Only allow full semantic versions. (#56)

Also require tags to have a 'v' in front.

Author: floitsch

go.mod

@@ -3,6 +3,7 @@ module github.com/toitlang/tpkg
 go 1.20
 
 require (
+	github.com/Masterminds/semver/v3 v3.2.1
 	github.com/alessio/shellescape v1.4.1
 	github.com/alexflint/go-filemutex v1.1.0
 	github.com/go-git/go-git/v5 v5.8.1
@@ -30,14 +31,11 @@ require (
 	github.com/go-git/go-billy/v5 v5.4.1 // indirect
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
 	github.com/golang/protobuf v1.3.2 // indirect
-	github.com/google/go-cmp v0.5.9 // indirect
 	github.com/hashicorp/hcl v1.0.0 // indirect
-	github.com/imdario/mergo v0.3.12 // indirect
 	github.com/inconshreveable/mousetrap v1.0.0 // indirect
 	github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect
 	github.com/kevinburke/ssh_config v1.2.0 // indirect
 	github.com/magiconair/properties v1.8.1 // indirect
-	github.com/mitchellh/go-homedir v1.1.0 // indirect
 	github.com/mitchellh/mapstructure v1.1.2 // indirect
 	github.com/pelletier/go-toml v1.2.0 // indirect
 	github.com/pjbgf/sha1cd v0.3.0 // indirect
@@ -57,7 +55,6 @@ require (
 	golang.org/x/sys v0.10.0 // indirect
 	golang.org/x/text v0.11.0 // indirect
 	golang.org/x/tools v0.6.0 // indirect
-	golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect
 	google.golang.org/genproto v0.0.0-20191108220845-16a3f7862a1a // indirect
 	gopkg.in/ini.v1 v1.51.0 // indirect
 	gopkg.in/warnings.v0 v0.1.2 // indirect

go.sum

@@ -24,6 +24,7 @@ import (
 	"sort"
 	"strings"
 
+	"github.com/Masterminds/semver/v3"
 	"github.com/hashicorp/go-version"
 	"gopkg.in/yaml.v2"
 )
@@ -385,8 +386,12 @@ func ScrapeDescriptionGit(ctx context.Context, url string, v string, allowsLocal
 	}
 
 	originalVersion := v
-	v = strings.TrimPrefix(v, "v")
-	_, err := version.NewVersion(v)
+	if !strings.HasPrefix(v, "v") {
+		return nil, ui.ReportError("Invalid version: '%s', not starting with 'v'", originalVersion)
+	}
+	v = v[1:]
+	// Check that it is a valid semantic version.
+	_, err := semver.StrictNewVersion(v)
 	if err != nil {
 		return nil, ui.ReportError("Invalid version: '%s'", originalVersion)
 	}

pkg/tpkg/desc.go

@@ -1,15 +1,15 @@
 pkg registry add --local deep <TEST>/nested_registry
 Exit Code: 0
 ===================
-pkg describe --out-dir=<TEST>/nested_registry github.com/toitware/test-pkg.git/foo 1.0.0
+pkg describe --out-dir=<TEST>/nested_registry github.com/toitware/test-pkg.git/foo v1.0.0
 Exit Code: 0
 Info: Wrote '<TEST>/nested_registry/packages/github.com/toitware/test-pkg.git/foo/1.0.0/desc.yaml'
 ===================
-pkg describe --out-dir=<TEST>/nested_registry github.com/toitware/test-pkg.git/foo 2.3.0
+pkg describe --out-dir=<TEST>/nested_registry github.com/toitware/test-pkg.git/foo v2.3.0
 Exit Code: 0
 Info: Wrote '<TEST>/nested_registry/packages/github.com/toitware/test-pkg.git/foo/2.3.0/desc.yaml'
 ===================
-pkg describe --out-dir=<TEST>/nested_registry github.com/toitware/test-pkg.git/bar/gee 1.0.1
+pkg describe --out-dir=<TEST>/nested_registry github.com/toitware/test-pkg.git/bar/gee v1.0.1
 Exit Code: 0
 Info: Wrote '<TEST>/nested_registry/packages/github.com/toitware/test-pkg.git/bar/gee/1.0.1/desc.yaml'
 ===================

tests/assets/pkg/DeepPackage/gold/test.gold

@@ -0,0 +1,7 @@
+pkg describe https://github.com/toitware/toit-ignore 1.0
+Exit Code: 1
+Error: Invalid version: '1.0', not starting with 'v'
+===================
+pkg describe https://github.com/toitware/toit-ignore v1.0
+Exit Code: 1
+Error: Invalid version: 'v1.0'

tests/assets/pkg/ScrapeGit/gold/bad_sem_version.gold

@@ -1,3 +1,11 @@
+pkg describe https://github.com/toitware/toit-morse 1.0.0
+Exit Code: 1
+Error: Invalid version: '1.0.0', not starting with 'v'
+===================
 pkg describe https://github.com/toitware/toit-morse bad-version
 Exit Code: 1
-Error: Invalid version: 'bad-version'
+Error: Invalid version: 'bad-version', not starting with 'v'
+===================
+pkg describe https://github.com/toitware/toit-morse vbad-version
+Exit Code: 1
+Error: Invalid version: 'vbad-version'

tests/assets/pkg/ScrapeGit/gold/bad_version.gold

@@ -1,4 +1,4 @@
-pkg describe https://github.com/toitware/test-pkg.git/foo 1.0.0
+pkg describe https://github.com/toitware/test-pkg.git/foo v1.0.0
 Exit Code: 0
 foo:
   description: nested package foo

tests/assets/pkg/ScrapeGit/gold/deep.gold

@@ -1,4 +1,4 @@
-pkg describe https://github.com/toitware/toit-morse 1.0.6
+pkg describe https://github.com/toitware/toit-morse v1.0.6
 Exit Code: 0
 morse:
   description: Functions for International (ITU) Morse code.

tests/assets/pkg/ScrapeGit/gold/https_morse.gold

@@ -1,4 +1,4 @@
-pkg describe https://github.com/toitware/toit-morse.git 1.0.6
+pkg describe https://github.com/toitware/toit-morse.git v1.0.6
 Exit Code: 0
 morse:
   description: Functions for International (ITU) Morse code.

tests/assets/pkg/ScrapeGit/gold/https_morse_dot_git.gold

@@ -1,8 +1,8 @@
-pkg describe https://github.com/toitware/test-pkg.git/local_dep 1.0.0
+pkg describe https://github.com/toitware/test-pkg.git/local_dep v1.0.0
 Exit Code: 1
 Error: Dependency to local path: 'some/path'
 ===================
-pkg describe --allow-local-deps https://github.com/toitware/test-pkg.git/local_dep 1.0.0
+pkg describe --allow-local-deps https://github.com/toitware/test-pkg.git/local_dep v1.0.0
 Exit Code: 0
 local_dep:
   description: nested package local_dep with local dependency