Skip to content

Support utopia-php/http 2.x#62

Merged
loks0n merged 1 commit into
mainfrom
feat/http-2.x
May 5, 2026
Merged

Support utopia-php/http 2.x#62
loks0n merged 1 commit into
mainfrom
feat/http-2.x

Conversation

@loks0n
Copy link
Copy Markdown
Contributor

@loks0n loks0n commented May 5, 2026

Summary

  • Bump utopia-php/http constraint to ^2.0@RC so 2.0.0-rc1 (and future RCs / stable 2.x) resolve.
  • Update composer.lock accordingly.

Test plan

  • composer install resolves cleanly
  • composer test passes against http 2.0.0-rc1

🤖 Generated with Claude Code

@loks0n @claude
Bump utopia-php/http to 2.0.0-rc1
259624b 
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@greptile-apps
Copy link
Copy Markdown

greptile-apps Bot commented May 5, 2026

Greptile Summary

This PR bumps utopia-php/http from the pinned 0.34.25 to ^2.0@RC, resolving to 2.0.0-rc1 in the lock file. The consuming code in Platform.php uses Http::init(), Http::addRoute(), and Route—these APIs should be verified against the 2.x changelog to confirm no breaking changes apply.

  • The ^2.0@RC constraint in a library's composer.json can prevent installation for downstream consumers whose root package uses \"minimum-stability\": \"stable\" (the Composer default), because stability flags in a library are not promoted to the root resolution context. Until a stable 2.0.0 is tagged, any consumer without their own @RC flag or a relaxed minimum-stability will get a resolution failure.

Confidence Score: 3/5

Not safe to merge until the downstream installability impact of the RC constraint is addressed or a stable 2.0.0 ships.

A P1 finding is present: as a library, shipping a ^2.0@RC require constraint actively breaks installation for any downstream consumer with the default minimum-stability: stable, since no stable 2.x release exists yet.

composer.json — the RC stability constraint on a library dependency

Important Files Changed

Filename Overview
composer.json Bumps utopia-php/http to ^2.0@RC; RC constraint in a library can break downstream consumers with minimum-stability: stable until a stable 2.x is released
composer.lock Lock file updated to utopia-php/http 2.0.0-rc1 with correct stability-flags entry (RC=5); content-hash and references are consistent

Reviews (1): Last reviewed commit: "Bump utopia-php/http to 2.0.0-rc1" | Re-trigger Greptile

greptile-apps[bot]
greptile-apps Bot reviewed May 5, 2026
View reviewed changes
Comment thread composer.json
"ext-redis": "*",
"utopia-php/cli": "0.23.3",
"utopia-php/http": "0.34.25",
"utopia-php/http": "^2.0@RC",
Copy link
Copy Markdown

@greptile-apps greptile-apps Bot May 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 RC constraint in a library breaks downstream consumers

Because utopia-php/platform is a "type": "library", the ^2.0@RC constraint gets evaluated in the context of each downstream consumer's root package. A consumer with "minimum-stability": "stable" (the default) will fail to resolve this dependency entirely until a stable 2.0.0 release exists — Composer won't install 2.0.0-rc1 for them even though this library explicitly allows it, because stability flags in a library's own composer.json are ignored at dependency-resolution time for root packages with stricter stability settings.

@loks0n loks0n merged commit 36c0a8b into main May 5, 2026
5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@greptile-apps greptile-apps[bot] greptile-apps[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@loks0n