Socket
Socket
Sign inDemoInstall

semver

Package Overview
Dependencies
1
Maintainers
6
Versions
107
Alerts
File Explorer

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

Comparing version 7.5.1 to 7.5.2

3

classes/comparator.js

@@ -19,2 +19,3 @@ const ANY = Symbol('SemVer ANY')

comp = comp.trim().split(/\s+/).join(' ')
debug('comparator', comp, options)

@@ -137,3 +138,3 @@ this.options = options

const parseOptions = require('../internal/parse-options')
const { re, t } = require('../internal/re')
const { safeRe: re, t } = require('../internal/re')
const cmp = require('../functions/cmp')

@@ -140,0 +141,0 @@ const debug = require('../internal/debug')

@@ -29,8 +29,15 @@ // hoisted class for cyclic dependency

// First, split based on boolean or ||
// First reduce all whitespace as much as possible so we do not have to rely
// on potentially slow regexes like \s*. This is then stored and used for
// future error messages as well.
this.raw = range
this.set = range
.trim()
.split(/\s+/)
.join(' ')
// First, split on ||
this.set = this.raw
.split('||')
// map the range to a 2d array of comparators
.map(r => this.parseRange(r.trim()))
.map(r => this.parseRange(r))
// throw out any comparator lists that are empty

@@ -42,3 +49,3 @@ // this generally means that it was not a valid range, which is allowed

if (!this.set.length) {
throw new TypeError(`Invalid SemVer Range: ${range}`)
throw new TypeError(`Invalid SemVer Range: ${this.raw}`)
}

@@ -69,5 +76,3 @@

this.range = this.set
.map((comps) => {
return comps.join(' ').trim()
})
.map((comps) => comps.join(' ').trim())
.join('||')

@@ -83,4 +88,2 @@ .trim()

parseRange (range) {
range = range.trim()
// memoize range parsing for performance.

@@ -112,5 +115,2 @@ // this is a very hot path, and fully deterministic.

// normalize spaces
range = range.split(/\s+/).join(' ')
// At this point, the range is completely trimmed and

@@ -211,3 +211,3 @@ // ready to be split into comparators.

const {
re,
safeRe: re,
t,

@@ -266,6 +266,9 @@ comparatorTrimReplace,

// ~0.0.1 --> >=0.0.1 <0.1.0-0
const replaceTildes = (comp, options) =>
comp.trim().split(/\s+/).map((c) => {
return replaceTilde(c, options)
}).join(' ')
const replaceTildes = (comp, options) => {
return comp
.trim()
.split(/\s+/)
.map((c) => replaceTilde(c, options))
.join(' ')
}

@@ -308,6 +311,9 @@ const replaceTilde = (comp, options) => {

// ^0.1.0 --> >=0.1.0 <0.2.0-0
const replaceCarets = (comp, options) =>
comp.trim().split(/\s+/).map((c) => {
return replaceCaret(c, options)
}).join(' ')
const replaceCarets = (comp, options) => {
return comp
.trim()
.split(/\s+/)
.map((c) => replaceCaret(c, options))
.join(' ')
}

@@ -369,5 +375,6 @@ const replaceCaret = (comp, options) => {

debug('replaceXRanges', comp, options)
return comp.split(/\s+/).map((c) => {
return replaceXRange(c, options)
}).join(' ')
return comp
.split(/\s+/)
.map((c) => replaceXRange(c, options))
.join(' ')
}

@@ -455,3 +462,5 @@

// Looseness is ignored here. star is always as loose as it gets!
return comp.trim().replace(re[t.STAR], '')
return comp
.trim()
.replace(re[t.STAR], '')
}

@@ -461,3 +470,4 @@

debug('replaceGTE0', comp, options)
return comp.trim()
return comp
.trim()
.replace(re[options.includePrerelease ? t.GTE0PRE : t.GTE0], '')

@@ -500,3 +510,3 @@ }

return (`${from} ${to}`).trim()
return `${from} ${to}`.trim()
}

@@ -503,0 +513,0 @@

const debug = require('../internal/debug')
const { MAX_LENGTH, MAX_SAFE_INTEGER } = require('../internal/constants')
const { re, t } = require('../internal/re')
const { safeRe: re, t } = require('../internal/re')

@@ -294,4 +294,6 @@ const parseOptions = require('../internal/parse-options')

}
this.format()
this.raw = this.version
this.raw = this.format()
if (this.build.length) {
this.raw += `+${this.build.join('.')}`
}
return this

@@ -298,0 +300,0 @@ }

const SemVer = require('../classes/semver')
const parse = require('./parse')
const { re, t } = require('../internal/re')
const { safeRe: re, t } = require('../internal/re')

@@ -5,0 +5,0 @@ const coerce = (version, options) => {

@@ -16,3 +16,32 @@ const parse = require('./parse.js')

const highHasPre = !!highVersion.prerelease.length
const lowHasPre = !!lowVersion.prerelease.length
if (lowHasPre && !highHasPre) {
// Going from prerelease -> no prerelease requires some special casing
// If the low version has only a major, then it will always be a major
// Some examples:
// 1.0.0-1 -> 1.0.0
// 1.0.0-1 -> 1.1.1
// 1.0.0-1 -> 2.0.0
if (!lowVersion.patch && !lowVersion.minor) {
return 'major'
}
// Otherwise it can be determined by checking the high version
if (highVersion.patch) {
// anything higher than a patch bump would result in the wrong version
return 'patch'
}
if (highVersion.minor) {
// anything higher than a minor bump would result in the wrong version
return 'minor'
}
// bumping major/minor/patch all have same result
return 'major'
}
// add the `pre` prefix if we are going to a prerelease version

@@ -33,24 +62,6 @@ const prefix = highHasPre ? 'pre' : ''

// at this point we know stable versions match but overall versions are not equal,
// so either they are both prereleases, or the lower version is a prerelease
if (highHasPre) {
// high and low are preleases
return 'prerelease'
}
if (lowVersion.patch) {
// anything higher than a patch bump would result in the wrong version
return 'patch'
}
if (lowVersion.minor) {
// anything higher than a minor bump would result in the wrong version
return 'minor'
}
// bumping major/minor/patch all have same result
return 'major'
// high and low are preleases
return 'prerelease'
}
module.exports = diff

@@ -7,2 +7,3 @@ const { MAX_SAFE_COMPONENT_LENGTH } = require('./constants')

const re = exports.re = []
const safeRe = exports.safeRe = []
const src = exports.src = []

@@ -13,2 +14,11 @@ const t = exports.t = {}

const createToken = (name, value, isGlobal) => {
// Replace all greedy whitespace to prevent regex dos issues. These regex are
// used internally via the safeRe object since all inputs in this library get
// normalized first to trim and collapse all extra whitespace. The original
// regexes are exported for userland consumption and lower level usage. A
// future breaking change could export the safer regex only with a note that
// all input should have extra whitespace removed.
const safe = value
.split('\\s*').join('\\s{0,1}')
.split('\\s+').join('\\s')
const index = R++

@@ -19,2 +29,3 @@ debug(name, index, value)

re[index] = new RegExp(value, isGlobal ? 'g' : undefined)
safeRe[index] = new RegExp(safe, isGlobal ? 'g' : undefined)
}

@@ -21,0 +32,0 @@

{
"name": "semver",
"version": "7.5.1",
"version": "7.5.2",
"description": "The semantic version parser used by npm.",

@@ -17,3 +17,3 @@ "main": "index.js",

"@npmcli/eslint-config": "^4.0.0",
"@npmcli/template-oss": "4.14.1",
"@npmcli/template-oss": "4.15.1",
"tap": "^16.0.0"

@@ -41,3 +41,3 @@ },

"tap": {
"check-coverage": true,
"timeout": 30,
"coverage-map": "map.js",

@@ -58,3 +58,3 @@ "nyc-arg": [

"//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.",
"version": "4.14.1",
"version": "4.15.1",
"engines": ">=10",

@@ -61,0 +61,0 @@ "ciVersions": [

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

Packages

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc