Skip to content

Closes #4958: Revert change to composer audit reporting mode for abandoned packages#5429

Merged
joeparsons merged 2 commits intomainfrom
issue/4958
Mar 31, 2026
Merged

Closes #4958: Revert change to composer audit reporting mode for abandoned packages#5429
joeparsons merged 2 commits intomainfrom
issue/4958

Conversation

@bberndt-uaz
Copy link
Copy Markdown
Contributor

@bberndt-uaz bberndt-uaz commented Mar 20, 2026
edited
Loading

Description

Sets the composer audit reporting mode for abandoned packages back to the default (fail) to ensure that we're alerted about any newly abandoned packages.

We had previously changed this mode in this PR:

That previous change was intended to be temporary, in response to a Drupal core issue which resulted in this change record:

FYI: Abandoned packages can now be ignored on an individual basis: https://getcomposer.org/doc/06-config.md#ignore-abandoned.

Related issues

How to test

Confirm that the CI composer audit check still passes.

Types of changes

Arizona Quickstart (install profile, custom modules, custom theme)

  • Patch release changes
    • Bug fix
    • Accessibility, performance, or security improvement
    • Critical institutional link or brand change
    • Adding experimental module
    • Update experimental module
  • Minor release changes
    • New feature
    • Breaking or visual change to existing behavior
    • Upgrade experimental module to stable
    • Enable existing module by default or database update
    • Non-critical brand change
    • New internal API or API improvement with backwards compatibility
    • Risky or disruptive cleanup to comply with coding standards
    • High-risk or disruptive change (requires upgrade path, risks regression, etc.)
  • Other or unknown
    • Other or unknown

Drupal core

  • Patch release changes
    • Security update
    • Patch level release (non-security bug-fix release)
    • Patch removal that's no longer necessary
  • Minor release changes
    • Major or minor level update
  • Other or unknown
    • Other or unknown

Drupal contrib projects

  • Patch release changes
    • Security update
    • Patch or minor level update
    • Add new module
    • Patch removal that's no longer necessary
  • Minor release changes
    • Major level update
  • Other or unknown
    • Other or unknown

Checklist

  • My code follows the code style of this project.
  • My change requires a change to the documentation.
  • I have updated the documentation accordingly.
  • I have read the CONTRIBUTING document.
  • I have added tests to cover my changes.
  • All new and existing tests passed.
  • My change requires release notes.

@bberndt-uaz bberndt-uaz self-assigned this Mar 20, 2026
@bberndt-uaz bberndt-uaz added ci Continuous integration / automation 3.x only labels Mar 20, 2026
@bberndt-uaz bberndt-uaz linked an issue Mar 20, 2026 that may be closed by this pull request
Revert change to composer audit reporting mode for abandoned packages #4958
Closed
@bberndt-uaz bberndt-uaz added backport-2.x Changes to be back-ported to the 2.x development branch and removed 3.x only labels Mar 20, 2026
@bberndt-uaz bberndt-uaz marked this pull request as ready for review March 20, 2026 22:07
@bberndt-uaz bberndt-uaz requested review from a team as code owners March 20, 2026 22:07
@bberndt-uaz bberndt-uaz moved this from Todo to Needs review in 3.3.1 bug-fix patch release Mar 20, 2026
@github-project-automation github-project-automation bot moved this from Needs review to Ready to merge in 3.3.1 bug-fix patch release Mar 27, 2026
@joeparsons joeparsons merged commit 4299af9 into main Mar 31, 2026
32 checks passed
@joeparsons joeparsons deleted the issue/4958 branch March 31, 2026 20:24
@github-project-automation github-project-automation bot moved this from Ready to merge to Done in 3.3.1 bug-fix patch release Mar 31, 2026
joeparsons pushed a commit that referenced this pull request Mar 31, 2026
@bberndt-uaz @joeparsons
Closes #4958: Revert change to composer audit reporting mode for aban…
b1c7144 
…doned packages (#5429)

(cherry picked from commit 4299af9)
@joeparsons joeparsons mentioned this pull request Mar 31, 2026
Merged
32 tasks
@bberndt-uaz bberndt-uaz mentioned this pull request Mar 31, 2026
Closed
bberndt-uaz added a commit that referenced this pull request Apr 1, 2026
@bberndt-uaz
Closes #4958: Revert change to composer audit reporting mode for aban…
f0809cb 
…doned packages (#5429)

(cherry picked from commit 4299af9)
bberndt-uaz added a commit that referenced this pull request Apr 2, 2026
@joeparsons @bberndt-uaz
Closes #4958: Revert change to composer audit reporting mode for aban…
8661a95 
…doned packages (2.x backport of #5429) (#5452)

(cherry picked from commit 4299af9)

Co-authored-by: Brian Berndt <74572157+bberndt-uaz@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@joeparsons joeparsons joeparsons approved these changes

@tadean tadean tadean approved these changes

Assignees

@bberndt-uaz bberndt-uaz

Labels

backport-2.x Changes to be back-ported to the 2.x development branch ci Continuous integration / automation

Projects

No open projects
3.3.1 bug-fix patch release
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Revert change to composer audit reporting mode for abandoned packages

3 participants

@bberndt-uaz @joeparsons @tadean