Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Properly handle the pre-release versions in VersionRange #130

Open
keshav-space opened this issue Jan 25, 2024 · 1 comment
Open

Properly handle the pre-release versions in VersionRange #130

keshav-space opened this issue Jan 25, 2024 · 1 comment
Labels
3-next enhancement New feature or request

Comments

@keshav-space
Copy link
Member

The current univers VersionRange includes the pre-release versions. While this behavior is desirable when dealing with version ranges in a security advisory, it is not appropriate for the version range present in package manifests.

Scenario:

Consider the following release versions for an npm package:
1.0.0, 1.2.0, 2.0.0-rc.1, 2.0.0, 2.1.0, and 3.0.0

Desired Behavior:

  • When dealing with version ranges in a security advisory:
    2.0.0-rc.1 in vers:npm/>=1.2.0|<2.0.0 => True

  • When dealing with version ranges in manifest files:
    2.0.0-rc.1 in vers:npm/>=1.2.0|<2.0.0 => False

@pombredanne
Copy link
Member

Merging duplicate:

It would be useful to detect if a version is a prerelease, beta, rc and similar. This can then be used when doing version tests to exclude some prerelease optionally

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
3-next enhancement New feature or request
Projects
Development

No branches or pull requests

2 participants