Open tomi opened 7 years ago
Thanks for the report.
This behaves exactly as in the semver
package:
const semver = require('semver');
semver.satisfies("1.2.3", "*"); // true
semver.satisfies("1.2.3-beta.1", "*"); // false
The rationale is that by default version ranges should assume people want stable versions of packages; if you want to allow pre-release ones, you need to be explicit and even being explicit that you want to accept 1.0.0-beta
doesn't mean 1.0.1-beta
gets accepted:
const semver = require('semver');
semver.satisfies("1.0.0-beta.1", ">=1.0.0-beta"); // true
semver.satisfies("1.0.1-beta.1", ">=1.0.0-beta"); // false
That said, if you have *
as a version range in package.json
, npm install
installs the pre-release version if none other is available and doesn't even print any warning (at least with npm 4.2.0). So relaxing that requirement sounds reasonable.
Would you like to submit a PR?
Unfortunately at this point I don't have the time to do a PR
I have a package which has a prerelease tag in its version:
0.1.2-snapshot.125
. Inpackage.json
any version (*
) is accepted. This is incorrectly marked as an error.package-name: installed: 0.1.2-snapshot.125, expected: *