- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
📌 Split up UpdaterFormTest to speed up test runs: from 13.5 to 10.5 minutes Fixed landed!
(And moved [#319679] + 📌 Make build tests fail 1) more explicitly, 2) earlier when possible (failing StatusCheckEvent subscribers) Fixed + #317815: cannot change php or .htaccess file, cannot find code mentioned → from the bucket to the bucket.)
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
📌 Add documentation for SymlinkValidatorTest Fixed landed (and moved it from the bucket to the bucket).
Added 🐛 Harden LockFileValidator, add stopPropagation() at failures Closed: outdated (discovered by @omkar.podey) to .
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
Added 📌 Add addDotGitFolder functionality to \Drupal\fixture_manipulator\FixtureManipulator Fixed to , which is the new blocker for 🐛 GitExcluder should not ignore .git directories that belong to packages installed by Composer Fixed that @tedbow identified.
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
🐛 Automatic Updates & Package Manager should use DependencySerializationTrait when needed Closed: outdated is now obsolete thanks to other issues having landed ⇒ 📌 Fix PHP Warning: serialize() in tests on PHP 8 Fixed is unblocked.
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
- 🇺🇸United States tedbow Ithaca, NY, USA
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
Added 📌 Update Package Manager event documentation in package_manager.api.php Fixed to .
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
Added 📌 Identify & vet commonly used composer plugins in the Drupal ecosystem Active to post-MVP.
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
Improving consistency of the buckets that are done 🥳
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
New MVP issue: 📌 Add functional test that proves there is reasonable UX whenever a stage event subscriber has an exception Fixed .
New post-MVP issues:
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
📌 Remove all fixtures except for one: `fake_site` Fixed landed and triggered a new post-MVP issue: 🐛 Document that StageFixtureManipulator should not be used in build tests Active .
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
📌 Improve the user experience of having your staged update deleted before it was applied Fixed landed, which means we have no further known MVP UX improvement issues on the roadmap! 🎉
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
Added 🐛 "Composer not found" does provide link to help page Fixed .
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
Added many MVP issues created in the past 10 days that were still missing from the roadmap:
- 📌 Dynamically copy scaffold file mapping when create fake_site fixture Fixed
- 🐛 Random failure: "PHP temp directory (/tmp) does not exist or is not writable to Composer." Fixed
- 🐛 Always show summary of validation result if exists Fixed
- 📌 ComposerPatchesValidator should use ComposerInspector instead of ComposerUtility Fixed
- 📌 PackageManagerKernelTestBase::assertResults does not show actual results if none were expected. Fixed (already solved)
- 📌 PackageManagerKernelTestBase::assertResults does not give helpful error message if asserting results are empty fails Fixed (already solved)
- 📌 Assert no errors after creating the test project in ModuleUpdateTest Needs review
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
🐛 Always show summary of validation result if exists Fixed landed.
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
🐛 Harden LockFileValidator, add stopPropagation() at failures Closed: outdated was closed.
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
New MVP issues created since #67 that I was not aware of previously:
- 🐛 anonymous ProcessOutputCallbackInterface class ComposerInspector::getConfig() assumes __invoke does receive any data in error buffer Closed: duplicate
- 🌱 Tag 8.x-2.7, and move development to new 3.x branch to focus on Core inclusion Fixed — already finished
- 📌 Document when PostApplyEvent should be used instead of hook_update_n() or post update RTBC
- 📌 Update requirements for 3.x Fixed
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
📌 Remove our runtime dependency on composer/composer: remove ComposerUtility Fixed was listed twice! 🙈
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
Adding 🌱 Drupal 10 Core Roadmap for Automatic Updates Active .
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
📌 Update requirements for 3.x Fixed and 📌 Adopt PHP 8.1-only capabilities such as constructor property promotion + drop BC layers Fixed landed.
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
📌 Stage no longer needs the config factory Closed: duplicate happened in 📌 Adopt PHP 8.1-only capabilities such as constructor property promotion + drop BC layers Fixed 👋
(Also: #80 was wrong 😅 — got it right and all up-to-date in #82, but still have to undo what I did in #80.)
29 remain (34 actually remain, but of which 5 are postponed because we want to land
package_manager
first) - 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
Adding
- 🐛 Hard failure after module install if composer is not found Needs review
- ✨ Make StageEvent::$stage a public readonly property, and remove getStage() Fixed
- 🐛 $tempStore property of stage was removed Fixed — already fixed
30 remain (35 actually remain, but 5 of these are
automatic_updates
-specific and hence postponed because we want to landpackage_manager
first) - 🇺🇸United States tedbow Ithaca, NY, USA
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
✨ Make StageEvent::$stage a public readonly property, and remove getStage() Fixed also landed.
Adding 🐛 UnknownPathExcluder doesn’t consider hidden files Fixed and 📌 Decide which classes should be internal and/or final — delete ExcludedPathsTrait, make CollectPathsToExcludeEvent richer Fixed .
30 remain (35 actually remain, but 5 of these are
automatic_updates
-specific and hence postponed because we want to landpackage_manager
first) - 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
📌 Remove `@requires PHP >= 8.0` annotation from all tests Fixed and 🐛 UnknownPathExcluder doesn’t consider hidden files Fixed landed!
28 remain (33 actually remain, but 5 of these are
automatic_updates
-specific and hence postponed because we want to landpackage_manager
first) - 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
Landed:
- 📌 Rename validator methods to `validate` unless there different methods for different events Fixed
- 📌 Add new InstalledPackagesList which does not rely on Composer API to get package info Fixed — Which was somehow missing?!?! 😱 → unblocked several issues: 📌 Tighten ComposerPluginsValidator: support only specified version constraint Fixed and 📌 ScaffoldFilePermissionsValidator should use ComposerInspector instead of ComposerUtility Fixed (which in turn blocks another issue).
Closed: 🐛 anonymous ProcessOutputCallbackInterface class ComposerInspector::getConfig() assumes __invoke does receive any data in error buffer Closed: duplicate .
26 remain (31 actually remain, but 5 of these are
automatic_updates
-specific and hence postponed because we want to landpackage_manager
first) - 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
New: 📌 Create an API for base requirement validators which run before other validators and stop event propagation if they fail Fixed , blocking 🐛 Hard failure after module install if composer is not found Needs review .
27 remain (32 actually remain, but 5 of these are
automatic_updates
-specific and hence postponed because we want to landpackage_manager
first) - 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
A lot has happened in the past 48 hours!
Landed:
- 📌 Dynamically copy scaffold file mapping when create fake_site fixture Fixed
- 📌 Always catch \Throwable, not \Exception, and pass the old exception when re-throwing. Fixed
- 📌 Refine multisite detection: many aliases for a single site is fine! Fixed
- 🐛 Fix PHPStan violations (happened because PHPStan code checks stopped running…) Fixed
New:
- 📌 Stop reusing core's commit-code-check.sh in favor of 4 simple commands Fixed — already landed
- 📌 Validate fake_site with composer Fixed — already landed
- 📌 Benchmark how slow using composer require would be in kernel tests Fixed
- 📌 Update FixtureManipulator to work with InstalledPackagesList, real composer show command Fixed
- 🐛 Drop support for end-of-life versions of Composer Fixed
- 📌 Add a validate() method to ComposerInspector to ensure that Composer is usable Fixed
- 📌 Run `composer validate` after FixtureManipulator commits its changes Fixed
28 remain (33 actually remain, but 5 of these are
automatic_updates
-specific and hence postponed because we want to landpackage_manager
first) - 🇺🇸United States effulgentsia
I learned from @Wim Leers and @tedbow that some of the issues in the alpha blockers list are a consequence of trying to remove the dependency on composer/composer within tests. I just want to point out that the scope of 📌 Remove our runtime dependency on composer/composer: remove ComposerUtility Fixed is to remove the runtime dependency on that. It's okay to leave composer/composer as a dev dependency, since it already is that for core anyway.
So if it helps to move some of the issues for refactoring tests to not use composer/composer to post-alpha, I'd be +1 to that, so long as we think that the tests are still sufficiently reliable without that refactoring.
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
Landed 📌 Add a validate() method to ComposerInspector to ensure that Composer is usable Fixed .
Added 📌 Make ComposerInspector::getVersion() private Fixed .
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
Landed: 📌 Make ComposerInspector::getVersion() private Fixed
Added:
- 📌 ComposerInspector::validate() should throw ComposerNotReadyException instead of \Exception Fixed
- 📌 ComposerInspector::validate() should run `composer validate` Fixed
- 📌 Do not disable package_manager.validator.composer in tests Fixed — already landed
28 remain (33 actually remain, but 5 of these are
automatic_updates
-specific and hence postponed because we want to landpackage_manager
first) - 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
- 🇺🇸United States tim.plunkett Philadelphia
@tedbow, @Wim Leers, @lauriii, and I met and discussed the alpha vs beta classification of many of the issues.
The issues that were moved to a new Beta section are no less important to the codebase or the end user, but they could happen after an initial commit to a dev branch of core.See https://www.drupal.org/about/core/policies/core-change-policies/experime... → for more distinction on alpha vs beta.
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
Landed: 📌 ComposerInspector::validate() should run `composer validate` Fixed
package_manager
:alpha
: 11 remainpackage_manager
+automatic_updates
:alpha + beta
: 27 remain (32 actually remain, but 5 of these areautomatic_updates
-specific and hence postponed because we want to landpackage_manager
first)
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
📌 Remove dependency on symfony/finder Fixed was blocked for months. It's now unblocked. That's why it's now also clear that we won't need an issue to add
symfony/finder
as a new core dependency. But we will need that forsymfony/config
. I already reported that on Dec 9.@longwave already responded favorably. I just posted a patch there, and am adding it to this issue.
I'm also making it more clear which issues are core issues already — of the 12 remaining (now 13), there are 3 core issues. Finally: this did not yet link to the issue where this module will be added to core: ✨ [PP-1] Add Alpha level Experimental Automatic Updates module Needs review . Fixed that too.
package_manager
alpha
blockers: 13 remain, 10 are under our control, 3 are issues to add core dependenciespackage_manager
+automatic_updates
alpha + beta
blockers: 28 remain (33 actually remain, but 5 of these areautomatic_updates
-specific and hence postponed because we want to landpackage_manager
first)
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
🐛 Drop support for end-of-life versions of Composer Fixed landed while I was writing #102 🚀
package_manager
alpha
blockers: 12 remain, 9 are under our control, 3 are issues to add core dependenciespackage_manager
+automatic_updates
alpha + beta
blockers: 27 remain (32 actually remain, but 5 of these areautomatic_updates
-specific and hence postponed because we want to landpackage_manager
first)
- 🇺🇸United States phenaproxima Massachusetts
📌 Remove dependency on symfony/finder Fixed landed.
- 🇺🇸United States phenaproxima Massachusetts
Removing 📌 Add symfony/config to core's dependencies for package_manager Closed: duplicate in favor of 📌 Remove dependency on symfony/config Fixed , which sidesteps the problem completely and doesn't require core (or Package Manager!) to add additional dependencies.
- 🇺🇸United States phenaproxima Massachusetts
📌 Remove dependency on symfony/config Fixed landed!
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
Indeed! 😊
package_manager
alpha
blockers: 10 remain, 8 are under our control, 2 are issues to add core dependenciespackage_manager
+automatic_updates
alpha + beta
blockers: 25 remain (30 actually remain, but 5 of these areautomatic_updates
-specific and hence postponed because we want to landpackage_manager
first)
- 🇺🇸United States phenaproxima Massachusetts
📌 Refactor exception architecture Fixed is done!
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
📌 Update FixtureManipulator to work with InstalledPackagesList, real composer show command Fixed landed, and unblocked 📌 ScaffoldFilePermissionsValidator should use ComposerInspector instead of ComposerUtility Fixed + 📌 ComposerPatchesValidator should use ComposerInspector instead of ComposerUtility Fixed .
📌 Create an API for base requirement validators which run before other validators and stop event propagation if they fail Fixed landedNew beta blockers:
- 🐛 PackageManagerKernelTestBase::assertResults ignores event class Fixed — already landed
- 🐛 InstalledPackage::$path for metapackages should be NULL Fixed
- 🐛 Update every ComposerValidator-dependent validator to have explicit test coverage that that dependency works Needs work
New beta blockers which are blocking 📌 Remove our runtime dependency on composer/composer: remove ComposerUtility Fixed (see #3316368-23: Remove our runtime dependency on composer/composer: remove ComposerUtility → ):
- 📌 Updater should use ComposerInspector instead of ComposerUtility Fixed
- 📌 ExtensionUpdater should use ComposerInspector instead of ComposerUtility Fixed
- 📌 \Drupal\automatic_updates_extensions\Form\UpdateReady should use ComposerInspector instead of ComposerUtility Fixed
- 📌 \Drupal\automatic_updates_extensions\Form\UpdaterForm should use ComposerInspector instead of ComposerUtility Fixed
- 📌 UpdateReleaseValidator should use ComposerInspector instead of ComposerUtility Fixed
- 📌 GitExcluder should use ComposerInspector instead of ComposerUtility Fixed
- 📌 UnknownPathExcluder should use ComposerInspector instead of ComposerUtility Fixed
- 📌 OverwriteExistingPackagesValidator should use ComposerInspector instead of ComposerUtility Fixed
- 📌 SupportedReleaseValidator should use ComposerInspector instead of ComposerUtility Fixed
- 📌 CollectIgnoredPathsFailValidator should use ComposerInspector instead of ComposerUtility Fixed
- 📌 FakeSiteFixtureTest should use ComposerInspector instead of ComposerUtility Fixed
- 📌 StatusCheckTraitTest should use ComposerInspector instead of ComposerUtility Fixed
- 📌 RequestedUpdateValidator should use ComposerInspector instead of ComposerUtility Fixed
- 📌 VersionPolicyValidator should use ComposerInspector instead of ComposerUtility Fixed
- 📌 \Drupal\automatic_updates\Form\UpdateReady should use ComposerInspector instead of ComposerUtility Fixed
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
Forgot to move 📌 Update FixtureManipulator to work with InstalledPackagesList, real composer show command Fixed !
package_manager
alpha
blockers: 9 remain, 8 are under our control, 3 are issues to add core dependenciespackage_manager
+automatic_updates
alpha + beta
blockers: 39 remain (44 actually remain, but 5 of these areautomatic_updates
-specific and hence postponed because we want to landpackage_manager
first)
📌 Remove our runtime dependency on composer/composer: remove ComposerUtility Fixed is listed as an alpha blocker, which would make the 15 new beta blockers at the bottom of #109 actually alpha blockers. But @tim.plunkett, @lauriii, @tedbow and I kept #3316368 as an alpha blocker — I because proving that it can in fact be removed is an alpha blocker, but actually finishing it is not? We need to get clarity on this.
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
Landed:
- 📌 VersionPolicyValidator should use ComposerInspector instead of ComposerUtility Fixed
- 📌 \Drupal\automatic_updates_extensions\Form\UpdateReady should use ComposerInspector instead of ComposerUtility Fixed
⇒
package_manager
alpha
blockers: 17 remain, 15 are under our control, 2 are issues to add core dependenciespackage_manager
+automatic_updates
alpha + beta
blockers: 31 remain (36 actually remain, but 5 of these areautomatic_updates
-specific and hence postponed because we want to landpackage_manager
first)
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
Landed:
- 📌 RequestedUpdateValidator should use ComposerInspector instead of ComposerUtility Fixed
- 📌 ExtensionUpdater should use ComposerInspector instead of ComposerUtility Fixed
⇒
package_manager
alpha
blockers: 15 remain, 13 are under our control, 2 are issues to add core dependenciespackage_manager
+automatic_updates
alpha + beta
blockers: 29 remain (34 actually remain, but 5 of these areautomatic_updates
-specific and hence postponed because we want to landpackage_manager
first)
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
I see I failed to mention that my proposal to close #3342430 as outdated in #3342430-19: Hard failure after module install if composer is not found → has been accepted at #3342430-27: Hard failure after module install if composer is not found → — one less! 👍
⇒
package_manager
alpha
blockers: 14 remain, 12 are under our control, 2 are issues to add core dependenciespackage_manager
+automatic_updates
alpha + beta
blockers: 28 remain (33 actually remain, but 5 of these areautomatic_updates
-specific and hence postponed because we want to landpackage_manager
first)
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
📌 \Drupal\automatic_updates_extensions\Form\UpdaterForm should use ComposerInspector instead of ComposerUtility Fixed landed.
⇒
package_manager
alpha
blockers: 12 remain, 10 are under our control, 2 are issues to add core dependenciespackage_manager
+automatic_updates
alpha + beta
blockers: 26 remain (31 actually remain, but 5 of these areautomatic_updates
-specific and hence postponed because we want to landpackage_manager
first)
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
📌 ComposerPatchesValidator should use ComposerInspector instead of ComposerUtility Fixed landed.
⇒
package_manager
alpha
blockers: 11 remain, 9 are under our control, 2 are issues to add core dependenciespackage_manager
+automatic_updates
alpha + beta
blockers: 25 remain (30 actually remain, but 5 of these areautomatic_updates
-specific and hence postponed because we want to landpackage_manager
first)
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
📌 GitExcluder should use ComposerInspector instead of ComposerUtility Fixed landed.
⇒
package_manager
alpha
blockers: 10 remain, 8 are under our control, 2 are issues to add core dependenciespackage_manager
+automatic_updates
alpha + beta
blockers: 24 remain (29 actually remain, but 5 of these areautomatic_updates
-specific and hence postponed because we want to landpackage_manager
first)
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
@tedbow discovered a new alpha blocker: 🐛 FixtureManipulator should only use Composer commands, rather than manipulating JSON directly Fixed .
😬
- 🇺🇸United States phenaproxima Massachusetts
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
And so is 📌 UnknownPathExcluder should use ComposerInspector instead of ComposerUtility Fixed .
Also clarifying the the alpha roadmap is for ✨ Add Alpha level Experimental Package Manager module Needs review since we first want to land Package Manager in
10.1
to enable Project Browser to also land in10.1
because Automatic updates is blocked on d.o infrastructure and will definitely not make10.1
. ✨ [PP-1] Add Alpha level Experimental Automatic Updates module Needs review is slated for10.2
at this point.⇒
package_manager
alpha
blockers: 9 remain, 7 are under our control, 2 are issues to add core dependenciespackage_manager
+automatic_updates
alpha + beta
blockers: 22 remain (27 actually remain, but 5 of these areautomatic_updates
-specific and hence postponed because we want to landpackage_manager
first)
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
Landed:
- 📌 Remove FixtureManipulator::modifyPackage() last usage Fixed
- 📌 ScaffoldFilePermissionsValidator should use ComposerInspector instead of ComposerUtility Fixed
@phenaproxima opened a new blocker for #3316368: 📌 Stage::validatePackageNames() should not use the Composer API Fixed .
⇒
package_manager
alpha
blockers: 8 remain, 6 are under our control, 2 are issues to add core dependenciespackage_manager
+automatic_updates
alpha + beta
blockers: 21 remain (26 actually remain, but 5 of these areautomatic_updates
-specific and hence postponed because we want to landpackage_manager
first)
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
Landed:
- 📌 Stage::validatePackageNames() should not use the Composer API Fixed
- 📌 Remove our runtime dependency on composer/composer: remove ComposerUtility Fixed
⇒
package_manager
alpha
blockers: 6 remain, 4 are under our control, 2 are issues to add core dependenciespackage_manager
+automatic_updates
alpha + beta
blockers: 19 remain (24 actually remain, but 5 of these areautomatic_updates
-specific and hence postponed because we want to landpackage_manager
first)
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
🐛 Random failure: "PHP temp directory (/tmp) does not exist or is not writable to Composer." Fixed landed.
⇒
package_manager
alpha
blockers: 5 remain, 4 are under our control, 2 are issues to add core dependenciespackage_manager
+automatic_updates
alpha + beta
blockers: 18 remain (23 actually remain, but 5 of these areautomatic_updates
-specific and hence postponed because we want to landpackage_manager
first)
- 🇺🇸United States phenaproxima Massachusetts
📌 Define the Package Manager API (package_manager.api.php is outdated) Fixed is in; docs gate is cleared!
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
📌 Define the Package Manager API (package_manager.api.php is outdated) Fixed landed!
⇒
package_manager
alpha
blockers: 4 remain, 1 is under our control, 1 is blocked on upstream (Composer Stager), 2 are issues to add core dependenciespackage_manager
+automatic_updates
alpha + beta
blockers: 18 remain (23 actually remain, but 5 of these areautomatic_updates
-specific and hence postponed because we want to landpackage_manager
first)
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
📌 ComposerInspector::validate() should throw ComposerNotReadyException instead of \Exception Fixed landed and was a beta blocker.
- 🇺🇸United States phenaproxima Massachusetts
Adding 🐛 ComposerPluginsValidator uses Composer's internal Package class Fixed as an alpha blocker, which should have been fixed as part of removing our dependency on composer/composer, but slipped through the cracks.
- 🇺🇸United States tedbow Ithaca, NY, USA
- 🇺🇸United States tedbow Ithaca, NY, USA
We will need 📌 Ensure all remaining @todos have a link to an open issue Fixed before we can get core merge
- 🇺🇸United States tedbow Ithaca, NY, USA
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
I think you meant 🐛 In CoreUpdateTest::testUi, confirm that the UI says no update is available after updating successfully Fixed ? 😁
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
📌 Finalize \Drupal\automatic_updates\Development\Converter script to update core MR Fixed landed.
⇒
package_manager
alpha
blockers: 3 remain: 1 is blocked on upstream (Composer Stager), 2 are issues to add core dependenciespackage_manager
+automatic_updates
alpha + beta
blockers: 15 remain (20 actually remain, but 5 of these areautomatic_updates
-specific and hence postponed because we want to landpackage_manager
first)
- 🇺🇸United States phenaproxima Massachusetts
📌 Add colinodell/psr-test-logger to core's dev dependencies Fixed is in.
That leaves two remaining alpha blockers, both of which are blocked on a new tag of Composer Stager. 😎
- 🇺🇸United States phenaproxima Massachusetts
I just merged 📌 Tighten ComposerPluginsValidator: support only specified version constraint Fixed . Nice to get that beta blocker in!
- 🇺🇸United States phenaproxima Massachusetts
🐛 Unhandled Composer Stager exceptions leave the update process in an indeterminate state Fixed and 📌 Add symlink support to Composer Stager 2.0, require that version, and simplify UX & tests accordingly Fixed are in.
That means we are down to our last remaining alpha blocker...and it's something that requires review from core committers. 😎
- 🇺🇸United States tedbow Ithaca, NY, USA
Added 📌 Fix remaining @todos in ComposerPluginsValidatorTest Fixed for beta target
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
🐛 InstalledPackage::$path for metapackages should be NULL Fixed landed.
⇒
package_manager
alpha
blockers: 1 remains: an issues to add a core dependencypackage_manager
+automatic_updates
alpha + beta
blockers: 10 remain (15 actually remain, but 5 of these areautomatic_updates
-specific and hence postponed because we want to landpackage_manager
first)
- 🇺🇸United States tedbow Ithaca, NY, USA
added
- 📌 Allow JsonProcessOutputCallback and other Composer runner callbacks to gracefully handle deprecated command options Fixed
- 🐛 ComposerMinimumStabilityValidator doesn't check dev packages Fixed - even without this you can't install packages below the stability. just checking the error early
- 📌 Assert status checks pass as early as possible in kernel and functional tests Closed: outdated
- 📌 Optimize Composer calls in FixtureManipulator Closed: works as designed
- 🐛 Validate PHP version to be used by the Composer process calls Needs work
- 📌 Ensure all remaining @todos have a link to an open issue Fixed
- 📌 Fix remaining @todos in ComposerPluginsValidatorTest Fixed
- 📌 Autowire everything everywhere all at once … in *Test.php files Fixed
- 📌 Autowire everything everywhere all at once … in *.services.yml files Fixed
- 🇺🇸United States tedbow Ithaca, NY, USA
Changing 📌 Add a validator to check that PHP-TUF's Composer integration is present and configured correctly Fixed to an alpha requirement as per 🌱 [policy, no patch] How much of The Update Framework integration is needed for alpha-level review/commit of Package Manager? Needs review
I put a comment on #3316617-29: If unattended updates are enabled, ensure PHP-TUF Composer integration is present → that we need to confirm our assumptions on that issue with core policy
- 🇺🇸United States phenaproxima Massachusetts
- 🇺🇸United States phenaproxima Massachusetts
Removing a duplicate item from the roadmap.
- 🇺🇸United States phenaproxima Massachusetts
Whoops, removed the wrong thing.
- 🇺🇸United States phenaproxima Massachusetts
📌 Autowire everything everywhere all at once … in *Test.php files Fixed is done too.
- 🇺🇸United States phenaproxima Massachusetts
- 🇺🇸United States tedbow Ithaca, NY, USA
added 📌 Harden our HTTPS requirement Fixed
- 🇺🇸United States phenaproxima Massachusetts
🐛 ComposerMinimumStabilityValidator doesn't check dev packages Fixed is in.
- 🇺🇸United States phenaproxima Massachusetts
📌 Rip out the update path Fixed is in.
- 🇺🇸United States phenaproxima Massachusetts
- 🇺🇸United States phenaproxima Massachusetts
📌 Ensure all remaining @todos have a link to an open issue Fixed is in too! Yeah!!!
- 🇺🇸United States phenaproxima Massachusetts
The monumental 📌 Rename Stage to StageBase to clarify its relationship to its subclasses, and add "Stage" suffix to the Updater classes Fixed landed!
- 🇺🇸United States phenaproxima Massachusetts
📌 Fix remaining @todos in ComposerPluginsValidatorTest Fixed is done.
- 🇺🇸United States phenaproxima Massachusetts
- 🇺🇸United States phenaproxima Massachusetts
Hey, look at that: alpha-blocking security-related 📌 Harden our HTTPS requirement Fixed is in! 🎉
- 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
New alpha-blocking security-related issue: 📌 Flag a warning during status check if the OpenSSL extension is not enabled Fixed — related to 📌 Harden our HTTPS requirement Fixed that landed previously.
- 🇺🇸United States phenaproxima Massachusetts
- 🇺🇸United States tedbow Ithaca, NY, USA
- 🇺🇸United States tedbow Ithaca, NY, USA
- 🇺🇸United States phenaproxima Massachusetts
- 🇺🇸United States phenaproxima Massachusetts
- 🇺🇸United States tedbow Ithaca, NY, USA
- 🇺🇸United States tedbow Ithaca, NY, USA
- Assigned to tedbow
- Status changed to Needs work
about 1 year ago 9:23am 14 June 2023 - 🇧🇪Belgium Wim Leers Ghent 🇧🇪🇪🇺
This roadmap has not been updated in almost a month.
📌 Enable unattended updates Fixed landed, and so did 📌 Add functional test that proves there is reasonable UX whenever Composer Stager operations have a hard failure Fixed and 🐛 ComposerValidator's hook_help() integration is imprecise and incomplete Fixed . 📌 Optimize Composer calls in FixtureManipulator Closed: works as designed was closed as was 📌 Add build test to test cweagans/composer-patches end-to-end Closed: won't fix .
AFAICT missing:
- 📌 Use the rsync file syncer by default Fixed
- 📌 Add Symfony Console command to allow running cron updates via console and by a separate user, for defense-in-depth Fixed
- 📌 For web server dependent unattended updates run the entire life cycle in a separate process that will not be affected by hosting time limits Fixed
AFAICT obsolete:
- 🇺🇸United States effulgentsia
Moved 📌 Enable unattended updates Fixed to completed.
- 🇺🇸United States effulgentsia
Added a nice green checkmark to the Core Alpha Experimental blockers for Automatic Updates section :)
- 🇺🇸United States effulgentsia
Removed the green checkmark from the Security section of package manager alpha blockers, since there's an open issue in that section.
- 🇺🇸United States effulgentsia
Added some more core and infrastructure issues to the package manager alpha blockers list.
- 🇺🇸United States effulgentsia
Moved the following to Completed:
- 📌 Add functional test that proves there is reasonable UX whenever Composer Stager operations have a hard failure Fixed
- 📌 Package Manager should keep an audit log of changes it applied to the active codebase Fixed
- 🐛 ComposerValidator's hook_help() integration is imprecise and incomplete Fixed
Removed the following, but did not move to Completed, as they were closed without fixing.
- 📌 Optimize Composer calls in FixtureManipulator Closed: works as designed
- 📌 Add build test to test cweagans/composer-patches end-to-end Closed: won't fix
- Status changed to Active
12 months ago 7:05pm 26 June 2023 - 🇺🇸United States effulgentsia
Added:
- 📌 Use the rsync file syncer by default Fixed
- 📌 Add Symfony Console command to allow running cron updates via console and by a separate user, for defense-in-depth Fixed
- 📌 For web server dependent unattended updates run the entire life cycle in a separate process that will not be affected by hosting time limits Fixed
For the two possibly obsolete issues mentioned in #171, I added notes by them that they might be obsoleted by 📌 For web server dependent unattended updates run the entire life cycle in a separate process that will not be affected by hosting time limits Fixed , but I didn't remove them from the list in case 📌 For web server dependent unattended updates run the entire life cycle in a separate process that will not be affected by hosting time limits Fixed doesn't work out for whatever reason (though I think it will work out).
- Issue was unassigned.
- 🇺🇸United States effulgentsia
I think all points from #171 were resolved, so removing the assignment to @tedbow that that comment added. @tedbow: please feel free to reassign to yourself if there's something else you want to update here.
- 🇺🇸United States effulgentsia
Added:
- 📌 Override Composer Stager's TranslatableFactory to return Drupal's TranslatableMarkup Fixed
- 📌 [PP-1] Require PHP-TUF's Composer integration plugin Postponed
Issues tagged core-mvp that aren't in the issue summary. Either they should be added to the issue summary or their core-mvp tag needs to be removed:
- 📌 In Core build tests have core module change a service class constructor Active
- 📌 Limit non-stable releases to RCs on updater form Closed: duplicate
- 📌 Update ProcessOutputCallback to fail on Composer deprecations, to get early notifications of Composer changes Postponed
- 📌 Determine if the PHP syncer can and should be the default file copier Needs work
- 📌 Document PACKAGE_MANAGER_FAILURE.yml in https://www.drupal.org/docs/8/update/automatic-updates Needs review
- 📌 Since #3361983 was committed to Drupal core, psr/http-message needed to be explicitly required for build tests Needs work
- 📌 Is it an error if drupal/core has no scaffold file mappings? Active
- 🐛 As of Composer 2.5.5, `composer config` JSON-encodes boolean values Fixed
- 🐛 PHPStan error in core merge request conversion Closed: outdated
- 🇺🇸United States effulgentsia
Added 🌱 [policy, no patch] Make PHP's OpenSSL extension a requirement for installing and using Package Manager (and therefore, Automatic Updates and Project Browser) Fixed and 🌱 [policy, no patch] Should Package Manager require Composer HTTPS? Active as alpha-blocking policy questions in the core queue.
- 🇺🇸United States effulgentsia
Added https://github.com/php-tuf/composer-stager/issues/68 to the testing section of the alpha blocker list. I think it's important for us to know the approximate time it takes to execute the full set of preconditions and make a decision on whether that's acceptable or needs optimization or refactoring. If full automation turns out to be too large a task, we can discuss alternate ideas for how to satisfy the alpha-blocking concern but let's see how that issue progresses first.
- 🇺🇸United States tedbow Ithaca, NY, USA
- @effulgentsia re #182 why would that issue be an Alpha blocker as opposed to Stable or Beta? It is because it slow core's test down? It seems like an Alpha module should not have to have all the performance problems already solved.
- Removed 🐛 Hosting environment (e.g. cPanel) may add additional files (including symlinks) to the project, which breaks AU Postponed: needs info . We now support most symlinks since 📌 Add symlink support to Composer Stager 2.0, require that version, and simplify UX & tests accordingly Fixed and we exclude must paths in the base of the project as reported in this issue since 📌 Exclude unknown paths in project base: only allow vendor + web root + whatever drupal/core-composer-scaffold allows Fixed . The issue is postponed instead of fixed to allow the original posted to report back but we aren't aware of remaining problems
- Moving 🐛 Update every ComposerValidator-dependent validator to have explicit test coverage that that dependency works Needs work to Stable blocker
- Moving 🐛 Validate PHP version to be used by the Composer process calls Needs work to Stable blocker. We have only seen this once. @phenaproxima is going to propose a simpler solution on the issue
- Leaving 📌 Make readiness check failure messages clear, consistent, and actionable Needs work as stable blocker for now but I asked for an issue summary update to clarify exactly what the problem is. Depending on the result we may take it out of the roadmap
- Removed 📌 Improve UX for trusting additional composer plugins Active . This is really a feature request that could be done after stable. Also not clear we want to move the ability to opt-in composer plugins to the UI as understanding the compatibility concerns requires deep understanding of how the system works
- 🐛 Document that StageFixtureManipulator should not be used in build tests Active removing. This is testing request. The tests would be totally fine if we never did this. Assigned to myself to see if we can just close this issue
- 🇺🇸United States phenaproxima Massachusetts
📌 Override Composer Stager's TranslatableFactory to return Drupal's TranslatableMarkup Fixed is in; our final translatability blocker!
- 🇺🇸United States tedbow Ithaca, NY, USA
📌 Remove work arounds for 10.0.x support Fixed . This is should a small issue we can do at anytime but would make use not compatible with 10.0.x. Being compatible with 10.0.x makes us be able to do minor updates in the contrib module
- 🇺🇸United States effulgentsia
Moved these to Done:
- 📌 Add Symfony Console command to allow running cron updates via console and by a separate user, for defense-in-depth Fixed
- GH-CS-68: Perform and automate performance testing of Composer Stager's preconditions
- 📌 For web server dependent unattended updates run the entire life cycle in a separate process that will not be affected by hosting time limits Fixed
Removed these, since they were closed as outdated:
- 📌 Research alternatives to curl request on post apply event during cron updates Closed: outdated
- 📌 Assert status checks pass as early as possible in kernel and functional tests Closed: outdated
- 🇺🇸United States effulgentsia
Removed all of the alpha-blocking categories with no remaining issues in them, and replaced them with a "Miscellaneous" category, for easier scanning.
- 🇺🇸United States effulgentsia
Removing the "contrib-only" tag. Not sure what its intended meaning was earlier in this issue's history, but at this point, this issue is all about tracking what's needed to get Automatic Updates into core.
- 🇺🇸United States effulgentsia
- 🇺🇸United States effulgentsia
Replaced 🌱 [policy, no patch] Should Package Manager require Composer HTTPS? Active with its child issue 🌱 [policy, no patch] Disallow using Package Manager (and therefore Automatic Updates and Project Browser) when Composer's disable-tls setting is true Needs review .
- 🇺🇸United States effulgentsia
Added 🌱 [policy, no patch] Consider whether to keep Package Manager and Automatic Updates in a separate repo/package than core in order to facilitate releasing updates to the updater Needs review as another alpha-blocking policy question.
- 🇺🇸United States tedbow Ithaca, NY, USA
- 🇺🇸United States tedbow Ithaca, NY, USA
Made it clear we are blocked on 📌 [policy, no patch] Use Update XML in Package manager to determine release support status Active for our path to core
- 🇺🇸United States tedbow Ithaca, NY, USA
Adding 🌱 [policy, no patch] How much of The Update Framework integration is needed for alpha-level review/commit of Package Manager? Needs review to our roadmap because this issue to our roadmap because even though I assume this has been decided the issue has not actually been closed, so it would be good to get clarity
- 🇺🇸United States tedbow Ithaca, NY, USA
- 🇺🇸United States tedbow Ithaca, NY, USA
- 🇺🇸United States tedbow Ithaca, NY, USA
Removing 📌 Assert no errors after creating the test project in ModuleUpdateTest Needs review . It is still open but now only affects
automatic_updates_extensions
- 🇺🇸United States tedbow Ithaca, NY, USA
- 🇺🇸United States tedbow Ithaca, NY, USA
Added 📌 Add getType to StageBase to allow subclasses to be internal Needs review
- 🇺🇸United States tedbow Ithaca, NY, USA
- 🇭🇺Hungary Gábor Hojtsy Hungary
Is this roadmap still current or is there a better one?
- Assigned to tedbow
- 🇺🇸United States tedbow Ithaca, NY, USA
@Gábor Hojtsy it is not current but this is the only one. I need to update it