[full-ci] Bump guzzlehttp/guzzle from 5.3.4 to 7.4.4 #39368

dependabot · 2021-10-18T22:04:34Z

Part of issue #39387 and #40103

Bumps guzzlehttp/guzzle from 5.3.4 to 7.4.4.

Note:

the PR now bumps to 7.4.4
the PR also has whatever other PHP dependency bumps have been waiting
after CI runs here and looks OK, I will squash and update the information about exactly what is built-in to this PR

Annotations

The logic changes are gathered in f318014 and 54095ec.

The biggest change was that Guzzle clients are now immutable. That means we cannot call setDefaultOptions() on an existing client instance like before. We now pass all options, including default ones, to the request.

See #39387

Release notes

Sourced from guzzlehttp/guzzle's releases.

Release 7.4.0

See change log for changes.

Release 7.3.0

See change log for changes.

Release 7.2.0

See change log for changes.

Release 7.1.1

See change log for changes.

Release 7.1.0

See change log for changes.

Release 7.0.1

See change log for changes.

Release 7.0.0

No changes since 7.0.0-RC1. See UPGRADING guide for how to upgrade from 6.5.

See all changes in the change log.

7.0.0-RC.1

See change log for changes.

7.0.0-beta.2

See change log for changes.

7.0.0-beta.1

First beta release of the 7.x release branch.

Major changes:

PSR-18 support

Dropped PHP 5.x support

Enjoy!

Many thanks to everyone who worked on this release, especially:

@Nyholm

@gmponos

@alexeyshockov

@GrahamCampbell

6.5.5

No release notes provided.

6.5.4

... (truncated)

Changelog

Sourced from guzzlehttp/guzzle's changelog.

7.4.0 - 2021-10-18

Added

Support PHP 8.1 #2929, #2939

Support psr/log version 2 and 3 #2943

Fixed

Make sure we always call restore_error_handler() #2915

Fix progress parameter type compatibility between the cURL and stream handlers #2936

Throw InvalidArgumentException when an incorrect headers array is provided #2916, #2942

Changed

Be more strict with types #2914, #2917, #2919, #2945

7.3.0 - 2021-03-23

Added

Support for DER and P12 certificates #2413

Support the cURL (http://) scheme for StreamHandler proxies #2850

Support for guzzlehttp/psr7:^2.0 #2878

Fixed

Handle exceptions on invalid header consistently between PHP versions and handlers #2872

7.2.0 - 2020-10-10

Added

Support for PHP 8 #2712, #2715, #2789

Support passing a body summarizer to the http errors middleware #2795

Fixed

Handle exceptions during response creation #2591

Fix CURLOPT_ENCODING not to be overwritten #2595

Make sure the Request always has a body object #2804

Changed

The TooManyRedirectsException has a response #2660

Avoid "functions" from dependencies #2712

Deprecated

Using environment variable GUZZLE_CURL_SELECT_TIMEOUT #2786

... (truncated)

Commits

868b357 Release 7.4.0 (#2947)
70d32b9 Stricter treatment of types in SetCookie (#2945)
399c0ea Throw InvalidArgumentException when an incorrect headers array is provide...
eeac96d Support psr/log:^2.0,^3.0 (#2943)
7ec2e2a Bump minimum versions for PHP 8.1 support (#2939)
5da9dac Fix progress parameter type compatibility between cURL and StreamHandler (#2936)
6b499cc Upgrade PHP-CS-Fixer to 3.x (#2937)
e38c668 Remove unneeded annotation (#2930)
815dae7 Support PHP 8.1 (#2929)
fa6800d Updated docs (#2928)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

JammingBen · 2021-10-19T12:12:59Z

@phil-davis I started with some adjustments for Guzzle 7 a few weeks ago. We have several PRs about this topic, let's make a "final" one where I will push my changes to?

phil-davis · 2021-10-19T12:18:36Z

@phil-davis I started with some adjustments for Guzzle 7 a few weeks ago. We have several PRs about this topic, let's make a "final" one where I will push my changes to?

I kept some code rebased that had been done a long time ago for Guzzle6 (mostly not by me): see PR #38706 and #38707

Cherry-pick or copy or manually take anything good from those PRs, and push the changes here on the dependabot PR. Then we can all review it and move this forward. It would be nice to get this major version update done.

And there might be oC10 apps that also have a direct dependency on Guzzle5 - I am not sure about that, we need to look in all the composer.json

Note: the acceptance tests currently use Guzzle7 - see https://github.com/owncloud/core/blob/master/vendor-bin/behat/composer.json - we did that a while ago.

JammingBen · 2021-10-19T12:26:47Z

Pushed my changes. However, there's still more to do I guess, I'll have a look. Then we can decide if we want to put this in OC 10.9 or wait.

IljaN

LGTM 👍 Does something speak against merging this now?

phil-davis · 2022-06-02T10:30:31Z

LGTM +1 Does something speak against merging this now?

If we merge this, then we also have to merge some matching guzzle bumps in oC10 apps, and when we come to the next oC10 release we will have to make sure to do a coordinated release of core and the necessary apps. So there will be additional testing and release effort needed.

So I want to make sure that appropriate people know this, and are OK with it.

phil-davis · 2022-06-02T10:31:35Z

Note: this PR needs a rebase to resolve the conflicts reported in apps/files_external/3rdparty - I can easily do that, just a technical process.

IljaN · 2022-06-02T10:50:48Z

If we merge this, then we also have to merge some matching guzzle bumps in oC10 apps, and when we come to the next oC10 release we will have to make sure to do a coordinated release of core and the necessary apps. So there will be additional testing and release effort needed.

So I want to make sure that appropriate people know this, and are OK with it.

We should probably keep @jnweiger in the loop here then.

phil-davis · 2022-06-08T04:17:35Z

Rebased yesterday to latest master. CI passed. When someone wants to go ahead with this, the PR can be merged.

phil-davis · 2022-06-14T11:01:39Z

CI has passed with 10 commits here. The contents of each commit are no longer making much sense. I will squash.

phil-davis · 2022-06-14T15:02:27Z

Squashed and passes - ready to merge whenever anyone wants.

jvillafanez · 2022-06-15T08:08:50Z

Anything left to do here? https://github.com/owncloud/enterprise/issues/4979 might need the guzzle update.

phil-davis · 2022-06-15T08:29:17Z

Anything left to do here? owncloud/enterprise#4979 might need the guzzle update.

Just need permission to merge. Technically this is reviewed and ready. The "Ready for review" button can be clicked to take this out of draft, and then press Merge.

Bumps [guzzlehttp/guzzle](https://github.com/guzzle/guzzle) from 5.3.4 to 7.4.0. - [Release notes](https://github.com/guzzle/guzzle/releases) - [Changelog](https://github.com/guzzle/guzzle/blob/master/CHANGELOG.md) - [Commits](guzzle/guzzle@5.3.4...7.4.4) --- updated-dependencies: - dependency-name: guzzlehttp/guzzle dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> - Bump Guzzle to v7.4 for files_external app - Adjust Guzzle client implementation to work with v7.4 - Remove Guzzle dependency from files_external to use the one from core instead - Replace 'save_to' request option with 'sink'

sonarqubecloud · 2022-06-17T09:09:58Z

Kudos, SonarCloud Quality Gate passed!

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

81.2% Coverage
0.0% Duplication

phil-davis · 2022-06-17T09:39:42Z

Merging - this will go ahead for 10.11 in the next "x" amount of time.
By merging this, the nightly CI of oC10 apps will run against this core. So we will see exactly what test scenarios fail. There are PRs waiting in various apps, and we should be able to:

set core min-version to 10.11 for those
re-run CI, it should pass and we can merge.
start the process of checking other apps to find anything that we missed
eventually have a list of apps to be released/bundled along with 10.11.0

dependabot bot added dependencies php Pull requests that update Php code labels Oct 18, 2021

dependabot bot requested a review from phil-davis October 18, 2021 22:04

dependabot bot assigned phil-davis Oct 18, 2021

dependabot bot mentioned this pull request Oct 18, 2021

Bump guzzlehttp/guzzle from 5.3.4 to 7.3.0 #38906

Closed

dependabot bot force-pushed the dependabot/composer/guzzlehttp/guzzle-7.4.0 branch from daf6f97 to 0a07313 Compare October 19, 2021 11:41

JammingBen force-pushed the dependabot/composer/guzzlehttp/guzzle-7.4.0 branch from 7bb7006 to 3379e3f Compare October 19, 2021 12:50

JammingBen self-assigned this Oct 19, 2021

JammingBen force-pushed the dependabot/composer/guzzlehttp/guzzle-7.4.0 branch from 3b740fb to 4671ec4 Compare October 19, 2021 14:38

JammingBen mentioned this pull request Oct 20, 2021

[full-ci] Add compatibility with Guzzle 7 owncloud/files_primary_s3#498

Merged

owncloud deleted a comment from ownclouders Oct 20, 2021

IljaN self-requested a review June 2, 2022 10:19

IljaN approved these changes Jun 2, 2022

View reviewed changes

phil-davis force-pushed the dependabot/composer/guzzlehttp/guzzle-7.4.0 branch 3 times, most recently from 5f16fb6 to 0080a6a Compare June 7, 2022 09:40

This was referenced Jun 8, 2022

[tests-only] [PoC] Latest dependencies 20220608 #40125

Closed

Bump guzzlehttp/guzzle from 5.3.4 to 6.5.7 in /apps/files_external/3rdparty #40138

Closed

phil-davis force-pushed the dependabot/composer/guzzlehttp/guzzle-7.4.0 branch from 3b07b56 to c541571 Compare June 14, 2022 09:54

phil-davis changed the title ~~Bump guzzlehttp/guzzle from 5.3.4 to 7.4.3~~ [full-ci] Bump guzzlehttp/guzzle from 5.3.4 to 7.4.3 Jun 14, 2022

owncloud deleted a comment from ownclouders Jun 14, 2022

phil-davis force-pushed the dependabot/composer/guzzlehttp/guzzle-7.4.0 branch from 4eca6e3 to 4bfae48 Compare June 14, 2022 11:01

phil-davis changed the title ~~[full-ci] Bump guzzlehttp/guzzle from 5.3.4 to 7.4.3~~ [full-ci] Bump guzzlehttp/guzzle from 5.3.4 to 7.4.4 Jun 15, 2022

dependabot bot and others added 2 commits June 17, 2022 14:24

Bump version to 10.11.0 prealpha

e2df4da

phil-davis force-pushed the dependabot/composer/guzzlehttp/guzzle-7.4.0 branch from 4bfae48 to e2df4da Compare June 17, 2022 08:40

phil-davis marked this pull request as ready for review June 17, 2022 08:58

phil-davis merged commit bad1b00 into master Jun 17, 2022

delete-merged-branch bot deleted the dependabot/composer/guzzlehttp/guzzle-7.4.0 branch June 17, 2022 09:39

phil-davis mentioned this pull request Jun 22, 2022

market:install is failing in CI owncloud/market#1029

Closed

[full-ci] Bump guzzlehttp/guzzle from 5.3.4 to 7.4.4 #39368

[full-ci] Bump guzzlehttp/guzzle from 5.3.4 to 7.4.4 #39368

Uh oh!

Conversation

dependabot bot commented on behalf of github Oct 18, 2021 • edited by phil-davis Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Annotations

Release 7.4.0

Release 7.3.0

Release 7.2.0

Release 7.1.1

Release 7.1.0

Release 7.0.1

Release 7.0.0

7.0.0-RC.1

7.0.0-beta.2

7.0.0-beta.1

6.5.5

6.5.4

7.4.0 - 2021-10-18

Added

Fixed

Changed

7.3.0 - 2021-03-23

Added

Fixed

7.2.0 - 2020-10-10

Added

Fixed

Changed

Deprecated

Uh oh!

JammingBen commented Oct 19, 2021

Uh oh!

phil-davis commented Oct 19, 2021 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

JammingBen commented Oct 19, 2021

Uh oh!

IljaN left a comment • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

phil-davis commented Jun 2, 2022

Uh oh!

phil-davis commented Jun 2, 2022

Uh oh!

IljaN commented Jun 2, 2022

Uh oh!

phil-davis commented Jun 8, 2022

Uh oh!

phil-davis commented Jun 14, 2022

Uh oh!

phil-davis commented Jun 14, 2022

Uh oh!

jvillafanez commented Jun 15, 2022

Uh oh!

phil-davis commented Jun 15, 2022

Uh oh!

sonarqubecloud bot commented Jun 17, 2022

Uh oh!

phil-davis commented Jun 17, 2022

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

7 participants

dependabot bot commented on behalf of github Oct 18, 2021 •

edited by phil-davis

Loading

phil-davis commented Oct 19, 2021 •

edited

Loading

IljaN left a comment •

edited

Loading