By pickronj on

Hello everyone,

(Maintainence mode is on) running on Debian 10.

I ran composer update drupal/core "drupal/core-*" -- with-all-dependencies, and I got this error:

            :

            :

.... Update of composer/installers failed

     [RuntimeException] 

      Could not delete /var/www/html/xxxxx/vendor/composer/installers/composer.json:

I have composer.json and composer.lock on 775 mode at the domain level, not the core level.  However, for the /vendor/composer/composer.json file is currently on -rw-r--r--  root root Jan 14 2021

Any ideas ?  I did run composer update and I get this same error.  Also, tried the command: composer require drupal/core-recommended:9.2.5 --update-with-all-dependencies and same error.  I need to upgrade to Drupal 9.2.5 due to security reasons.

Thanks in advance!

Jan

Categories: Drupal 9.x

Comments

mmjvb’s picture

mmjvb commented

EDIT: Moved from https://www.drupal.org/forum/support/upgrading-drupal/2021-06-17/upgradi...

You should be able to update composer/installers. Looks like a security issue with composer/installers/composer.json. Remove it manually if you can't figure out why there is a problem. Hopefully, it is the only file with this issue.

You may want to try to update composer/installers separately. Find out which version it needs to be and update to that.

The --with-all-dependencies looks for any possible updates rather than needed updates. Suggest to whitelist needed updates rather than allowing possible updates. Use show, prohibits and depends to find out needed updates.

pickronj’s picture

pickronj commented

Thank you, mmjvb for your reply, and it is appreciated.  The composer version I have currently is 2.0.11, and I don't know about updating installers since I'm relatively new in upgrading from Drupal 9.1.10 to 9.2.5.  I have a documentation  (Updating Drupal core via Composer, last updated on August 23, 2021) and followed it through.  I will find out about show, prohibits and depends to find out needed updates....

Thanks!!

mmjvb’s picture

mmjvb commented

Unfortunately your situation goes beyond that documentation. Suggest to also keep current on composer itself: composer self update:

docker@cli:/var/www$ sudo composer selfupdate
Upgrading to version 2.1.7 (stable channel).

Use composer self-update --rollback to return to version 2.1.5
docker@cli:/var/www$

Every Drupal project needs the composer/installers to get the modules at the location Drupal expects them. Looks like it needs updating in your project, but fails due to a problem. Suggesting to solve that problem, allowing you to continue updating your project as documented. See protocol below:

docker@cli:/var/www$ composer outdated -Dm
Color legend:
- patch or minor release available - update recommended
- major release available - update possible
composer/composer      1.10.20           1.10.22           Composer helps yo...
composer/installers    v1.9.0            v1.12.0           A multi-framework...
drupal/cleantalk       9.1.5             9.1.15            Cloud antispam so...
drupal/crossword       1.0.0-beta13      1.2.0             Adds Crossword fi...
drupal/cua             dev-1.0.x 0b99a75 dev-1.0.x fb3c94b This makes it eas...
drupal/s3fs            3.0.0-alpha16     3.0.0-beta3       Adds an Amazon Si...
drupal/smart_date      3.2.0             3.4.2             Adds app-like dat...
drupal/subgroup        1.0.0             1.0.2             Allows you to str...
drupal/token           1.6.0             1.9.0             Provides a user i...
drupal/views_slideshow 4.7.0             4.8.0             Describes relatio...
drupal/webform         6.0.1             6.0.5             Enables the creat...
docker@cli:/var/www$ composer prohibits composer/installers 1.12.0
There is no installed package depending on "composer/installers" in versions not matching 1.12.0
docker@cli:/var/www$ composer update composer/installers --dry-run
Loading composer repositories with package information
Updating dependencies
Lock file operations: 0 installs, 1 update, 0 removals
  - Upgrading composer/installers (v1.9.0 => v1.12.0)
Installing dependencies from lock file (including require-dev)
Package operations: 0 installs, 1 update, 0 removals
  - Upgrading composer/installers (v1.9.0 => v1.12.0)
Package container-interop/container-interop is abandoned, you should avoid using it. Use psr/container instead.
54 packages you are using are looking for funding.
Use the `composer fund` command to find out more!
docker@cli:/var/www$

Note that the version your project might need could be different. Also, just because there is an update for it, it doesn't mean you need it. Used --dry-run on the update to see what it wants to do, repeat without --dry-run when you are happy with what it is that it is going to do, to actually do it.

You could even remove and require composer/installers as it is just a plugin it needs to get things where you want in a Drupal project. As it is a plugin you might need --no-plugins to avoid loading it when trying to remove it. Just make sure it is back before you do anything Drupal related.

pickronj’s picture

pickronj commented

mmjvb, 

I upgraded Composer 2.1.8 successfully  using this command:  sudo composer selfupdate     

Also, composer outdated -Dm   and  composer prohibits composer/installers 1.12.0 then composer/installers --dry-run    <== that worked!!!!

Then I updated Drupal core:  sudo composer update drupal/core "drupal/core-*" --with-all-dependencies

It worked !!!  I'm so glad for your assistance, and hope this will help others.

Thank you again, mmjvb.

mmjvb’s picture

mmjvb commented

Glad you managed to get things working. Do wonder about your usage of sudo. Probably you need that for updating Composer. You shouldn't need it for using Composer to manage the codebase of your project. 

Appreciate you being grateful for my assistance, hope indeed it helps others as well.