semver_dialects 1.3.0 → 1.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ddcbb054210cd867508c853d05b58c492e24f5019eb53498d2bbce338d4b5312
-  data.tar.gz: 6461b277cd0ddb886b96f23c9a57ab2a20cf4ebaa3fb11f49af54cf59a943ddf
+  metadata.gz: 477a8f6b9d50ce0b31df72e328f683e585e4eb191ea02e44a42101dba4e7be4a
+  data.tar.gz: c636be1d60cab7452ccda9963898eee992d969e3a8b490656fb8b8def27c3642
 SHA512:
-  metadata.gz: b44765a7c9500082e3298b2ee34d1d9020b642ca5467c617944c42f57c7e76c0b3c8f34d3cac3058262edb14fb5cc885040e7277016c446277c02e12626e9fed
-  data.tar.gz: 6a7fa2d8043611fe4ff0a44abd5a1f67765f99a356c83be8343f6b1cb367127feb51cfd879021c623062477b2b538051405129280aa4079f46fdaf2bdf282d3c
+  metadata.gz: 134eb5c82a142e260bd946954383050966579cb40983e7ca6094c9d66001565eea5cb1250deeb84811b7a3556a5bde6c3eb53ca48815dda6a361649ade1fc537
+  data.tar.gz: 6039fc1f6d4163c7813e7f4155c93a8d5f2aa4ce43cfe62fb75784d524532a2662e8c8831d43c2e88592539955385981f60b52dfa5577657ce68580dd6720167

data/lib/semver_dialects/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module SemverDialects
-  VERSION = '1.3.0'
+  VERSION = '1.4.0'
 end

data/lib/semver_dialects.rb

@@ -4,6 +4,7 @@ require 'semver_dialects/version'
 require 'semver_dialects/semantic_version/version_translator'
 require 'semver_dialects/semantic_version/version_parser'
 require 'semver_dialects/semantic_version/version_range'
+require 'deb_version'
 
 module SemverDialects
   # Captures all errors that could be possibly raised
@@ -39,6 +40,9 @@ module SemverDialects
     end
 
     def self.version_sat?(typ, raw_ver, raw_constraint)
+      # os package versions are handled very differently from application package versions
+      return os_pkg_version_sat?(typ, raw_ver, raw_constraint) if os_purl_type?(typ)
+
       version_constraint = version_translate(typ, raw_constraint)
       raise SemverDialects::Error, 'malformed constraint' if version_constraint.nil? || version_constraint.empty?
 
@@ -52,5 +56,22 @@ module SemverDialects
 
       constraint.overlaps_with?(version)
     end
+
+    def self.os_purl_type?(typ)
+      ['deb', 'rpm', 'apk'].include?(typ)
+    end
+
+    def self.os_pkg_version_sat?(typ, raw_ver, raw_constraint)
+      if typ == 'deb'
+        # we only support the less than operator, because that's the only one currently output
+        # by the advisory exporter for operating system packages.
+        raise SemverDialects::Error, 'malformed constraint' unless raw_constraint[0] == '<'
+
+        v1 = DebVersion.new(raw_ver)
+        v2 = DebVersion.new(raw_constraint[1..-1])
+
+        return v1 < v2
+      end
+    end
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: semver_dialects
 version: !ruby/object:Gem::Version
-  version: 1.3.0
+  version: 1.4.0
 platform: ruby
 authors:
 - Julian Thome
@@ -10,7 +10,7 @@ authors:
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2023-05-23 00:00:00.000000000 Z
+date: 2023-10-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: pastel
@@ -54,6 +54,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 0.10.1
+- !ruby/object:Gem::Dependency
+  name: deb_version
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.0.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.0.1
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -155,7 +169,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.7
+rubygems_version: 3.4.10
 signing_key:
 specification_version: 4
 summary: This gem provides utility function to process semantic versions expressed