Skip to content

fix(supported-version): filter uninstallable versions from usable kind#319

Merged
mage-os-ci merged 3 commits intomage-os:mainfrom
rhoerr:fix/filter-uninstallable-versions
Apr 16, 2026
Merged

fix(supported-version): filter uninstallable versions from usable kind#319
mage-os-ci merged 3 commits intomage-os:mainfrom
rhoerr:fix/filter-uninstallable-versions

Conversation

@rhoerr
Copy link
Copy Markdown
Contributor

@rhoerr rhoerr commented Apr 16, 2026
edited
Loading

Summary

  • Exclude Magento 2.4.2 through 2.4.3-p3 from the usable kind: their composer-root-update-plugin ~1.1 requires composer/composer <=2.1, and all Composer versions <=2.1 are insecure
  • Exclude Mage-OS 2.2.1: uninstallable due to a webonyx/graphql-php security advisory
  • Add tests covering both exclusion sets

Fixes failures in: https://github.com/mage-os/generate-mirror-repo-js/actions/runs/24401336256

Build output

> npx esbuild --outfile=dist/index.js --platform=node --bundle --minify src/index.ts

  dist/index.js  491.5kb

⚡ Done in 12ms

Test output

PASS src/kind/get-usable.spec.ts
  getUsableVersions for magento-open-source
    ✓ should return an array of versions
    ✓ should filter out versions with composer < 2.0.0
    ✓ should handle composer version equal to 2.0.0
    ✓ should handle numeric composer versions
    ✓ should filter out uninstallable Magento 2.4.2.x and 2.4.3.x versions
  getUsableVersions for mage-os
    ✓ should filter out mage-os 2.2.1 due to security advisory

PASS src/matrix/get-matrix-for-kind.spec.ts (21 tests)
PASS src/kind/get-currently-supported.spec.ts (29 tests)
PASS src/versions/get-versions-for-project.spec.ts (4 tests)
PASS src/kind/validate-kinds.spec.ts (4 tests)
PASS src/project/validate-projects.spec.ts (2 tests)
PASS src/project/validations/is-known-project.spec.ts (2 tests)
PASS src/nightly/amend-matrix-for-next.spec.ts (4 tests)
PASS src/nightly/unify-next-package-name.spec.ts (5 tests)
PASS src/nightly/get-next-version.spec.ts (3 tests)

Test Suites: 10 passed, 10 total
Tests:       74 passed, 74 total

Test plan

  • All 74 unit tests pass (including 2 new tests for the exclusions)
  • Build succeeds
  • Verify excluded versions no longer appear in usable matrix output

🤖 Generated with Claude Code

@rhoerr @claude
fix(supported-version): filter uninstallable versions from usable kind
5ab0397 
Exclude versions that cannot be installed due to security or dependency issues:
- Magento 2.4.2 through 2.4.3-p3: require composer <=2.1, which is insecure
- Mage-OS 2.2.1: blocked by webonyx/graphql-php security advisory

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@rhoerr rhoerr requested a review from a team as a code owner April 16, 2026 01:41
rhoerr and others added 2 commits April 15, 2026 21:43
@rhoerr
Merge remote-tracking branch 'origin/main' into fix/filter-uninstalla…
f966c6f 
…ble-versions

# Conflicts:
#	supported-version/dist/index.js
@rhoerr @claude
chore: rebuild dist after merge from main
5ba84bb 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@mage-os-ci mage-os-ci merged commit 0590231 into mage-os:main Apr 16, 2026
95 of 139 checks passed
@mage-os-ci mage-os-ci mentioned this pull request Apr 16, 2026
Open
@rhoerr rhoerr deleted the fix/filter-uninstallable-versions branch April 16, 2026 01:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@rhoerr @mage-os-ci