From 6dc576738a3a0eb68281a3bb4117f4d25d3b5303 Mon Sep 17 00:00:00 2001 From: Jordi Boggiano Date: Fri, 17 Jan 2020 15:15:46 +0100 Subject: [PATCH] Avoid partial updates from applying changes to packages which are not locked with an acceptable stability --- src/Composer/DependencyResolver/PoolBuilder.php | 9 ++++++++- src/Composer/DependencyResolver/RuleSetGenerator.php | 3 ++- src/Composer/Installer.php | 6 ++---- 3 files changed, 12 insertions(+), 6 deletions(-) diff --git a/src/Composer/DependencyResolver/PoolBuilder.php b/src/Composer/DependencyResolver/PoolBuilder.php index 0f44edf3b..7eaae9423 100644 --- a/src/Composer/DependencyResolver/PoolBuilder.php +++ b/src/Composer/DependencyResolver/PoolBuilder.php @@ -16,7 +16,9 @@ use Composer\Package\AliasPackage; use Composer\Package\BasePackage; use Composer\Package\Package; use Composer\Package\PackageInterface; +use Composer\Package\Version\StabilityFilter; use Composer\Repository\PlatformRepository; +use Composer\Repository\RootPackageRepository; use Composer\Semver\Constraint\Constraint; use Composer\Semver\Constraint\MultiConstraint; @@ -57,7 +59,12 @@ class PoolBuilder $this->nameConstraints[$package->getName()] = null; $this->loadedNames[$package->getName()] = true; unset($loadNames[$package->getName()]); - $loadNames += $this->loadPackage($request, $package); + if ( + $package->getRepository() instanceof RootPackageRepository + || StabilityFilter::isPackageAcceptable($this->acceptableStabilities, $this->stabilityFlags, $package->getNames(), $package->getStability()) + ) { + $loadNames += $this->loadPackage($request, $package); + } } foreach ($request->getJobs() as $job) { diff --git a/src/Composer/DependencyResolver/RuleSetGenerator.php b/src/Composer/DependencyResolver/RuleSetGenerator.php index 442be135c..bdf187470 100644 --- a/src/Composer/DependencyResolver/RuleSetGenerator.php +++ b/src/Composer/DependencyResolver/RuleSetGenerator.php @@ -290,8 +290,9 @@ class RuleSetGenerator $unlockableMap = $request->getUnlockableMap(); foreach ($request->getFixedPackages() as $package) { + // fixed package was not added to the pool which must mean it did not pass the stability requirements if ($package->id == -1) { - throw new \RuntimeException("Fixed package ".$package->getName()." ".$package->getVersion().($package instanceof AliasPackage ? " (alias)" : "")." was not added to solver pool."); + continue; } $this->addRulesForPackage($package, $ignorePlatformReqs); diff --git a/src/Composer/Installer.php b/src/Composer/Installer.php index e9e8f34ea..9c6c5a719 100644 --- a/src/Composer/Installer.php +++ b/src/Composer/Installer.php @@ -380,12 +380,10 @@ class Installer } // if the updateWhitelist is enabled, packages not in it are also fixed - // to the version specified in the lock, except if their stability is not - // acceptable anymore, to make sure that they get updated/downgraded to - // a working version + // to the version specified in the lock if ($this->updateWhitelist && $lockedRepository) { foreach ($lockedRepository->getPackages() as $lockedPackage) { - if (!$this->isUpdateable($lockedPackage) && $repositorySet->isPackageAcceptable($lockedPackage->getNames(), $lockedPackage->getStability())) { + if (!$this->isUpdateable($lockedPackage)) { // TODO add reason for fix? $request->fixPackage($lockedPackage); }