From 756e0b9c18af8b2b5887ae1fb265a03187ca9c00 Mon Sep 17 00:00:00 2001 From: nsfisis Date: Sun, 3 May 2026 19:54:36 +0900 Subject: fix(update): unlock new-package deps via repo requires for --with-deps `expand_with_direct_dependencies` only walked the lock map, so an allow-listed package not yet in the lock (a freshly added root require) contributed nothing to the unlock cascade. The resolver then kept transitive deps pinned to their lock versions and bailed when the new package's require could not be satisfied. Mirror Composer's `PoolBuilder::loadPackage` by also walking inline / composer-repo require lists for not-yet-locked packages. Co-Authored-By: Claude Opus 4.7 (1M context) --- crates/mozart/src/commands/require.rs | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'crates/mozart/src/commands/require.rs') diff --git a/crates/mozart/src/commands/require.rs b/crates/mozart/src/commands/require.rs index 24812fc..45ad759 100644 --- a/crates/mozart/src/commands/require.rs +++ b/crates/mozart/src/commands/require.rs @@ -730,10 +730,16 @@ pub async fn execute( let newly_required: Vec = additions.iter().map(|(name, _, _)| name.clone()).collect(); + let repo_requires = super::update::collect_repo_requires(&raw.repositories); let allow_list = if with_all_deps { - super::update::expand_with_all_dependencies(newly_required, lock) + super::update::expand_with_all_dependencies(newly_required, lock, &repo_requires) } else if with_deps { - super::update::expand_with_direct_dependencies(newly_required, lock, &IndexSet::new()) + super::update::expand_with_direct_dependencies( + newly_required, + lock, + &IndexSet::new(), + &repo_requires, + ) } else { // Default for `require`: only the newly added packages are allowed to change. additions.iter().map(|(name, _, _)| name.clone()).collect() -- cgit v1.3.1