diff --git a/.licenses/npm/semver-7.7.2.dep.yml b/.licenses/npm/semver-7.7.3.dep.yml similarity index 98% rename from .licenses/npm/semver-7.7.2.dep.yml rename to .licenses/npm/semver-7.7.3.dep.yml index 4157891..77ae981 100644 --- a/.licenses/npm/semver-7.7.2.dep.yml +++ b/.licenses/npm/semver-7.7.3.dep.yml @@ -1,6 +1,6 @@ --- name: semver -version: 7.7.2 +version: 7.7.3 type: npm summary: The semantic version parser used by npm. homepage: diff --git a/dist/index.js b/dist/index.js index 0b51f5c..4f4b373 100644 --- a/dist/index.js +++ b/dist/index.js @@ -7961,6 +7961,7 @@ const isSatisfiable = (comparators, options) => { // already replaced the hyphen ranges // turn into a set of JUST comparators. const parseComparator = (comp, options) => { + comp = comp.replace(re[t.BUILD], '') debug('comp', comp, options) comp = replaceCarets(comp, options) debug('caret', comp) @@ -8381,11 +8382,25 @@ class SemVer { other = new SemVer(other, this.options) } - return ( - compareIdentifiers(this.major, other.major) || - compareIdentifiers(this.minor, other.minor) || - compareIdentifiers(this.patch, other.patch) - ) + if (this.major < other.major) { + return -1 + } + if (this.major > other.major) { + return 1 + } + if (this.minor < other.minor) { + return -1 + } + if (this.minor > other.minor) { + return 1 + } + if (this.patch < other.patch) { + return -1 + } + if (this.patch > other.patch) { + return 1 + } + return 0 } comparePre (other) { @@ -9286,6 +9301,10 @@ module.exports = debug const numeric = /^[0-9]+$/ const compareIdentifiers = (a, b) => { + if (typeof a === 'number' && typeof b === 'number') { + return a === b ? 0 : a < b ? -1 : 1 + } + const anum = numeric.test(a) const bnum = numeric.test(b) diff --git a/package-lock.json b/package-lock.json index b3fcdc2..c555fa3 100644 --- a/package-lock.json +++ b/package-lock.json @@ -10,7 +10,7 @@ "@actions/core": "^1.11.1", "@actions/http-client": "^2.2.3", "@actions/tool-cache": "^2.0.2", - "semver": "^7.7.2" + "semver": "^7.7.3" }, "devDependencies": { "@actions/io": "^1.1.3", @@ -5419,9 +5419,9 @@ "license": "MIT" }, "node_modules/semver": { - "version": "7.7.2", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.7.2.tgz", - "integrity": "sha512-RF0Fw+rO5AMf9MAyaRXI4AV0Ulj5lMHqVxxdSgiVbixSCXoEmmX/jk0CuJw4+3SqroYO9VoUh+HcuJivvtJemA==", + "version": "7.7.3", + "resolved": "https://registry.npmjs.org/semver/-/semver-7.7.3.tgz", + "integrity": "sha512-SdsKMrI9TdgjdweUSR9MweHA4EJ8YxHn8DFaDisvhVlUOe4BF1tLD7GAj0lIqWVl+dPb/rExr0Btby5loQm20Q==", "license": "ISC", "bin": { "semver": "bin/semver.js" diff --git a/package.json b/package.json index 44e0497..7eddeed 100644 --- a/package.json +++ b/package.json @@ -18,7 +18,7 @@ "@actions/core": "^1.11.1", "@actions/http-client": "^2.2.3", "@actions/tool-cache": "^2.0.2", - "semver": "^7.7.2" + "semver": "^7.7.3" }, "devDependencies": { "@actions/io": "^1.1.3",