Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: npm/node-semver
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: dc0fe202faaf19a545ce5eeab3480be84180a082
Choose a base ref
...
head repository: npm/node-semver
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: e7b78de06eb14a7fa2075cedf9f167040d8d31af
Choose a head ref
14 contributors
Loading
Showing with 1,119 additions and 438 deletions.
  1. +18 −0 .eslintrc.local.js
  2. +26 −2 .github/settings.yml
  3. +6 −4 .github/workflows/audit.yml
  4. +86 −24 .github/workflows/ci-release.yml
  5. +4 −52 .github/workflows/ci.yml
  6. +10 −10 .github/workflows/post-dependabot.yml
  7. +6 −4 .github/workflows/pull-request.yml
  8. +214 −49 .github/workflows/release.yml
  9. +1 −0 .gitignore
  10. +1 −1 .release-please-manifest.json
  11. +47 −0 CHANGELOG.md
  12. +50 −0 CONTRIBUTING.md
  13. +67 −0 README.md
  14. +11 −1 SECURITY.md
  15. +16 −2 bin/semver.js
  16. +39 −34 classes/comparator.js
  17. +43 −29 classes/range.js
  18. +32 −17 classes/semver.js
  19. +1 −1 functions/coerce.js
  20. +58 −16 functions/diff.js
  21. +3 −2 functions/inc.js
  22. +5 −22 functions/parse.js
  23. +1 −0 index.js
  24. +15 −2 internal/constants.js
  25. +14 −10 internal/parse-options.js
  26. +11 −0 internal/re.js
  27. +8 −7 package.json
  28. +1 −1 ranges/intersects.js
  29. +6 −3 ranges/subset.js
  30. +0 −4 scripts/_step-test.yml
  31. +38 −0 tap-snapshots/test/bin/semver.js.test.cjs
  32. +2 −0 test/bin/semver.js
  33. +12 −11 test/classes/comparator.js
  34. +37 −21 test/classes/semver.js
  35. +7 −1 test/fixtures/comparator-intersection.js
  36. +40 −3 test/fixtures/increments.js
  37. +0 −1 test/fixtures/range-exclude.js
  38. +0 −1 test/fixtures/range-include.js
  39. +0 −11 test/fixtures/range-parse.js
  40. +0 −5 test/fixtures/version-gt-range.js
  41. +0 −7 test/fixtures/version-lt-range.js
  42. +0 −2 test/fixtures/version-not-gt-range.js
  43. +0 −2 test/fixtures/version-not-lt-range.js
  44. +32 −5 test/functions/diff.js
  45. +15 −7 test/functions/inc.js
  46. +16 −0 test/functions/parse.js
  47. +39 −0 test/integration/whitespace.js
  48. +4 −3 test/internal/constants.js
  49. +16 −4 test/internal/parse-options.js
  50. +7 −1 test/internal/re.js
  51. +37 −39 test/map.js
  52. +17 −17 test/ranges/intersects.js
18 changes: 18 additions & 0 deletions .eslintrc.local.js
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
'use strict'

module.exports = {
overrides: [
{
files: ['bin/**', 'classes/**', 'functions/**', 'internal/**', 'ranges/**'],
rules: {
'import/no-extraneous-dependencies': [
'error',
{
devDependencies: false,
},
],
'import/no-nodejs-modules': ['error'],
},
},
],
}
28 changes: 26 additions & 2 deletions .github/settings.yml
View file
Original file line number Diff line number Diff line change
@@ -1,2 +1,26 @@
---
_extends: '.github:npm-cli/settings.yml'
# This file is automatically added by @npmcli/template-oss. Do not edit.

repository:
allow_merge_commit: false
allow_rebase_merge: true
allow_squash_merge: true
squash_merge_commit_title: PR_TITLE
squash_merge_commit_message: PR_BODY
delete_branch_on_merge: true
enable_automated_security_fixes: true
enable_vulnerability_alerts: true

branches:
- name: main
protection:
required_status_checks: null
enforce_admins: true
required_pull_request_reviews:
required_approving_review_count: 1
require_code_owner_reviews: true
require_last_push_approval: true
dismiss_stale_reviews: true
restrictions:
apps: []
users: []
teams: [ "cli-team" ]
10 changes: 6 additions & 4 deletions .github/workflows/audit.yml
View file
Original file line number Diff line number Diff line change
@@ -27,11 +27,13 @@ jobs:
uses: actions/setup-node@v3
with:
node-version: 18.x
- name: Install npm@latest
run: npm i --prefer-online --no-fund --no-audit -g npm@latest
- name: Install npm@8
run: npm i --prefer-online --no-fund --no-audit -g npm@8
- name: npm Version
run: npm -v
- name: Install Dependencies
run: npm i --ignore-scripts --no-audit --no-fund --package-lock
- name: Run Audit
run: npm audit
- name: Run Production Audit
run: npm audit --omit=dev
- name: Run Full Audit
run: npm audit --audit-level=none
110 changes: 86 additions & 24 deletions .github/workflows/ci-release.yml
View file
Original file line number Diff line number Diff line change
@@ -3,6 +3,12 @@
name: CI - Release

on:
workflow_dispatch:
inputs:
ref:
required: true
type: string
default: main
workflow_call:
inputs:
ref:
@@ -21,21 +27,49 @@ jobs:
run:
shell: bash
steps:
- name: Get Workflow Job
uses: actions/github-script@v6
if: inputs.check-sha
id: check-output
env:
JOB_NAME: "Lint All"
MATRIX_NAME: ""
with:
script: |
const { owner, repo } = context.repo
const { data } = await github.rest.actions.listJobsForWorkflowRun({
owner,
repo,
run_id: context.runId,
per_page: 100
})
const jobName = process.env.JOB_NAME + process.env.MATRIX_NAME
const job = data.jobs.find(j => j.name.endsWith(jobName))
const jobUrl = job?.html_url
const shaUrl = `${context.serverUrl}/${owner}/${repo}/commit/${{ inputs.check-sha }}`
let summary = `This check is assosciated with ${shaUrl}\n\n`
if (jobUrl) {
summary += `For run logs, click here: ${jobUrl}`
} else {
summary += `Run logs could not be found for a job with name: "${jobName}"`
}
return { summary }
- name: Create Check
uses: LouisBrunner/checks-action@v1.3.1
uses: LouisBrunner/checks-action@v1.6.0
id: check

if: inputs.check-sha
with:
token: ${{ secrets.GITHUB_TOKEN }}
status: in_progress
name: Lint All
sha: ${{ inputs.check-sha }}
# XXX: this does not work when using the default GITHUB_TOKEN.
# Instead we post the main job url to the PR as a comment which
# will link to all the other checks. To work around this we would
# need to create a GitHub that would create on-demand tokens.
# https://github.com/LouisBrunner/checks-action/issues/18
# details_url:
output: ${{ steps.check-output.outputs.result }}
- name: Checkout
uses: actions/checkout@v3
with:
@@ -48,8 +82,8 @@ jobs:
uses: actions/setup-node@v3
with:
node-version: 18.x
- name: Install npm@latest
run: npm i --prefer-online --no-fund --no-audit -g npm@latest
- name: Install npm@8
run: npm i --prefer-online --no-fund --no-audit -g npm@8
- name: npm Version
run: npm -v
- name: Install Dependencies
@@ -59,8 +93,8 @@ jobs:
- name: Post Lint
run: npm run postlint --ignore-scripts
- name: Conclude Check
uses: LouisBrunner/checks-action@v1.3.1
if: always()
uses: LouisBrunner/checks-action@v1.6.0
if: steps.check.outputs.check_id && always()
with:
token: ${{ secrets.GITHUB_TOKEN }}
conclusion: ${{ job.status }}
@@ -94,21 +128,49 @@ jobs:
run:
shell: ${{ matrix.platform.shell }}
steps:
- name: Get Workflow Job
uses: actions/github-script@v6
if: inputs.check-sha
id: check-output
env:
JOB_NAME: "Test All"
MATRIX_NAME: " - ${{ matrix.platform.name }} - ${{ matrix.node-version }}"
with:
script: |
const { owner, repo } = context.repo
const { data } = await github.rest.actions.listJobsForWorkflowRun({
owner,
repo,
run_id: context.runId,
per_page: 100
})
const jobName = process.env.JOB_NAME + process.env.MATRIX_NAME
const job = data.jobs.find(j => j.name.endsWith(jobName))
const jobUrl = job?.html_url
const shaUrl = `${context.serverUrl}/${owner}/${repo}/commit/${{ inputs.check-sha }}`
let summary = `This check is assosciated with ${shaUrl}\n\n`
if (jobUrl) {
summary += `For run logs, click here: ${jobUrl}`
} else {
summary += `Run logs could not be found for a job with name: "${jobName}"`
}
return { summary }
- name: Create Check
uses: LouisBrunner/checks-action@v1.3.1
uses: LouisBrunner/checks-action@v1.6.0
id: check

if: inputs.check-sha
with:
token: ${{ secrets.GITHUB_TOKEN }}
status: in_progress
name: Test All - ${{ matrix.platform.name }} - ${{ matrix.node-version }}
sha: ${{ inputs.check-sha }}
# XXX: this does not work when using the default GITHUB_TOKEN.
# Instead we post the main job url to the PR as a comment which
# will link to all the other checks. To work around this we would
# need to create a GitHub that would create on-demand tokens.
# https://github.com/LouisBrunner/checks-action/issues/18
# details_url:
output: ${{ steps.check-output.outputs.result }}
- name: Checkout
uses: actions/checkout@v3
with:
@@ -134,9 +196,9 @@ jobs:
- name: Install npm@7
if: startsWith(matrix.node-version, '10.')
run: npm i --prefer-online --no-fund --no-audit -g npm@7
- name: Install npm@latest
- name: Install npm@8
if: ${{ !startsWith(matrix.node-version, '10.') }}
run: npm i --prefer-online --no-fund --no-audit -g npm@latest
run: npm i --prefer-online --no-fund --no-audit -g npm@8
- name: npm Version
run: npm -v
- name: Install Dependencies
@@ -146,8 +208,8 @@ jobs:
- name: Test
run: npm test --ignore-scripts
- name: Conclude Check
uses: LouisBrunner/checks-action@v1.3.1
if: always()
uses: LouisBrunner/checks-action@v1.6.0
if: steps.check.outputs.check_id && always()
with:
token: ${{ secrets.GITHUB_TOKEN }}
conclusion: ${{ job.status }}
56 changes: 4 additions & 52 deletions .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
@@ -14,54 +14,6 @@ on:
- cron: "0 9 * * 1"

jobs:
engines:
name: Engines - ${{ matrix.platform.name }} - ${{ matrix.node-version }}
if: github.repository_owner == 'npm'
strategy:
fail-fast: false
matrix:
platform:
- name: Linux
os: ubuntu-latest
shell: bash
node-version:
- 10.0.0
runs-on: ${{ matrix.platform.os }}
defaults:
run:
shell: ${{ matrix.platform.shell }}
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Setup Git User
run: |
git config --global user.email "npm-cli+bot@github.com"
git config --global user.name "npm CLI robot"
- name: Setup Node
uses: actions/setup-node@v3
with:
node-version: ${{ matrix.node-version }}
- name: Update Windows npm
# node 12 and 14 ship with npm@6, which is known to fail when updating itself in windows
if: matrix.platform.os == 'windows-latest' && (startsWith(matrix.node-version, '12.') || startsWith(matrix.node-version, '14.'))
run: |
curl -sO https://registry.npmjs.org/npm/-/npm-7.5.4.tgz
tar xf npm-7.5.4.tgz
cd package
node lib/npm.js install --no-fund --no-audit -g ..\npm-7.5.4.tgz
cd ..
rmdir /s /q package
- name: Install npm@7
if: startsWith(matrix.node-version, '10.')
run: npm i --prefer-online --no-fund --no-audit -g npm@7
- name: Install npm@latest
if: ${{ !startsWith(matrix.node-version, '10.') }}
run: npm i --prefer-online --no-fund --no-audit -g npm@latest
- name: npm Version
run: npm -v
- name: Install Dependencies
run: npm i --ignore-scripts --no-audit --no-fund --engines-strict

lint:
name: Lint
if: github.repository_owner == 'npm'
@@ -80,8 +32,8 @@ jobs:
uses: actions/setup-node@v3
with:
node-version: 18.x
- name: Install npm@latest
run: npm i --prefer-online --no-fund --no-audit -g npm@latest
- name: Install npm@8
run: npm i --prefer-online --no-fund --no-audit -g npm@8
- name: npm Version
run: npm -v
- name: Install Dependencies
@@ -142,9 +94,9 @@ jobs:
- name: Install npm@7
if: startsWith(matrix.node-version, '10.')
run: npm i --prefer-online --no-fund --no-audit -g npm@7
- name: Install npm@latest
- name: Install npm@8
if: ${{ !startsWith(matrix.node-version, '10.') }}
run: npm i --prefer-online --no-fund --no-audit -g npm@latest
run: npm i --prefer-online --no-fund --no-audit -g npm@8
- name: npm Version
run: npm -v
- name: Install Dependencies
20 changes: 10 additions & 10 deletions .github/workflows/post-dependabot.yml
View file
Original file line number Diff line number Diff line change
@@ -19,7 +19,7 @@ jobs:
- name: Checkout
uses: actions/checkout@v3
with:
ref: ${{ github.ref_name }}
ref: ${{ github.event.pull_request.head.ref }}
- name: Setup Git User
run: |
git config --global user.email "npm-cli+bot@github.com"
@@ -28,8 +28,8 @@ jobs:
uses: actions/setup-node@v3
with:
node-version: 18.x
- name: Install npm@latest
run: npm i --prefer-online --no-fund --no-audit -g npm@latest
- name: Install npm@8
run: npm i --prefer-online --no-fund --no-audit -g npm@8
- name: npm Version
run: npm -v
- name: Install Dependencies
@@ -48,11 +48,11 @@ jobs:
run: |
dependabot_dir="${{ steps.metadata.outputs.directory }}"
if [[ "$dependabot_dir" == "/" ]]; then
echo "::set-output name=workspace::-iwr"
echo "workspace=-iwr" >> $GITHUB_OUTPUT
else
# strip leading slash from directory so it works as a
# a path to the workspace flag
echo "::set-output name=workspace::-w ${dependabot_dir#/}"
echo "workspace=-w ${dependabot_dir#/}" >> $GITHUB_OUTPUT
fi
- name: Apply Changes
@@ -61,17 +61,17 @@ jobs:
run: |
npm run template-oss-apply ${{ steps.flags.outputs.workspace }}
if [[ `git status --porcelain` ]]; then
echo "::set-output name=changes::true"
echo "changes=true" >> $GITHUB_OUTPUT
fi
# This only sets the conventional commit prefix. This workflow can't reliably determine
# what the breaking change is though. If a BREAKING CHANGE message is required then
# this PR check will fail and the commit will be amended with stafftools
if [[ "${{ steps.dependabot-metadata.outputs.update-type }}" == "version-update:semver-major" ]]; then
if [[ "${{ steps.metadata.outputs.update-type }}" == "version-update:semver-major" ]]; then
prefix='feat!'
else
prefix='chore!'
prefix='chore'
fi
echo "::set-output name=message::$prefix: postinstall for dependabot template-oss PR"
echo "message=$prefix: postinstall for dependabot template-oss PR" >> $GITHUB_OUTPUT
# This step will fail if template-oss has made any workflow updates. It is impossible
# for a workflow to update other workflows. In the case it does fail, we continue
@@ -90,7 +90,7 @@ jobs:
# and attempt to commit and push again. This is helpful because we will have a commit
# with the correct prefix that we can then --amend with @npmcli/stafftools later.
- name: Push All Changes Except Workflows
if: steps.apply.outputs.changes && steps.push-all.outcome == 'failure'
if: steps.apply.outputs.changes && steps.push.outcome == 'failure'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
Loading