Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New rangeStrategy=in-range-only Feature is Not Updating Packages as Expected #14116

Closed
timnolte opened this issue Feb 9, 2022 · 15 comments · Fixed by #18313
Closed

New rangeStrategy=in-range-only Feature is Not Updating Packages as Expected #14116

timnolte opened this issue Feb 9, 2022 · 15 comments · Fixed by #18313
Assignees
@RahulGautamSingh
Labels
manager:composer Composer (PHP) package manager priority-3-medium Default priority, "should be done" but isn't prioritised ahead of others status:requirements Full requirements are not yet known, so implementation should not be started type:bug Bug fix of existing functionality

Comments

@timnolte
Copy link

timnolte commented Feb 9, 2022

Hmm, so this feature appears to not update everything "in range". I have the following in my composer.json

"johnpbloch/wordpress": "~5.5.0",
"johnpbloch/wordpress-core": "~5.5.0",

The current version in the lockfile is

"johnpbloch/wordpress": "5.5.1",
"johnpbloch/wordpress-core": "5.5.1",

And the latest version of 5.5.x is 5.5.8 which will update when I issue a standard composer update.

  - Upgrading johnpbloch/wordpress (5.5.1 => 5.5.8)
  - Upgrading johnpbloch/wordpress-core (5.5.1 => 5.5.8)

With the setup of using in-range-only I'm not seeing any attempt to update these packages.

Originally posted by @timnolte in #13050 (comment)

I've setup an example repository here: https://github.com/timnolte/renovate-example2

Here is the latest debug information from a Renovate run:

DEBUG: packageFiles with updates
{
  "config": {
    "composer": [
      {
        "packageFile": "services/wordpress/composer.json",
        "deps": [
          {
            "depType": "require",
            "depName": "johnpbloch/wordpress",
            "currentValue": "~5.5.0",
            "datasource": "packagist",
            "lockedVersion": "5.5.1",
            "depIndex": 0,
            "warnings": [],
            "versioning": "composer",
            "sourceUrl": "https://github.com/johnpbloch/wordpress",
            "homepage": "http://wordpress.org/",
            "currentVersion": "5.5.1",
            "isSingleVersion": false,
            "fixedVersion": "5.5.1",
            "updates": []
          },
          {
            "depType": "require",
            "depName": "johnpbloch/wordpress-core",
            "currentValue": "~5.5.0",
            "datasource": "packagist",
            "lockedVersion": "5.5.1",
            "depIndex": 1,
            "warnings": [],
            "versioning": "composer",
            "sourceUrl": "https://github.com/johnpbloch/wordpress-core",
            "homepage": "https://wordpress.org/",
            "currentVersion": "5.5.1",
            "isSingleVersion": false,
            "fixedVersion": "5.5.1",
            "updates": []
          }
        ],
        "lockFiles": [
          "services/wordpress/composer.lock"
        ],
        "registryUrls": [
          "https://wpackagist.org",
          "https://packagist.org"
        ],
        "managerData": {
          "composerJsonType": "project"
        }
      }
    ]
  }
}
@viceice
Copy link
Member

viceice commented Feb 9, 2022

As renovate don't find new versions, it's probably related to:

@rarkins
Copy link
Collaborator

rarkins commented Feb 9, 2022

Does rangeStrategy=update-lockfile work?

@timnolte
Copy link
Author

timnolte commented Feb 9, 2022
edited
Loading

Does rangeStrategy=update-lockfile work?

No that doesn't work as mentioned here is a previous issue comment: #12766 (reply in thread)

Later this issue was opened in response to the behavior I was still seeing: #12766 (reply in thread)

@timnolte
Copy link
Author

timnolte commented Feb 9, 2022

@viceice interesting that this could be related to the packagist API, seems like pulling the correct version through the v1 API should still be working shouldn't it?

@viceice
Copy link
Member

viceice commented Feb 9, 2022

No, they told that the the old api won't provide all updates. Can somebody compare both Apis for the relevant package?

@HonkingGoose HonkingGoose added priority-3-medium Default priority, "should be done" but isn't prioritised ahead of others status:requirements Full requirements are not yet known, so implementation should not be started type:bug Bug fix of existing functionality labels Feb 10, 2022
@RahulGautamSingh
Copy link
Collaborator

RahulGautamSingh commented Feb 14, 2022
edited
Loading

No, they told that the the old api won't provide all updates. Can somebody compare both Apis for the relevant package?

We get the same list from both APIs. Both APIs return 5.9.0 as the latest version for this package.
The new API is supposed to provide data related to updates faster than the old API so the data will be the same for both APIs after sometime(probably a few minutes)

@timnolte
Copy link
Author

@RahulGautamSingh OK, thanks for confirming then that this has nothing to do with the API version and is another new issue.

@timnolte
Copy link
Author

timnolte commented Oct 5, 2022

It has been many months and it appears that this feature is still broken and not really functioning.

@viceice
Copy link
Member

viceice commented Oct 5, 2022

somebody needs to debug this.

@rarkins rarkins added the manager:composer Composer (PHP) package manager label Oct 5, 2022
@timnolte
Copy link
Author

timnolte commented Oct 5, 2022

I feel like there are either 2 things happening.

  1. When the latest version of the package is beyond the version constraint it can't update to the latest version that does match the version constraint. This means that if you miss applying an update then Renovate will never include that update again going forward.
  2. There is a bug that is only comparing the lock file version to the composer.json version pattern and if they pass then it does nothing.

@RahulGautamSingh
Copy link
Collaborator

RahulGautamSingh commented Oct 5, 2022
edited
Loading

@timnolte You're correct. It is a code-logic problem.

We use the latest version from allVersions list to get the best release, for all range strategies which is not good when we only want the latest version within a range. Instead we should be using the allSatisfyingVersions list when rangeStrategy='in-range-only'

Gotta change this line;

renovate/lib/workers/repository/process/lookup/index.ts

Line 238 in 368f635

allVersions,

To something like this:

 config.rangeStrategy === 'in-range-only'
          ? allSatisfyingVersions
          : allVersions,

@RahulGautamSingh
Copy link
Collaborator

Test run result:

DEBUG: packageFiles with updates (repository=RahulGautamSingh-testing/renovate-example2, baseBranch=main)
       "config": {
         "composer": [
           {
             "packageFile": "services/wordpress/composer.json",
             "deps": [
               {
                 "depType": "require",
                 "depName": "johnpbloch/wordpress",
                 "currentValue": "~5.5.0",
                 "datasource": "packagist",
                 "lockedVersion": "5.5.1",
                 "depIndex": 0,
                 "updates": [
                   {
                     "bucket": "non-major",
                     "newVersion": "5.5.10",
                     "newValue": "~5.5.0",
                     "releaseTimestamp": "2022-08-30T17:53:35.000Z",
                     "newMajor": 5,
                     "newMinor": 5,
                     "updateType": "patch",
                     "isRange": true,
                     "isLockfileUpdate": true,
                     "branchName": "renovate/johnpbloch-wordpress-5.x-lockfile"
                   }
                 ],
                 "warnings": [],
                 "versioning": "composer",
                 "sourceUrl": "https://github.com/johnpbloch/wordpress",
                 "homepage": "http://wordpress.org/",
                 "currentVersion": "5.5.1",
                 "isSingleVersion": true,
                 "fixedVersion": "5.5.1"
               }
             ],
             "lockFiles": ["services/wordpress/composer.lock"],
             "registryUrls": ["https://wpackagist.org", "https://packagist.org"],
             "managerData": {"composerJsonType": "project"}
           }
         ]
       }

@timnolte
Copy link
Author

timnolte commented Oct 5, 2022

@RahulGautamSingh that looks like what I would expect! 👍🏼

@RahulGautamSingh
Copy link
Collaborator

@rarkins @viceice Should I submit a PR for this?

@RahulGautamSingh RahulGautamSingh mentioned this issue Oct 13, 2022
Merged
6 tasks
@renovate-release
Copy link
Collaborator

🎉 This issue has been resolved in version 32.236.4 🎉

The release is available on:

Your semantic-release bot 📦🚀

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Nov 13, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@RahulGautamSingh RahulGautamSingh

Labels
manager:composer Composer (PHP) package manager priority-3-medium Default priority, "should be done" but isn't prioritised ahead of others status:requirements Full requirements are not yet known, so implementation should not be started type:bug Bug fix of existing functionality
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: in-range logic RahulGautamSingh/renovate
6 participants
@viceice @timnolte @rarkins @HonkingGoose @renovate-release @RahulGautamSingh