generated from aboutcode-org/skeleton
-
Notifications
You must be signed in to change notification settings - Fork 14
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Naming: VersionSpecifier and VersionRange #8
Comments
We need to work on a canonical syntax for version specifiers. The following representations have been proposed: >>> "semver:5,(>=1.0,<=2.0),6"
'semver:5,(>=1.0,<=2.0),6'
>>> "semver:5, >=1.0 AND <=2.0, 6"
'semver:5, >=1.0 AND <=2.0, 6'
>>> "semver:5, >=1.0 & <=2.0, 6"
'semver:5, >=1.0 & <=2.0, 6'
>>> "semver:5 || (>=1.0 && <=2.0) || 6"
'semver:5 || (>=1.0 && <=2.0) || 6'
>>> "semver:5 | (>=1.0 & <=2.0) | 6"
'semver:5 | (>=1.0 & <=2.0) | 6' |
pombredanne
changed the title
Naming: VersionSpecifer and VersionRange
Naming: VersionSpecifier and VersionRange
Oct 5, 2021
Hritik14
added a commit
to Hritik14/vulnerablecode
that referenced
this issue
Oct 12, 2021
This is still not perfect because univers is not stable yet. The uncertainty about the structure of version_specifier needs to be resolved. As of now, there are many redundant AffectedPackage objects which would be gone after aboutcode-org/univers#8 is fixed. Signed-off-by: Hritik Vijay <[email protected]>
This has been taken care of in the vers spec implementation #12 |
Hritik14
added a commit
to Hritik14/vulnerablecode
that referenced
this issue
Jan 23, 2022
This is still not perfect because univers is not stable yet. The uncertainty about the structure of version_specifier needs to be resolved. As of now, there are many redundant AffectedPackage objects which would be gone after aboutcode-org/univers#8 is fixed. Signed-off-by: Hritik Vijay <[email protected]>
Hritik14
added a commit
to Hritik14/vulnerablecode
that referenced
this issue
Jan 25, 2022
This is still not perfect because univers is not stable yet. The uncertainty about the structure of version_specifier needs to be resolved. As of now, there are many redundant AffectedPackage objects which would be gone after aboutcode-org/univers#8 is fixed. Signed-off-by: Hritik Vijay <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Range resonates with the concept of interval which can be said to be
In my understanding, a VersionRange object does not contain both the bounds for a range
https://github.com/nexB/univers/blob/63bd5aec16ec95b5b811ede638ac225f3ab1f6c6/src/univers/version_range.py#L25-L28
A
VersionSpecifier
does come with multipleVersionRanges
and might work for upper-lower bounds but that would require to treat the ranges inside aVersionSpecifier
with a mathematical intersection, which doesn't make a lot of sense right now.For eg: An intersection of
semver:1.2.3,>=2.0.0
doesn't quite make sense.Their union, though, is useful but then we are left without any upper-lower bound range.
Please correct me if I am wrong. Also, it would greatly help if you could add documentation for the exposed classes (like
VersionSpecifier,
VersionRange
etc)The text was updated successfully, but these errors were encountered: