From 3b18d377b94b71e1b4a44e13168f290320c3d721 Mon Sep 17 00:00:00 2001 From: Pete Hamilton Date: Sat, 9 Sep 2017 13:05:10 +0100 Subject: [PATCH] Handle development dependencies for PHP projects As well as updating production dependencies in the "require" section of a `composer.json` file, we also want to ensure we're keeping development dependencies in the `require-dev`[1] section up to date (e.g., PHPUnit). We can safely attempt to update both sections because if a dependency exists in both require and require-dev, composer will complain about conflicts itself, so there shouldn't be any composer.json files in that state. [1]: See: https://getcomposer.org/doc/04-schema.md#require-dev --- helpers/php/src/Updater.php | 35 +++++++++++++++++-- .../file_updaters/php/composer_spec.rb | 2 +- 2 files changed, 33 insertions(+), 4 deletions(-) diff --git a/helpers/php/src/Updater.php b/helpers/php/src/Updater.php index 4154ffb167..0dd5353475 100644 --- a/helpers/php/src/Updater.php +++ b/helpers/php/src/Updater.php @@ -14,9 +14,19 @@ public static function update($args) $composerJson = json_decode(file_get_contents('composer.json'), true); - $existingDependencyVersion = $composerJson["require"][$dependencyName]; - $newDependencyVersion = self::relaxVersionToUserPreference($existingDependencyVersion, $dependencyVersion); - $composerJson["require"][$dependencyName] = $newDependencyVersion; + $composerJson = self::updateComposerJsonSection( + $composerJson, + "require", + $dependencyName, + $dependencyVersion + ); + + $composerJson = self::updateComposerJsonSection( + $composerJson, + "require-dev", + $dependencyName, + $dependencyVersion + ); // When encoding JSON in PHP, it'll escape forward slashes by default. // We're not expecting this transform from the original data, which means @@ -88,4 +98,23 @@ public static function relaxVersionToUserPreference($existingDependencyVersion, return $newDependencyVersion; } + + // Given a nested array representing a composer.json file, look for the given + // dependency in the provided section (i.e., require, require-dev) and update + // the composer data with the new version, before returning a composer + // representation with the updated version. + // + // If the dependency doesn't exist in the section, will return the provided + // composer JSON unaltered + // + // Note: Arrays are passed by value/copy, so this will leave the original composerJson untouched + public static function updateComposerJsonSection($composerJson, $section, $dependencyName, $dependencyVersion) { + if(isset($composerJson[$section][$dependencyName])) { + $existingDependencyVersion = $composerJson[$section][$dependencyName]; + $newDependencyVersion = self::relaxVersionToUserPreference($existingDependencyVersion, $dependencyVersion); + $composerJson[$section][$dependencyName] = $newDependencyVersion; + } + + return $composerJson; + } } diff --git a/spec/dependabot/file_updaters/php/composer_spec.rb b/spec/dependabot/file_updaters/php/composer_spec.rb index 14fad8fa0c..293fe4d758 100644 --- a/spec/dependabot/file_updaters/php/composer_spec.rb +++ b/spec/dependabot/file_updaters/php/composer_spec.rb @@ -94,7 +94,7 @@ fixture("php", "composer_files", "development_dependencies") end - pending { is_expected.to include "\"monolog/monolog\":\"1.22.1\"" } + it { is_expected.to include "\"monolog/monolog\":\"1.22.1\"" } end end