univers icon indicating copy to clipboard operation
univers copied to clipboard
verified publisher icon aboutcode-org

Properly handle the pre-release versions in VersionRange

Open keshav-space opened this issue 2 years ago • 1 comments

The current univers VersionRange includes the pre-release versions. While this behavior is desirable when dealing with version ranges in a security advisory, it is not appropriate for the version range present in package manifests.

Scenario:

Consider the following release versions for an npm package: 1.0.0, 1.2.0, 2.0.0-rc.1, 2.0.0, 2.1.0, and 3.0.0

Desired Behavior:

  • When dealing with version ranges in a security advisory: 2.0.0-rc.1 in vers:npm/>=1.2.0|<2.0.0 => True

  • When dealing with version ranges in manifest files: 2.0.0-rc.1 in vers:npm/>=1.2.0|<2.0.0 => False

keshav-space avatar Jan 25 '24 14:01 keshav-space

Merging duplicate:

  • https://github.com/aboutcode-org/univers/issues/139

It would be useful to detect if a version is a prerelease, beta, rc and similar. This can then be used when doing version tests to exclude some prerelease optionally

pombredanne avatar Oct 01 '24 16:10 pombredanne