Page MenuHomePhabricator

MediaWiki 1.34.0 could not be updated with wikimedia/css-sanitizer: 2.0.1
Closed, InvalidPublicBUG REPORT

Description

Steps to Reproduce:
composer require wikimedia/css-sanitizer

Using version ^2.0 for wikimedia/css-sanitizer
./composer.json has been updated
> ComposerHookHandler::onPreUpdate
Loading composer repositories with package information
Updating dependencies (including require-dev)
Package operations: 58 installs, 0 updates, 0 removals
  - Installing wikimedia/css-sanitizer (v2.0.1): Downloading (100%)         
  - Installing psr/cache (1.0.1): Downloading (100%)         
  - Installing cache/tag-interop (1.0.0): Downloading (100%)         
  - Installing cache/integration-tests (0.16.0): Downloading (100%)         
  - Installing giorgiosironi/eris (0.10.0): Downloading (100%)         
  - Installing jakub-onderka/php-parallel-lint (v0.9.2): Downloading (100%)         
  - Installing justinrainbow/json-schema (5.2.9): Downloading (100%)         
  - Installing squizlabs/php_codesniffer (3.5.0): Downloading (100%)         
  - Installing composer/spdx-licenses (1.5.1): Downloading (100%)         
  - Installing mediawiki/mediawiki-codesniffer (v28.0.0): Downloading (100%)         
  - Installing monolog/monolog (1.24.0): Downloading (100%)         
    The process has been signaled with signal "9".
    The archive may contain identical file names with different capitalization (which fails on case insensitive filesystems)
    Unzip with unzip command failed, falling back to ZipArchive class
  - Installing seld/jsonlint (1.7.1): Downloading (100%)         
  - Installing nmred/kafka-php (v0.1.5): Downloading (100%)         
  - Installing jakub-onderka/php-console-color (v0.2): Downloading (100%)         
  - Installing jakub-onderka/php-console-highlighter (v0.3.2): Downloading (100%)         
  - Installing dnoegel/php-xdg-base-dir (0.1): Downloading (100%)         
  - Installing nikic/php-parser (v3.1.5): Downloading (100%)         
    The process has been signaled with signal "9".
    The archive may contain identical file names with different capitalization (which fails on case insensitive filesystems)
    Unzip with unzip command failed, falling back to ZipArchive class
Killed

ea-php73 update.php

Actual Results:

MediaWiki 1.34.0 Updater

wikimedia/css-sanitizer: 2.0.1 installed, ^2.0 required.
Error: your composer.lock file is not up to date. Run "composer update --no-dev" to install newer dependencies

Expected Results:

ea-php73 update.php

MediaWiki 1.34.0 Updater

Your composer.lock file is up to date with current dependencies!
Going to run database updates for *****
Depending on the size of your database this may take a while!
Abort with control-c in the next five seconds (skip this countdown with --quick) ... 5

Event Timeline

Reedy added a subscriber: Reedy.

Why are you installing wikimedia/css-sanitizer?

The extension TemplateStyles does require it, but it uses ~2.0.0 not ^2.0 - https://github.com/wikimedia/mediawiki-extensions-TemplateStyles/blame/REL1_34/composer.json#L4

Of course, 2.0.1 should match ~2.0.0 and ^2.0

What happens if you do what it tells you? Error: your composer.lock file is not up to date. Run "composer update --no-dev" to install newer dependencies

Why are you installing wikimedia/css-sanitizer?

The extension TemplateStyles does require it, but it uses ~2.0.0 not ^2.0 - https://github.com/wikimedia/mediawiki-extensions-TemplateStyles/blame/REL1_34/composer.json#L4

Of course, 2.0.1 should match ~2.0.0 and ^2.0

I had a problem with changing contents model into 'Sanitized CSS'. which descrived into Topic:Vfgqo09mdrmvwuco. For Reading topic Topic:Ukv6pdo96a8qfur2, It seems that upgrading the version of wikimedia/css-sanitizer helps. So, I upgraded it, and the problem solved.

What happens if you do what it tells you? Error: your composer.lock file is not up to date. Run "composer update --no-dev" to install newer dependencies

composer update --no-dev

> ComposerHookHandler::onPreUpdate
Loading composer repositories with package information
Updating dependencies
Package operations: 0 installs, 0 updates, 15 removals
  - Removing squizlabs/php_codesniffer (3.5.0)
  - Removing seld/jsonlint (1.7.1)
  - Removing psr/cache (1.0.1)
  - Removing nmred/kafka-php (v0.1.5)
  - Removing monolog/monolog (1.24.0)
  - Removing mediawiki/mediawiki-codesniffer (v28.0.0)
  - Removing justinrainbow/json-schema (5.2.9)
  - Removing jakub-onderka/php-parallel-lint (v0.9.2)
  - Removing jakub-onderka/php-console-highlighter (v0.3.2)
  - Removing jakub-onderka/php-console-color (v0.2)
  - Removing giorgiosironi/eris (0.10.0)
  - Removing dnoegel/php-xdg-base-dir (0.1)
  - Removing composer/spdx-licenses (1.5.1)
  - Removing cache/tag-interop (1.0.0)
  - Removing cache/integration-tests (0.16.0)
Writing lock file
Generating optimized autoload files
> ComposerVendorHtaccessCreator::onEvent

Does update.php work now?

Not working.

And the error message?

Is there a composer.lock in your MW root and vendor folder?

And the error message?

Is there a composer.lock in your MW root and vendor folder?

Yes, there they are.

Solved
The Error seemed healed in WM 1.34.1.

It seems that Extensions:TemplateStyles have problems, which unable to include wikimedia/css-sanitizer into the original composer.
See the recent thread in the Support desk.

Steps to Reproduce: 
composer require wikimedia/css-sanitizer

That was the incorrect thing to do, which caused the issue you describe. (In fairness its still a bug in mediawiki that general composer version constraints arent supported by update.php)

So this bug should either be merged into T219832 or maybe marked invalid.

For reference, when installing TemplateStyles from git, you are supposed to run composer install --no-dev inside the TemplateStyles directory. You should generally not modify MW's composer files (or any of mediawiki's files)

I guess the inclusion of a235328db0cce3133bbdf91e2330df05d535e9e6 into REL1_34 but not tagged against T219832 did fixed this