Skip to content

Commit

Permalink
fix: Upgrade semver4j to 4.1.1 to prevent NullPointerException (#5190)
Browse files Browse the repository at this point in the history
  • Loading branch information
@jeremylong
jeremylong committed Dec 29, 2022
2 parents c5c4de2 + 1e9edc8 commit e2d1389
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 1 deletion.
12 changes: 12 additions & 0 deletions core/src/test/java/org/owasp/dependencycheck/utils/SemverTest.java
View file
Expand Up @@ -13,6 +13,7 @@
*/
package org.owasp.dependencycheck.utils;

import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;

import org.junit.Test;
Expand All @@ -32,4 +33,15 @@ public void testSemver() {
Semver semver = new Semver("3.1.4");
assertTrue(semver.satisfies("^3.0.0-0"));
}
/**
* Test of semver4j. See https://github.com/jeremylong/DependencyCheck/issues/5158
*/
@Test
public void testSemverComplex() {
Semver semver = new Semver("18.11.5");
assertFalse(semver.satisfies("^14.14.20 || ^16.0.0"));

semver = new Semver("14.15.0");
assertTrue(semver.satisfies("^14.14.20 || ^16.0.0"));
}
}
2 changes: 1 addition & 1 deletion pom.xml
View file
Expand Up @@ -1069,7 +1069,7 @@ Copyright (c) 2012 - Jeremy Long
<dependency>
<groupId>org.semver4j</groupId>
<artifactId>semver4j</artifactId>
<version>4.1.0</version>
<version>4.1.1</version>
</dependency>
<dependency>
<groupId>org.jetbrains</groupId>
Expand Down

0 comments on commit e2d1389

Please sign in to comment.