NpmSpec Comparison Between Prerelease Versions is Wrong

Question

NpmSpec Comparison Between Prerelease Versions is Wrong

Opened this issue 4 years ago · 6 comments

Version is 2.8.5.

>>> from semantic_version import NpmSpec, Version
>>> NpmSpec("<0.1.1-alpha.1").match(Version("0.1.1-beta.1"))
True
>>> NpmSpec("<0.1.1-alpha.1").match(Version("0.1.1-rc.1"))
True
>>> NpmSpec("<0.1.1-beta.7").match(Version("0.1.1-beta.8"))
True

They should be false.

Answer 1 · 2020-06-15T14:26:27.000Z

This looks indeed like a bug; I don't understand why the current tests fail to detect it :/

Answer 2 · 2020-06-15T14:54:13.000Z

Because you only test '>1.2.3-alpha.3' and '>=1.2.3-alpha.3' cases (GT and GTE). No cases for prerelease versions with LT and LTE. :)

Answer 3 · 2020-09-16T19:36:04.000Z

possibly related:

>>> NpmSpec(">=2.0.1-").match(Version("2.0.1-rc1"))
False
>>> NpmSpec(">=2.0.1-0").match(Version("2.0.1-rc1"))
True

I believe >=2.0.1- should match all 2.0.1 prerelease versions of 2.0.1, but in actuality you need to add some character after the -

Answer 4 · 2020-09-16T19:37:27.000Z

oh and the same issue with ~2.0.1- not matching anything

Answer 5 · 2022-12-15T18:29:00.000Z

Here's another example that doesn't seem correct.

>>> from semantic_version import NpmSpec, Version
>>> NpmSpec("5.4.0-alpha.0").match(Version("5.4.0-alpha.0"))
True
>>> NpmSpec("5.4.0-alpha.0").match(Version("5.4.0"))
True  # this should be False

The same examples in semver from npm have the correct logic:

> var semver = require('semver');
> semver.satisfies('2.0.0-next.1', '2.0.0-next.1');
true
> semver.satisfies('2.0.0', '2.0.0-next.1');
false

Answer 6 · 2024-06-13T18:33:53.000Z

Any news about this?
I also encountered it (with jquery-ui that selected the beta version instead of latest stable).

> NpmSpec('<1.14.0').select([Version('1.13.3'), Version('1.14.0-beta.1')])
Version('1.14.0-beta.1')