Problem/Motivation
New releases is out with few api additions but primary fix is compatibility new PHP versions
- https://github.com/twigphp/Twig/commit/fba01bfba2640f98ae24272bb021de7f3...
- https://github.com/twigphp/Twig/commit/406b3e5969752cfd01da58d61b7e28d62...
also Drupal integration is re-enabled https://github.com/twigphp/Twig/commit/589655c1b930fa940beef243e760a2141...
Proposed resolution
Upgrade twig to 3.5.0 and set constraint to ^3.5.0
As 3.5.0 release improves forward-compatibility with PHP 8.0.24 and 8.1.11 it makes sense to backport it to 9.5.x amd 10.0.x
Remaining tasks
- review/commit
- decide about backport
User interface changes
no
API changes
no, additions only
Data model changes
no
Release notes snippet
Drupal 10.1.0
(The standard note about all deps being updated to the latest minors with constraint increased)
Drupal 10.0.1
Twig 3.5.0 has been released with improvements to PHP 8 compatibility. Drupal core and the drupal/core-recommended
metapackage have been updated to use this version of Twig.
White it is unlikely, some sites or applications could encounter issues with a minor-version update of Twig in a patch release. The minimum required version remains Twig 3.4.3, so sites experiencing any issues with the 3.5.0 update can temporarily depend directly on drupal/core to require the old version until any conflict is resolved.
Comment | File | Size | Author |
---|---|---|---|
#27 | 3095099-27.patch | 2.33 KB | alexpott |
| |||
#19 | 3095099-19.patch | 3.41 KB | andypost |
Comments
Comment #2
Chi CreditAttribution: Chi commentedComment #3
Chi CreditAttribution: Chi commentedComment #4
amjad1233Hi @chi,
I ran composer show on twig/twig package it says it's at v1.42.3 already?
Do we need to still update it?
Comment #5
Chi CreditAttribution: Chi commentedThat's because Composer by default installs the latest allowed version. This issue is about setting minimum requirement for Twig which is currently 1.38.2.
Comment #6
Chi CreditAttribution: Chi commentedComment #7
andypostMeantime patch upgrades twig to
v1.42.4
Comment #8
Chi CreditAttribution: Chi commented@andypost 1.42.4 gets into composer.lock as it is the latest Twig 1 release. The version specified in composer.json is "^1.41.0".
Comment #10
Taran2LD9 is using Twig 2.x; so this is definitely a D8.9 target; however, I guess there should be an issue with updating all the dependencies
Comment #11
Taran2LSo, this patch must update the required minimal twig version alone; and should not touch composer.lock(s). See #3122112: Update dependencies for Drupal 8.9
The question is what minimum version we would like to require: 1.41 or newer
Comment #12
Taran2LComment #13
arpad.rozsa CreditAttribution: arpad.rozsa at Studio Present commentedI think 1.41 is a good start, based on the issue description. Although 1.43.0 is out already, which we could use as a minimum. It drops php 5 and 7.0 support, but drupal 8.9 doesn't support those either so that shouldn't be a problem.
Uploading a patch with 1.41 for now (removed composer.lock changes), just so I can use it in a project.
Comment #19
andypostre-purposed the issue for current upgrade as it was outdated
Comment #20
Spokje- 3.5.0 is the current latest version https://packagist.org/packages/twig/twig
- Patch only updates
twig/twig
to that version- TestBot is happily green
RTBC for me.
Comment #21
catchCommitted/pushed to 10.1.x, thanks!
We wouldn't normally update to a minor version of a dependency in a patch version of core, but it would help us if there's a security release probably, so leaving open for discussion. Maybe we could update but continue allowing the older version in composer.json?
Comment #22
catchI've opened a new issue for the 9.5 update since it'll need its own release note and etc. #3330465: Update Twig to 2.15.4.
Comment #24
xjmWe should consider asking them if they'd backport the PHP 8 compatibility fixes to Twig 3.4 before we backport a minor update to 10.0.x.
Comment #25
alexpottI've looked at https://github.com/twigphp/Twig/compare/v3.4.3...v3.5.0 and I think it is safe to update to 3.5.0 in the next patch release of Drupal. There are only additions and I couldn't spot any deprecations of changes that are consequential in terms of API change.
Comment #26
xjmIn that's case, let's do a lockfile-only update for 10.0.x now, before the patch release, with the Composer command to update
core-recommended
in the release notes.Comment #27
alexpottHere's a patch for Drupal 10.0.x.
As per @xjm no change to core/composer.json so people can keep on the old minor if necessary.
Comment #28
SpokjeRTBC if TestBot agrees
Comment #29
xjmWrote a proper release note.
Comment #30
xjmComment #31
xjmComment #32
xjmComment #33
xjmComment #35
xjmCommitted the backport to 10.0.x. Thanks!
Comment #37
xjmThis change is covered by the standard minor release note of: