diff --git a/.licenses/npm/semver-7.7.2.dep.yml b/.licenses/npm/semver-7.7.3.dep.yml similarity index 98% rename from .licenses/npm/semver-7.7.2.dep.yml rename to .licenses/npm/semver-7.7.3.dep.yml index 41578916..77ae9813 100644 --- a/.licenses/npm/semver-7.7.2.dep.yml +++ b/.licenses/npm/semver-7.7.3.dep.yml @@ -1,6 +1,6 @@ --- name: semver -version: 7.7.2 +version: 7.7.3 type: npm summary: The semantic version parser used by npm. homepage: diff --git a/dist/index.js b/dist/index.js index 56d009f0..03cf4cf4 100644 --- a/dist/index.js +++ b/dist/index.js @@ -8854,6 +8854,7 @@ const isSatisfiable = (comparators, options) => { // already replaced the hyphen ranges // turn into a set of JUST comparators. const parseComparator = (comp, options) => { + comp = comp.replace(re[t.BUILD], '') debug('comp', comp, options) comp = replaceCarets(comp, options) debug('caret', comp) @@ -9274,11 +9275,25 @@ class SemVer { other = new SemVer(other, this.options) } - return ( - compareIdentifiers(this.major, other.major) || - compareIdentifiers(this.minor, other.minor) || - compareIdentifiers(this.patch, other.patch) - ) + if (this.major < other.major) { + return -1 + } + if (this.major > other.major) { + return 1 + } + if (this.minor < other.minor) { + return -1 + } + if (this.minor > other.minor) { + return 1 + } + if (this.patch < other.patch) { + return -1 + } + if (this.patch > other.patch) { + return 1 + } + return 0 } comparePre (other) { @@ -10179,6 +10194,10 @@ module.exports = debug const numeric = /^[0-9]+$/ const compareIdentifiers = (a, b) => { + if (typeof a === 'number' && typeof b === 'number') { + return a === b ? 0 : a < b ? -1 : 1 + } + const anum = numeric.test(a) const bnum = numeric.test(b) diff --git a/package-lock.json b/package-lock.json index 50790882..7ee05723 100644 --- a/package-lock.json +++ b/package-lock.json @@ -9,7 +9,7 @@ "dependencies": { "@actions/core": "^1.11.1", "@actions/tool-cache": "^2.0.2", - "semver": "^7.7.2", + "semver": "^7.7.3", "typed-rest-client": "^2.1.0" }, "devDependencies": { @@ -9824,10 +9824,9 @@ "license": "ISC" }, "node_modules/semver": { - "version": "7.7.2", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.7.2.tgz", - "integrity": "sha512-RF0Fw+rO5AMf9MAyaRXI4AV0Ulj5lMHqVxxdSgiVbixSCXoEmmX/jk0CuJw4+3SqroYO9VoUh+HcuJivvtJemA==", - "license": "ISC", + "version": "7.7.3", + "resolved": "https://registry.npmjs.org/semver/-/semver-7.7.3.tgz", + "integrity": "sha512-SdsKMrI9TdgjdweUSR9MweHA4EJ8YxHn8DFaDisvhVlUOe4BF1tLD7GAj0lIqWVl+dPb/rExr0Btby5loQm20Q==", "bin": { "semver": "bin/semver.js" }, @@ -17990,9 +17989,9 @@ "dev": true }, "semver": { - "version": "7.7.2", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.7.2.tgz", - "integrity": "sha512-RF0Fw+rO5AMf9MAyaRXI4AV0Ulj5lMHqVxxdSgiVbixSCXoEmmX/jk0CuJw4+3SqroYO9VoUh+HcuJivvtJemA==" + "version": "7.7.3", + "resolved": "https://registry.npmjs.org/semver/-/semver-7.7.3.tgz", + "integrity": "sha512-SdsKMrI9TdgjdweUSR9MweHA4EJ8YxHn8DFaDisvhVlUOe4BF1tLD7GAj0lIqWVl+dPb/rExr0Btby5loQm20Q==" }, "set-function-length": { "version": "1.2.2", diff --git a/package.json b/package.json index e6b65072..c7b34783 100644 --- a/package.json +++ b/package.json @@ -18,7 +18,7 @@ "dependencies": { "@actions/core": "^1.11.1", "@actions/tool-cache": "^2.0.2", - "semver": "^7.7.2", + "semver": "^7.7.3", "typed-rest-client": "^2.1.0" }, "devDependencies": {