Incorrectly parses "~>" semver ranges #1

New Issue

Ghost · 2018-10-06T05:48:35Z

Ghost commented

2018-10-06 05:48:35 +00:00

A range like "~> 2.0.0" is incorrectly returned with operator === > instead of ~>

A range like "~> 2.0.0" is incorrectly returned with operator === `>` instead of `~>`

coolaj86 commented

2018-10-06 15:07:06 +00:00

This library was created many, many moons ago.

I actually don't know what ~ is for. It isn't referenced on semver.org (in fact, I think "semver ranges" are not actually part of semver at all, but something npm made up and that many other people follow).

That said, if you can get me a link to some documentation for wherever the latest canonical or pseudo standard is, I'll take a look.

This library was created many, many moons ago. I actually don't know what ~ is for. It isn't referenced on semver.org (in fact, I think "semver ranges" are not actually part of semver at all, but something npm made up and that many other people follow). That said, if you can get me a link to some documentation for wherever the latest canonical or pseudo standard is, I'll take a look.

Ghost commented

2018-10-06 15:13:41 +00:00

Thanks for taking a look.

FYI, I'm using this library as a dependency of https://github.com/renovatebot/renovate and just discovered these range types myself today when I was surprised to find they are considered valid by the node semver package. Confirmed at https://semver.npmjs.com but not in any documentation yet - it's challenging to google search for syntax and the terms node and semver are everywhere.

Anyway, in npm/node semver, ~> seems to have the exact same behaviour as ~.

Thanks for taking a look. FYI, I'm using this library as a dependency of https://github.com/renovatebot/renovate and just discovered these range types myself today when I was surprised to find they are considered valid by the node `semver` package. Confirmed at https://semver.npmjs.com but not in any documentation yet - it's challenging to google search for syntax and the terms node and semver are *everywhere*. Anyway, in npm/node semver, `~>` seems to have the exact same behaviour as `~`.

coolaj86 commented

2018-10-09 01:27:28 +00:00

Published v1.1.4

I changed the regex which (as noted in the prior comments of the code) makes me nervous. It's definitely too complicated for a long RegExp.

As a result it will now accept ~< 2.0.0 (not sure if that should be valid) and ~> 2.0.0, but still not ~^ 2.0.0 or <> 2.0.0.

This definitely should be broken down...

Published v1.1.4 I changed the regex which (as noted in the prior comments of the code) makes me nervous. It's definitely too complicated for a long RegExp. As a result it will now accept `~< 2.0.0` (not sure if that should be valid) and `~> 2.0.0`, but still not `~^ 2.0.0` or `<> 2.0.0`. This definitely should be broken down...

coolaj86 commented

2018-10-09 01:27:38 +00:00

Will you confirm and close?

Ghost commented

2018-10-09 03:04:11 +00:00

Thanks very much! Confirmed here: https://github.com/renovatebot/renovate/pull/2622

Ghost closed this issue

2018-10-09 03:04:11 +00:00

coolaj86 commented

2018-10-09 03:19:02 +00:00

Awesome. I'd like to try renovate against my gitea server (or local directories?). I skimmed it enough to understand what it does, but I want to take a closer look and see what benefit I can reap.

Ghost commented

2018-10-09 03:22:49 +00:00

Unfortunately it won't work out of the box with a new platform like gitea, because it's doing more than just git operations (e.g. interacting with repo metadata, pull requests and issues). It would need gitea added as a new option here: https://github.com/renovatebot/renovate/tree/master/lib/platform

To save some time it could presumably reuse the "git" platform for file operations but still need to replicate the rest. For the other platforms so far this has each been at least a man-week of work unfortunately.

Unfortunately it won't work out of the box with a new platform like gitea, because it's doing more than just git operations (e.g. interacting with repo metadata, pull requests and issues). It would need gitea added as a new option here: https://github.com/renovatebot/renovate/tree/master/lib/platform To save some time it could presumably reuse the "git" platform for file operations but still need to replicate the rest. For the other platforms so far this has each been at least a man-week of work unfortunately.

coolaj86 commented

2018-10-09 03:24:33 +00:00

At first I was scratching my head with "but why?"... then I remembered that although the html apis are almost identical, the json apis are probably very different.

Ghost commented

2018-10-09 03:25:45 +00:00

Yes, it's all pretty basic stuff, but every API is different. e.g. what structure/fields a platform uses for title or body, or passed/failed, etc.

Sign in to join this conversation.

No Label

No Milestone

No Assignees

2 Participants

Notifications

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: coolaj86/semver-utils.js#1