Come together with the global Drupal community in Rotterdam, 28 Sept β 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.Problem/Motivation
As part of https://www.drupal.org/project/acquia_migrate/issues/3414727 I found that simply re-running the make -Bprocess added a lot of (unvetted) contrib modules back into our recommendations.json file.
Example after running:
diff --git a/statistics.txt b/statistics.txt
index 82e760ec..52096515 100644
--- a/statistics.txt
+++ b/statistics.txt
@@ -1,7 +1,7 @@
409 recommendations (curated)
(of which 363 contrib recommendations)
-171 recommendations (generated)
-558 recommendations (total)
+1036 recommendations (generated)
+1357 recommendations (total)
(of which 88 vetted recommendations)
(destination: targeting 72 composer packages)
(destination: targeting 120 Drupal modules)
@@ -9,6 +9,6 @@
(source: obsoleting 63 Drupal modules)
(of which 63 obsolete recommendations)
(of which 3 patched recommendations)
I think we should be safe to add these back in. Since they are unvetted, they won't be installed by default and thus it will need manual review anyway per module.
Steps to reproduce
I was able to confirm this locally by testing with the Disable Messages module. I installed the module on my Drupal 7 instance and then generated new D10 codebases from it.
Using the current Drupal 10 recommendations.json file resulted in the following D10 codebase being built:
www-data@921046cc9934:/app$ php ./cli/bin/acli app:new:from:drupal7 --recommendations="/app/recommendations.json" --drupal7-directory=/app/docroot --directory=/app/d10_codebase
π€ Scanning Drupal 7 site.
π Found Drupal 7 site (7.99 to be precise) at sites/default, with 32 modules enabled!
π€ Computing recommendations for this Drupal 7 siteβ¦
π₯³ Great news: found 32 recommendations that apply to this Drupal 7 site, resulting in a composer.json with:
- 11 packages
- 1 patches
- 28 modules to be installed!
π Generated composer.json and committed to a new git repo.
β³ Installing. This may take a few minutes.
Whereas if i ran it with this newly updated recommendations.json file:
π€ Scanning Drupal 7 site.
π Found Drupal 7 site (7.99 to be precise) at sites/default, with 32 modules enabled!
π€ Computing recommendations for this Drupal 7 siteβ¦
π₯³ Great news: found 33 recommendations that apply to this Drupal 7 site, resulting in a composer.json with:
- 12 packages
- 1 patches
- 28 modules to be installed!
π Generated composer.json and committed to a new git repo.
β³ Installing. This may take a few minutes.
Note the 11 vs 12 packages.
Proposed resolution
Re-run the crawler script to ensure it is correctly picking up the latest version of modules from their update endpoints. This will involve removing the crawler-cache folder and will take a while to regenerate.
Remaining tasks
n/a
User interface changes
n/a
API changes
n/a
Data model changes
n/a
Issue fork acquia_migrate-3420498
Show commands
Start within a Git clone of the project using the version control instructions.
Or, if you do not have SSH keys set up on git.drupalcode.org:
changes
Comments
Comment #3
dan612 commentedI am a little confused by the output in statistics
specifically this part:
Did we lose 77 curated recommendations in this process somehow?
Comment #4
dan612 commentedβ pipelines failing!
I think it is because
^3vs^3.0. Seeing what happens if I change that in curated.jsonComment #5
dan612 commentedI think there are probably quite a few of these, another failure:
I dont want to spam pipelines so maybe I can try to identify which ones differ and fix them all in one go .
Comment #6
dan612 commentedI figured out i could run
to test this locally (to avoid the aforementioned spamming of pipelines π). However...i think this is exposing a larger issue. Some of the generated recommendations, for example:
conflict heavily with the curated.json value, which is:
even though it is vetted:false in curated.json it still feels like something else needs to happen here. Another example is rabbit hole:
I'm not sure i feel comfortable updating these in curated.json without actually testing them myself locally, but I guess if its not marked as "vetted" that is ok? Updated the MR with updates to the failing packages and an added conditional in the
test-unvetted-modules-composer-installability.shscript be more lenient with version checks to start π.I thought the constraints in curated.json would have superseded those in generated.json, but this appears to be throwing an error. My changes have also broken things quite substantially in pipelines π¬ sooo im rethinking this at the moment
Comment #7
dan612 commentedHere are the current issues:
This one will get addressed with https://www.drupal.org/project/acquia_migrate/issues/3417209.
I would argue that the recommendation for
metatag @ version ^2supersedesdrupal/agls(based on installation usage). Sodrupal/aglsshould be moved to curated.json with a note stating that it needs to be manually installed due to the need to downgrade metatag.This module requires manual installation due to needing to alter the repositories section of composer.json by hand. Should update this in curated.json
The recommendation from the previous version of recommendations.json still applies to this module.
This recommendation still applies to the current module.
This seems to be more an issue with the CI - i think we need to enable a new extension for this to install. Locally I am able to install it.
The same recommendation apples from the previous version.
This module might be ok to use (haven't tested) but cannot be installed due to a typo in its
composer.jsonfile, here. Based on the module .info file this should be compatible with^10which would install on 10.2.3, but this requirement in composer.json prevents installation.The same recommendation applies.
This module requires manual installation. See here.
This module is not yet compatible with PHP 8.2. It also appears the issue queue is disabled? Odd.
I am a little confused on this one. The project composer.json file says it needs drupal/adaptivetheme: ^8.4 but i dont see that as a realease/tag.. Maybe this tracks to 8.x-4.x? If so, then the issue is that 4.x of drupal/adaptivetheme is incompatible with Drupal 10.. It also appears that at_tools has been abandoned and now the work is being done in at_tool
I made this changes locally and then saw this error:
This module does not appear to be installable right now due to an issue with Easy Install being incompatible with Drupal 10. Easy install needs to be patched - see https://www.drupal.org/project/easy_install/issues/3297022.
Then I hit:
This module does not have a stable release. Stopping for now...
Comment #10
dan612 commentedCurrently we have 171 generated recommendations. After this there are 1423 generated recommendations.
I realized this morning that what I was doing in my previous efforts was just re-vetting all those modules which failed to install cleanly...which is what we want to do anyway but there are probably higher priorities π. that being said, i think i should break some of my comments in #7 into tickets as the work (or groundwork) is already done now.
New idea. What if we just omit all the d10-install-breaking-modules from generated.json? This would mean we still get an additional ~1,200 modules which install successfully on D10 and it would unblock this issue, which relies on basically vetting every module which fails to cleanly install via composer.
Locally I reset things back to recommendations-10, re-ran make -B and cofirmed the mass update in generated.json. At this point my statistics showed:
Then i added the modules i knew from previous efforts to be breaking to a new file, iterated over it and removed those from generated.json. Then re-ran the CI process locally to make sure things worked. Whenever there was a failure, i removed it from generated.json and tried again. I attached the list of packages which caused failure. The result appears to be a passing CI pipeline now π. I will leave it up for discussion what other implications this has and if it is a good idea or not π¬
I believe it is an improvement π€ because the majority of these modules should work on Drupal 10 (considering they have a D10 compatible release tagged). So even though we haven't tested them or vetted migration paths, i believe it makes things easier for the end user because they will come preinstalled (but not enabled) if they had them on Drupal 7.
Comment #11
dan612 commentedComment #12
wim leers#3: Hm β¦Β that is odd. π€ I think it might be related to #4 β I forget how exactly
curated.jsonandgenerated.jsonare merged intorecommendations.json, I bet it's related to that. Otherwise: a bug inscripts/create-statistics.shis not impossible either π This evolved on an as-needed and "good enough" basis.#6: Yes, whenever these kinds of conflicts arise, we are forced to override the generated recommendation in
curated.json, and just keep thevetted: false. In this case, a recommendation is generated for the D7node_revision_deletemodule (great!), but it recommends a different D10 package version than the curated recommendation fornode_revision_restrict. And that's a problem, because we cannot install multiple package versions. Usually, the solution is to just add more overrides incurated.json. But in this case, I bet I made a mistake while trying to determine the minimal viable subset of the D9curated.jsonthat would work for D10.If you're wondering why the
node_revision_restrictnon-vetted curated recommendation even exists, it's because that's a D7 submodule of thenode_revision_deletemodule. The script that generatesgenerated.jsoncan only know about projects == "main module names", not any submodules. So any submodule that we've encountered along the way while working on the D9 recommendations, we've added a matching non-vetted curated recommendation for, to provide maximal coverage for AM:A users (otherwise it'd seem like there is no equivalent!).No need for testing locally β thanks to
vetted: falseπ These modules won't be Drupal-installed, onlycomposer-installed.They do! But it's "keyed" by
replaces.nameaka the D7 module they replace. And hence that automatic overriding does NOT work for submodules. See https://git.drupalcode.org/project/acquia_migrate/-/blob/recommendations....I think π should help you get everything that the script puts in
generated.jsonto a passing state. But β¦ I'm pragmatic π, and I agree with you in #10 that the current MR is already a big net improvement, so merged that! Keeping this open for a second MR on this issue now that I've explained why those conflicts were occurring (submodules!), which should make it trivial for you to resolve the conflicts π€The changes you made in
curated.jsonmake sense β they're all intended to align with thegenerated.json's version numbers for the non-submodule package versions, for example the D7flood_unblockhad^2incurated.json, butgenerated.jsoncontains:β¦Β and so to avoid the need to repeat both of those recommendations in
curated.jsonto set them to^2both, just changing the submodule's recommendation incurated.jsonto^2.3is less work/effort πComment #13
wim leers@dan612 did you see #12?
Comment #14
dan612 commentedπ i did! however I am not sure we are talking about the same issue. I encountered 2 types of issues when working on this:
curated.jsonandgenerated.json-- as you described in your previous comment, these were mostly submodules and easy to fix by manually changing the version.The second issue above is where this is stuck, none of these modules - https://www.drupal.org/files/issues/2024-02-10/d10-composer-install-brea... - were able to be added to a D10 project via composer, cleanly. For example drupal/field_properties:
or smartmenus:
So for these...i feel like we would have to vet each on against D10 and provide a curated recommendation in order for this to be complete.
To be honest a lot of these packages look as though they are in alpha/beta and dont have a stable release to begin with...which makes me wonder why the crawler script was even picking them up because it should only get D10 packages when:
the above snippet was taken from crawl.php
Comment #15
wim leersAhhh!
Looks like I mixed things up indeed β sorry about that π
Modules that get automatically added to
generated.jsonbut are notcomposer-installable are worth adding tocurated.jsonexplicitly, because β¦ then we can inform the user that right now, there's no installable release, and that there's a particular issue where that's being worked on. Now for the cool part: linking to such an issue will causescripts/dgo_issue_tracker.shto get updated automatically when you runmake, meaning we'll get notified through our CI when that issue lands upstream and our "nope doesn't work" recommendation incurated.jsonhas become stale! πWell, that module has a stable security-covered D7 release, so any D7 site using it and wanting to move to D10 will want to know if there's any release available that might help avoid writing new code/doing a custom migration, because then there's at least some release to test. So https://www.drupal.org/project/field_properties falls under that category. You'll find plenty of
-devconstraints in the D9 recommendations too: https://git.drupalcode.org/project/acquia_migrate/-/blob/recommendations...Comment #17
dan612 commentedmade an MR to show i am still noodling on this π¬
I re-ran the
make -Bcommand, then my process was as follows:sh ./scripts/test-unvetted-modules-composer-installability.sh recommendation.json /tmp/test-general-installability-unvetted 10.2.3composer install --dry-runcurated.jsonwith a note as to why it fails to installcomposer remove <package>then re-runcomposer install --dry-runBasically just worked through all the various failures during composer installation, went to the projects to review why it failed and then updated the note with the findings. Then my pipelines jobs started to fail due to PHP 8.2 incompatibility - so I made a few more updates to address that after changing versions and testing again locally
Comment #18
dan612 commentedComment #19
wim leersEpic work!
My #1 concern is that many of these will go outdated without us knowing. Most of these can and should have d.o issue links. The majority of them do, but I also saw many that still need it.
Once you add that, I'll instantly merge this!
P.S.: the
TabTmodule there is a BLAST FROM THE PAST! π€£πππππComment #20
dan612 commentedComment #21
dan612 commentedI think i covered all issues, but LMK if i missed something π
I also think that I found a bug in the crawler that was stopping crawling ~400 pages in, when there are over 650 pages of results to iterate through. Probably best to keep that in the original parent issue and break out another update once possible...assuming this one is OK.
Comment #23
wim leersBy "original parent issue" you mean #3414727: Refine the crawler that generates `generated.json` to support full Composer constraint expressions?
I really wanted to RTBC + merge this. But I don't understand 5 of the overrides in
curated.json. Could you add anoteto them to help me understand (and help you evolve it in the future)? πComment #24
dan612 commentedMade some updates π₯Ή - we also had a pipelines failure due to an issue getting resolved - https://www.drupal.org/project/monster_menus/issues/3422059. So the system is working! π
yep! I have found a lot of "sticking points" in the current crawler and I think there could be a substantial amount of projects still missing from generated.json. I suppose I could keep going in this issue with an update-generated-3 branch ... but since it might change the functions of the crawler i thought perhaps better off in the parent.
I could also change the crawler locally but only commit the updated JSON files (not the script updates)
Comment #25
dan612 commentedComment #26
wim leersπ
No more remarks on the MR now either β you were able to remove ~50% of the ones I was unsure about, and the ones that remain now have a clear
noteπ₯³Comment #28
wim leers