Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Inconsistent isSatisfiedBy for NPM mode and potential incorrect isEquivalentTo for NPM mode #46

Open
leaf94 opened this issue Sep 1, 2020 · 2 comments
Open

Inconsistent isSatisfiedBy for NPM mode and potential incorrect isEquivalentTo for NPM mode #46

leaf94 opened this issue Sep 1, 2020 · 2 comments

Comments

@leaf94
Copy link

leaf94 commented Sep 1, 2020
edited
Loading 

Requirement.buildNPM("=1.2").isSatisfiedBy(new Semver("1.2", Semver.SemverType.NPM)); // true
Requirement.buildNPM("1.2").isSatisfiedBy(new Semver("1.2", Semver.SemverType.NPM)); // false <-- ISSUE

Worth calling out that the following is right when the version is actually valid 1.2.0,
Requirement.buildNPM("1.2").isSatisfiedBy(new Semver("1.2.0", Semver.SemverType.NPM)); // true
but since the constructor of Semver can take 1.2 and Semver.SemverType.NPM, which produces the inconsistency.

The real issue is the second one above as marked in the comment. Did a little debugging with source code, and seems that it failed at the final equality check,
at here: https://github.com/vdurmont/semver4j/blob/master/src/main/java/com/vdurmont/semver4j/Semver.java#L330.

new Semver("1.2", Semver.SemverType.NPM). isEquivalentTo(new Semver("1.2.0", Semver.SemverType.NPM)); // false <-- Potential ISSUE

And since isEquivalentTo is a public method - it might also be potentially wrong, depending on how do we treat the "1.2" and mode "NPM".

Thanks,
Ethan
@leaf94 leaf94 changed the title Inconsistent Semver and Requirement for NPM mode Inconsistent isSatisfiedBy for NPM mode and potential incorrect isEquivalentTo for NPM mode Sep 1, 2020
@leaf94 leaf94 mentioned this issue Sep 1, 2020
Merged
4 tasks
@viebel
Copy link
Contributor

viebel commented Oct 6, 2020

@vdurmont Any update on this issue?

In my use case, that's the bug I reproduce:

Requirement.buildNPM("<1.2").isSatisfiedBy(new Semver("1.1.0", Semver.SemverType.NPM)); // false

@kmck kmck mentioned this issue Oct 15, 2020
Open
@piotrooo piotrooo mentioned this issue Jul 22, 2022
Closed
@piotrooo
Copy link

@leaf94 if you are still interesting, I've made copy of this lib and fix bug reported by you. Look for version 2.0.1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@viebel @piotrooo @leaf94