Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Semver validation error when prerelease version contains a floating number

See original GitHub issue

Could someone please verify if that’s intended? I can’t see any restriction about this in the semver documentation.

PoC:

$ python3 --version
Python 3.6.8
$ pip3 list --format=legacy |grep semver
semver (2.9.0)
$ python3
Python 3.6.8 (default, Oct  7 2019, 12:59:55) 
[GCC 8.3.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import semver
>>> semver.parse('0.1.0-20191919191919.1fe6b123')
{'major': 0, 'minor': 1, 'patch': 0, 'prerelease': '20191919191919.1fe6b123', 'build': None}
>>> semver.parse('0.1.0-20191919191919.0fe6b123')
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/home/ezlukga/.local/lib/python3.6/site-packages/semver.py", line 72, in parse
    raise ValueError('%s is not valid SemVer string' % version)
ValueError: 0.1.0-20191919191919.0fe6b123 is not valid SemVer string
>>> semver.parse('0.1.0-20191919191919.0f')
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/home/ezlukga/.local/lib/python3.6/site-packages/semver.py", line 72, in parse
    raise ValueError('%s is not valid SemVer string' % version)
ValueError: 0.1.0-20191919191919.0f is not valid SemVer string
>>> semver.parse('0.1.0-0f')
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/home/ezlukga/.local/lib/python3.6/site-packages/semver.py", line 72, in parse
    raise ValueError('%s is not valid SemVer string' % version)
ValueError: 0.1.0-0f is not valid SemVer string

Issue Analytics

State:
Created 4 years ago
Reactions:1
Comments:15 (8 by maintainers)

Top GitHub Comments

2reactions

P1ng-W1ncommented, Nov 20, 2019

Hi @ppkt

The more I think about it, the more I have to agree with you. I can’t think of a single hashing algorithm that could guarantee that the generated hash wouldn’t start with a numeric zero AND that it wouldn’t consist only of numbers (for example, 01234567 could also be a git hash). So having any kind of hash be part of the semver version (without any prefix) would make more sense to be included as build metadata and not as part of a pre-release version. But… I could still imagine a few situations where “accidental numeric values” (as described in https://github.com/semver/semver/issues/540) could be part of a pre-release version, such as the case with linear growing hexadecimal integers: “1.0.0-0x01”

1reaction

scls19frcommented, Nov 25, 2019

I also think that a new release should occur before our 3.x.y release. Beginning of January / mid-December would be great… Santa claus is near! +1 about experimenting a release through GitHub Action.

Top Results From Across the Web

Semver validation error when prerelease version contains a ...

I checked this further, and it seems that any floating number (^0[0-9][a-f]*) would trigger this issue. This also means that people who would ......

How can I compare software version number using JavaScript ...

The question wants to compare numerically, but what if we have version strings that are not made up of just digits (e.g. "1.0a")?;...

Semantic Versioning 2.0.0-rc.2

Under this scheme, version numbers and the way they change convey meaning about the underlying code and what has been modified from one...

package-lock.json - infra/infra/crdx/chopsui-npm - Git at Google

"resolved": "https://registry.npmjs.org/@lerna/has-npm-version/-/has-npm-version- ... /floating-point-hex-parser/-/floating-point-hex-parser-1.7.11.tgz",.

Policies: Releases | Azure SDKs

The release policy for the Azure SDK accommodates the need to release different SDK packages based on the ship cycle of the underlying...