diff --git a/lib/versioning/pep440/index.spec.ts b/lib/versioning/pep440/index.spec.ts
index 8fae2af3b715d5fca2daf36c9f5cc5bbf25122e0..199acb23b0ddad0f2714cf8c8b1f4a1093bdb9e7 100644
--- a/lib/versioning/pep440/index.spec.ts
+++ b/lib/versioning/pep440/index.spec.ts
@@ -38,6 +38,15 @@ describe('pep440.isStable(version)', () => {
});
});
+describe('pep440.equals(version1, version2)', () => {
+ it('returns correct true', () => {
+ expect(pep440.equals('1.0', '1.0.0')).toBeTruthy();
+ });
+ it('returns false when version invalid', () => {
+ expect(pep440.equals('1.0.0', '1.0..foo')).toBeFalsy();
+ });
+});
+
describe('pep440.isSingleVersion()', () => {
it('returns true if naked version', () => {
expect(pep440.isSingleVersion('1.2.3')).toBeTruthy();
diff --git a/lib/workers/repository/process/lookup/index.ts b/lib/workers/repository/process/lookup/index.ts
index 2b61c65dcae5c7d66fa255875f97cf13442d7cba..88b576ee9a085e8f9120b6135a4dd9d49cf4b491 100644
--- a/lib/workers/repository/process/lookup/index.ts
+++ b/lib/workers/repository/process/lookup/index.ts
@@ -311,20 +311,26 @@ export async function lookupUpdates(
if (vulnerabilityAlert) {
filteredVersions = filteredVersions.slice(0, 1);
}
- const buckets: Record<string, [string]> = {};
- for (const toVersion of filteredVersions.map((v) => v.version)) {
- const bucket = getBucket(config, fromVersion, toVersion, versioning);
+ const buckets: Record<string, [Release]> = {};
+ for (const release of filteredVersions) {
+ const bucket = getBucket(
+ config,
+ fromVersion,
+ release.version,
+ versioning
+ );
if (buckets[bucket]) {
- buckets[bucket].push(toVersion);
+ buckets[bucket].push(release);
} else {
- buckets[bucket] = [toVersion];
+ buckets[bucket] = [release];
}
}
- for (const [bucket, versions] of Object.entries(buckets)) {
- const bucketVersions = versions.sort((v1, v2) =>
- versioning.sortVersions(v1, v2)
+ for (const [bucket, bucketReleases] of Object.entries(buckets)) {
+ const sortedReleases = bucketReleases.sort((r1, r2) =>
+ versioning.sortVersions(r1.version, r2.version)
);
- const toVersion = bucketVersions.pop();
+ const release = sortedReleases.pop();
+ const toVersion = release.version;
const update: LookupUpdate = { fromVersion, toVersion, newValue: null };
update.bucket = bucket;
try {
@@ -367,21 +373,19 @@ export async function lookupUpdates(
if (!versioning.isVersion(update.newValue)) {
update.isRange = true;
}
- const updateRelease = releases.find((release) =>
- versioning.equals(release.version, toVersion)
- );
- // TODO: think more about whether to just Object.assign this
- const releaseFields: (keyof Pick<
- Release,
- 'releaseTimestamp' | 'downloadUrl' | 'checksumUrl' | 'newDigest'
- >)[] = ['releaseTimestamp', 'newDigest'];
+ const releaseFields = [
+ 'checksumUrl',
+ 'downloadUrl',
+ 'newDigest',
+ 'releaseTimestamp',
+ ];
releaseFields.forEach((field) => {
- if (updateRelease[field] !== undefined) {
- update[field] = updateRelease[field] as never;
+ if (release[field] !== undefined) {
+ update[field] = release[field];
}
});
- if (bucketVersions.length) {
- update.skippedOverVersions = bucketVersions;
+ if (sortedReleases.length) {
+ update.skippedOverVersions = sortedReleases.map((r) => r.version);
}
if (
rangeStrategy === 'update-lockfile' &&