[pkg-php-pear] Bug#763052: Bug#763052: Composer: [Regression] May allow less stict version limits

Mathieu Parent math.parent at gmail.com
Mon Sep 29 12:14:53 UTC 2014

Control: retitle -1 Composer: Handle stability flags in version constraints

2014-09-27 16:52 GMT+02:00 David Prévot <taffit at debian.org>:
> Package: pkg-php-tools
> Version: 1.22
> Severity: normal
> Hi,

Hi David,

> php-doctrine-annotations used to depend on php-doctrine-lexer (>= 1~),
> and is now depending on php-doctrine-lexer (>= 1), generated from
> composer.json that contains "doctrine/lexer": "1.*" in require.
> Not sure if that’s intended: if not, it’s a bug worth fixing.

The current (new) behavior is mostly correct.

> It may be intended, since versions are likely to be 1.$something~~$else
> at worse, and thus (>= 1) will be higher, bat using (>= 1~) or even
> (>= 1~~) may be safer. Feel free to close this issue anyway if that was
> intended since the safer view may well be pointless.

.... but is not complete. It only works when minimum-stability is
stable (which is the default).

Leaving this bug open for the remaining dev, alpha, beta, RC
minimum-stability or stability flag.

Note that we won't be able to match composer completely:
- with composer: >=1.1 at stable will not match 1.2dev.
- with dpkg: >=1.1 will match 1.2~~dev



More information about the pkg-php-pear mailing list