fix: properly escape dots in GTE0 regexes #432
Merged
+22 −13
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters
Previously the dots were not properly escaped causing them to match any character. This caused ranges like `>=09090` to evaulate to `*` after they were incorrectly matched by the `GTE0` regex. This only happened in strict mode since in loose mode the leading 0 is allowed and parsed into `>=9090.0.0` before the `GTE0` check. After this fix, this range now will throw an error. This also affected prerelease versions in both strict and loose mode.
| This also includes a small amount of refactoring and a few added debug statements that made it easier for me to dig into the details here. The behavior and tests were trivial to change, but it was my first time in the codebase so I was curious to see why it happened. |
lukekarrys added a commit that referenced this pull request Feb 26, 2022
This adds `@npmcli/template-oss` to manage GitHub Actions, linting, and other chores. It specifically pins to the latest version of the library in order to allow for the following manual changes: - Files outside of `lib/` to avoid breaking public API - Keeping engines (and testing) on `>=10` - Installs `npm@7` in CI to work with node 10 This surfaced a few bugs which I opted to fix in separate issues: - #432 - #434
lukekarrys added a commit that referenced this pull request Mar 23, 2022
This adds `@npmcli/template-oss` to manage GitHub Actions, linting, and other chores. It specifically pins to the latest version of the library in order to allow for the following manual changes: - Files outside of `lib/` to avoid breaking public API - Keeping engines (and testing) on `>=10` - Installs `npm@7` in CI to work with node 10 This surfaced a few bugs which I opted to fix in separate issues: - #432 - #434
lukekarrys added a commit that referenced this pull request Mar 25, 2022
This adds `@npmcli/template-oss` to manage GitHub Actions, linting, and other chores. It specifically pins to the latest version of the library in order to allow for the following manual changes: - Files outside of `lib/` to avoid breaking public API - Keeping engines (and testing) on `>=10` - Installs `npm@7` in CI to work with node 10 This surfaced a few bugs which I opted to fix in separate issues: - #432 - #434
lukekarrys added a commit that referenced this pull request Mar 25, 2022
Previously the dots were not properly escaped causing them to match any character. This caused ranges like `>=09090` to evaulate to `*` after they were incorrectly matched by the `GTE0` regex. This only happened in strict mode since in loose mode the leading 0 is allowed and parsed into `>=9090.0.0` before the `GTE0` check. After this fix, this range now will throw an error. This also affected prerelease versions in both strict and loose mode.
lukekarrys added a commit that referenced this pull request Mar 25, 2022
Previously the dots were not properly escaped causing them to match any character. This caused ranges like `>=09090` to evaulate to `*` after they were incorrectly matched by the `GTE0` regex. This only happened in strict mode since in loose mode the leading 0 is allowed and parsed into `>=9090.0.0` before the `GTE0` check. After this fix, this range now will throw an error. This also affected prerelease versions in both strict and loose mode.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit. This suggestion is invalid because no changes were made to the code. Suggestions cannot be applied while the pull request is closed. Suggestions cannot be applied while viewing a subset of changes. Only one suggestion per line can be applied in a batch. Add this suggestion to a batch that can be applied as a single commit. Applying suggestions on deleted lines is not supported. You must change the existing code in this line in order to create a valid suggestion. Outdated suggestions cannot be applied. This suggestion has been applied or marked resolved. Suggestions cannot be applied from pending reviews. Suggestions cannot be applied on multi-line comments. Suggestions cannot be applied while the pull request is queued to merge. Suggestion cannot be applied right now. Please check back later.
Previously the dots were not properly escaped causing them to match any
character. This caused ranges like
>=09090to evaulate to*afterthey were incorrectly matched by the
GTE0regex. This only happened instrict mode since in loose mode the leading 0 is allowed and parsed into
>=9090.0.0before theGTE0check. After this fix, this range nowwill throw an error. This also affected prerelease versions in both
strict and loose mode.