Version comparison not matching semver

[lgommans]

The version comparison does not match semver, which I assume is what Gitea follows. The code seems to do a string comparison, but whereas 1.10.0 would be more recent than 1.9.0 following semver, in string comparisons, the 9 comes after the 1 and so it would say 1.10.0' > '1.9.0' == False.

I think this should fix it:

map(int, newver.split('.')) > map(int, oldver.split('.'))

The issue with that code is that it will not support any sort of suffix, like 2.0.0-rc1. It seems those are always marked as pre-releases anyway so this should never happen when pulling the latest release, but it might still be good to have some sort of fallback for that, such as emailing the sysadmin.

The current code will only ever bug when any part of the version number (major, minor, patch) exceeds 9, and Gitea has not done that so far, but for an automatic updater that is meant to be forgotten, this might not be the best behaviour :)

By the way, I don't want to open a bunch of issues (feels like criticism), so I'll just mention it here instead: the updater is also missing any sort of verification, such as implemented here: https://gist.github.com/HorlogeSkynet/d676b9204869842933169dbe35ed8650 If this code is still in use, it might be good to implement something similar.

[CMiksche]

@lgommans : I've added a new function and a few unit tests to fix this problem in a new branch.

When this new function is successfully tested on a new Gitea update, i will close this issue.

Verification and the checking for a suffix should be handled in separate issues after my opinion. (I don't look at issues as criticism - i handle them as helping hands which help me being a better software developer and creating better programs ;-) )