Skip to content

fix: use SemVer for pkgx version comparison#80

Merged
jhheider merged 1 commit intopkgxdev:mainfrom
devmgn:fix/version-comparison
Mar 29, 2026
Merged

fix: use SemVer for pkgx version comparison#80
jhheider merged 1 commit intopkgxdev:mainfrom
devmgn:fix/version-comparison

Conversation

@devmgn
Copy link
Copy Markdown
Contributor

@devmgn devmgn commented Mar 29, 2026
edited
Loading

Summary

  • parseFloat("2.10") evaluates to 2.1, causing get_pkgx() to silently reject pkgx 2.10.x as below the minimum version (2.4)
  • All pkgm commands (install, uninstall, shim) silently fail with exit code 1 when pkgx >= 2.10.0 is installed
  • Fixed by using the already-imported SemVer class for proper semantic version comparison

@devmgn @claude
fix: use SemVer for pkgx version comparison
1bdcb3a 
`parseFloat("2.10")` evaluates to `2.1`, causing pkgm to silently
reject pkgx 2.10.x as below the minimum version (2.4). Use the
already-imported SemVer class for correct version comparison.

Fixes: pkgm install/uninstall/shim silently fail with exit code 1
when pkgx >= 2.10.0 is installed.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Copilot AI review requested due to automatic review settings March 29, 2026 13:56
Copilot AI reviewed Mar 29, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR fixes pkgm’s minimum pkgx version gate by switching from parseFloat()-based comparisons to semantic version comparison, preventing pkgx 2.10.x from being incorrectly rejected as < 2.4.

Changes:

  • Update get_pkgx() to parse pkgx --version as a SemVer and compare against 2.4.0.
  • Tighten the version-matching regex to a major.minor.patch shape.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

pkgm.ts
const stdout = new TextDecoder().decode(out.stdout);
const match = stdout.match(/^pkgx (\d+.\d+)/);
if (!match || parseFloat(match[1]) < 2.4) {
const match = stdout.match(/^pkgx (\d+\.\d+\.\d+)/);
Copy link

Copilot AI Mar 29, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The regex only captures the numeric major.minor.patch portion, which drops valid SemVer prerelease/build metadata from pkgx --version (eg 2.8.0-beta.1, 2.8.0+abc123). That can misclassify prereleases (eg 2.4.0-beta.1) as 2.4.0 and incorrectly pass the minimum-version gate. Consider capturing the full version token and comparing that full SemVer value instead of truncating it.

Suggested change
const match = stdout.match(/^pkgx (\d+\.\d+\.\d+)/);
const match = stdout.match(/^pkgx ([0-9A-Za-z.+-]+)/);

Copilot uses AI. Check for mistakes.
pkgm.ts
Comment on lines +522 to 523
if (!match || new SemVer(match[1]).lt(new SemVer("2.4.0"))) {
Deno.exit(1);
Copy link

Copilot AI Mar 29, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

On version parse / minimum-version failure this exits with code 1 without any error output. Since this is a user-facing CLI and version-gating is a common failure mode, please print a clear message (including the detected pkgx --version output and the required minimum) before exiting so users can self-diagnose.

Copilot uses AI. Check for mistakes.
@jhheider
Copy link
Copy Markdown
Contributor

jhheider commented Mar 29, 2026

good catch!

@jhheider jhheider merged commit 173fe6c into pkgxdev:main Mar 29, 2026
6 of 7 checks passed
@devmgn devmgn deleted the fix/version-comparison branch March 30, 2026 22:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@devmgn @jhheider