From 52d3d19522312b15e99a900aa0268a3065f11388 Mon Sep 17 00:00:00 2001
From: Gareth Jones <Jones258@Gmail.com>
Date: Sat, 19 Aug 2023 13:26:47 +1200
Subject: [PATCH] test: update e2e fixtures (#203)

* test: update e2e fixtures

* test: update fixtures
---
 fixtures/locks-e2e/1-Gemfile.lock.out.txt |  9 +++++----
 fixtures/locks-e2e/2-Gemfile.lock.out.txt | 10 ++++++----
 pkg/semantic/version-pypi.go              |  2 +-
 3 files changed, 12 insertions(+), 9 deletions(-)

diff --git a/fixtures/locks-e2e/1-Gemfile.lock.out.txt b/fixtures/locks-e2e/1-Gemfile.lock.out.txt
index 511c3f72..94e7950f 100644
--- a/fixtures/locks-e2e/1-Gemfile.lock.out.txt
+++ b/fixtures/locks-e2e/1-Gemfile.lock.out.txt
@@ -15,11 +15,11 @@ fixtures/locks-e2e/1-Gemfile.lock: found 229 packages
     GHSA-xp5h-f8jf-rc8q: rails-ujs vulnerable to DOM Based Cross-site Scripting contenteditable HTML Elements (https://github.com/advisories/GHSA-xp5h-f8jf-rc8q)
   activerecord@5.2.6 is affected by the following vulnerabilities:
     GHSA-3hhc-qp5v-9p2j: Active Record RCE bug with Serialized Columns (https://github.com/advisories/GHSA-3hhc-qp5v-9p2j)
-    GHSA-579w-22j4-4749: Denial of Service Vulnerability in ActiveRecord’s PostgreSQL adapter (https://github.com/advisories/GHSA-579w-22j4-4749)
+    GHSA-579w-22j4-4749: Denial of Service Vulnerability in ActiveRecord's PostgreSQL adapter (https://github.com/advisories/GHSA-579w-22j4-4749)
   activestorage@5.2.6 is affected by the following vulnerabilities:
     GHSA-w749-p3v6-hccq: Possible code injection vulnerability in Rails / Active Storage (https://github.com/advisories/GHSA-w749-p3v6-hccq)
   activesupport@5.2.6 is affected by the following vulnerabilities:
-    GHSA-j6gc-792m-qgm2: ReDoS based DoS vulnerability in Active Support’s underscore (https://github.com/advisories/GHSA-j6gc-792m-qgm2)
+    GHSA-j6gc-792m-qgm2: ReDoS based DoS vulnerability in Active Support's underscore (https://github.com/advisories/GHSA-j6gc-792m-qgm2)
     GHSA-pj73-v5mw-pm9j: Possible XSS Security Vulnerability in SafeBuffer#bytesplice (https://github.com/advisories/GHSA-pj73-v5mw-pm9j)
   addressable@2.7.0 is affected by the following vulnerabilities:
     GHSA-jxhc-q857-3j6g: Regular Expression Denial of Service in Addressable templates (https://github.com/advisories/GHSA-jxhc-q857-3j6g)
@@ -48,6 +48,7 @@ fixtures/locks-e2e/1-Gemfile.lock: found 229 packages
     GHSA-xxx9-3xcr-gjj3: XML Injection in Xerces Java affects Nokogiri (https://github.com/advisories/GHSA-xxx9-3xcr-gjj3)
   puma@4.3.5 is affected by the following vulnerabilities:
     GHSA-48w2-rm65-62xx: Puma with proxy which forwards LF characters as line endings could allow HTTP request smuggling (https://github.com/advisories/GHSA-48w2-rm65-62xx)
+    GHSA-68xg-gqqm-vgj8: Puma HTTP Request/Response Smuggling vulnerability (https://github.com/advisories/GHSA-68xg-gqqm-vgj8)
     GHSA-h99w-9q5r-gjq9: Puma vulnerable to HTTP Request Smuggling (https://github.com/advisories/GHSA-h99w-9q5r-gjq9)
     GHSA-q28m-8xjw-8vr5: Puma's Keepalive Connections Causing Denial Of Service (https://github.com/advisories/GHSA-q28m-8xjw-8vr5)
     GHSA-rmj8-8hhh-gv5h: Puma used with Rails may lead to Information Exposure (https://github.com/advisories/GHSA-rmj8-8hhh-gv5h)
@@ -55,7 +56,7 @@ fixtures/locks-e2e/1-Gemfile.lock: found 229 packages
     GHSA-3h57-hmj3-gj3p: Rack has possible DoS Vulnerability in Multipart MIME parsing (https://github.com/advisories/GHSA-3h57-hmj3-gj3p)
     GHSA-65f5-mfpf-vfhj: Denial of service via header parsing in Rack (https://github.com/advisories/GHSA-65f5-mfpf-vfhj)
     GHSA-93pm-5p5f-3ghx: Denial of Service Vulnerability in Rack Content-Disposition parsing (https://github.com/advisories/GHSA-93pm-5p5f-3ghx)
-    GHSA-c6qg-cjj8-47qp: Possible Denial of Service Vulnerability in Rack’s header parsing (https://github.com/advisories/GHSA-c6qg-cjj8-47qp)
+    GHSA-c6qg-cjj8-47qp: Possible Denial of Service Vulnerability in Rack's header parsing (https://github.com/advisories/GHSA-c6qg-cjj8-47qp)
     GHSA-hxqx-xwvh-44m2: Denial of Service Vulnerability in Rack Multipart Parsing (https://github.com/advisories/GHSA-hxqx-xwvh-44m2)
     GHSA-rqv2-275x-2jq5: Denial of service via multipart parsing in Rack (https://github.com/advisories/GHSA-rqv2-275x-2jq5)
     GHSA-wq4h-7r42-5hrr: Possible shell escape sequence injection vulnerability in Rack (https://github.com/advisories/GHSA-wq4h-7r42-5hrr)
@@ -75,4 +76,4 @@ fixtures/locks-e2e/1-Gemfile.lock: found 229 packages
   tzinfo@1.2.9 is affected by the following vulnerabilities:
     GHSA-5cm2-9h8c-rvfx: TZInfo relative path traversal vulnerability allows loading of arbitrary files (https://github.com/advisories/GHSA-5cm2-9h8c-rvfx)
 
-  52 known vulnerabilities found in fixtures/locks-e2e/1-Gemfile.lock
+  53 known vulnerabilities found in fixtures/locks-e2e/1-Gemfile.lock
diff --git a/fixtures/locks-e2e/2-Gemfile.lock.out.txt b/fixtures/locks-e2e/2-Gemfile.lock.out.txt
index 01f4caea..2ef59133 100644
--- a/fixtures/locks-e2e/2-Gemfile.lock.out.txt
+++ b/fixtures/locks-e2e/2-Gemfile.lock.out.txt
@@ -16,12 +16,12 @@ fixtures/locks-e2e/2-Gemfile.lock: found 426 packages
     GHSA-xp5h-f8jf-rc8q: rails-ujs vulnerable to DOM Based Cross-site Scripting contenteditable HTML Elements (https://github.com/advisories/GHSA-xp5h-f8jf-rc8q)
   activerecord@6.0.4.1 is affected by the following vulnerabilities:
     GHSA-3hhc-qp5v-9p2j: Active Record RCE bug with Serialized Columns (https://github.com/advisories/GHSA-3hhc-qp5v-9p2j)
-    GHSA-579w-22j4-4749: Denial of Service Vulnerability in ActiveRecord’s PostgreSQL adapter (https://github.com/advisories/GHSA-579w-22j4-4749)
+    GHSA-579w-22j4-4749: Denial of Service Vulnerability in ActiveRecord's PostgreSQL adapter (https://github.com/advisories/GHSA-579w-22j4-4749)
     GHSA-hq7p-j377-6v63: SQL Injection Vulnerability via ActiveRecord comments (https://github.com/advisories/GHSA-hq7p-j377-6v63)
   activestorage@6.0.4.1 is affected by the following vulnerabilities:
     GHSA-w749-p3v6-hccq: Possible code injection vulnerability in Rails / Active Storage (https://github.com/advisories/GHSA-w749-p3v6-hccq)
   activesupport@6.0.4.1 is affected by the following vulnerabilities:
-    GHSA-j6gc-792m-qgm2: ReDoS based DoS vulnerability in Active Support’s underscore (https://github.com/advisories/GHSA-j6gc-792m-qgm2)
+    GHSA-j6gc-792m-qgm2: ReDoS based DoS vulnerability in Active Support's underscore (https://github.com/advisories/GHSA-j6gc-792m-qgm2)
     GHSA-pj73-v5mw-pm9j: Possible XSS Security Vulnerability in SafeBuffer#bytesplice (https://github.com/advisories/GHSA-pj73-v5mw-pm9j)
   globalid@1.0.0 is affected by the following vulnerabilities:
     GHSA-23c2-gwp5-pxw9: ReDoS based DoS vulnerability in GlobalID (https://github.com/advisories/GHSA-23c2-gwp5-pxw9)
@@ -38,11 +38,13 @@ fixtures/locks-e2e/2-Gemfile.lock: found 426 packages
     GHSA-cgx6-hpwq-fhv5: Integer Overflow or Wraparound in libxml2 affects Nokogiri (https://github.com/advisories/GHSA-cgx6-hpwq-fhv5)
     GHSA-pxvg-2qj5-37jq: Nokogiri updates packaged libxml2 to v2.10.4 to resolve multiple CVEs (https://github.com/advisories/GHSA-pxvg-2qj5-37jq)
     GHSA-xh29-r2w5-wx8m: Nokogiri Improperly Handles Unexpected Data Type (https://github.com/advisories/GHSA-xh29-r2w5-wx8m)
+  puma@5.6.4 is affected by the following vulnerabilities:
+    GHSA-68xg-gqqm-vgj8: Puma HTTP Request/Response Smuggling vulnerability (https://github.com/advisories/GHSA-68xg-gqqm-vgj8)
   rack@2.2.3 is affected by the following vulnerabilities:
     GHSA-3h57-hmj3-gj3p: Rack has possible DoS Vulnerability in Multipart MIME parsing (https://github.com/advisories/GHSA-3h57-hmj3-gj3p)
     GHSA-65f5-mfpf-vfhj: Denial of service via header parsing in Rack (https://github.com/advisories/GHSA-65f5-mfpf-vfhj)
     GHSA-93pm-5p5f-3ghx: Denial of Service Vulnerability in Rack Content-Disposition parsing (https://github.com/advisories/GHSA-93pm-5p5f-3ghx)
-    GHSA-c6qg-cjj8-47qp: Possible Denial of Service Vulnerability in Rack’s header parsing (https://github.com/advisories/GHSA-c6qg-cjj8-47qp)
+    GHSA-c6qg-cjj8-47qp: Possible Denial of Service Vulnerability in Rack's header parsing (https://github.com/advisories/GHSA-c6qg-cjj8-47qp)
     GHSA-hxqx-xwvh-44m2: Denial of Service Vulnerability in Rack Multipart Parsing (https://github.com/advisories/GHSA-hxqx-xwvh-44m2)
     GHSA-rqv2-275x-2jq5: Denial of service via multipart parsing in Rack (https://github.com/advisories/GHSA-rqv2-275x-2jq5)
     GHSA-wq4h-7r42-5hrr: Possible shell escape sequence injection vulnerability in Rack (https://github.com/advisories/GHSA-wq4h-7r42-5hrr)
@@ -55,4 +57,4 @@ fixtures/locks-e2e/2-Gemfile.lock: found 426 packages
   tzinfo@1.2.9 is affected by the following vulnerabilities:
     GHSA-5cm2-9h8c-rvfx: TZInfo relative path traversal vulnerability allows loading of arbitrary files (https://github.com/advisories/GHSA-5cm2-9h8c-rvfx)
 
-  37 known vulnerabilities found in fixtures/locks-e2e/2-Gemfile.lock
+  38 known vulnerabilities found in fixtures/locks-e2e/2-Gemfile.lock
diff --git a/pkg/semantic/version-pypi.go b/pkg/semantic/version-pypi.go
index 885aaa52..58fa2c63 100644
--- a/pkg/semantic/version-pypi.go
+++ b/pkg/semantic/version-pypi.go
@@ -313,7 +313,7 @@ func (pv PyPIVersion) compareLocal(pw PyPIVersion) int {
 	}
 
 	// Additionally a local version with a great number of segments will always compare as greater than a local version with fewer segments,
-	// as long as the shorter local version’s segments match the beginning of the longer local version’s segments exactly.
+	// as long as the shorter local version's segments match the beginning of the longer local version's segments exactly.
 	if len(pv.local) > len(pw.local) {
 		return +1
 	}