Socket
Socket
Sign inDemoInstall

semver

Package Overview
Dependencies
0
Maintainers
5
Versions
107
Alerts
File Explorer

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

Comparing version 7.6.0 to 7.6.1

internal/lrucache.js

19

bin/semver.js

@@ -122,3 +122,7 @@ #!/usr/bin/env node

}
return success(versions)
versions
.sort((a, b) => semver[reverse ? 'rcompare' : 'compare'](a, b, options))
.map(v => semver.clean(v, options))
.map(v => inc ? semver.inc(v, inc, options, identifier, identifierBase) : v)
.forEach(v => console.log(v))
}

@@ -133,15 +137,2 @@

const success = () => {
const compare = reverse ? 'rcompare' : 'compare'
versions.sort((a, b) => {
return semver[compare](a, b, options)
}).map((v) => {
return semver.clean(v, options)
}).map((v) => {
return inc ? semver.inc(v, inc, options, identifier, identifierBase) : v
}).forEach((v, i, _) => {
console.log(v)
})
}
const help = () => console.log(

@@ -148,0 +139,0 @@ `SemVer ${version}

@@ -201,4 +201,4 @@ // hoisted class for cyclic dependency

const LRU = require('lru-cache')
const cache = new LRU({ max: 1000 })
const LRU = require('../internal/lrucache')
const cache = new LRU()

@@ -474,5 +474,6 @@ const parseOptions = require('../internal/parse-options')

// 1.2 - 3.4 => >=1.2.0 <3.5.0-0
// TODO build?
const hyphenReplace = incPr => ($0,
from, fM, fm, fp, fpr, fb,
to, tM, tm, tp, tpr, tb) => {
to, tM, tm, tp, tpr) => {
if (isX(fM)) {

@@ -479,0 +480,0 @@ from = ''

@@ -161,3 +161,3 @@ const debug = require('../internal/debug')

const b = other.build[i]
debug('prerelease compare', i, a, b)
debug('build compare', i, a, b)
if (a === undefined && b === undefined) {

@@ -164,0 +164,0 @@ return 0

{
"name": "semver",
"version": "7.6.0",
"version": "7.6.1",
"description": "The semantic version parser used by npm.",

@@ -17,3 +17,4 @@ "main": "index.js",

"@npmcli/eslint-config": "^4.0.0",
"@npmcli/template-oss": "4.21.3",
"@npmcli/template-oss": "4.22.0",
"benchmark": "^2.1.4",
"tap": "^16.0.0"

@@ -24,3 +25,3 @@ },

"type": "git",
"url": "https://github.com/npm/node-semver.git"
"url": "git+https://github.com/npm/node-semver.git"
},

@@ -52,9 +53,6 @@ "bin": {

},
"dependencies": {
"lru-cache": "^6.0.0"
},
"author": "GitHub Inc.",
"templateOSS": {
"//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.",
"version": "4.21.3",
"version": "4.22.0",
"engines": ">=10",

@@ -77,3 +75,4 @@ "distPaths": [

"/preload.js",
"/range.bnf"
"/range.bnf",
"/benchmarks"
],

@@ -80,0 +79,0 @@ "publish": "true"

@@ -28,3 +28,3 @@ semver(1) -- The semantic versioner for npm

You can also just load the module for the function that you care about, if
You can also just load the module for the function that you care about if
you'd like to minimize your footprint.

@@ -82,4 +82,4 @@

const semverIntersects = require('semver/ranges/intersects')
const simplifyRange = require('semver/ranges/simplify')
const rangeSubset = require('semver/ranges/subset')
const semverSimplifyRange = require('semver/ranges/simplify')
const semverRangeSubset = require('semver/ranges/subset')
```

@@ -149,3 +149,3 @@

A `version range` is a set of `comparators` which specify versions
A `version range` is a set of `comparators` that specify versions
that satisfy the range.

@@ -161,3 +161,3 @@

* `=` Equal. If no operator is specified, then equality is assumed,
so this operator is optional, but MAY be included.
so this operator is optional but MAY be included.

@@ -196,14 +196,14 @@ For example, the comparator `>=1.2.7` would match the versions

than" `1.2.3-alpha.3` according to the SemVer sort rules. The version
range only accepts prerelease tags on the `1.2.3` version. The
version `3.4.5` *would* satisfy the range, because it does not have a
range only accepts prerelease tags on the `1.2.3` version.
Version `3.4.5` *would* satisfy the range because it does not have a
prerelease flag, and `3.4.5` is greater than `1.2.3-alpha.7`.
The purpose for this behavior is twofold. First, prerelease versions
The purpose of this behavior is twofold. First, prerelease versions
frequently are updated very quickly, and contain many breaking changes
that are (by the author's design) not yet fit for public consumption.
Therefore, by default, they are excluded from range matching
Therefore, by default, they are excluded from range-matching
semantics.
Second, a user who has opted into using a prerelease version has
clearly indicated the intent to use *that specific* set of
indicated the intent to use *that specific* set of
alpha/beta/rc versions. By including a prerelease tag in the range,

@@ -215,4 +215,4 @@ the user is indicating that they are aware of the risk. However, it

Note that this behavior can be suppressed (treating all prerelease
versions as if they were normal versions, for the purpose of range
matching) by setting the `includePrerelease` flag on the options
versions as if they were normal versions, for range-matching)
by setting the `includePrerelease` flag on the options
object to any

@@ -410,3 +410,3 @@ [functions](https://github.com/npm/node-semver#functions) that do

- `loose` Be more forgiving about not-quite-valid semver strings.
- `loose`: Be more forgiving about not-quite-valid semver strings.
(Any resulting output will always be 100% strict compliant, of

@@ -416,3 +416,3 @@ course.) For backwards compatibility reasons, if the `options`

to be the `loose` param.
- `includePrerelease` Set to suppress the [default
- `includePrerelease`: Set to suppress the [default
behavior](https://github.com/npm/node-semver#prerelease-tags) of

@@ -426,4 +426,5 @@ excluding prerelease tagged versions from ranges unless they are

* `valid(v)`: Return the parsed version, or null if it's not valid.
* `inc(v, release)`: Return the version incremented by the release
type (`major`, `premajor`, `minor`, `preminor`, `patch`,
* `inc(v, release, options, identifier, identifierBase)`:
Return the version incremented by the release
type (`major`, `premajor`, `minor`, `preminor`, `patch`,
`prepatch`, or `prerelease`), or null if it's not valid

@@ -433,6 +434,9 @@ * `premajor` in one call will bump the version up to the next major

`preminor`, and `prepatch` work the same way.
* If called from a non-prerelease version, the `prerelease` will work the
same as `prepatch`. It increments the patch version, then makes a
* If called from a non-prerelease version, `prerelease` will work the
same as `prepatch`. It increments the patch version and then makes a
prerelease. If the input version is already a prerelease it simply
increments it.
* `identifier` can be used to prefix `premajor`, `preminor`,
`prepatch`, or `prerelease` version increments. `identifierBase`
is the base to be used for the `prerelease` identifier.
* `prerelease(v)`: Returns an array of prerelease components, or null

@@ -455,3 +459,3 @@ if none exist. Example: `prerelease('1.2.3-alpha.1') -> ['alpha', 1]`

* `eq(v1, v2)`: `v1 == v2` This is true if they're logically equivalent,
even if they're not the exact same string. You already know how to
even if they're not the same string. You already know how to
compare strings.

@@ -465,11 +469,18 @@ * `neq(v1, v2)`: `v1 != v2` The opposite of `eq`.

`v2` is greater. Sorts in ascending order if passed to `Array.sort()`.
* `rcompare(v1, v2)`: The reverse of compare. Sorts an array of versions
* `rcompare(v1, v2)`: The reverse of `compare`. Sorts an array of versions
in descending order when passed to `Array.sort()`.
* `compareBuild(v1, v2)`: The same as `compare` but considers `build` when two versions
are equal. Sorts in ascending order if passed to `Array.sort()`.
`v2` is greater. Sorts in ascending order if passed to `Array.sort()`.
* `diff(v1, v2)`: Returns difference between two versions by the release type
* `compareLoose(v1, v2)`: Short for ``compare(v1, v2, { loose: true })`.
* `diff(v1, v2)`: Returns the difference between two versions by the release type
(`major`, `premajor`, `minor`, `preminor`, `patch`, `prepatch`, or `prerelease`),
or null if the versions are the same.
### Sorting
* `sort(versions)`: Returns a sorted array of versions based on the `compareBuild`
function.
* `rsort(versions)`: The reverse of `sort`. Returns an array of versions based on
the `compareBuild` function in descending order.
### Comparators

@@ -488,7 +499,7 @@

that satisfies the range, or `null` if none of them do.
* `minVersion(range)`: Return the lowest version that can possibly match
* `minVersion(range)`: Return the lowest version that can match
the given range.
* `gtr(version, range)`: Return `true` if version is greater than all the
* `gtr(version, range)`: Return `true` if the version is greater than all the
versions possible in the range.
* `ltr(version, range)`: Return `true` if version is less than all the
* `ltr(version, range)`: Return `true` if the version is less than all the
versions possible in the range.

@@ -499,5 +510,5 @@ * `outside(version, range, hilo)`: Return true if the version is outside

the function called by `gtr` and `ltr`.)
* `intersects(range)`: Return true if any of the ranges comparators intersect
* `intersects(range)`: Return true if any of the range comparators intersect.
* `simplifyRange(versions, range)`: Return a "simplified" range that
matches the same items in `versions` list as the range specified. Note
matches the same items in the `versions` list as the range specified. Note
that it does *not* guarantee that it would match the same versions in all

@@ -515,3 +526,3 @@ cases, only for the set of versions provided. This is useful when

example, the range `1.2 <1.2.9 || >2.0.0` would have a hole from `1.2.9`
until `2.0.0`, so the version `1.2.10` would not be greater than the
until `2.0.0`, so version `1.2.10` would not be greater than the
range (because `2.0.1` satisfies, which is higher), nor less than the

@@ -529,3 +540,3 @@ range (since `1.2.8` satisfies, which is lower), and it also does not

This aims to provide a very forgiving translation of a non-semver string to
semver. It looks for the first digit in a string, and consumes all
semver. It looks for the first digit in a string and consumes all
remaining characters which satisfy at least a partial semver (e.g., `1`,

@@ -536,3 +547,3 @@ `1.2`, `1.2.3`) up to the max permitted length (256 characters). Longer

`3.4.0`). Only text which lacks digits will fail coercion (`version one`
is not valid). The maximum length for any semver component considered for
is not valid). The maximum length for any semver component considered for
coercion is 16 characters; longer components will be ignored

@@ -613,3 +624,3 @@ (`10000000000000000.4.7.4` becomes `4.7.4`). The maximum value for any

You may pull in just the part of this semver utility that you need, if you
You may pull in just the part of this semver utility that you need if you
are sensitive to packing and tree-shaking concerns. The main

@@ -657,4 +668,6 @@ `require('semver')` export uses getter functions to lazily load the parts

* `require('semver/ranges/outside')`
* `require('semver/ranges/simplify')`
* `require('semver/ranges/subset')`
* `require('semver/ranges/to-comparators')`
* `require('semver/ranges/valid')`
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

Packages

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc