You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am encountering this via trivy, but have traced the behavior to this library.
If I have version 11.2.0, and a vulnerability has a parsed version constraint of >= 11.2.0, < 11.2.2+security-01 (from this vuln), I would expect the constraint to match.
Instead, there is no match. It appears that the +security-01 is throwing things off, it is parsed into a 3rd constraint of 01 that never matches.
The text was updated successfully, but these errors were encountered:
bpfoster
added a commit
to bpfoster/go-version
that referenced
this issue
Nov 4, 2024
I am encountering this via trivy, but have traced the behavior to this library.
If I have version
11.2.0, and a vulnerability has a parsed version constraint of>= 11.2.0, < 11.2.2+security-01(from this vuln), I would expect the constraint to match.Instead, there is no match. It appears that the
+security-01is throwing things off, it is parsed into a 3rd constraint of01that never matches.The text was updated successfully, but these errors were encountered: