ddev composer require drupal/upgrade_status
Using version ^3.5 for drupal/upgrade_status
./composer.json has been updated
Running composer update drupal/upgrade_status
Loading composer repositories with package information
Updating dependencies
Your requirements could not be resolved to an installable set of packages.

Problem 1
- drupal/upgrade_status[dev-3.x, 3.5.0-alpha2, ..., 3.5.0] require mglaman/phpstan-drupal ^0.12.9 -> found mglaman/phpstan-drupal[dev-master, 0.12.9, 0.12.10, 0.12.x-dev (alias of dev-master)] but the package is fixed to 0.12.6 (lock file version) by a partial update and that version does not match. Make sure you list it as an argument for the update command.
- drupal/upgrade_status 3.5.0-alpha1 requires mglaman/phpstan-drupal ^0.12.7 -> found mglaman/phpstan-drupal[dev-master, 0.12.7, ..., 0.12.x-dev (alias of dev-master)] but the package is fixed to 0.12.6 (lock file version) by a partial update and that version does not match. Make sure you list it as an argument for the update command.
- drupal/upgrade_status 3.x-dev is an alias of drupal/upgrade_status dev-3.x and thus requires it to be installed too.
- Root composer.json requires drupal/upgrade_status ^3.5 -> satisfiable by drupal/upgrade_status[3.5.0-alpha1, 3.5.0-alpha2, 3.5.0, 3.x-dev (alias of dev-3.x)].

Comments

rossidrup created an issue. See original summary.

gábor hojtsy’s picture

gábor hojtsy
he/him
Primary language Hungarian
Location Hungary
commented
Title: I get error when tryng to upgrade to latest version 3.5 » Cannot update Upgrade Status due to locked phpstan-drupal dependency
gábor hojtsy’s picture

gábor hojtsy
he/him
Primary language Hungarian
Location Hungary
commented
Category: Feature request » Support request
Status: Active » Postponed (maintainer needs more info)

Looks like your phpstan-drupal dependency is locked to an older version in your composer lock file. One option to overcome this is to edit your composer.lock file and remove the phpstan-drupal entry. There is probably a way to do this with a composer command as well, I raised it in the #composer Drupal Slack channel. That said, manually editing it out of composer.lock and then doing the composer update should not have any bad side effects and whatever the composer command to cut through this locked dependency, your composer lock and json files will end up the same at the end of it like if you manually removed the lock entry.

How did this work out for you?

rossidrup’s picture

rossidrup commented

I got this in my lock file

"require": {
"drupal/core": "^8",
"mathieuviossat/arraytotexttable": "~1.0.0",
"mglaman/phpstan-drupal": "^0.12.0",
"nikic/php-parser": "^4.0.0",
"phpstan/phpstan-deprecation-rules": "^0.12.0",
"webflo/drupal-finder": "^1.2"
},

can I just delete the whole file? and also vendor and do compsoer update?

gábor hojtsy’s picture

gábor hojtsy
he/him
Primary language Hungarian
Location Hungary
commented

@rossidrup: I would keep the first entry in your composer.lock (to not yet get Drupal 9 from a composer update) but the rest probably does not belong there, those all look like dependencies of upgrade status and would be handled by upgrade status just fine. Unless you have other reasons to lock them.

rossidrup’s picture

rossidrup commented

I ran this by recomendation on #composer slack
ddev composer update drupal/core "drupal/core-*" mglaman/phpstan-drupal --with-all-dependencies

and it did nothing

your suggestion worked

i deleted the lines

then require drupal/upgrade_status

and drush updb

thank you

eiriksm’s picture

eiriksm
he/him
Primary language Norwegian Bokmål
Location Norway
commented

So there are a couple of solutions to such a problem. Really depending on how you wound up in that situation in the first place.

For example, if your project composer.json required mglaman/phpstan-drupal, you would have this "fixed" in your composer.lock. and composer would refuse to update it just based on the fact that it's in your root composer.json.

Depending on the constraint, you can however update several packages at the same time. So for example

composer update drupal/upgrade_status mglaman/phpstan-drupal --with-all-dependencies

This will however not work if you have not already installed upgrade_status, which it might seem is the case for you. In such a case you could require them both (the new version included). Something like this:

composer require drupal/upgrade_status:^3.5 mglaman/phpstan-drupal:^0.12.9

There is also the third scenario where you have another package completely (not your actual project composer.json) which requires mglaman/phpstan-drupal. In this case it could of course be an actual conflict, but you can type this to find out why you have it.

composer why mglaman/phpstan-drupal

This can for example show you that mglaman/drupal-check requires that package. If that was the case you could try something like the above, but adding this other dependency to the list of upgrades. So something like this:

composer update mglaman/drupal-check drupal/upgrade_status mglaman/phpstan-drupal

If you do not want mglaman/phpstan-drupal as a direct dependency, but ends up with it based on one of those commands (that would probably be because of the second example) you can safely remove it afterwards, and composer dependency resolution will keep the package around even if it's not in your composer.json:

composer remove mglaman/phpstan-drupal

Webbeh’s picture

Webbeh
he/him/his
Location Georgia, USA
commented
Status: Postponed (maintainer needs more info) » Fixed

Per #6 and extra info in #7.

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.