mbrevoort / node-reggie

An experimental light weight alternative to a full blown npm registry
416 stars 50 forks source link

Versions returned in the wrong order #25

Open NickHeiner opened 11 years ago

NickHeiner commented 11 years ago

When you get the info for a package, versions are returned sorted lexicographically, when they should be sorted according to semver. These two sorts are not the same, and the npm client assumes that it will be sorted according to the latter.

This results in the npm client installing the wrong version of a package. If a package has versions 0.0.1-0, 0.0.1-9, and 0.0.1-12, the public npm registry would give the following order:

0.0.1-0
0.0.1-9
0.0.1-12

whereas reggie gives this order:

0.0.1-0
0.0.1-12
0.0.1-9

causing the npm client to consider 0.0.1-9 to be the highest precedence, which it is not.

bajtos commented 11 years ago

Thank you for reporting the bug.

The issue is probably caused by the line server.js:162:

var versions =  data.whichVersions(packageName).sort();

I guess the sort function should use semver.compare from semver module as the comparator.