+6
-2
@@ -302,2 +302,6 @@ 'use strict' | ||
| const r = options.loose ? re[t.TILDELOOSE] : re[t.TILDE] | ||
| // if we're including prereleases in the match, then the lower bound is | ||
| // -0, the lowest possible prerelease value, just like x-ranges and carets. | ||
| // this keeps `~1.2` equivalent to the `1.2.x` x-range it's documented as. | ||
| const z = options.includePrerelease ? '-0' : '' | ||
| return comp.replace(r, (_, M, m, p, pr) => { | ||
@@ -310,6 +314,6 @@ debug('tilde', comp, _, M, m, p, pr) | ||
| } else if (isX(m)) { | ||
| ret = `>=${M}.0.0 <${+M + 1}.0.0-0` | ||
| ret = `>=${M}.0.0${z} <${+M + 1}.0.0-0` | ||
| } else if (isX(p)) { | ||
| // ~1.2 == >=1.2.0 <1.3.0-0 | ||
| ret = `>=${M}.${m}.0 <${M}.${+m + 1}.0-0` | ||
| ret = `>=${M}.${m}.0${z} <${M}.${+m + 1}.0-0` | ||
| } else if (pr) { | ||
@@ -316,0 +320,0 @@ debug('replaceTilde pr', pr) |
+1
-1
| { | ||
| "name": "semver", | ||
| "version": "7.8.4", | ||
| "version": "7.8.5", | ||
| "description": "The semantic version parser used by npm.", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
101065
0.28%2283
0.18%