It looks like Drupal 10.1.0-beta1 rc1 updated the dependency version of 'guzzlehttp/promises' from 1.5 to 2.0.

Unfortunately, 'aws/aws-sdk-php' used by some modules is not compatible with 'guzzlehttp/promises’ 2.0, and this blocks the update to 10.1 stable (10.1-alpha does install).

The AWS SDK devs have acknowledged the issue, but it will not be addressed until at least August.

https://github.com/aws/aws-sdk-php/issues/2713

Promises 2.0 was just released a month ago on May 21st, so it would be nice to drop this version requirement to provide other components time to update.

CommentFileSizeAuthor
#9 3368790-9.patch1.29 KBlongwave

Comments

jabeler created an issue. See original summary.

catch’s picture

catch
he/him
Primary language English
commented

guzzlehttp/promises isn't a direct dependency of core afaik, so it's only pinned on composer.lock, not in composer.json afaik - unless I've missed something.

Are you using drupal/core-recommended or something else? And what does composer why-not say?

mr.white’s picture

mr.white commented

You’re right! It looks like Promises is actually a dependency of guzzlehttp/guzzle.

I was able to replicate this on a new project by running composer create-project drupal/recommended-project which installs Guzzle 7.7.0, which requires Promises 2.0.

Here is a snippet of the relevant Composer tree.

├──guzzlehttp/guzzle ~7.7.0
│  ├──ext-json *
│  ├──guzzlehttp/promises ^1.5.3 || ^2.0
│  │  └──php ^7.2.5 || ^8.0
│  ├──guzzlehttp/psr7 ^1.9.1 || ^2.4.5
│  │  ├──php ^7.2.5 || ^8.0
│  │  ├──psr/http-factory ^1.0
│  │  │  ├──php >=7.0.0
│  │  │  └──psr/http-message ^1.0 || ^2.0
│  │  │     └──php ^7.2 || ^8.0
│  │  ├──psr/http-message ^1.1 || ^2.0
│  │  │  └──php ^7.2 || ^8.0
│  │  └──ralouphie/getallheaders ^3.0
│  │     └──php >=5.6
│  ├──php ^7.2.5 || ^8.0
│  ├──psr/http-client ^1.0
│  │  ├──php ^7.0 || ^8.0
│  │  └──psr/http-message ^1.0 || ^2.0
│  │     └──php ^7.2 || ^8.0
│  └──symfony/deprecation-contracts ^2.2 || ^3.0
│     └──php >=8.1
├──guzzlehttp/promises ~2.0.0
│  └──php ^7.2.5 || ^8.0
mr.white’s picture

mr.white commented

Actually, I think I read the tree wrong…and Promises is actually a direct dependency of Drupal 10.1.
https://packagist.org/packages/drupal/core-recommended

Here is the full tree.

drupal/core-recommended 10.1.0 Core and its dependencies with known-compatible minor versions. Require this project INSTEAD OF drupal/core.
├──asm89/stack-cors ~v2.1.1
│  ├──php ^7.2|^8.0
│  ├──symfony/http-foundation ^4|^5|^6
│  │  ├──php >=8.1
│  │  ├──symfony/deprecation-contracts ^2.5|^3
│  │  │  └──php >=8.1
│  │  ├──symfony/polyfill-mbstring ~1.1
│  │  │  └──php >=7.1
│  │  └──symfony/polyfill-php83 ^1.27
│  │     ├──php >=7.1
│  │     └──symfony/polyfill-php80 ^1.14
│  │        └──php >=7.1
│  └──symfony/http-kernel ^4|^5|^6
│     ├──php >=8.1
│     ├──psr/log ^1|^2|^3
│     │  └──php >=8.0.0
│     ├──symfony/deprecation-contracts ^2.5|^3
│     │  └──php >=8.1
│     ├──symfony/error-handler ^6.3
│     │  ├──php >=8.1
│     │  ├──psr/log ^1|^2|^3
│     │  │  └──php >=8.0.0
│     │  └──symfony/var-dumper ^5.4|^6.0
│     │     ├──php >=8.1
│     │     └──symfony/polyfill-mbstring ~1.0
│     │        └──php >=7.1
│     ├──symfony/event-dispatcher ^5.4|^6.0
│     │  ├──php >=8.1
│     │  └──symfony/event-dispatcher-contracts ^2.5|^3
│     │     ├──php >=8.1
│     │     └──psr/event-dispatcher ^1
│     │        └──php >=7.2.0
│     ├──symfony/http-foundation ^6.2.7
│     │  ├──php >=8.1
│     │  ├──symfony/deprecation-contracts ^2.5|^3
│     │  │  └──php >=8.1
│     │  ├──symfony/polyfill-mbstring ~1.1
│     │  │  └──php >=7.1
│     │  └──symfony/polyfill-php83 ^1.27
│     │     ├──php >=7.1
│     │     └──symfony/polyfill-php80 ^1.14
│     │        └──php >=7.1
│     └──symfony/polyfill-ctype ^1.8
│        └──php >=7.1
├──composer/semver ~3.3.2
│  └──php ^5.3.2 || ^7.0 || ^8.0
├──doctrine/annotations ~1.14.3
│  ├──doctrine/lexer ^1 || ^2
│  │  ├──doctrine/deprecations ^1.0
│  │  │  └──php ^7.1 || ^8.0
│  │  └──php ^7.1 || ^8.0
│  ├──ext-tokenizer *
│  ├──php ^7.1 || ^8.0
│  └──psr/cache ^1 || ^2 || ^3
│     └──php >=8.0.0
├──doctrine/deprecations ~v1.1.1
│  └──php ^7.1 || ^8.0
├──doctrine/lexer ~2.1.0
│  ├──doctrine/deprecations ^1.0
│  │  └──php ^7.1 || ^8.0
│  └──php ^7.1 || ^8.0
├──drupal/core 10.1.0
│  ├──asm89/stack-cors ^2.1
│  │  ├──php ^7.2|^8.0
│  │  ├──symfony/http-foundation ^4|^5|^6
│  │  │  ├──php >=8.1
│  │  │  ├──symfony/deprecation-contracts ^2.5|^3
│  │  │  │  └──php >=8.1
│  │  │  ├──symfony/polyfill-mbstring ~1.1
│  │  │  │  └──php >=7.1
│  │  │  └──symfony/polyfill-php83 ^1.27
│  │  │     ├──php >=7.1
│  │  │     └──symfony/polyfill-php80 ^1.14
│  │  │        └──php >=7.1
│  │  └──symfony/http-kernel ^4|^5|^6
│  │     ├──php >=8.1
│  │     ├──psr/log ^1|^2|^3
│  │     │  └──php >=8.0.0
│  │     ├──symfony/deprecation-contracts ^2.5|^3
│  │     │  └──php >=8.1
│  │     ├──symfony/error-handler ^6.3
│  │     │  ├──php >=8.1
│  │     │  ├──psr/log ^1|^2|^3
│  │     │  │  └──php >=8.0.0
│  │     │  └──symfony/var-dumper ^5.4|^6.0
│  │     │     ├──php >=8.1
│  │     │     └──symfony/polyfill-mbstring ~1.0
│  │     │        └──php >=7.1
│  │     ├──symfony/event-dispatcher ^5.4|^6.0
│  │     │  ├──php >=8.1
│  │     │  └──symfony/event-dispatcher-contracts ^2.5|^3
│  │     │     ├──php >=8.1
│  │     │     └──psr/event-dispatcher ^1
│  │     │        └──php >=7.2.0
│  │     ├──symfony/http-foundation ^6.2.7
│  │     │  ├──php >=8.1
│  │     │  ├──symfony/deprecation-contracts ^2.5|^3
│  │     │  │  └──php >=8.1
│  │     │  ├──symfony/polyfill-mbstring ~1.1
│  │     │  │  └──php >=7.1
│  │     │  └──symfony/polyfill-php83 ^1.27
│  │     │     ├──php >=7.1
│  │     │     └──symfony/polyfill-php80 ^1.14
│  │     │        └──php >=7.1
│  │     └──symfony/polyfill-ctype ^1.8
│  │        └──php >=7.1
│  ├──composer-runtime-api ^2.1
│  ├──composer/semver ^3.3
│  │  └──php ^5.3.2 || ^7.0 || ^8.0
│  ├──doctrine/annotations ^1.14
│  │  ├──doctrine/lexer ^1 || ^2
│  │  │  ├──doctrine/deprecations ^1.0
│  │  │  │  └──php ^7.1 || ^8.0
│  │  │  └──php ^7.1 || ^8.0
│  │  ├──ext-tokenizer *
│  │  ├──php ^7.1 || ^8.0
│  │  └──psr/cache ^1 || ^2 || ^3
│  │     └──php >=8.0.0
│  ├──egulias/email-validator ^3.2.1|^4.0
│  │  ├──doctrine/lexer ^2.0 || ^3.0
│  │  │  ├──doctrine/deprecations ^1.0
│  │  │  │  └──php ^7.1 || ^8.0
│  │  │  └──php ^7.1 || ^8.0
│  │  ├──php >=8.1
│  │  └──symfony/polyfill-intl-idn ^1.26
│  │     ├──php >=7.1
│  │     ├──symfony/polyfill-intl-normalizer ^1.10
│  │     │  └──php >=7.1
│  │     └──symfony/polyfill-php72 ^1.10
│  │        └──php >=7.1
│  ├──ext-date *
│  ├──ext-dom *
│  ├──ext-filter *
│  ├──ext-gd *
│  ├──ext-hash *
│  ├──ext-json *
│  ├──ext-pcre *
│  ├──ext-pdo *
│  ├──ext-session *
│  ├──ext-simplexml *
│  ├──ext-spl *
│  ├──ext-tokenizer *
│  ├──ext-xml *
│  ├──guzzlehttp/guzzle ^7.5
│  │  ├──ext-json *
│  │  ├──guzzlehttp/promises ^1.5.3 || ^2.0
│  │  │  └──php ^7.2.5 || ^8.0
│  │  ├──guzzlehttp/psr7 ^1.9.1 || ^2.4.5
│  │  │  ├──php ^7.2.5 || ^8.0
│  │  │  ├──psr/http-factory ^1.0
│  │  │  │  ├──php >=7.0.0
│  │  │  │  └──psr/http-message ^1.0 || ^2.0
│  │  │  │     └──php ^7.2 || ^8.0
│  │  │  ├──psr/http-message ^1.1 || ^2.0
│  │  │  │  └──php ^7.2 || ^8.0
│  │  │  └──ralouphie/getallheaders ^3.0
│  │  │     └──php >=5.6
│  │  ├──php ^7.2.5 || ^8.0
│  │  ├──psr/http-client ^1.0
│  │  │  ├──php ^7.0 || ^8.0
│  │  │  └──psr/http-message ^1.0 || ^2.0
│  │  │     └──php ^7.2 || ^8.0
│  │  └──symfony/deprecation-contracts ^2.2 || ^3.0
│  │     └──php >=8.1
│  ├──guzzlehttp/psr7 ^2.4.5
│  │  ├──php ^7.2.5 || ^8.0
│  │  ├──psr/http-factory ^1.0
│  │  │  ├──php >=7.0.0
│  │  │  └──psr/http-message ^1.0 || ^2.0
│  │  │     └──php ^7.2 || ^8.0
│  │  ├──psr/http-message ^1.1 || ^2.0
│  │  │  └──php ^7.2 || ^8.0
│  │  └──ralouphie/getallheaders ^3.0
│  │     └──php >=5.6
│  ├──masterminds/html5 ^2.7
│  │  ├──ext-dom *
│  │  └──php >=5.3.0
│  ├──mck89/peast ^1.14
│  │  ├──ext-mbstring *
│  │  │  └──php >=7.1
│  │  └──php >=5.4.0
│  ├──pear/archive_tar ^1.4.14
│  │  ├──pear/pear-core-minimal ^1.10.0alpha2
│  │  │  ├──pear/console_getopt ~1.4
│  │  │  └──pear/pear_exception ~1.0
│  │  │     └──php >=5.2.0
│  │  └──php >=5.2.0
│  ├──php >=8.1.0
│  ├──psr/log ^3.0
│  │  └──php >=8.0.0
│  ├──sebastian/diff ^4
│  │  └──php >=7.3
│  ├──symfony/console ^6.3
│  │  ├──php >=8.1
│  │  ├──symfony/deprecation-contracts ^2.5|^3
│  │  │  └──php >=8.1
│  │  ├──symfony/polyfill-mbstring ~1.0
│  │  │  └──php >=7.1
│  │  ├──symfony/service-contracts ^2.5|^3
│  │  │  ├──php >=8.1
│  │  │  └──psr/container ^2.0
│  │  │     └──php >=7.4.0
│  │  └──symfony/string ^5.4|^6.0
│  │     ├──php >=8.1
│  │     ├──symfony/polyfill-ctype ~1.8
│  │     │  └──php >=7.1
│  │     ├──symfony/polyfill-intl-grapheme ~1.0
│  │     │  └──php >=7.1
│  │     ├──symfony/polyfill-intl-normalizer ~1.0
│  │     │  └──php >=7.1
│  │     └──symfony/polyfill-mbstring ~1.0
│  │        └──php >=7.1
│  ├──symfony/dependency-injection ^6.3
│  │  ├──php >=8.1
│  │  ├──psr/container ^1.1|^2.0
│  │  │  └──php >=7.4.0
│  │  ├──symfony/deprecation-contracts ^2.5|^3
│  │  │  └──php >=8.1
│  │  ├──symfony/service-contracts ^2.5|^3.0
│  │  │  ├──php >=8.1
│  │  │  └──psr/container ^2.0
│  │  │     └──php >=7.4.0
│  │  └──symfony/var-exporter ^6.2.10
│  │     └──php >=8.1
│  ├──symfony/event-dispatcher ^6.3
│  │  ├──php >=8.1
│  │  └──symfony/event-dispatcher-contracts ^2.5|^3
│  │     ├──php >=8.1
│  │     └──psr/event-dispatcher ^1
│  │        └──php >=7.2.0
│  ├──symfony/http-foundation ^6.3
│  │  ├──php >=8.1
│  │  ├──symfony/deprecation-contracts ^2.5|^3
│  │  │  └──php >=8.1
│  │  ├──symfony/polyfill-mbstring ~1.1
│  │  │  └──php >=7.1
│  │  └──symfony/polyfill-php83 ^1.27
│  │     ├──php >=7.1
│  │     └──symfony/polyfill-php80 ^1.14
│  │        └──php >=7.1
│  ├──symfony/http-kernel ^6.3
│  │  ├──php >=8.1
│  │  ├──psr/log ^1|^2|^3
│  │  │  └──php >=8.0.0
│  │  ├──symfony/deprecation-contracts ^2.5|^3
│  │  │  └──php >=8.1
│  │  ├──symfony/error-handler ^6.3
│  │  │  ├──php >=8.1
│  │  │  ├──psr/log ^1|^2|^3
│  │  │  │  └──php >=8.0.0
│  │  │  └──symfony/var-dumper ^5.4|^6.0
│  │  │     ├──php >=8.1
│  │  │     └──symfony/polyfill-mbstring ~1.0
│  │  │        └──php >=7.1
│  │  ├──symfony/event-dispatcher ^5.4|^6.0
│  │  │  ├──php >=8.1
│  │  │  └──symfony/event-dispatcher-contracts ^2.5|^3
│  │  │     ├──php >=8.1
│  │  │     └──psr/event-dispatcher ^1
│  │  │        └──php >=7.2.0
│  │  ├──symfony/http-foundation ^6.2.7
│  │  │  ├──php >=8.1
│  │  │  ├──symfony/deprecation-contracts ^2.5|^3
│  │  │  │  └──php >=8.1
│  │  │  ├──symfony/polyfill-mbstring ~1.1
│  │  │  │  └──php >=7.1
│  │  │  └──symfony/polyfill-php83 ^1.27
│  │  │     ├──php >=7.1
│  │  │     └──symfony/polyfill-php80 ^1.14
│  │  │        └──php >=7.1
│  │  └──symfony/polyfill-ctype ^1.8
│  │     └──php >=7.1
│  ├──symfony/mime ^6.3
│  │  ├──php >=8.1
│  │  ├──symfony/polyfill-intl-idn ^1.10
│  │  │  ├──php >=7.1
│  │  │  ├──symfony/polyfill-intl-normalizer ^1.10
│  │  │  │  └──php >=7.1
│  │  │  └──symfony/polyfill-php72 ^1.10
│  │  │     └──php >=7.1
│  │  └──symfony/polyfill-mbstring ^1.0
│  │     └──php >=7.1
│  ├──symfony/polyfill-iconv ^1.26
│  │  └──php >=7.1
│  ├──symfony/process ^6.3
│  │  └──php >=8.1
│  ├──symfony/psr-http-message-bridge ^2.1
│  │  ├──php >=7.2.5
│  │  ├──psr/http-message ^1.0 || ^2.0
│  │  │  └──php ^7.2 || ^8.0
│  │  └──symfony/http-foundation ^5.4 || ^6.0
│  │     ├──php >=8.1
│  │     ├──symfony/deprecation-contracts ^2.5|^3
│  │     │  └──php >=8.1
│  │     ├──symfony/polyfill-mbstring ~1.1
│  │     │  └──php >=7.1
│  │     └──symfony/polyfill-php83 ^1.27
│  │        ├──php >=7.1
│  │        └──symfony/polyfill-php80 ^1.14
│  │           └──php >=7.1
│  ├──symfony/routing ^6.3
│  │  └──php >=8.1
│  ├──symfony/serializer ^6.3
│  │  ├──php >=8.1
│  │  └──symfony/polyfill-ctype ~1.8
│  │     └──php >=7.1
│  ├──symfony/validator ^6.3
│  │  ├──php >=8.1
│  │  ├──symfony/deprecation-contracts ^2.5|^3
│  │  │  └──php >=8.1
│  │  ├──symfony/polyfill-ctype ~1.8
│  │  │  └──php >=7.1
│  │  ├──symfony/polyfill-mbstring ~1.0
│  │  │  └──php >=7.1
│  │  ├──symfony/polyfill-php83 ^1.27
│  │  │  ├──php >=7.1
│  │  │  └──symfony/polyfill-php80 ^1.14
│  │  │     └──php >=7.1
│  │  └──symfony/translation-contracts ^2.5|^3
│  │     └──php >=8.1
│  ├──symfony/yaml ^6.3
│  │  ├──php >=8.1
│  │  └──symfony/polyfill-ctype ^1.8
│  │     └──php >=7.1
│  └──twig/twig ^3.5.0
│     ├──php >=7.2.5
│     ├──symfony/polyfill-ctype ^1.8
│     │  └──php >=7.1
│     └──symfony/polyfill-mbstring ^1.3
│        └──php >=7.1
├──egulias/email-validator ~4.0.1
│  ├──doctrine/lexer ^2.0 || ^3.0
│  │  ├──doctrine/deprecations ^1.0
│  │  │  └──php ^7.1 || ^8.0
│  │  └──php ^7.1 || ^8.0
│  ├──php >=8.1
│  └──symfony/polyfill-intl-idn ^1.26
│     ├──php >=7.1
│     ├──symfony/polyfill-intl-normalizer ^1.10
│     │  └──php >=7.1
│     └──symfony/polyfill-php72 ^1.10
│        └──php >=7.1
├──guzzlehttp/guzzle ~7.7.0
│  ├──ext-json *
│  ├──guzzlehttp/promises ^1.5.3 || ^2.0
│  │  └──php ^7.2.5 || ^8.0
│  ├──guzzlehttp/psr7 ^1.9.1 || ^2.4.5
│  │  ├──php ^7.2.5 || ^8.0
│  │  ├──psr/http-factory ^1.0
│  │  │  ├──php >=7.0.0
│  │  │  └──psr/http-message ^1.0 || ^2.0
│  │  │     └──php ^7.2 || ^8.0
│  │  ├──psr/http-message ^1.1 || ^2.0
│  │  │  └──php ^7.2 || ^8.0
│  │  └──ralouphie/getallheaders ^3.0
│  │     └──php >=5.6
│  ├──php ^7.2.5 || ^8.0
│  ├──psr/http-client ^1.0
│  │  ├──php ^7.0 || ^8.0
│  │  └──psr/http-message ^1.0 || ^2.0
│  │     └──php ^7.2 || ^8.0
│  └──symfony/deprecation-contracts ^2.2 || ^3.0
│     └──php >=8.1
├──guzzlehttp/promises ~2.0.0
│  └──php ^7.2.5 || ^8.0
mr.white’s picture

mr.white commented
Issue summary: View changes
cilefen’s picture

cilefen commented

@catch is saying that core-recommended, which essentially locks dependencies, is not compulsory.

mr.white’s picture

mr.white commented

I can understand that, but since 'core-recommended’ is the recommended option the implications are effectively the same, no?

I don’t imagine that 2.0 is in fact required by core - so this comes down to a packaging issue.

AWS a popular component used on many sites for backups an other things, so allowing these sites to update to 10.1 is likely in Drupal’s best interest.

longwave’s picture

longwave
he/him
Primary language English
Location UK
commented

We could skip adding guzzlehttp/promises to drupal/core-recommended by ignoring it in DrupalCoreRecommendedBuilder::getPackage(), we already do this for psr/http-message. As Guzzle only uses this library internally and presumably does some kind of testing with both major versions, perhaps it is OK to loosen that constraint although we won't technically be testing Drupal with both major versions?

longwave’s picture

longwave
he/him
Primary language English
Location UK
commented
Status: Active » Needs review
StatusFileSize
new 3368790-9.patch1.29 KB
cilefen’s picture

cilefen commented

If we remove enough packages from the lock file we can deprecate it 🤪

longwave’s picture

longwave
he/him
Primary language English
Location UK
commented

I think there is an argument for removing all indirect dependencies from core-recommended, we should probably trust our dependencies to declare their dependencies correctly.

cilefen’s picture

cilefen commented

core-recommended-light?

catch’s picture

catch
he/him
Primary language English
commented
Status: Needs review » Reviewed & tested by the community

I think we can trust guzzle to correctly declare dependencies on its own components anyway.

longwave’s picture

longwave
he/him
Primary language English
Location UK
commented

Should we commit this to 10.1.x only and assume everyone will upgrade by the time 10.2.0 is released in December?

catch’s picture

catch
he/him
Primary language English
commented

Yeah why not, we can always cherry-pick forwards if that turns out to be wrong.

mr.white’s picture

mr.white commented

I guess to me it seems odd to keep this as a direct dependency at all, unless there is something specific in 2.0 (or Promises in general) that is required by core. I agree with @catch and would simply allow Guzzle to set its own dependancies in all versions moving forward.

Just my 2c, and I’m sure you guys know better than me what impact this has on core.

longwave’s picture

longwave
he/him
Primary language English
Location UK
commented

@jabeler it is only a direct dependency of drupal/core-recommended, which is a set of recommended packages because those are the ones that have explicitly passed our test suite. We have found in the past that sometimes different versions or combinations of versions of dependencies have issues when used with core, so core-recommended was created to provide a tighter set of dependencies than core alone. You are free to depend on drupal/core instead of drupal/core-recommended, with the caveat that you might run into issues that our automated testing did not find.

mr.white’s picture

mr.white commented

That makes sense.

I guess it also makes troubleshooting a lot simpler if most sites are using the same set of components.

  • catch committed cf40e687 on 10.1.x 
    Issue #3368790 by longwave, jabeler: guzzlehttp/promises 2.0 blocking...
catch’s picture

catch
he/him
Primary language English
commented
Status: Reviewed & tested by the community » Fixed

Committed/pushed to 10.1.x (only), thanks!

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.