Temporary constraints does not work when using wildcard #11125
Description
This is follow-up for #11124. Basically, I was trying to fix the #11124 by using temporary constraints, but that didn't work either
My composer.json:
{
"require": {
"drupal/core-recommended": "^9.4",
"drush/drush": "^11.2"
},
"repositories": {
"_drupal": {
"type": "composer",
"url": "https://packages.drupal.org/8"
}
},
"minimum-stability": "dev",
"prefer-stable": true,
"config": {
"preferred-install": "dist",
"allow-plugins": {
"dealerdirect/phpcodesniffer-composer-installer": true
},
"platform": {
"php": "8.0"
}
},
"require-dev": {
"drupal/core-dev": "^9.4"
}
}Output of composer diagnose:
Checking composer.json: WARNING
No license specified, it is recommended to do so. For closed-source software you may use "proprietary" as license.
Checking platform settings: OK
Checking git settings: OK git version 2.38.0
Checking http connectivity to packagist: OK
Checking https connectivity to packagist: OK
Checking github.com oauth access: OK
Checking disk free space: OK
Checking pubkeys:
Tags Public Key Fingerprint: 57815BA2 7E54DC31 7ECC7CC5 573090D0 87719BA6 8F3BB723 4E5D42D0 84A14642
Dev Public Key Fingerprint: 4AC45767 E5EC2265 2F0C1167 CBBB8A2B 0C708369 153E328C AD90147D AFE50952
OK
Checking composer version: You are not running the latest snapshot version, run `composer self-update` to update (68da418f6e229ef6ade29c9c44d0eb05b996f218 => 9ac186bf46b0a7ae015fbcd725c088be4905f2f6)
Composer version: 2.5-dev+68da418f6e229ef6ade29c9c44d0eb05b996f218
PHP version: 8.0 - Package overridden via config.platform, actual: 8.0.24
PHP binary path: /usr/local/Cellar/[email protected]/8.0.24/bin/php
OpenSSL version: OpenSSL 1.1.1q 5 Jul 2022
cURL version: 7.85.0 libz 1.2.11 ssl (SecureTransport) OpenSSL/1.1.1q
zip: extension present, unzip present, 7-Zip not available
When I run this command:
composer u 'drupal/core*:9.4.8' -W -vv
I get the following output:
Loading composer repositories with package information
Info from https://repo.packagist.org: #StandWithUkraine
Pool optimizer completed in 0.988 seconds
Found 9,125 package versions referenced in your dependency graph. 7,988 (88%) were optimized away.
Updating dependencies
Dependency resolution completed in 0.056 seconds
Analyzed 1137 packages to resolve dependencies
Analyzed 8507 rules to resolve dependencies
Dependency resolution completed in 0.001 seconds
Lock file operations: 0 installs, 10 updates, 0 removals
Updates: symfony/polyfill-php80:v1.26.0, symfony/polyfill-mbstring:v1.26.0, symfony/polyfill-ctype:v1.26.0, symfony/polyfill-intl-normalizer:v1.26.0, symfony/polyfill-intl-idn:v1.26.0, symfony/polyfill-iconv:v1.26.0, laminas/laminas-stdlib:3.11.0, laminas/laminas-diactoros:2.14.0, drupal/core:9.5.0-beta2, drupal/core-recommended:9.5.0-beta2
- Upgrading drupal/core (9.4.8 => 9.5.0-beta2)
- Upgrading drupal/core-recommended (9.4.8 => 9.5.0-beta2)
- Upgrading laminas/laminas-diactoros (2.11.3 => 2.14.0)
- Upgrading laminas/laminas-stdlib (3.7.1 => 3.11.0)
- Upgrading symfony/polyfill-ctype (v1.25.0 => v1.26.0)
- Upgrading symfony/polyfill-iconv (v1.25.0 => v1.26.0)
- Upgrading symfony/polyfill-intl-idn (v1.25.0 => v1.26.0)
- Upgrading symfony/polyfill-intl-normalizer (v1.25.0 => v1.26.0)
- Upgrading symfony/polyfill-mbstring (v1.25.0 => v1.26.0)
- Upgrading symfony/polyfill-php80 (v1.25.0 => v1.26.0)
Installing dependencies from lock file (including require-dev)
Package operations: 0 installs, 10 updates, 0 removals
Updates: symfony/polyfill-php80:v1.26.0, symfony/polyfill-mbstring:v1.26.0, symfony/polyfill-ctype:v1.26.0, symfony/polyfill-intl-normalizer:v1.26.0, symfony/polyfill-intl-idn:v1.26.0, symfony/polyfill-iconv:v1.26.0, laminas/laminas-stdlib:3.11.0, laminas/laminas-diactoros:2.14.0, drupal/core:9.5.0-beta2, drupal/core-recommended:9.5.0-beta2
- Upgrading symfony/polyfill-php80 (v1.25.0 => v1.26.0)
- Upgrading symfony/polyfill-mbstring (v1.25.0 => v1.26.0)
- Upgrading symfony/polyfill-ctype (v1.25.0 => v1.26.0)
- Upgrading symfony/polyfill-intl-normalizer (v1.25.0 => v1.26.0)
- Upgrading symfony/polyfill-intl-idn (v1.25.0 => v1.26.0)
- Upgrading symfony/polyfill-iconv (v1.25.0 => v1.26.0)
- Upgrading laminas/laminas-stdlib (3.7.1 => 3.11.0)
- Upgrading laminas/laminas-diactoros (2.11.3 => 2.14.0)
- Upgrading drupal/core (9.4.8 => 9.5.0-beta2)
- Upgrading drupal/core-recommended (9.4.8 => 9.5.0-beta2)
Package doctrine/reflection is abandoned, you should avoid using it. Use roave/better-reflection instead.
Package symfony/debug is abandoned, you should avoid using it. Use symfony/error-handler instead.
Package webmozart/path-util is abandoned, you should avoid using it. Use symfony/filesystem instead.
86 packages you are using are looking for funding.
Use the `composer fund` command to find out more!
No security vulnerability advisories found
And I expected this to happen:
Composer must stick all packages that match the wildcard (i.e. drupal/core and drupal/core-dev and drupal/core-recommended) to the temporary specified constraint, in this case 9.4.8