fix dependency resolution edge cases issues (#3985)

motivation: dependency resolution could be incorrect in some edge cases when a pre-release requirement is specified, and not report the issue to the user

changes:
* depedency resolustion should not assume 0.0.0 is the correct minimal requirment, instead it should use the specified version
* fix dependency term computation which used incorrect version requirement for the the parent node
* add validation at the end of package udpate API to make sure no missing packages exist after resolution, and fail the operation if such exists. this mirrors the behavior of package resolve API
* adjust tests

Author: tomerd

Sources/PackageGraph/Pubgrub/PubgrubDependencyResolver.swift

@@ -1216,41 +1216,51 @@ internal final class PubGrubPackageContainer {
 
             // Since the pinned version is most likely to succeed, we don't compute bounds for its
             // incompatibilities.
-            return try Array(constraints.map { (constraint: PackageContainerConstraint) -> [Incompatibility] in
-                guard case .versionSet(let vs) = constraint.requirement else {
+            return try constraints.flatMap { constraint -> [Incompatibility] in
+                // We only have version-based requirements at this point.
+                guard case .versionSet(let constraintRequirement) = constraint.requirement else {
                     throw InternalError("Unexpected unversioned requirement: \(constraint)")
                 }
                 return try constraint.nodes().map { dependencyNode in
                     var terms: OrderedSet<Term> = []
+                    // the package version requirement
                     terms.append(Term(node, .exact(version)))
-                    terms.append(Term(not: dependencyNode, vs))
+                    // the dependency's version requirement
+                    terms.append(Term(not: dependencyNode, constraintRequirement))
                     return try Incompatibility(terms, root: root, cause: .dependency(node: node))
                 }
-            }.joined())
+            }
         }
 
-        let (lowerBounds, upperBounds) = try self.computeBounds(for: node,
-                                                                constraints: constraints,
-                                                                startingWith: version)
-
-        return try constraints.flatMap { constraint in
-            return try constraint.nodes().map { constraintNode in
-                var terms: OrderedSet<Term> = []
-                let lowerBound = lowerBounds[constraintNode] ?? "0.0.0"
-                let upperBound = upperBounds[constraintNode] ?? Version(version.major + 1, 0, 0)
-                assert(lowerBound < upperBound)
+        let (lowerBounds, upperBounds) = try self.computeBounds(
+            for: node,
+            constraints: constraints,
+            startingWith: version
+        )
 
-                // We only have version-based requirements at this point.
-                guard case .versionSet(let vs) = constraint.requirement else {
-                    throw InternalError("Unexpected unversioned requirement: \(constraint)")
+        return try constraints.flatMap { constraint -> [Incompatibility] in
+            // We only have version-based requirements at this point.
+            guard case .versionSet(let constraintRequirement) = constraint.requirement else {
+                throw InternalError("Unexpected unversioned requirement: \(constraint)")
+            }
+            return try constraint.nodes().compactMap { constraintNode in
+                // cycle
+                guard node != constraintNode else {
+                    return nil
                 }
 
-                let requirement: VersionSetSpecifier = .range(lowerBound ..< upperBound)
-                terms.append(Term(node, requirement))
-                terms.append(Term(not: constraintNode, vs))
-
                 // Make a record for this dependency so we don't have to recompute the bounds when the selected version falls within the bounds.
-                self.emittedIncompatibilities[constraintNode] = requirement.union(emittedIncompatibilities[constraintNode] ?? .empty)
+                if let lowerBound = lowerBounds[constraintNode], let upperBound = upperBounds[constraintNode] {
+                    assert(lowerBound < upperBound)
+                    let requirement: VersionSetSpecifier = .range(lowerBound ..< upperBound)
+                    self.emittedIncompatibilities[constraintNode] = requirement.union(emittedIncompatibilities[constraintNode] ?? .empty)
+                }
+
+                var terms: OrderedSet<Term> = []
+                // the package version requirement
+                terms.append(Term(node, .exact(version)))
+                // the dependency's version requirement
+                terms.append(Term(not: constraintNode, constraintRequirement))
 
                 return try Incompatibility(terms, root: root, cause: .dependency(node: node))
             }

Sources/Workspace/Workspace.swift

@@ -784,7 +784,7 @@ extension Workspace {
         observabilityScope: ObservabilityScope
     ) throws -> [(PackageReference, Workspace.PackageStateChange)]? {
         // Create cache directories.
-        createCacheDirectories(observabilityScope: observabilityScope)
+        self.createCacheDirectories(observabilityScope: observabilityScope)
 
         // FIXME: this should not block
         // Load the root manifests and currently checked out manifests.
@@ -799,7 +799,9 @@ extension Workspace {
         guard let pinsStore = observabilityScope.trap({ try self.pinsStore.load() }) else { return nil }
 
         // Ensure we don't have any error at this point.
-        guard !observabilityScope.errorsReported else { return nil }
+        guard !observabilityScope.errorsReported else {
+            return nil
+        }
 
         // Add unversioned constraints for edited packages.
         var updateConstraints = currentManifests.editedPackagesConstraints()
@@ -830,17 +832,28 @@ extension Workspace {
         // Reset the active resolver.
         self.activeResolver = nil
 
-        guard !observabilityScope.errorsReported else { return nil }
+        guard !observabilityScope.errorsReported else {
+            return nil
+        }
 
         if dryRun {
-            return observabilityScope.trap { return try computePackageStateChanges(root: graphRoot, resolvedDependencies: updateResults, updateBranches: true, observabilityScope: observabilityScope) }
+            return observabilityScope.trap {
+                return try self.computePackageStateChanges(root: graphRoot, resolvedDependencies: updateResults, updateBranches: true, observabilityScope: observabilityScope)
+            }
         }
 
         // Update the checkouts based on new dependency resolution.
         let packageStateChanges = self.updateDependenciesCheckouts(root: graphRoot, updateResults: updateResults, updateBranches: true, observabilityScope: observabilityScope)
 
         // Load the updated manifests.
         let updatedDependencyManifests = try self.loadDependencyManifests(root: graphRoot, observabilityScope: observabilityScope)
+        // If we have missing packages, something is fundamentally wrong with the resolution of the graph
+        let stillMissingPackages = updatedDependencyManifests.computePackages().missing
+        guard stillMissingPackages.isEmpty else {
+            let missing = stillMissingPackages.map{ $0.description }
+            observabilityScope.emit(error: "exhausted attempts to resolve the dependencies graph, with '\(missing.joined(separator: "', '"))' unresolved.")
+            return nil
+        }
 
         // Update the resolved file.
         self.saveResolvedFile(
@@ -1721,7 +1734,7 @@ extension Workspace {
             let dependenciesToLoad = dependenciesRequired.map{ $0.createPackageRef() }.filter { !loadedManifests.keys.contains($0.identity) }
             let dependenciesManifests = try temp_await { self.loadManagedManifests(for: dependenciesToLoad, observabilityScope: observabilityScope, completion: $0) }
             dependenciesManifests.forEach { loadedManifests[$0.key] = $0.value }
-            return pair.item.dependenciesRequired(for: pair.key.productFilter).compactMap { dependency in
+            return dependenciesRequired.compactMap { dependency in
                 loadedManifests[dependency.identity].flatMap {
                     // we also compare the location as this function may attempt to load
                     // dependencies that have the same identity but from a different location
@@ -2704,7 +2717,7 @@ extension Workspace {
     ) -> [(PackageReference, PackageStateChange)] {
         // Get the update package states from resolved results.
         guard let packageStateChanges = observabilityScope.trap({
-            try computePackageStateChanges(root: root, resolvedDependencies: updateResults, updateBranches: updateBranches, observabilityScope: observabilityScope)
+            try self.computePackageStateChanges(root: root, resolvedDependencies: updateResults, updateBranches: updateBranches, observabilityScope: observabilityScope)
         }) else {
             return []
         }