Merge pull request #318 from docker/dependabot/npm_and_yarn/semver-7.3.5

Bump semver from 7.3.4 to 7.3.5
This commit is contained in:
CrazyMax 2021-03-29 23:51:27 +02:00 committed by GitHub
commit 9cf6eb2b16
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 72 additions and 12 deletions

74
dist/index.js generated vendored
View File

@ -13202,22 +13202,30 @@ module.exports = clean
/***/ (function(module, __unusedexports, __webpack_require__) { /***/ (function(module, __unusedexports, __webpack_require__) {
const Range = __webpack_require__(828) const Range = __webpack_require__(828)
const { ANY } = __webpack_require__(532) const Comparator = __webpack_require__(532)
const { ANY } = Comparator
const satisfies = __webpack_require__(55) const satisfies = __webpack_require__(55)
const compare = __webpack_require__(309) const compare = __webpack_require__(309)
// Complex range `r1 || r2 || ...` is a subset of `R1 || R2 || ...` iff: // Complex range `r1 || r2 || ...` is a subset of `R1 || R2 || ...` iff:
// - Every simple range `r1, r2, ...` is a subset of some `R1, R2, ...` // - Every simple range `r1, r2, ...` is a null set, OR
// - Every simple range `r1, r2, ...` which is not a null set is a subset of
// some `R1, R2, ...`
// //
// Simple range `c1 c2 ...` is a subset of simple range `C1 C2 ...` iff: // Simple range `c1 c2 ...` is a subset of simple range `C1 C2 ...` iff:
// - If c is only the ANY comparator // - If c is only the ANY comparator
// - If C is only the ANY comparator, return true // - If C is only the ANY comparator, return true
// - Else return false // - Else if in prerelease mode, return false
// - else replace c with `[>=0.0.0]`
// - If C is only the ANY comparator
// - if in prerelease mode, return true
// - else replace C with `[>=0.0.0]`
// - Let EQ be the set of = comparators in c // - Let EQ be the set of = comparators in c
// - If EQ is more than one, return true (null set) // - If EQ is more than one, return true (null set)
// - Let GT be the highest > or >= comparator in c // - Let GT be the highest > or >= comparator in c
// - Let LT be the lowest < or <= comparator in c // - Let LT be the lowest < or <= comparator in c
// - If GT and LT, and GT.semver > LT.semver, return true (null set) // - If GT and LT, and GT.semver > LT.semver, return true (null set)
// - If any C is a = range, and GT or LT are set, return false
// - If EQ // - If EQ
// - If GT, and EQ does not satisfy GT, return true (null set) // - If GT, and EQ does not satisfy GT, return true (null set)
// - If LT, and EQ does not satisfy LT, return true (null set) // - If LT, and EQ does not satisfy LT, return true (null set)
@ -13226,13 +13234,16 @@ const compare = __webpack_require__(309)
// - If GT // - If GT
// - If GT.semver is lower than any > or >= comp in C, return false // - If GT.semver is lower than any > or >= comp in C, return false
// - If GT is >=, and GT.semver does not satisfy every C, return false // - If GT is >=, and GT.semver does not satisfy every C, return false
// - If GT.semver has a prerelease, and not in prerelease mode
// - If no C has a prerelease and the GT.semver tuple, return false
// - If LT // - If LT
// - If LT.semver is greater than any < or <= comp in C, return false // - If LT.semver is greater than any < or <= comp in C, return false
// - If LT is <=, and LT.semver does not satisfy every C, return false // - If LT is <=, and LT.semver does not satisfy every C, return false
// - If any C is a = range, and GT or LT are set, return false // - If GT.semver has a prerelease, and not in prerelease mode
// - If no C has a prerelease and the LT.semver tuple, return false
// - Else return true // - Else return true
const subset = (sub, dom, options) => { const subset = (sub, dom, options = {}) => {
if (sub === dom) if (sub === dom)
return true return true
@ -13261,8 +13272,21 @@ const simpleSubset = (sub, dom, options) => {
if (sub === dom) if (sub === dom)
return true return true
if (sub.length === 1 && sub[0].semver === ANY) if (sub.length === 1 && sub[0].semver === ANY) {
return dom.length === 1 && dom[0].semver === ANY if (dom.length === 1 && dom[0].semver === ANY)
return true
else if (options.includePrerelease)
sub = [ new Comparator('>=0.0.0-0') ]
else
sub = [ new Comparator('>=0.0.0') ]
}
if (dom.length === 1 && dom[0].semver === ANY) {
if (options.includePrerelease)
return true
else
dom = [ new Comparator('>=0.0.0') ]
}
const eqSet = new Set() const eqSet = new Set()
let gt, lt let gt, lt
@ -13305,10 +13329,32 @@ const simpleSubset = (sub, dom, options) => {
let higher, lower let higher, lower
let hasDomLT, hasDomGT let hasDomLT, hasDomGT
// if the subset has a prerelease, we need a comparator in the superset
// with the same tuple and a prerelease, or it's not a subset
let needDomLTPre = lt &&
!options.includePrerelease &&
lt.semver.prerelease.length ? lt.semver : false
let needDomGTPre = gt &&
!options.includePrerelease &&
gt.semver.prerelease.length ? gt.semver : false
// exception: <1.2.3-0 is the same as <1.2.3
if (needDomLTPre && needDomLTPre.prerelease.length === 1 &&
lt.operator === '<' && needDomLTPre.prerelease[0] === 0) {
needDomLTPre = false
}
for (const c of dom) { for (const c of dom) {
hasDomGT = hasDomGT || c.operator === '>' || c.operator === '>=' hasDomGT = hasDomGT || c.operator === '>' || c.operator === '>='
hasDomLT = hasDomLT || c.operator === '<' || c.operator === '<=' hasDomLT = hasDomLT || c.operator === '<' || c.operator === '<='
if (gt) { if (gt) {
if (needDomGTPre) {
if (c.semver.prerelease && c.semver.prerelease.length &&
c.semver.major === needDomGTPre.major &&
c.semver.minor === needDomGTPre.minor &&
c.semver.patch === needDomGTPre.patch) {
needDomGTPre = false
}
}
if (c.operator === '>' || c.operator === '>=') { if (c.operator === '>' || c.operator === '>=') {
higher = higherGT(gt, c, options) higher = higherGT(gt, c, options)
if (higher === c && higher !== gt) if (higher === c && higher !== gt)
@ -13317,6 +13363,14 @@ const simpleSubset = (sub, dom, options) => {
return false return false
} }
if (lt) { if (lt) {
if (needDomLTPre) {
if (c.semver.prerelease && c.semver.prerelease.length &&
c.semver.major === needDomLTPre.major &&
c.semver.minor === needDomLTPre.minor &&
c.semver.patch === needDomLTPre.patch) {
needDomLTPre = false
}
}
if (c.operator === '<' || c.operator === '<=') { if (c.operator === '<' || c.operator === '<=') {
lower = lowerLT(lt, c, options) lower = lowerLT(lt, c, options)
if (lower === c && lower !== lt) if (lower === c && lower !== lt)
@ -13337,6 +13391,12 @@ const simpleSubset = (sub, dom, options) => {
if (lt && hasDomGT && !gt && gtltComp !== 0) if (lt && hasDomGT && !gt && gtltComp !== 0)
return false return false
// we needed a prerelease range in a specific tuple, but didn't get one
// then this isn't a subset. eg >=1.2.3-pre is not a subset of >=1.0.0,
// because it includes prereleases in the 1.2.3 tuple
if (needDomGTPre || needDomLTPre)
return false
return true return true
} }

View File

@ -32,7 +32,7 @@
"@actions/exec": "^1.0.4", "@actions/exec": "^1.0.4",
"@actions/github": "^4.0.0", "@actions/github": "^4.0.0",
"csv-parse": "^4.15.3", "csv-parse": "^4.15.3",
"semver": "^7.3.4", "semver": "^7.3.5",
"tmp": "^0.2.1" "tmp": "^0.2.1"
}, },
"devDependencies": { "devDependencies": {

View File

@ -3243,10 +3243,10 @@ saxes@^5.0.0:
resolved "https://registry.yarnpkg.com/semver/-/semver-5.7.1.tgz#a954f931aeba508d307bbf069eff0c01c96116f7" resolved "https://registry.yarnpkg.com/semver/-/semver-5.7.1.tgz#a954f931aeba508d307bbf069eff0c01c96116f7"
integrity sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ== integrity sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==
semver@7.x, semver@^7.3.2, semver@^7.3.4: semver@7.x, semver@^7.3.2, semver@^7.3.5:
version "7.3.4" version "7.3.5"
resolved "https://registry.yarnpkg.com/semver/-/semver-7.3.4.tgz#27aaa7d2e4ca76452f98d3add093a72c943edc97" resolved "https://registry.yarnpkg.com/semver/-/semver-7.3.5.tgz#0b621c879348d8998e4b0e4be94b3f12e6018ef7"
integrity sha512-tCfb2WLjqFAtXn4KEdxIhalnRtoKFN7nAwj0B3ZXCbQloV2tq5eDbcTmT68JJD3nRJq24/XgxtQKFIpQdtvmVw== integrity sha512-PoeGJYh8HK4BTO/a9Tf6ZG3veo/A7ZVsYrSA6J8ny9nb3B1VrpkuN+z9OE5wfE5p6H4LchYZsegiQgbJD94ZFQ==
dependencies: dependencies:
lru-cache "^6.0.0" lru-cache "^6.0.0"