You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The current univers VersionRange includes the pre-release versions. While this behavior is desirable when dealing with version ranges in a security advisory, it is not appropriate for the version range present in package manifests.
Scenario:
Consider the following release versions for an npm package:
1.0.0, 1.2.0, 2.0.0-rc.1, 2.0.0, 2.1.0, and 3.0.0
Desired Behavior:
When dealing with version ranges in a security advisory: 2.0.0-rc.1 in vers:npm/>=1.2.0|<2.0.0 => True
When dealing with version ranges in manifest files: 2.0.0-rc.1 in vers:npm/>=1.2.0|<2.0.0 => False
The text was updated successfully, but these errors were encountered:
The current univers
VersionRangeincludes the pre-release versions. While this behavior is desirable when dealing with version ranges in a security advisory, it is not appropriate for the version range present in package manifests.Scenario:
Consider the following release versions for an npm package:
1.0.0, 1.2.0, 2.0.0-rc.1, 2.0.0, 2.1.0, and 3.0.0
Desired Behavior:
When dealing with version ranges in a security advisory:
2.0.0-rc.1invers:npm/>=1.2.0|<2.0.0=> TrueWhen dealing with version ranges in manifest files:
2.0.0-rc.1invers:npm/>=1.2.0|<2.0.0=> FalseThe text was updated successfully, but these errors were encountered: