Store all installable releases in update_calculate_project_update_status()

This looks pretty good, and it's clear. However, I did find a few things in my review, so kicking back for that.

Also, this has test coverage so I'm removing the "needs tests" tag.

I think this is really close to done; just needs a few relatively simple comment changes in the kernel test.

No objections. In my view, this is good to go when tests pass.

I haven't closely reviewed the code here. But just going on the issue summary and my knowledge of the inner workings of both update_calculate_project_update_status() and updates.d.o release history feeds, my "holy RAM usage, batman" flags are going off.

Once upon a time, we put quite some effort into Update Manager to avoid keeping all of the release history feed in RAM. Now that we have stopped doing major-version-specific feeds, and are doing the "/current" feeds, the XML is going to grow indefinitely. By design, we're keeping a huge number of stale releases in the same feeds, since a given contrib might be compatible with N different major versions of core.

I was already concerned about the /current thing when we rolled it out, and that we didn't seem to have a plan for mitigating the resource impact.

Now it sounds like this issue is saying "we could really use more of that stuff in a few cases, let's store it all in RAM".

While that might not immediately explode our test bots or the local dev boxes where we're trying this on a small, imaginary use case, what's going to happen if we release this in core and folks with 200 contrib modules try to visit their available updates report? Are we going to need 2 gigs of RAM to prevent a PHP fatal? Or more?

I'm tempted to tag this for "Needs profiling" and set back to NR, but I'm not sure I want to get that far. Curious to hear what Adam and Ted think of this.

I could also, you know, actually look at the MR and see what's happening. ;) Explosive end-of-sprint at $day_job permitting, I'll do that ASAP. But I wanted to raise this concern before a committer hits this and decides to merge it.

Thanks/sorry,
-Derek

Per Slack chat w/ Ted + Adam, tagging this for some profiling before commit.

Did some light profiling of this on my local machine. I'm running PHP 8.1.7 using Laravel Valet, which is a wrapper around nginx and php-fpm. I installed core from 9.4.x HEAD, Standard profile, no additional modules; when I checked for available updates, here's what I got in the first run:

Now, I don't precisely know how to read this, but it looks like over all runs of update_calculate_project_update_status(), where most of the effort was made, PHP ended up using about 70 MB of memory. Again, that's with 9.4.x HEAD.

I then applied the diff from the merge request and tried again. These were the results:

Looks like we used about 77 MB of memory that time.

So that's not an unreasonably large increase, by itself. But as far as I know, it was only checking for updates to Drupal core, since that's the only project which was enabled. If I'd had 100 modules enabled, it would have been a whole lot more. But then again...this was a batch job so, as far as I can tell, we're not doing all of this work in a single request.

All of this leads me to the (initial) conclusion that, even though this change does cause a reasonable, but noticeable, increase in memory usage, it's not a problem as long as we're not checking for updates in all installed projects during a single request.

Setting need work per #23 to profile with modules having a long release history.