TypeError: Invalid comparator for git URL repos

[abanchev]

Regression in v17

Steps to Reproduce

Add a package that is referencing a git repo:
"@mypackage": "git+https://user:[email protected]/mypackage.git",

Current Behavior

Crashes with error
TypeError: Invalid comparator: git+https://user:[email protected]/mypackage.git

Expected Behavior

Should ignore git packages

[raineorshine]

Any other information with the error message? I'm not able to reproduce.

[abanchev]

Running as

npx npm-check-updates --peer -ws --root -u -i

in a turborepo root folder

yarn run v1.22.22
$ npx npm-check-updates --peer -ws --root -u -i
Using yarn
Upgrading C:\Users\halfs\Documents\node_projects\bot-controller-trpc\package.json
[====================] 10/10 100%
[====================] 10/10 100%

All dependencies match the latest package versions :)
Upgrading C:\Users\halfs\Documents\node_projects\bot-controller-trpc\apps\api\package.json
TypeError: Invalid comparator: git+https://xxx:******@gitlab.com/xxx.git
    at e.parse (C:\Users\halfs\AppData\Local\npm-cache\_npx\0a80f0fb114540fe\node_modules\npm-check-updates\build\index.js:59:18999)
    at new e (C:\Users\halfs\AppData\Local\npm-cache\_npx\0a80f0fb114540fe\node_modules\npm-check-updates\build\index.js:59:18802)
    at C:\Users\halfs\AppData\Local\npm-cache\_npx\0a80f0fb114540fe\node_modules\npm-check-updates\build\index.js:59:14919
    at Array.map (<anonymous>)
    at e.parseRange (C:\Users\halfs\AppData\Local\npm-cache\_npx\0a80f0fb114540fe\node_modules\npm-check-updates\build\index.js:59:14911)
    at C:\Users\halfs\AppData\Local\npm-cache\_npx\0a80f0fb114540fe\node_modules\npm-check-updates\build\index.js:59:13594
    at Array.map (<anonymous>)
    at new e (C:\Users\halfs\AppData\Local\npm-cache\_npx\0a80f0fb114540fe\node_modules\npm-check-updates\build\index.js:59:13582)
    at Object.i5 [as minVersion] (C:\Users\halfs\AppData\Local\npm-cache\_npx\0a80f0fb114540fe\node_modules\npm-check-updates\build\index.js:59:20873)
    at C:\Users\halfs\AppData\Local\npm-cache\_npx\0a80f0fb114540fe\node_modules\npm-check-updates\build\index.js:536:196
Done in 9.80s.

[abanchev]

Runnig well if I downgrade to npm-check-updates@16

[raineorshine]

Okay, seems to be coming from semver.parseRange.

[raineorshine]

Can you try v17.0.1 in case the url encoding was the problem?

[abanchev]

Did not fix it, also there is no special characters in the url just letters _ - and numbers

[raineorshine]

Okay, thanks.

I'll investigate as soon as I can. Or if anyone else would like to look at it, help is always welcome.

[abanchev]

Here is an example url copied from the package json
"@libraries/project-4-utils": "git+https://pull:[email protected]/projects/libraries/project-4-utils.git",
just randomized to not expose real data, but it still fails

[raineorshine]

I'm not able to reproduce based on the url alone, as this completes without error:

{
  "dependencies": {
    "@libraries/project-4-utils": "git+gitlab.com/projects/libraries/project-4-utils.git"
  }
}

It ignores the dependency here, since it recognizes that the git url does not contain a valid version number:

npm-check-updates/src/package-managers/npm.ts

Lines 483 to 485 in d1f62b5

	if (isExactVersion(currentVersion)) {
	return Promise.resolve({} as Index<Packument>)
	}

We must be missing something else that is causing the error.

[abanchev]

Just did some more testing, does not fail without --peer enabled

[raineorshine]

Bingo. I traced it to a regression in c9fe908. We neglected to filter out non-semver values when using minVersion in the peer check.

Fixed and published in v17.0.2.