Remove conflicts with symfony/* from composer.json files #59009
Conversation
| "symfony/property-info": "<6.4", | ||
| "symfony/security-bundle": "<6.4", | ||
| "symfony/security-core": "<6.4", | ||
| "symfony/validator": "<6.4" |
There was a problem hiding this comment.
Those conflicts are there to enforce the min requirement of our optional dependencies, matching the bound used in require-dev (which does not impact projects).
Removing this conflict means we must not bump our min version in require-dev anymore, because Composer would not have the info about an equivalent requirement bump when using the package (and so bumping our lowest bound becomes a breaking change instead of being handled by Composer)
There was a problem hiding this comment.
to be actually safe, the conflict rule should actually have a second part, covering versions above the upper bound of the dev requirement.
There was a problem hiding this comment.
conflicts are terrible
it's not because we don't test with older versions that they don't work
this leads to real issues like #58997
so we'd rather not use them
There was a problem hiding this comment.
We have a CI that runs tests cross-versions instead, so that even if not by require-dev, we do test outside these boundaries (as hinted in #58997 again)
9fa55af to
6ce8173
Compare
|
CI is green. We now need to merge to confirm that older branches that rejected 7.3 are still green with 7.3. |
|
We might have bumped those conflict rules a little too eagerly in that past. But many of them actually do cover incompatibilities and I really don't feel comfortable with simply removing all of them. |
|
I agree this is a bit bold, but many of those conflicts are things from the past that add constraints that don't make sense anymore. |
|
I mean we see how this goes right now, do we?
I am for keeping them (checking them maybe and remove what is not needed, yes). For the notifier bridges you can now install symfony/webhook 7.1, even if the conflict before say symfony/webhook 7.2 is required... I don't see how it helps the user to install the proper version 🤷♂️ |
|
Yet, removing the conflict is how we solved this issue. |
|
I totally agree for removing this conflict, as it fixes a bug 👍 |
|
Removing code that's been added for a reason but doesn't cause any known issue is calling for trouble. I think it's been our mindset for long. Most of them have been been wisely added at some point. |
|
We might need to build some script to cleanup those entries eventually. |
Inspired by #59008
We have no process to tidy up conflicts in composer.json files. Yet they can create issues like #58997, make solving deps more expensive and add maintenance burden.
Let's see if we can remove them all.