Update to Symfony 6.2 RC or update drupal/recommended-project creation and testMinimumStabilityStrictness() to allow minimum-stability to be less stable than core's stability [#3319794]

Problem/Motivation

We're on Symfony 6.2 beta, and therefore ComposerProjectTemplatesTest::MINIMUM_STABILITY is set to 'beta'. ComposerProjectTemplatesTest::testMinimumStabilityStrictness() tests to ensure that that constant isn't less than core's current stability. Core's current stability is beta, so we're okay, but once we release Drupal 10.0.0-rc1, that test will start failing if we haven't upgraded to Symfony 6.2 RC by then.

Steps to reproduce

Proposed resolution

Perhaps wait a bit longer to see if Symfony releases 6.2 RC before we need to release Drupal 10.0 RC. If that doesn't happen soon enough, then comment out the first assertion in ComposerProjectTemplatesTest::testMinimumStabilityStrictness() prior to tagging Drupal 10's RC, so that HEAD doesn't start failing following that release.

Remaining tasks

User interface changes

API changes

Data model changes

Release notes snippet

Comment	File	Size	Author
#24	interdiff.txt	4.02 KB	effulgentsia
#24	3319794-24.patch	3.29 KB	effulgentsia
#24	10.0.x: PHP 8.1 & MySQL 5.7 28,444 pass
#19	3319794-19.patch	3.11 KB	effulgentsia
#19	10.0.x: PHP 8.1 & MySQL 5.7 28,444 pass
#16	3319794-16.patch	2.82 KB	effulgentsia
#16	10.0.x: PHP 8.1 & MySQL 5.7 28,444 pass
#11	3319794-11.patch	4.27 KB	effulgentsia
#11	10.0.x: PHP 8.1 & MySQL 5.7 28,438 pass
#8	interdiff-3319794-4_8.txt	710 bytes	Anchal_gupta
#8	3319794-8.patch	1.09 KB	Anchal_gupta
#8	10.0.x: PHP 8.1 & MySQL 5.7 28,439 pass
#4	3319794-4.patch	1.41 KB	effulgentsia
#4	10.0.x: PHP 8.1 & MySQL 5.7 Custom Commands Failed
#3	3319794-3.patch	1.41 KB	effulgentsia
#3	10.0.x: PHP 8.1 & MySQL 5.7 Custom Commands Failed
#2	3319794-2.patch	710 bytes	effulgentsia
#2	10.0.x: PHP 8.1 & MySQL 5.7 Custom Commands Failed

Support from Acquia helps fund testing for Drupal Acquia logo

Comments

Comment #1

8 November 2022 at 17:22

effulgentsia created an issue. See original summary.

Comment #2

effulgentsia CreditAttribution: effulgentsia at Acquia commented 8 November 2022 at 17:24

Status:

Active

» Needs review

File	Size
3319794-2.patch	710 bytes
10.0.x: PHP 8.1 & MySQL 5.7 Custom Commands Failed

Here's a patch to demonstrate the failure that will start happening after we tag an RC.

Comment #3

effulgentsia CreditAttribution: effulgentsia at Acquia commented 8 November 2022 at 17:29

Title:	Update to Symfony 6.2 RC or skip the testMinimumStabilityStrictness() test	» Update to Symfony 6.2 RC or comment out the first assertion in testMinimumStabilityStrictness()
Issue summary:	View changes

File	Size
3319794-3.patch	1.41 KB
10.0.x: PHP 8.1 & MySQL 5.7 Custom Commands Failed

And here's #2 plus commenting out the first assertion in testMinimumStabilityStrictness(). Changing the issue title and summary because we don't want to skip the whole test, only the first assertion.

Comment #4

effulgentsia CreditAttribution: effulgentsia at Acquia commented 8 November 2022 at 17:31

File	Size
3319794-4.patch	1.41 KB
10.0.x: PHP 8.1 & MySQL 5.7 Custom Commands Failed

+++ b/core/tests/Drupal/BuildTests/Composer/Template/ComposerProjectTemplatesTest.php
@@ -89,7 +89,7 @@ public function testMinimumStabilityStrictness() {
+    //$this->assertGreaterThanOrEqual(array_search($this->getCoreStability(), static::STABILITY_ORDER), array_search(static::MINIMUM_STABILITY, static::STABILITY_ORDER));

I keep forgetting we need a space after //. This adds that.

Comment #5

effulgentsia CreditAttribution: effulgentsia at Acquia commented 8 November 2022 at 17:36

Besides this test's assertion, we might need to also make sure that our recommended project template generator sets its minimum-stability to 'beta' rather than matching core's stability level.

Comment #6

effulgentsia CreditAttribution: effulgentsia at Acquia commented 8 November 2022 at 17:38

Title:

Update to Symfony 6.2 RC or comment out the first assertion in testMinimumStabilityStrictness()

» Update to Symfony 6.2 RC or comment out the first assertion in testMinimumStabilityStrictness() and ensure that drupal/recommended-project allows beta releases

Comment #7

effulgentsia CreditAttribution: effulgentsia at Acquia commented 8 November 2022 at 17:39

Title:

Update to Symfony 6.2 RC or comment out the first assertion in testMinimumStabilityStrictness() and ensure that drupal/recommended-project allows beta releases

» Update to Symfony 6.2 RC or comment out the first assertion in testMinimumStabilityStrictness() and ensure that drupal/recommended-project allows beta releases of dependencies

Comment #8

Anchal_gupta CreditAttribution: Anchal_gupta at Srijan | A Material+ Company for Drupal India Association commented 9 November 2022 at 11:34

File	Size
3319794-8.patch	1.09 KB
10.0.x: PHP 8.1 & MySQL 5.7 28,439 pass
interdiff-3319794-4_8.txt	710 bytes

Fixed CS error. Please review it

Comment #9

longwave

he/him

English

CreditAttribution: longwave at Full Fat Things commented 9 November 2022 at 12:43

If we have to comment this out here, is this test really doing anything worth testing? Should we just remove it entirely, and rely on people to ensure dependencies have the intended stability when we do releases?

Comment #10

phenaproxima

he/him

English

Massachusetts

CreditAttribution: phenaproxima at Acquia commented 10 November 2022 at 15:29

rely on people to ensure

I would not recommend this. That would be asking for the stability check to slip through the cracks, IMHO.

Comment #11

effulgentsia CreditAttribution: effulgentsia at Acquia commented 10 November 2022 at 17:35

File	Size
3319794-11.patch	4.27 KB
10.0.x: PHP 8.1 & MySQL 5.7 28,438 pass

One reason we test for this is that when we generate the project templates for drupal/recommended-project, we set the minimum-stability to core's stability level. So a situation like this occurring where the assertion in testMinimumStabilityStrictness() is a problem lets us know that we need to figure out what to do about that as well.

Here's a patch that rather than commenting out the assertion, changes the expectation of it for the case of 10.0.0-rc1. This patch also makes the adjustment to the project template creation. I don't know what the best way is to test the change to project template creation.

In searching for where else within the composer directory we have minimum-stability, I found Drupal\Composer\Generator\ComponentGenerator::getPackage(), towards the bottom of that function. I don't know if we need to make any changes to that. This patch doesn't.

I'm still hoping that Symfony 6.2 releases an RC in the next few days, so that we don't need to commit this patch to Drupal. But I have no idea if they will or not.

Comment #12

effulgentsia CreditAttribution: effulgentsia at Acquia commented 10 November 2022 at 17:40

Title:

Update to Symfony 6.2 RC or comment out the first assertion in testMinimumStabilityStrictness() and ensure that drupal/recommended-project allows beta releases of dependencies

» Update to Symfony 6.2 RC or update drupal/recommended-project creation and testMinimumStabilityStrictness() to allow minimum-stability to be less stable than core's stability

Comment #13

andypost

he/him

Russian

CreditAttribution: andypost as a volunteer and at Skilld commented 14 November 2022 at 19:32

5 files were hidden/shown/deleted

File	Size
3319794-2.patch	710 bytes
10.0.x: PHP 8.1 & MySQL 5.7 Custom Commands Failed
3319794-3.patch	1.41 KB
10.0.x: PHP 8.1 & MySQL 5.7 Custom Commands Failed
3319794-4.patch	1.41 KB
10.0.x: PHP 8.1 & MySQL 5.7 Custom Commands Failed
3319794-8.patch	1.09 KB
10.0.x: PHP 8.1 & MySQL 5.7 28,439 pass
interdiff-3319794-4_8.txt	710 bytes

+++ b/composer/Composer.php
@@ -72,23 +72,32 @@ public static function setDrupalVersion(string $root, string $version): void {
+    // For Drupal 10.0.0-RC1, set minimum-stability to beta, because Symfony
+    // 6.2 does not yet have an RC release.
+    if (strtolower($version) === '10.0.0-rc1') {

+++ b/core/tests/Drupal/BuildTests/Composer/Template/ComposerProjectTemplatesTest.php
@@ -89,7 +89,13 @@ public function testMinimumStabilityStrictness() {
+    // Make an exception that allows a minimum stability of beta for Drupal
+    // 10.0.0-rc1, because Symfony 6.2 RC has not yet been released.
+    $minimum_minimum_stability = $this->getCoreStability();
+    if (strtolower($this->getCoreBaseVersion()) === '10.0.0-rc1') {

I think it needs todo and issue to get rid of it once stable

Comment #14

longwave

he/him

English

CreditAttribution: longwave at Full Fat Things commented 14 November 2022 at 23:10

+++ b/composer/Composer.php
@@ -72,23 +72,32 @@ public static function setDrupalVersion(string $root, string $version): void {
+    // For Drupal 10.0.0-RC1, set minimum-stability to beta, because Symfony
+    // 6.2 does not yet have an RC release.
+    if (strtolower($version) === '10.0.0-rc1') {

What if we need to do an rc2 before Symfony releases an rc? Hardcoding this feels prone to error, if we don't remember that this is here don't we risk a release that fails?

Comment #15

longwave

he/him

English

CreditAttribution: longwave at Full Fat Things commented 15 November 2022 at 16:53

This will presumably happen again in Drupal 11, assuming neither us nor Symfony change our release cadence.

What if we relax the rules on minimum-stability permanently, so a Drupal release candidate always allows beta dependencies?

Comment #16

effulgentsia CreditAttribution: effulgentsia at Acquia commented 15 November 2022 at 18:15

File	Size
3319794-16.patch	2.82 KB
10.0.x: PHP 8.1 & MySQL 5.7 28,444 pass

Simplified the patch based on the above feedback and conversation with @xjm. I think anything beyond this we can do in follow-ups.

Comment #17

effulgentsia CreditAttribution: effulgentsia at Acquia commented 15 November 2022 at 18:21

Per #11, the patch in #16 does not change this line. I'm not really clear on what that line does, so for anyone who does understand how that code fits into our packaging process, please review whether it's okay for that to remain as-is, or if this patch needs to change that as well. Thanks!

Comment #18

catch

he/him

English

CreditAttribution: catch at Third and Grove commented 15 November 2022 at 18:38

+++ b/core/tests/Drupal/BuildTests/Composer/Template/ComposerProjectTemplatesTest.php
@@ -89,7 +89,8 @@ public function testMinimumStabilityStrictness() {
     // current core stability. For example, if we've already released a beta on
     // the branch, ensure that we no longer allow alpha dependencies.
-    $this->assertGreaterThanOrEqual(array_search($this->getCoreStability(), static::STABILITY_ORDER), array_search(static::MINIMUM_STABILITY, static::STABILITY_ORDER));
+    // @todo Re-enable this assertion once Symfony 6.2 RC is released.
+    // $this->assertGreaterThanOrEqual(array_search($this->getCoreStability(), static::STABILITY_ORDER), array_search(static::MINIMUM_STABILITY, static::STABILITY_ORDER));
 
     // Ensure that static::MINIMUM_STABILITY is the same as the least stable

Instead of commenting this out entirely, could we also make it conditional on core stability being stable?

Comment #19

effulgentsia CreditAttribution: effulgentsia at Acquia commented 15 November 2022 at 20:43

File	Size
3319794-19.patch	3.11 KB
10.0.x: PHP 8.1 & MySQL 5.7 28,444 pass

This addresses #18 by using the same conditional in testMinimumStabilityStrictness() as in setTemplateProjectStability().

Comment #20

xjm

she/her

English

CreditAttribution: xjm as a volunteer commented 15 November 2022 at 22:47

+++ b/composer/Composer.php
@@ -72,23 +72,27 @@ public static function setDrupalVersion(string $root, string $version): void {
-   * Set the stability of the template projects to match the Drupal version.
+   * Sets the stability of the template projects to match the Drupal version.

Out of scope change here.

+++ b/composer/Composer.php
@@ -72,23 +72,27 @@ public static function setDrupalVersion(string $root, string $version): void {
-   *
-   * @return string
-   *   Stability level of the provided version (stable, RC, alpha, etc.)

Also out of scope (although I checked and there is indeed no return).

+++ b/composer/Composer.php
@@ -72,23 +72,27 @@ public static function setDrupalVersion(string $root, string $version): void {
-    $stability = VersionParser::parseStability($version);
+    $minimum_stability = VersionParser::parseStability($version);

As far as I can tell, renaming this local variable is out of scope.

+++ b/composer/Composer.php
@@ -72,23 +72,27 @@ public static function setDrupalVersion(string $root, string $version): void {
+    // Drupal 10.0.0-RC1 is being released before Symfony 6.2.0-RC1, so
+    // temporarily set minimum_stability to beta instead of RC.
+    // @todo Remove this after Symfony 6.2.0-RC1 is released.
+    if ($minimum_stability === 'RC') {
+      $minimum_stability = 'beta';
+    }

This is definitely less fragile than the previous version. We do get $version from the method, so we could parse that and add an && version_compare(blah blah blah) so that it's more targeted and won't malfunction with future versions.

+++ b/core/tests/Drupal/BuildTests/Composer/Template/ComposerProjectTemplatesTest.php
@@ -89,7 +89,16 @@ public function testMinimumStabilityStrictness() {
+    $minimum_minimum_stability = $this->getCoreStability();

lol @ variable name

+++ b/core/tests/Drupal/BuildTests/Composer/Template/ComposerProjectTemplatesTest.php
@@ -89,7 +89,16 @@ public function testMinimumStabilityStrictness() {
+    $this->assertGreaterThanOrEqual(array_search($minimum_minimum_stability, static::STABILITY_ORDER), array_search(static::MINIMUM_STABILITY, static::STABILITY_ORDER));

That's hard to read. I think the inline comment on lines 90-92 should be moved down, directly above the assertion (or in other words, the new code should go above the comment, not between comment and assertion).

I would probably still commit this despite the out-of-scope changes, but that's after I took 5 minutes or so to review the implications for the affected method in full context. It would be better to file a followup for them so that further reviewers can just review/commit the fix without having to review the implications of out-of-scope changes.

Next I'll try manually testing this with the release tagging script.

Comment #21

xjm

she/her

English

CreditAttribution: xjm as a volunteer commented 16 November 2022 at 00:21

Status:

Needs review

» Needs work

Manually tested this locally.

Manual testing against HEAD

From the root of the core repo, tag 10.0.0-rc1 against HEAD with the release tagging script:
```
[ayrton:drupal | Tue 16:55:28] $ ../core_release/tag.sh 
```

 git diff 10.0.0-rc1^ 10.0.0-rc1 -- composer/*

Result:

diff --git a/composer/Metapackage/CoreRecommended/composer.json b/composer/Metapackage/CoreRecommended/composer.json
index 0e488e0307..fffea9bfc1 100644
--- a/composer/Metapackage/CoreRecommended/composer.json
+++ b/composer/Metapackage/CoreRecommended/composer.json
@@ -7,7 +7,7 @@
         "webflo/drupal-core-strict": "*"
     },
     "require": {
-        "drupal/core": "10.0.x-dev",
+        "drupal/core": "10.0.0-rc1",
         "asm89/stack-cors": "~v2.1.1",
         "composer/semver": "~3.3.2",
         "doctrine/annotations": "~1.13.3",
diff --git a/composer/Metapackage/PinnedDevDependencies/composer.json b/composer/Metapackage/PinnedDevDependencies/composer.json
index f8099b736c..3ae234f34a 100644
--- a/composer/Metapackage/PinnedDevDependencies/composer.json
+++ b/composer/Metapackage/PinnedDevDependencies/composer.json
@@ -7,7 +7,7 @@
         "webflo/drupal-core-require-dev": "*"
     },
     "require": {
-        "drupal/core": "10.0.x-dev",
+        "drupal/core": "10.0.0-rc1",
         "behat/mink": "v1.10.0",
         "behat/mink-browserkit-driver": "v2.1.0",
         "behat/mink-selenium2-driver": "v1.6.0",
diff --git a/composer/Template/LegacyProject/composer.json b/composer/Template/LegacyProject/composer.json
index 74bc5f86ab..453a9ae86f 100644
--- a/composer/Template/LegacyProject/composer.json
+++ b/composer/Template/LegacyProject/composer.json
@@ -27,7 +27,7 @@
     "conflict": {
         "drupal/drupal": "*"
     },
-    "minimum-stability": "dev",
+    "minimum-stability": "RC",
     "prefer-stable": true,
     "config": {
         "allow-plugins": {
diff --git a/composer/Template/RecommendedProject/composer.json b/composer/Template/RecommendedProject/composer.json
index 97a0b93e83..bb364caa9d 100644
--- a/composer/Template/RecommendedProject/composer.json
+++ b/composer/Template/RecommendedProject/composer.json
@@ -26,7 +26,7 @@
     "conflict": {
         "drupal/drupal": "*"
     },
-    "minimum-stability": "dev",
+    "minimum-stability": "RC",
     "prefer-stable": true,
     "config": {
         "allow-plugins": {

```
git checkout 10.0.0-rc1
```

cd composer/Template/RecommendedProject

composer install

Result: Failed installation.

[ayrton:RecommendedProject | Tue 17:06:01] $ composer install
No composer.lock file present. Updating dependencies to latest instead of installing from lock file. See https://getcomposer.org/install for more information.
Loading composer repositories with package information
Updating dependencies
Your requirements could not be resolved to an installable set of packages.

  Problem 1
    - Root composer.json requires drupal/core-composer-scaffold ^10.0, found drupal/core-composer-scaffold[10.0.0-alpha1, ..., 10.1.x-dev] but it does not match your minimum-stability.
  Problem 2
    - Root composer.json requires drupal/core-project-message ^10.0, found drupal/core-project-message[10.0.0-alpha1, ..., 10.1.x-dev] but it does not match your minimum-stability.
  Problem 3
    - Root composer.json requires drupal/core-recommended ^10.0, found drupal/core-recommended[10.0.0-alpha1, ..., 10.1.x-dev] but it does not match your minimum-stability.
  Problem 4
    - Root composer.json requires drupal/core-dev ^10.0, found drupal/core-dev[10.0.0-alpha1, ..., 10.1.x-dev] but it does not match your minimum-stability.

Manual testing with patch

Apply and commit #19.
Tag 10.0.0-rc1 against HEAD with the script.

 git diff 10.0.0-rc1^ 10.0.0-rc1 -- composer/*

Result:

diff --git a/composer/Metapackage/CoreRecommended/composer.json b/composer/Metapackage/CoreRecommended/composer.json
index 0e488e0307..fffea9bfc1 100644
--- a/composer/Metapackage/CoreRecommended/composer.json
+++ b/composer/Metapackage/CoreRecommended/composer.json
@@ -7,7 +7,7 @@
         "webflo/drupal-core-strict": "*"
     },
     "require": {
-        "drupal/core": "10.0.x-dev",
+        "drupal/core": "10.0.0-rc1",
         "asm89/stack-cors": "~v2.1.1",
         "composer/semver": "~3.3.2",
         "doctrine/annotations": "~1.13.3",
diff --git a/composer/Metapackage/PinnedDevDependencies/composer.json b/composer/Metapackage/PinnedDevDependencies/composer.json
index f8099b736c..3ae234f34a 100644
--- a/composer/Metapackage/PinnedDevDependencies/composer.json
+++ b/composer/Metapackage/PinnedDevDependencies/composer.json
@@ -7,7 +7,7 @@
         "webflo/drupal-core-require-dev": "*"
     },
     "require": {
-        "drupal/core": "10.0.x-dev",
+        "drupal/core": "10.0.0-rc1",
         "behat/mink": "v1.10.0",
         "behat/mink-browserkit-driver": "v2.1.0",
         "behat/mink-selenium2-driver": "v1.6.0",
diff --git a/composer/Template/LegacyProject/composer.json b/composer/Template/LegacyProject/composer.json
index 74bc5f86ab..6f27290e23 100644
--- a/composer/Template/LegacyProject/composer.json
+++ b/composer/Template/LegacyProject/composer.json
@@ -27,7 +27,7 @@
     "conflict": {
         "drupal/drupal": "*"
     },
-    "minimum-stability": "dev",
+    "minimum-stability": "beta",
     "prefer-stable": true,
     "config": {
         "allow-plugins": {
diff --git a/composer/Template/RecommendedProject/composer.json b/composer/Template/RecommendedProject/composer.json
index 97a0b93e83..f3dc6c6c17 100644
--- a/composer/Template/RecommendedProject/composer.json
+++ b/composer/Template/RecommendedProject/composer.json
@@ -26,7 +26,7 @@
     "conflict": {
         "drupal/drupal": "*"
     },
-    "minimum-stability": "dev",
+    "minimum-stability": "beta",
     "prefer-stable": true,
     "config": {
         "allow-plugins": {

```
git checkout 10.0.0-rc1
```

cd composer/Template/RecommendedProject

```
composer install
```
Result: Successful installation.

However, the above isn't a thorough test, because it installs the Drupal packages from d.o, and drupal/core-recommended 10.0.0-rc1 doesn't exist on d.o yet, so in the steps above, it will install drupal/core 10.0.0-beta2 and Symfony 6.1.x versions. For a full test, we need to apply this diff:

diff --git a/composer/Metapackage/CoreRecommended/composer.json b/composer/Metapackage/CoreRecommended/composer.json
index fffea9bfc1..d5b5042846 100644
--- a/composer/Metapackage/CoreRecommended/composer.json
+++ b/composer/Metapackage/CoreRecommended/composer.json
@@ -1,5 +1,5 @@
 {
-    "name": "drupal/core-recommended",
+    "name": "local/core-recommended",
     "type": "metapackage",
     "description": "Core and its dependencies with known-compatible minor versions. Require this project INSTEAD OF drupal/core.",
     "license": "GPL-2.0-or-later",
@@ -7,7 +7,7 @@
         "webflo/drupal-core-strict": "*"
     },
     "require": {
-        "drupal/core": "10.0.0-rc1",
+        "local/core": "10.0.0-rc1",
         "asm89/stack-cors": "~v2.1.1",
         "composer/semver": "~3.3.2",
         "doctrine/annotations": "~1.13.3",
@@ -56,5 +56,11 @@
         "symfony/var-exporter": "~v6.2.0-BETA1",
         "symfony/yaml": "~v6.2.0-BETA1",
         "twig/twig": "~v3.4.3"
-    }
+    },
+    "repositories": [
+      {
+          "type": "path",
+          "url": "/Users/xjm/git/drupal/core"
+      }
+  ]
 }
diff --git a/composer/Template/RecommendedProject/composer.json b/composer/Template/RecommendedProject/composer.json
index f3dc6c6c17..4b5b7052ab 100644
--- a/composer/Template/RecommendedProject/composer.json
+++ b/composer/Template/RecommendedProject/composer.json
@@ -12,13 +12,21 @@
         {
             "type": "composer",
             "url": "https://packages.drupal.org/8"
+        },
+        {
+            "type": "path",
+            "url": "/Users/xjm/git/drupal/composer/Metapackage/CoreRecommended"
+        },
+        {
+            "type": "path",
+            "url": "/Users/xjm/git/drupal/core"
         }
     ],
     "require": {
         "composer/installers": "^2.0",
         "drupal/core-composer-scaffold": "^10.0",
         "drupal/core-project-message": "^10.0",
-        "drupal/core-recommended": "^10.0"
+        "local/core-recommended": "^10.0"
     },
     "require-dev": {
         "drupal/core-dev": "^10.0"
diff --git a/core/composer.json b/core/composer.json
index ffd41d501a..68f1f2cd7f 100644
--- a/core/composer.json
+++ b/core/composer.json
@@ -1,5 +1,5 @@
 {
-    "name": "drupal/core",
+    "name": "local/core",
     "description": "Drupal is an open source content management platform powering millions of websites and applications.",
     "type": "drupal-core",
     "license": "GPL-2.0-or-later",

Then, from within composer/Template/RecommendedProject, we run:
```
composer install
```

This results in the correct versions being installed (for the hacked composer.json files and local path repos):

[ayrton:RecommendedProject | Tue 17:49:11] $ composer show local/*
local/core             10.0.0-rc1 Drupal is an open source content manageme...
local/core-recommended 10.0.0-rc1 Core and its dependencies with known-comp...

[ayrton:RecommendedProject | Tue 17:51:00] $ composer show symfony/http-kernel
name     : symfony/http-kernel
descrip. : Provides a structured process for converting a Request into a Response
keywords : 
versions : * v6.2.0-BETA2
# (etc.)

So that all looks good.

Bug: Core component packages are still having their minimum stability set to "RC", and some are therefore uninstallable

I did notice a potential problem with the Drupal component packages. In either of the above testing steps, they still have "RC" as their minimum stability:

[ayrton:drupal | Tue 18:00:34] $ git diff 10.0.0-rc1^ 10.0.0-rc1 -- core/lib/Drupal/*
diff --git a/core/lib/Drupal/Component/Annotation/composer.json b/core/lib/Drupal/Component/Annotation/composer.json
index 8aa65ec8d8..ff8a840d00 100644
--- a/core/lib/Drupal/Component/Annotation/composer.json
+++ b/core/lib/Drupal/Component/Annotation/composer.json
@@ -9,9 +9,9 @@
     "require": {
         "php": ">=8.1.0",
         "doctrine/annotations": "^1.13",
-        "drupal/core-file-cache": "10.0.x-dev",
-        "drupal/core-plugin": "10.0.x-dev",
-        "drupal/core-utility": "10.0.x-dev"
+        "drupal/core-file-cache": "10.0.0-rc1",
+        "drupal/core-plugin": "10.0.0-rc1",
+        "drupal/core-utility": "10.0.0-rc1"
     },
     "autoload": {
         "psr-4": {
@@ -23,5 +23,5 @@
             "This file was partially generated automatically. See: https://www.drupal.org/node/3293830"
         ]
     },
-    "minimum-stability": "dev"
+    "minimum-stability": "RC"
 }
diff --git a/core/lib/Drupal/Component/Datetime/composer.json b/core/lib/Drupal/Component/Datetime/composer.json
index 9a254e30f0..6e135330c6 100644
--- a/core/lib/Drupal/Component/Datetime/composer.json
+++ b/core/lib/Drupal/Component/Datetime/composer.json
@@ -8,7 +8,7 @@
     "license": "GPL-2.0-or-later",
     "require": {
         "php": ">=8.1.0",
-        "drupal/core-utility": "10.0.x-dev"
+        "drupal/core-utility": "10.0.0-rc1"
     },
     "autoload": {
         "psr-4": {
@@ -20,5 +20,5 @@
             "This file was partially generated automatically. See: https://www.drupal.org/node/3293830"
         ]
     },
-    "minimum-stability": "dev"
+    "minimum-stability": "RC"
 }
diff --git a/core/lib/Drupal/Component/Discovery/composer.json b/core/lib/Drupal/Component/Discovery/composer.json
index 887db29b28..6f98097de4 100644
--- a/core/lib/Drupal/Component/Discovery/composer.json
+++ b/core/lib/Drupal/Component/Discovery/composer.json
@@ -8,8 +8,8 @@
     "license": "GPL-2.0-or-later",
     "require": {
         "php": ">=8.1.0",
-        "drupal/core-file-cache": "10.0.x-dev",
-        "drupal/core-serialization": "10.0.x-dev"
+        "drupal/core-file-cache": "10.0.0-rc1",
+        "drupal/core-serialization": "10.0.0-rc1"
     },
     "autoload": {
         "psr-4": {
@@ -21,5 +21,5 @@
             "This file was partially generated automatically. See: https://www.drupal.org/node/3293830"
         ]
     },
-    "minimum-stability": "dev"
+    "minimum-stability": "RC"
 }
diff --git a/core/lib/Drupal/Component/FrontMatter/composer.json b/core/lib/Drupal/Component/FrontMatter/composer.json
index cca1234c73..155db42ce3 100644
--- a/core/lib/Drupal/Component/FrontMatter/composer.json
+++ b/core/lib/Drupal/Component/FrontMatter/composer.json
@@ -8,7 +8,7 @@
     "license": "GPL-2.0-or-later",
     "require": {
         "php": ">=8.1.0",
-        "drupal/core-serialization": "10.0.x-dev"
+        "drupal/core-serialization": "10.0.0-rc1"
     },
     "autoload": {
         "psr-4": {
@@ -20,5 +20,5 @@
             "This file was partially generated automatically. See: https://www.drupal.org/node/3293830"
         ]
     },
-    "minimum-stability": "dev"
+    "minimum-stability": "RC"
 }
diff --git a/core/lib/Drupal/Component/Gettext/composer.json b/core/lib/Drupal/Component/Gettext/composer.json
index 0651e10c63..641c440dc7 100644
--- a/core/lib/Drupal/Component/Gettext/composer.json
+++ b/core/lib/Drupal/Component/Gettext/composer.json
@@ -9,7 +9,7 @@
     },
     "require": {
         "php": ">=8.1.0",
-        "drupal/core-render": "10.0.x-dev"
+        "drupal/core-render": "10.0.0-rc1"
     },
     "autoload": {
         "psr-4": {
@@ -21,5 +21,5 @@
             "This file was partially generated automatically. See: https://www.drupal.org/node/3293830"
         ]
     },
-    "minimum-stability": "dev"
+    "minimum-stability": "RC"
 }
diff --git a/core/lib/Drupal/Component/PhpStorage/composer.json b/core/lib/Drupal/Component/PhpStorage/composer.json
index 2085d3cfbf..3a5debccd3 100644
--- a/core/lib/Drupal/Component/PhpStorage/composer.json
+++ b/core/lib/Drupal/Component/PhpStorage/composer.json
@@ -8,7 +8,7 @@
     "license": "GPL-2.0-or-later",
     "require": {
         "php": ">=8.1.0",
-        "drupal/core-file-security": "10.0.x-dev"
+        "drupal/core-file-security": "10.0.0-rc1"
     },
     "autoload": {
         "psr-4": {
@@ -20,5 +20,5 @@
             "This file was partially generated automatically. See: https://www.drupal.org/node/3293830"
         ]
     },
-    "minimum-stability": "dev"
+    "minimum-stability": "RC"
 }
diff --git a/core/lib/Drupal/Component/Render/composer.json b/core/lib/Drupal/Component/Render/composer.json
index 1875b9367a..0bfde2ee5f 100644
--- a/core/lib/Drupal/Component/Render/composer.json
+++ b/core/lib/Drupal/Component/Render/composer.json
@@ -8,7 +8,7 @@
     "license": "GPL-2.0-or-later",
     "require": {
         "php": ">=8.1.0",
-        "drupal/core-utility": "10.0.x-dev"
+        "drupal/core-utility": "10.0.0-rc1"
     },
     "autoload": {
         "psr-4": {
@@ -20,5 +20,5 @@
             "This file was partially generated automatically. See: https://www.drupal.org/node/3293830"
         ]
     },
-    "minimum-stability": "dev"
+    "minimum-stability": "RC"
 }

This could cause problems for the core components that have dependencies on both Symfony and other Drupal components. The following components have Symfony dependencies:

[ayrton:Component | Tue 18:06:25] $ grep -rl "symfony" | grep "composer.json"
./EventDispatcher/composer.json
./Serialization/composer.json
./Plugin/composer.json
./DependencyInjection/composer.json
./HttpFoundation/composer.json

And, indeed, when searching for what depended on those packages, I found that FrontMatter had this problem. Applying the following diff to use RC1 as a local path repo again:

diff --git a/core/lib/Drupal/Component/FrontMatter/composer.json b/core/lib/Drupal/Component/FrontMatter/composer.json
index 155db42ce3..946e4f9e59 100644
--- a/core/lib/Drupal/Component/FrontMatter/composer.json
+++ b/core/lib/Drupal/Component/FrontMatter/composer.json
@@ -8,9 +8,15 @@
     "license": "GPL-2.0-or-later",
     "require": {
         "php": ">=8.1.0",
-        "drupal/core-serialization": "10.0.0-rc1"
+        "local/core-serialization": "10.0.0-rc1"
     },
-    "autoload": {
+    "repositories": [
+        {
+            "type": "path",
+            "url": "/Users/xjm/git/drupal/core/lib/Drupal/Component/Serialization"
+        }
+    ],
+  "autoload": {
         "psr-4": {
             "Drupal\\Component\\FrontMatter\\": ""
         }
diff --git a/core/lib/Drupal/Component/Serialization/composer.json b/core/lib/Drupal/Component/Serialization/composer.json
index 67f2798921..08b662b780 100644
--- a/core/lib/Drupal/Component/Serialization/composer.json
+++ b/core/lib/Drupal/Component/Serialization/composer.json
@@ -1,5 +1,5 @@
 {
-    "name": "drupal/core-serialization",
+    "name": "local/core-serialization",
     "description": "Serialization.",
     "keywords": [
         "drupal"

This happens:

[ayrton:drupal | Tue 18:19:39] $ cd core/lib/Drupal/Component/FrontMatter/
[ayrton:FrontMatter | Tue 18:20:58] $ composer install
No composer.lock file present. Updating dependencies to latest instead of installing from lock file. See https://getcomposer.org/install for more information.
Loading composer repositories with package information
Info from https://repo.packagist.org: #StandWithUkraine
Updating dependencies
Your requirements could not be resolved to an installable set of packages.

  Problem 1
    - Root composer.json requires local/core-serialization 10.0.0-rc1 -> satisfiable by local/core-serialization[10.0.0-rc1].
    - local/core-serialization 10.0.0-rc1 requires symfony/yaml ^6.2@beta -> found symfony/yaml[v6.2.0-BETA1, 6.2.x-dev] but it does not match your minimum-stability.

So, we'll need to fix that unless we're content with those component packages being broken until Symfony is stable. That's an actual regression, so we might need to fix it.

Edit: Channeling Wim and adding some <hr> for readability.

Comment #22

xjm

she/her

English

CreditAttribution: xjm as a volunteer commented 16 November 2022 at 00:28

Priority:	Normal	» Critical
Related issues:		+#3179061: Further discuss use of "prefer-stable" and "minimum-stability" in core, +#3135247: Composer's "prefer-stable" setting cannot be relied on to produce a stable release, +#3182959: Prevent pre-release milestones from downgrading to earlier releases.

This whole issue reminds me again that the way we are calculating and setting minimum stability is still silly nonsense in addition to adding technical debt and bad UX for Drupal installations. Adding related issues from a couple years ago, when we implemented the current mess as the least contentious way to fix an even worse mess.

Also fixing issue priority.

Comment #23

xjm

she/her

English

CreditAttribution: xjm as a volunteer commented 16 November 2022 at 01:01

Also adding a link to the issue that added the component update magic. The thing to fix is probably:
Drupal\Composer\Generator\ComponentGenerator::getPackage()
(based on a completely lazy scan of the original patch without checking HEAD or actually reading the code).

Comment #24

effulgentsia CreditAttribution: effulgentsia at Acquia commented 16 November 2022 at 06:23

Status:

Needs work

» Needs review

File	Size
3319794-24.patch	3.29 KB
10.0.x: PHP 8.1 & MySQL 5.7 28,444 pass
interdiff.txt	4.02 KB

I think this addresses all of #20 and #21, but I did not perform the manual test in #21 to confirm, so that still needs to happen, if someone is able to.

And yay, that answers the question from #17, so assuming this passes manual testing, I think it's good to go.

Comment #25

longwave

he/him

English

CreditAttribution: longwave at Full Fat Things commented 16 November 2022 at 10:27

Status:

Needs review

» Reviewed & tested by the community

I repeated the steps in #21 and confirm I get the same result. I then repeated the steps again with the patch from #24. I also get the same result except for the final step with the FrontMatter component, where it now successfully installs the RC component with a beta version of Symfony, as expected:

$ composer install
No composer.lock file present. Updating dependencies to latest instead of installing from lock file. See https://getcomposer.org/install for more information.
Loading composer repositories with package information
Updating dependencies
Lock file operations: 3 installs, 0 updates, 0 removals
  - Locking local/core-serialization (10.0.0-rc1)
  - Locking symfony/polyfill-ctype (v1.27.0)
  - Locking symfony/yaml (v6.2.0-BETA1)
Writing lock file
Installing dependencies from lock file (including require-dev)
Package operations: 3 installs, 0 updates, 0 removals
  - Installing symfony/polyfill-ctype (v1.27.0): Extracting archive
  - Installing symfony/yaml (v6.2.0-BETA1): Extracting archive
  - Installing local/core-serialization (10.0.0-rc1): Symlinking from ../Serialization
1 package suggestions were added by new dependencies, use `composer suggest` to see details.
Generating autoload files
2 packages you are using are looking for funding.
Use the `composer fund` command to find out more!

The review changes from #20 are all good as well; the patch is now much easier to read as it is now only the same hunk repeated three times. Therefore to me this is RTBC.

Comment #26

16 November 2022 at 11:39

catch committed 8a97c0d on 10.0.x

Issue #3319794 by effulgentsia, Anchal_gupta, longwave, xjm: Update to...

Comment #27

16 November 2022 at 11:40

catch committed 690d040 on 10.1.x

Issue #3319794 by effulgentsia, Anchal_gupta, longwave, xjm: Update to...

Comment #28

catch

he/him

English

CreditAttribution: catch at Third and Grove commented 16 November 2022 at 11:40

Status:

Reviewed & tested by the community

» Fixed

Latest version of the code is a lot easier to follow and the least workaround-y we can get here I think without completely refactoring the test.

Committed/pushed to 10.1.x and cherry-picked to 10.0.x, thanks!

Comment #29

30 November 2022 at 11:44

Status:

Fixed

» Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.

Update to Symfony 6.2 RC or update drupal/recommended-project creation and testMinimumStabilityStrictness() to allow minimum-stability to be less stable than core's stability

Problem/Motivation

Steps to reproduce

Proposed resolution

Remaining tasks

User interface changes

API changes

Data model changes

Release notes snippet

Comments

Manual testing against HEAD

Manual testing with patch

Bug: Core component packages are still having their minimum stability set to "RC", and some are therefore uninstallable

Related issues

Referenced by