Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Broken composer package in 5.2.0 #17661

Closed
fliespl opened this issue Jul 25, 2022 · 5 comments · Fixed by #17719
Closed

Broken composer package in 5.2.0 #17661

fliespl opened this issue Jul 25, 2022 · 5 comments · Fixed by #17719
Assignees
@williamdes
Labels
duplicate packaging An issue that affect Debian, Ubuntu or another form of packaging
Milestone
5.2.1

Comments

@fliespl
Copy link
Contributor

fliespl commented Jul 25, 2022
edited
Loading

Describe the bug

Cannot install additional package with zipped file.

I know that composer packages are preinstalled, but adding new package was working just fine with version 5.1.1.

To Reproduce

Steps to reproduce the behavior:

wget -q -c https://files.phpmyadmin.net/phpMyAdmin/5.2.0/phpMyAdmin-5.2.0-english.tar.gz -O - | tar -xz --strip-components 1
composer install / composer require some-package

Expected behavior

Successful install of package.

What happens

composer fails with:

composer install
Installing dependencies from lock file (including require-dev)
Verifying lock file contents can be installed on current platform.
Warning: The lock file is not up to date with the latest changes in composer.json. You may be getting outdated dependencies. It is recommended that you run `composer update` or `composer update <package name>`.
Your lock file does not contain a compatible set of packages. Please run composer update.

  Problem 1
    - phpmyadmin/phpmyadmin is present at version 1.0.0+no-version-set and cannot be modified by Composer
    - roave/security-advisories dev-latest conflicts with phpmyadmin/phpmyadmin <5.1.3.
    - roave/security-advisories is locked to version dev-latest and an update of this package was not requested.

What I think is happening - composer.json is missing explicit version declaration.

Yeap, explicitly adding "version": "5.2.0" to composer.json worked.

Probably worth rethinking zip strategy?
@williamdes
Copy link
Member

williamdes commented Jul 25, 2022
edited
Loading

Hi @fliespl

This is a duplicate of #17570 in some way. Maybe the release script should write also the version in composer.json for non composer project users.

This is all because of Roave/SecurityAdvisories#76

@williamdes williamdes added duplicate packaging An issue that affect Debian, Ubuntu or another form of packaging labels Jul 25, 2022
@williamdes williamdes self-assigned this Jul 25, 2022
@fliespl
Copy link
Contributor Author

fliespl commented Jul 26, 2022

Thanks, I am not sure how I missed that ticket :)

I do believe adding version tag is the way to go, cause every package that will set "conflicts" with mention to phpmyadmin would cause such issue.

@williamdes
Copy link
Member

@MauricioFauth @ibennetch does it seem okay to you to set at release time the version, or keep it written all the time like package.json has?

This was referenced Aug 3, 2022
Closed
Closed
@7357-2022 7357-2022 mentioned this issue Aug 19, 2022
Open
williamdes added a commit to williamdes/phpmyadmintest that referenced this issue Sep 10, 2022
@williamdes
Add the version to composer.json at release build time
5fda1c4 
Ref: Roave/SecurityAdvisories#76
Fixes: phpmyadmin#17661

Signed-off-by: William Desportes <williamdes@wdes.fr>
@williamdes williamdes mentioned this issue Sep 10, 2022
Merged
@williamdes williamdes linked a pull request Sep 10, 2022 that will close this issue
Fix removing vendor folders (FAQ 1.44) #17719
Merged
@williamdes williamdes added this to the 5.2.1 milestone Sep 30, 2022
ankush-0x90 pushed a commit to ankush-0x90/phpmyadmin that referenced this issue Oct 13, 2022
@williamdes @ankush-0x90
Add the version to composer.json at release build time
ea11b2c 
Ref: Roave/SecurityAdvisories#76
Fixes: phpmyadmin#17661

Signed-off-by: William Desportes <williamdes@wdes.fr>
@michacassola
Copy link

Installing with composer this still happens to me. So I have to do now:

composer -d/var/www create-project phpmyadmin/phpmyadmin --no-dev /var/www/pma
pma_version=$(yq .version /var/www/pma/package.json)
composer -d/var/www/pma config version "$pma_version"
composer -d/var/www/pma update

@williamdes
Copy link
Member

Installing with composer this still happens to me. So I have to do now:

composer -d/var/www create-project phpmyadmin/phpmyadmin --no-dev /var/www/pma
pma_version=$(yq .version /var/www/pma/package.json)
composer -d/var/www/pma config version "$pma_version"
composer -d/var/www/pma update

Yes, it still happens until 5.2.1 is out, you can subscribe to #17830

@williamdes williamdes mentioned this issue Dec 30, 2022
Closed
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Nov 2, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@williamdes williamdes

Labels
duplicate packaging An issue that affect Debian, Ubuntu or another form of packaging
Projects
None yet
Milestone
5.2.1
Development

Successfully merging a pull request may close this issue.

Fix removing vendor folders (FAQ 1.44) williamdes/phpmyadmintest
3 participants
@fliespl @williamdes @michacassola