecosystem updated - behat/behat 3.29.0 to 3.30.0, drupal-extension 5.3.2 to 5.3.3, behat-steps 3.6.0 to 3.7.0.
  • drupal/ai module patched from 1.3.0 to 1.3.3.

Testing focus

  • Verify all pages render correctly with no layout or styling regressions.
  • Confirm form submissions and validation work as expected across the site.
  • Test email delivery and formatting through the contact and notification forms.
  • Check that file uploads and media handling function correctly.
  • Verify search, filtering, and content listing pages return correct results.
  • Confirm admin interface and content editing workflows are unaffected.
  • Test any AI-powered features to confirm continued functionality.

Overall impact

This update brings Drupal core forward by two patch releases and aligns the entire Symfony stack to the latest patch level. The changes are conservative and focused on bug fixes and internal stability improvements rather than new features.

The risk profile is low. All core and framework changes are patch-level, and the minor bumps in developer tooling and testing libraries do not affect production runtime behaviour. The Symfony unification to a single patch version reduces version fragmentation across the dependency tree.

No security advisories were reported. The update is routine maintenance that keeps the platform current and reduces the delta for future updates.

Package changes

Summary by CodeRabbit

  • Chores

    • Bumped Drupal core, Drush, Symfony, and various development-tool dependencies to newer compatible versions.

  • Configuration

    • Removed the explicit fullscreen_algorithm: resize setting for visual test screenshots, reverting to the extension’s default fullscreen capture behavior.

@coderabbitai
Copy link
Copy Markdown

coderabbitai bot commented Apr 16, 2026
edited
Loading

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro Plus

Run ID: 66c8c8ae-9b04-429b-aca6-87ea22a8254c

📥 Commits

Reviewing files that changed from the base of the PR and between 4a7a549 and 7148fea.

📒 Files selected for processing (1)
  • behat.yml
💤 Files with no reviewable changes (1)
  • behat.yml
📝 Walkthrough

Walkthrough

Updated Composer dependency version constraints for multiple packages (both require and require-dev) and removed the fullscreen_algorithm: resize setting from the Behat screenshot extension configuration in behat.yml.

Changes

Cohort / File(s) Summary
Composer dependency updates
composer.json		 Bumped version constraints for runtime and dev packages: drupal/core-composer-scaffold, drupal/core-recommended, drush/drush, symfony/http-client, and dev tools including behat/behat, dantleech/gherkin-lint, drevops/behat-screenshot, drevops/behat-steps, drupal/drupal-extension, ergebnis/composer-normalize, mglaman/phpstan-drupal, phpstan/phpstan, and rector/rector. No other composer settings or scripts changed.
Behat configuration change
behat.yml		 Removed fullscreen_algorithm: resize from DrevOps\BehatScreenshotExtension in the default profile (leaves extension to use its default fullscreen algorithm).

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

Suggested labels

PR: Dependencies

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name Status Explanation Resolution
Title check ❓ Inconclusive The PR title 'Updated Drupal core and contrib modules' is partially related to the changeset but does not capture the main changes. While core and contrib updates are mentioned, the actual detailed changes involve specific version bumps (11.3.5→11.3.7), Symfony alignment (7.4.8), and Behat configuration modification, which are not reflected in the generic title. Consider a more specific title such as 'Update Drupal core to 11.3.7 and align dependencies' or 'Upgrade Drupal core and dependencies, remove deprecated Behat setting' to better reflect the actual scope and nature of changes.
✅ Passed checks (2 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch feature/drupal-updates-april-2026

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot]
coderabbitai bot reviewed Apr 16, 2026
View reviewed changes
Copy link
Copy Markdown

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents 
Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@composer.json`:
- Line 53: Update the explicit symfony/http-client constraint in composer.json
so it doesn't conflict with Drupal 11's Symfony 7 requirement: either remove the
"symfony/http-client" entry entirely to let drupal/core-recommended control the
version, or change its version constraint from "^6.4.36" to a Symfony 7
compatible constraint such as "^7.4.8"; ensure after the change you run composer
update to verify the dependency graph resolves against drupal/core-recommended
~11.3.7.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro Plus

Run ID: 0518af50-9ecc-4f0a-b3da-ebb2cf63a165

📥 Commits

Reviewing files that changed from the base of the PR and between 377d6c5 and 4a7a549.

⛔ Files ignored due to path filters (1)
  • composer.lock is excluded by !**/*.lock
📒 Files selected for processing (1)
  • composer.json

Comment thread composer.json
"drush/drush": "^13.7.2",
"oomphinc/composer-installers-extender": "^2.0.1",
"symfony/http-client": "^6.4.34",
"symfony/http-client": "^6.4.36",
Copy link
Copy Markdown

@coderabbitai coderabbitai bot Apr 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "== Direct constraint in composer.json =="
rg -n '"symfony/http-client"\s*:' composer.json

echo
echo "== Resolved version in composer.lock (if present) =="
jq -r '.packages[] | select(.name=="symfony/http-client") | "\(.name) \(.version)"' composer.lock

echo
echo "== Why package is required (dependency chain) =="
composer why symfony/http-client || true

echo
echo "== Check whether Symfony 7.4.8 is prohibited and by whom =="
composer prohibits symfony/http-client 7.4.8 || true

Repository: drevops/website

Length of output: 505

🏁 Script executed:

cat -n composer.json | head -90 | tail -50

Repository: drevops/website

Length of output: 2298

🏁 Script executed:

# Search for all symfony package constraints in composer.json
rg -n 'symfony/' composer.json

Repository: drevops/website

Length of output: 103

🏁 Script executed:

# Check what version of Drupal core requires Symfony
# Examine if drupal/core-recommended ~11.3.7 has any Symfony constraints documented
rg -n '"drupal/core' composer.json

Repository: drevops/website

Length of output: 254

🌐 Web query:

Drupal 11 Symfony version requirement

💡 Result:

Drupal 11 requires Symfony 7 (specifically ^7.4 for various components like symfony/console, symfony/http-foundation, etc., as defined in Drupal core's composer.json dependencies). Drupal 11.0.0 ships with Symfony 7.1.1.

Citations:

Remove or upgrade explicit symfony/http-client constraint to align with Drupal 11 requirements.

Line 53 pins symfony/http-client to ^6.4.36, which conflicts with drupal/core-recommended ~11.3.7 (Drupal 11 requires Symfony ^7.4). This constraint will block Symfony 7.x resolution. Either upgrade to ^7.4.8 to match your Symfony 7 stack or remove the constraint entirely to let drupal/core-recommended control the version.

Proposed fix 
-        "symfony/http-client": "^6.4.36",
+        "symfony/http-client": "^7.4.8",

Or remove the constraint if not explicitly needed:

-        "symfony/http-client": "^6.4.36",
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
"symfony/http-client": "^6.4.36",
"symfony/http-client": "^7.4.8",
Suggested change
"symfony/http-client": "^6.4.36",
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@composer.json` at line 53, Update the explicit symfony/http-client constraint
in composer.json so it doesn't conflict with Drupal 11's Symfony 7 requirement:
either remove the "symfony/http-client" entry entirely to let
drupal/core-recommended control the version, or change its version constraint
from "^6.4.36" to a Symfony 7 compatible constraint such as "^7.4.8"; ensure
after the change you run composer update to verify the dependency graph resolves
against drupal/core-recommended ~11.3.7.

@github-actions

This comment has been minimized.

Sign in to view
@codecov-commenter
Copy link
Copy Markdown

codecov-commenter commented Apr 16, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 87.73%. Comparing base (377d6c5) to head (7148fea).

Additional details and impacted files 
@@           Coverage Diff            @@
##           develop     #165   +/-   ##
========================================
  Coverage    87.73%   87.73%           
========================================
  Files           11       11           
  Lines          163      163           
========================================
  Hits           143      143           
  Misses          20       20

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@github-actions
Copy link
Copy Markdown

github-actions bot commented Apr 16, 2026

Code coverage (GitHub Actions)

Code Coverage Report:
  2026-04-17 07:51:41

 Summary:
  Classes: 50.00% (5/10)
  Methods: 73.91% (17/23)
  Lines:   92.81% (310/334)

Drupal\do_feed\FeedUrlBuilder
  Methods: 100.00% ( 4/ 4)   Lines: 100.00% ( 18/ 18)
Drupal\do_feed\Form\FeedSettingsForm
  Methods: 100.00% ( 4/ 4)   Lines: 100.00% ( 15/ 15)
Drupal\do_feed\Hook\EntityDeleteHook
  Methods:  50.00% ( 1/ 2)   Lines:  92.31% ( 12/ 13)
Drupal\do_feed\Hook\EntityPresaveHook
  Methods: 100.00% ( 4/ 4)   Lines: 100.00% ( 54/ 54)
Drupal\do_feed\Hook\PreprocessParagraphHook
  Methods: 100.00% ( 2/ 2)   Lines: 100.00% ( 14/ 14)
Drupal\do_feed\Hook\PreprocessViewsViewRowRssHook
  Methods: 100.00% ( 1/ 1)   Lines: 100.00% (  3/  3)
Drupal\do_feed\Hook\ViewsPreViewHook
  Methods:  50.00% ( 1/ 2)   Lines:  96.43% ( 27/ 28)

@AlexSkrypnyk AlexSkrypnyk merged commit 307fa56 into develop Apr 16, 2026
8 checks passed
@AlexSkrypnyk AlexSkrypnyk deleted the feature/drupal-updates-april-2026 branch April 16, 2026 21:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

Assignees

@AlexSkrypnyk AlexSkrypnyk

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@AlexSkrypnyk @codecov-commenter