Summary
Add a hasDowngrades(changes) function to lib/index.js that takes the output of diff() and returns true if any package was downgraded.
Motivation
The upcoming auto-merge-dependabot GitHub Action (oalders/auto-merge-dependabot#1) needs to determine whether a lockfile diff contains only upgrades. This logic belongs in diff-lockfiles rather than being reimplemented in the action.
Implementation
export function hasDowngrades(changes) {
return Object.values(changes).some(
([oldVersion, newVersion]) =>
oldVersion && newVersion && semver.lt(newVersion, oldVersion)
);
}
- Returns
true if any entry has a new version lower than the old version
- Skips added packages (
oldVersion is null) and removed packages (newVersion is null)
- Should include tests for: no changes, all upgrades, mixed with downgrade, added/removed packages
Summary
Add a
hasDowngrades(changes)function tolib/index.jsthat takes the output ofdiff()and returnstrueif any package was downgraded.Motivation
The upcoming
auto-merge-dependabotGitHub Action (oalders/auto-merge-dependabot#1) needs to determine whether a lockfile diff contains only upgrades. This logic belongs indiff-lockfilesrather than being reimplemented in the action.Implementation
trueif any entry has a new version lower than the old versionoldVersionis null) and removed packages (newVersionis null)