Merge pull request #8824 from Seldaek/fix-root-version-change-from-lock

Fix error reporting when the root version changed since the last update, and does not match circular deps in lock file anymore

src/Composer/Installer.php

@@ -43,6 +43,7 @@ use Composer\Package\Link;
 use Composer\Package\LinkConstraint\VersionConstraint;
 use Composer\Package\Loader\ArrayLoader;
 use Composer\Package\Dumper\ArrayDumper;
+use Composer\Package\Version\VersionParser;
 use Composer\Package\Package;
 use Composer\Repository\ArrayRepository;
 use Composer\Repository\RepositorySet;
@@ -741,6 +742,8 @@ class Installer
         $this->fixedRootPackage->setRequires(array());
         $this->fixedRootPackage->setDevRequires(array());
 
+        $stabilityFlags[$this->package->getName()] = BasePackage::$stabilities[VersionParser::parseStability($this->package->getVersion())];
+
         $repositorySet = new RepositorySet($minimumStability, $stabilityFlags, $rootAliases, $this->package->getReferences(), $rootRequires);
         $repositorySet->addRepository(new RootPackageRepository($this->fixedRootPackage));
         $repositorySet->addRepository($platformRepo);

tests/Composer/Test/Fixtures/installer/root-alias-change-with-circular-dep.test

@@ -0,0 +1,67 @@
+--TEST--
+Root alias changing after the lock file was created and invalidating it should show a decent error message
+This also checks that an implicit stabilityFlag is added for the root package, if it is a dev version
+--COMPOSER--
+{
+    "name": "root/pkg",
+    "repositories": [
+        {
+            "type": "package",
+            "package": [
+                {
+                    "name": "b/requirer", "version": "1.0.0",
+                    "require": { "root/pkg": "^1" }
+                }
+            ]
+        }
+    ],
+    "require": {
+        "b/requirer": "*"
+    },
+    "version": "2.x-dev"
+}
+
+--INSTALLED--
+[
+    {
+        "name": "b/requirer", "version": "1.0.0",
+        "require": { "root/pkg": "^1" }
+    }
+]
+
+--LOCK--
+{
+    "packages": [
+        {
+            "name": "b/requirer", "version": "1.0.0",
+            "require": { "root/pkg": "^1" },
+            "type": "library"
+        }
+    ],
+    "packages-dev": [],
+    "aliases": [],
+    "minimum-stability": "stable",
+    "stability-flags": [],
+    "prefer-stable": false,
+    "prefer-lowest": false,
+    "platform": [],
+    "platform-dev": []
+}
+--RUN--
+install
+
+--EXPECT-EXIT-CODE--
+2
+
+--EXPECT-OUTPUT--
+Installing dependencies from lock file (including require-dev)
+Verifying lock file contents can be installed on current platform.
+Your lock file does not contain a compatible set of packages. Please run composer update.
+
+  Problem 1
+    - b/requirer is locked to version 1.0.0 and an update of this package was not requested.
+    - b/requirer 1.0.0 requires root/pkg ^1 -> found root/pkg[2.x-dev] but it does not match your constraint.
+
+Use the option --with-all-dependencies to allow updates and removals for packages currently locked to specific versions.
+
+--EXPECT--