Support newer version of symfony deprecation-contracts

SOHELAHMED7 commented 5 months ago

What is the reason for this PR?

When trying to install lib https://github.com/web-auth/webauthn-lib v4.7, I get error:

Problem 1
    - web-auth/webauthn-lib 4.7.0 requires web-auth/metadata-service 4.7.0 -> satisfiable by web-auth/metadata-service[4.7.0].
    - web-auth/webauthn-lib 4.7.1 requires web-auth/metadata-service 4.7.1 -> satisfiable by web-auth/metadata-service[4.7.1].
    - web-auth/webauthn-lib 4.7.2 requires web-auth/metadata-service 4.7.2 -> satisfiable by web-auth/metadata-service[4.7.2].
    - web-auth/webauthn-lib 4.7.3 requires web-auth/metadata-service 4.7.3 -> satisfiable by web-auth/metadata-service[4.7.3].
    - web-auth/webauthn-lib 4.7.4 requires web-auth/metadata-service 4.7.4 -> satisfiable by web-auth/metadata-service[4.7.4].
    - web-auth/webauthn-lib 4.7.5 requires web-auth/metadata-service 4.7.5 -> satisfiable by web-auth/metadata-service[4.7.5].
    - web-auth/webauthn-lib 4.7.6 requires web-auth/metadata-service 4.7.6 -> satisfiable by web-auth/metadata-service[4.7.6].
    - web-auth/webauthn-lib 4.7.7 requires web-auth/metadata-service 4.7.7 -> satisfiable by web-auth/metadata-service[4.7.7].
    - web-auth/webauthn-lib 4.7.8 requires web-auth/metadata-service 4.7.8 -> satisfiable by web-auth/metadata-service[4.7.8].
    - web-auth/metadata-service[4.7.0, ..., 4.7.8] require symfony/deprecation-contracts ^3.2 -> found symfony/deprecation-contracts[v3.2.0, v3.2.1, v3.3.0, v3.4.0] but these were not loaded, likely because it conflicts with another require.
    - Root composer.json requires web-auth/webauthn-lib ^4.7 -> satisfiable by web-auth/webauthn-lib[4.7.0, ..., 4.7.8].

I also user FakerPHP/Faker in same project.

[ ] A new feature
[ ] Fixed an issue (resolve #ID)
[x] not a issue-fix neither new feature

Author's checklist

[x] Follow the Contribution Guide
[x] New features and changes are documented

Summary of changes

Support newer version of symfony deprecation-contracts

Review checklist

[ ] All checks have passed
[ ] Changes are added to the CHANGELOG.md
[ ] Changes are approved by maintainer

bram-pkg commented 5 months ago

From what I know about composer version constraints, the ^3.0 constraint is equivalant to the following: >=3.0.0 <4.0.0. Your additions will not allow for any more versions to be used.

bram-pkg commented 5 months ago

Source: https://getcomposer.org/doc/articles/versions.md#caret-version-range-

SOHELAHMED7 commented 5 months ago

I disagree.

For ^3.0 => >=3.0.0 < 3.1

For ^1.2.3 => >=1.2.3 < 1.2.4

bram-pkg commented 5 months ago

Have you read the link I sent? It clearly states otherwise.

I just ran the VersionParser from composer/semver and this it the output for ^3.0:

[
    "lower" => Composer\Semver\Constraint\Bound {#4416
      -version: "3.0.0.0-dev",
      -isInclusive: true,
    },
    "upper" => Composer\Semver\Constraint\Bound {#4410
      -version: "4.0.0.0-dev",
      -isInclusive: false,
    },
  ]

and this is the output for ^3.0.0:

[
    "lower" => Composer\Semver\Constraint\Bound {#4416
      -version: "3.0.0.0-dev",
      -isInclusive: true,
    },
    "upper" => Composer\Semver\Constraint\Bound {#4410
      -version: "4.0.0.0-dev",
      -isInclusive: false,
    },
  ]

Snippet I used:

use Composer\Semver\VersionParser;

$version = (new VersionParser())->parseConstraints("^3.0");

[
  "lower" => $version->getLowerBound(),
  "upper" => $version->getUpperBound()
];

So, like I said, they are functionally the same. The ^3.0 constraint in our composer.json allows for all versions that match the constraint >=3.0.0 <4.0.0.

The examples you gave are incorrect, as ^3.0 matches the following versions:

[
    "lower" => Composer\Semver\Constraint\Bound {#4416
      -version: "3.0.0.0-dev",
      -isInclusive: true,
    },
    "upper" => Composer\Semver\Constraint\Bound {#4410
      -version: "4.0.0.0-dev",
      -isInclusive: false,
    },
  ]

and ^1.2.3 matches:

[
    "lower" => Composer\Semver\Constraint\Bound {#4416
      -version: "1.2.3.0-dev",
      -isInclusive: true,
    },
    "upper" => Composer\Semver\Constraint\Bound {#4410
      -version: "2.0.0.0-dev",
      -isInclusive: false,
    },
  ]

And when running the version string we have in our composer.json, you can see that Faker matches everything between >=2.2 <4.0.

Details

``` Composer\Semver\Constraint\MultiConstraint {#4401 #constraints: [ Composer\Semver\Constraint\Constraint {#4407 #operator: 4, #version: "2.2.0.0-dev", #prettyString: null, #lowerBound: null, #upperBound: null, }, Composer\Semver\Constraint\Constraint {#4403 #operator: 1, #version: "4.0.0.0-dev", #prettyString: null, #lowerBound: null, #upperBound: null, }, ], #prettyString: "^2.2 || ^3.0", #string: null, #conjunctive: true, #lowerBound: null, #upperBound: null, } ```

GrahamCampbell commented 5 months ago

For ^3.0 => >=3.0.0 < 3.1

This is incorrect, that's not what that does.

FakerPHP / Faker