search

kreait / laravel-firebase

A Laravel package for the Firebase PHP Admin SDK
https://github.com/kreait/firebase-php
MIT License
1.05k stars 169 forks source link

composer update causes downgrade of laravel-firebase and laravel-php #106

Closed sts-ryan-holton closed 3 years ago

sts-ryan-holton commented 3 years ago

I'm using the laravel-notification-channels/fcm package to integrate Firebase notifications into my Laravel 8 project. I'm using version 2.2.1 of that package, which appears to pull down version 3 of laravel-firebase and firebase-php, however, today, I did a composer update in my Laravel 8 project and experienced a downgrade of your packages, which caused my project to break.

I did a composer update yesterday without any issues, potentially something incompatible in this package with one of the other packages?

I've had to revert my composer.json file, but will likely need to update soon.

I'll attach my project's composer.json and a screenshot...

{
    "name": "laravel/laravel",
    "type": "project",
    "description": "The Laravel Framework.",
    "keywords": ["framework", "laravel"],
    "license": "MIT",
    "require": {
        "php": "^7.3|^8.0",
        "fruitcake/laravel-cors": "^2.0",
        "guzzlehttp/guzzle": "7.3.0",
        "laravel-notification-channels/fcm": "2.2.1",
        "laravel/framework": "8.54.0",
        "laravel/tinker": "^2.5",
        "nesbot/carbon": "2.51.1",
        "tymon/jwt-auth": "1.0.2"
    },
    "require-dev": {
        "facade/ignition": "^2.5",
        "fakerphp/faker": "^1.9.1",
        "laravel/sail": "^1.0.1",
        "mockery/mockery": "^1.4.2",
        "nunomaduro/collision": "^5.0",
        "phpunit/phpunit": "^9.3.3",
        "deployer/recipes": "^6.2",
        "deployer/deployer": "^6.8"
    },
    "autoload": {
        "psr-4": {
            "App\\": "app/",
            "Database\\Factories\\": "database/factories/",
            "Database\\Seeders\\": "database/seeders/"
        }
    },
    "autoload-dev": {
        "psr-4": {
            "Tests\\": "tests/"
        }
    },
    "scripts": {
        "post-autoload-dump": [
            "Illuminate\\Foundation\\ComposerScripts::postAutoloadDump",
            "@php artisan package:discover --ansi"
        ],
        "post-update-cmd": [
            "@php artisan vendor:publish --tag=laravel-assets --ansi"
        ],
        "post-root-package-install": [
            "@php -r \"file_exists('.env') || copy('.env.example', '.env');\""
        ],
        "post-create-project-cmd": [
            "@php artisan key:generate --ansi"
        ]
    },
    "extra": {
        "laravel": {
            "dont-discover": []
        }
    },
    "config": {
        "optimize-autoloader": true,
        "preferred-install": "dist",
        "sort-packages": true
    },
    "minimum-stability": "dev",
    "prefer-stable": true
}
Screenshot 2021-09-17 at 10 59 03
sts-ryan-holton commented 3 years ago

Update?

jeromegamez commented 3 years ago

You can check why a dependency is installed, including version constraints, with composer why. In this case, it's a known problem that tymon/auth package is incompatible because of the dependency to lcobucci/jwt which was explicitly set to <3.4 although newer versions of the Firebase PHP SDK require newer versions of lcobucci/jwt. You can find more information on https://github.com/kreait/firebase-php/discussions/581.

The Firebase Laravel package and the FCM notifications package will continue to work with older versions of the SDK.

sts-ryan-holton commented 2 years ago

So is your suggestion to lock lcobucci/jwt to 3.3.4? What versions should I lock in my project since composer update downgrades laravel-firebase and I can't have it downgrading, do I lock all the downgraded packages? @jeromegamez

sts-ryan-holton commented 2 years ago

I've manually set the following in require, is there any potential implications of doing this?

"kreait/firebase-php": "5.11.0",
"kreait/laravel-firebase": "3.0.0"
"require": {
    "php": "^7.3|^8.0",
    "fruitcake/laravel-cors": "^2.0",
    "guzzlehttp/guzzle": "7.3.0",
    "laravel-notification-channels/fcm": "~2.0",
    "laravel/framework": "8.54.0",
    "laravel/tinker": "^2.5",
    "nesbot/carbon": "2.51.1",
    "tymon/jwt-auth": "1.0.2",
    "kreait/firebase-php": "5.11.0",
    "kreait/laravel-firebase": "3.0.0"
},
sts-ryan-holton commented 2 years ago

Just tried locking those versions, now get this error:

[2021-10-01 10:12:45] production.ERROR: Requested entity was not found. {"exception":"[object] (NotificationChannels\Fcm\Exceptions\CouldNotSendNotification(code: 404): Requested entity was not found. at /var/www/project-beacon-api/shared/vendor/laravel-notification-channels/fcm/src/Exceptions/CouldNotSendNotification.php:13)

jeromegamez commented 2 years ago

The Laravel package doesn't need to be pinned to 3.0.0, other than that this is a feasible approach, but my suggestion would either be to get tymon/auch to release an update or find and alternative to it - at least from the perspective of the Firebase SDK/Laravel Package, because you won't benefit from future updates. But that's out of scope of what I can provide support for.

The "requested entity not found" error means that the message target (the App instance ID/registration token of the target device) is not known to the Firebase project you're using on the server side. This can happen when the target was deregistered or if it belongs to another Firebase project.