PHP Fatal Error When Applying Remote Patches on Composer 2.0.11

[djacques4gorilla]

After updating to Composer 2.0.11 (from 1.10.20) and using vaimo/composer-patches 4.22.4, a patch list that previously applied without issue now crashes immediately as the patch application process begins with the following error:

PHP Fatal error: Uncaught Error: Call to a member function then() on null in /var/www/html/vendor/vaimo/composer-patches/src/Compatibility/Executor.php:88
Stack trace:
#0 /var/www/html/vendor/vaimo/composer-patches/src/Managers/RepositoryManager.php(72): Vaimo\ComposerPatches\Compatibility\Executor->processReinstallOperation(Object(Composer\Repository\InstalledFilesystemRepository), Object(Composer\Installer\InstallationManager), Object(Vaimo\ComposerPatches\Composer\ResetOperation))
#1 /var/www/html/vendor/vaimo/composer-patches/src/Console/Silencer.php(37): Vaimo\ComposerPatches\Managers\RepositoryManager->Vaimo\ComposerPatches\Managers{closure}()
#2 /var/www/html/vendor/vaimo/composer-patches/src/Managers/RepositoryManager.php(73): Vaimo\ComposerPatches\Console\Silencer->applyToCallback(Object(Closure))
#3 /var/www/html/vendor/vaimo/composer-patches/src/Repository/PatchesApplier.php(198): Vaimo\ComposerPatches\Managers\RepositoryManager->resetPackage(Object(Composer\Repository\InstalledFilesystemRepository), Object(Compos in /var/www/html/vendor/vaimo/composer-patches/src/Compatibility/Executor.php on line 88

Pre-requisites

1. Update Composer to 2.0.11
2. vaimo/composer-patches 4.22.4
3. Patches pulled from a web server with HTTP Basic Auth
4. Credentials for the web server set up in auth.json

To Reproduce
Steps to reproduce the behavior:

1. Delete the vendor directory created by Composer 1.x
2. Run composer update

Expected
The patches are successfully download from the web server and applied to the codebase

Actual
PHP fatal error when downloading the patch files.

Notes
The patch list is in the following format:

{
"magento/product-enterprise-edition": {
"[PRODSECBUG-2198] SQL injection vulnerability through an unauthenticated user": {
"source": {
"2.1.0 - 2.1.16": "https://magentopatches.com/2.1/PRODSECBUG-2198-2.1-EE.composer-2019-03-27-06-08-35.patch",
"2.2.0 - 2.2.7": "https://magentopatches.com/2.2/PRODSECBUG-2198-2.2-EE.composer-2019-03-27-06-10-19.patch",
"2.3.0": "https://magentopatches.com/2.3/PRODSECBUG-2198-2.3-EE.composer-2019-03-27-06-10-53.patch"
}
},
"May 2019 Security Patch - Exposed Admin URLs": {
"source": {
"2.1.12 - 2.1.17": "https://magentopatches.com/2.1/may_2019_security_patch_2.1.17.patch",
"2.2.0 - 2.2.8": "https://magentopatches.com/2.2/may_2019_security_patch_2.2.8.patch",
"2.3.0 - 2.3.1": "https://magentopatches.com/2.3/may_2019_security_patch_2.3.1.patch"
}
}
}
}

[djacques4gorilla]

Just so it doesn't get called out, the example from the patch list is for older Magento versions, but this was attempted on Magento 2.4.2 (for which there are a few applicable patches in the complete list).

[allanpaiste]

This looks worrisome! So it's the downloader not returning a promise in certain cases :/ Will try to repeat with the same setup and will get back to you with a fix ASAP.

Thank you for the report and apologies for the inconvenience.