diff --git a/.github/settings.yml b/.github/settings.yml index 107aa0ad..adbef7e6 100644 --- a/.github/settings.yml +++ b/.github/settings.yml @@ -24,3 +24,29 @@ branches: apps: [] users: [] teams: [ "cli-team" ] + - name: latest + protection: + required_status_checks: null + enforce_admins: true + required_pull_request_reviews: + required_approving_review_count: 1 + require_code_owner_reviews: true + require_last_push_approval: true + dismiss_stale_reviews: true + restrictions: + apps: [] + users: [] + teams: [ "cli-team" ] + - name: release/v* + protection: + required_status_checks: null + enforce_admins: true + required_pull_request_reviews: + required_approving_review_count: 1 + require_code_owner_reviews: true + require_last_push_approval: true + dismiss_stale_reviews: true + restrictions: + apps: [] + users: [] + teams: [ "cli-team" ] diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 90c632b9..bb473086 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -9,6 +9,7 @@ on: branches: - main - latest + - release/v* schedule: # "At 09:00 UTC (02:00 PT) on Monday" https://crontab.guru/#0_9_*_*_1 - cron: "0 9 * * 1" diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 66b9498a..21244879 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -7,10 +7,12 @@ on: branches: - main - latest + - release/v* pull_request: branches: - main - latest + - release/v* schedule: # "At 10:00 UTC (03:00 PT) on Monday" https://crontab.guru/#0_10_*_*_1 - cron: "0 10 * * 1" diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 3b69ae10..b086b0a5 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -78,7 +78,7 @@ jobs: let commentId = comments.find(c => c.user.login === 'github-actions[bot]' && c.body.startsWith(body))?.id body += `Release workflow run: ${workflow.html_url}\n\n#### Force CI to Update This Release\n\n` - body += `This PR will be updated and CI will run for every non-\`chore:\` commit that is pushed to \`main\`. ` + body += `This PR will be updated and CI will run for every non-\`chore:\` commit that is pushed to \`${REF_NAME}\`. ` body += `To force CI to update this PR, run this command:\n\n` body += `\`\`\`\ngh workflow run release.yml -r ${REF_NAME} -R ${owner}/${repo} -f release-pr=${issue_number}\n\`\`\`` diff --git a/.release-please-manifest.json b/.release-please-manifest.json index cc729eee..92661b3b 100644 --- a/.release-please-manifest.json +++ b/.release-please-manifest.json @@ -1,3 +1,3 @@ { - ".": "7.5.3" + ".": "7.5.4" } diff --git a/CHANGELOG.md b/CHANGELOG.md index 292ed24a..232b63ed 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,12 @@ # Changelog +## [7.5.4](https://github.com/npm/node-semver/compare/v7.5.3...v7.5.4) (2023-07-07) + +### Bug Fixes + +* [`cc6fde2`](https://github.com/npm/node-semver/commit/cc6fde2d34b95cb600d126649d926901bd2a9703) [#588](https://github.com/npm/node-semver/pull/588) trim each range set before parsing (@lukekarrys) +* [`99d8287`](https://github.com/npm/node-semver/commit/99d8287516a1d2abf0286033e2e26eca6b69c09f) [#583](https://github.com/npm/node-semver/pull/583) correctly parse long build ids as valid (#583) (@lukekarrys) + ## [7.5.3](https://github.com/npm/node-semver/compare/v7.5.2...v7.5.3) (2023-06-22) ### Bug Fixes diff --git a/classes/range.js b/classes/range.js index a7d37203..7e7c4141 100644 --- a/classes/range.js +++ b/classes/range.js @@ -38,7 +38,7 @@ class Range { this.set = this.raw .split('||') // map the range to a 2d array of comparators - .map(r => this.parseRange(r)) + .map(r => this.parseRange(r.trim())) // throw out any comparator lists that are empty // this generally means that it was not a valid range, which is allowed // in loose mode, but will still throw if the WHOLE range is invalid. diff --git a/internal/re.js b/internal/re.js index 9f5e36d5..21150b3e 100644 --- a/internal/re.js +++ b/internal/re.js @@ -1,4 +1,8 @@ -const { MAX_SAFE_COMPONENT_LENGTH, MAX_SAFE_BUILD_LENGTH } = require('./constants') +const { + MAX_SAFE_COMPONENT_LENGTH, + MAX_SAFE_BUILD_LENGTH, + MAX_LENGTH, +} = require('./constants') const debug = require('./debug') exports = module.exports = {} @@ -19,7 +23,7 @@ const LETTERDASHNUMBER = '[a-zA-Z0-9-]' // all input should have extra whitespace removed. const safeRegexReplacements = [ ['\\s', 1], - ['\\d', MAX_SAFE_COMPONENT_LENGTH], + ['\\d', MAX_LENGTH], [LETTERDASHNUMBER, MAX_SAFE_BUILD_LENGTH], ] diff --git a/package.json b/package.json index 378164a7..c145eca2 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "semver", - "version": "7.5.3", + "version": "7.5.4", "description": "The semantic version parser used by npm.", "main": "index.js", "scripts": { @@ -14,7 +14,7 @@ }, "devDependencies": { "@npmcli/eslint-config": "^4.0.0", - "@npmcli/template-oss": "4.15.1", + "@npmcli/template-oss": "4.17.0", "tap": "^16.0.0" }, "license": "ISC", @@ -53,7 +53,7 @@ "author": "GitHub Inc.", "templateOSS": { "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.", - "version": "4.15.1", + "version": "4.17.0", "engines": ">=10", "ciVersions": [ "10.0.0", diff --git a/test/classes/semver.js b/test/classes/semver.js index 1e4d48f8..85a0ec31 100644 --- a/test/classes/semver.js +++ b/test/classes/semver.js @@ -123,25 +123,6 @@ test('compare main vs pre', (t) => { t.end() }) -test('invalid version numbers', (t) => { - ['1.2.3.4', 'NOT VALID', 1.2, null, 'Infinity.NaN.Infinity'].forEach((v) => { - t.throws( - () => { - new SemVer(v) // eslint-disable-line no-new - }, - { - name: 'TypeError', - message: - typeof v === 'string' - ? `Invalid Version: ${v}` - : `Invalid version. Must be a string. Got type "${typeof v}".`, - } - ) - }) - - t.end() -}) - test('compareBuild', (t) => { const noBuild = new SemVer('1.0.0') const build0 = new SemVer('1.0.0+0') diff --git a/test/fixtures/range-exclude.js b/test/fixtures/range-exclude.js index 4b6c5631..2789148a 100644 --- a/test/fixtures/range-exclude.js +++ b/test/fixtures/range-exclude.js @@ -102,4 +102,6 @@ module.exports = [ ['>=1.0.0 <1.1.0', '1.1.0', { includePrerelease: true }], ['>=1.0.0 <1.1.0', '1.1.0-pre'], ['>=1.0.0 <1.1.0-pre', '1.1.0-pre'], + + ['== 1.0.0 || foo', '2.0.0', { loose: true }], ] diff --git a/test/functions/valid.js b/test/functions/valid.js index ab51fed3..33399ed7 100644 --- a/test/functions/valid.js +++ b/test/functions/valid.js @@ -2,6 +2,7 @@ const t = require('tap') const valid = require('../../functions/valid') const SemVer = require('../../classes/semver') const invalidVersions = require('../fixtures/invalid-versions') +const { MAX_SAFE_INTEGER } = require('../../internal/constants') t.test('returns null instead of throwing when presented with garbage', t => { t.plan(invalidVersions.length) @@ -17,3 +18,12 @@ t.test('validate a version into a SemVer object', t => { t.equal(valid('4.2.0foo', { loose: true }), '4.2.0-foo', 'looseness as an option') t.end() }) + +t.test('long build id', t => { + const longBuild = '-928490632884417731e7af463c92b034d6a78268fc993bcb88a57944' + const shortVersion = '1.1.1' + const longVersion = `${MAX_SAFE_INTEGER}.${MAX_SAFE_INTEGER}.${MAX_SAFE_INTEGER}` + t.equal(valid(shortVersion + longBuild), shortVersion + longBuild) + t.equal(valid(longVersion + longBuild), longVersion + longBuild) + t.end() +}) diff --git a/test/integration/whitespace.js b/test/integration/whitespace.js index ae1451b1..a3541325 100644 --- a/test/integration/whitespace.js +++ b/test/integration/whitespace.js @@ -29,8 +29,8 @@ test('range with 0', (t) => { t.throws(() => new Range(r).range) t.equal(validRange(r), null) t.throws(() => minVersion(r).version) - t.equal(minSatisfying(['1.2.3']), null) - t.equal(maxSatisfying(['1.2.3']), null) + t.equal(minSatisfying(['1.2.3'], r), null) + t.equal(maxSatisfying(['1.2.3'], r), null) t.end() })