From b8b81bb9beab64ad073af3b32969566f9ba5a038 Mon Sep 17 00:00:00 2001 From: nsfisis Date: Sun, 3 May 2026 21:27:02 +0900 Subject: fix(lockfile): carry abandoned flag through to LockedPackage extras `packagist_version_to_locked_package` was forwarding only `extra` and `notification-url` into `extra_fields`, so an `abandoned: ""` declared in the package metadata never reached the lock. The same-version update detector then saw the lock and installed.json agreeing on "not abandoned" and skipped the resync, leaving the deprecation state stale on disk. Emit the field when truthy (string or `true`), matching Composer's `ArrayDumper::dump`. --- crates/mozart-registry/src/lockfile.rs | 17 +++++++++++++++++ crates/mozart/tests/installer.rs | 2 +- 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/crates/mozart-registry/src/lockfile.rs b/crates/mozart-registry/src/lockfile.rs index 70e4a42..5114fb7 100644 --- a/crates/mozart-registry/src/lockfile.rs +++ b/crates/mozart-registry/src/lockfile.rs @@ -636,6 +636,23 @@ fn packagist_version_to_locked_package(name: &str, pv: &PackagistVersion) -> Loc serde_json::Value::String(notification_url.clone()), ); } + // Propagate `abandoned` so the lock (and downstream installed.json + // round-trip) preserves the package's deprecation state. Mirrors + // Composer's `ArrayDumper::dump`, which emits the field when truthy + // (`true` for "abandoned, no replacement", a string for "abandoned, + // use this instead"). `false`/null collapse to "not abandoned" and + // are dropped. + if let Some(abandoned) = &pv.abandoned { + let keep = match abandoned { + serde_json::Value::Bool(b) => *b, + serde_json::Value::String(s) => !s.is_empty(), + serde_json::Value::Null => false, + _ => true, + }; + if keep { + extra_fields.insert("abandoned".to_string(), abandoned.clone()); + } + } LockedPackage { name: name.to_string(), diff --git a/crates/mozart/tests/installer.rs b/crates/mozart/tests/installer.rs index fd8ab73..e0dcb42 100644 --- a/crates/mozart/tests/installer.rs +++ b/crates/mozart/tests/installer.rs @@ -407,7 +407,7 @@ installer_fixture!( update_security_advisory_matching_indirect_dependency, ignore ); -installer_fixture!(update_syncs_outdated, ignore); +installer_fixture!(update_syncs_outdated); installer_fixture!(update_to_empty_from_blank); installer_fixture!(update_to_empty_from_locked); installer_fixture!(update_with_all_dependencies); -- cgit v1.3.1