Merge pull request #384 from per1234/full-depends-constraints-support

Support full constraint syntax of library.properties `depends` field

Author: per1234

.licenses/go/go.bug.st/relaxed-semver.dep.yml

@@ -1,6 +1,6 @@
 ---
 name: go.bug.st/relaxed-semver
-version: v0.0.0-20190922224835-391e10178d18
+version: v0.9.0
 type: go
 summary: 
 homepage: https://pkg.go.dev/go.bug.st/relaxed-semver
@@ -9,7 +9,7 @@ licenses:
 - sources: LICENSE
   text: |2+
 
-    Copyright (c) 2018, Cristian Maglie.
+    Copyright (c) 2018-2022, Cristian Maglie.
     All rights reserved.
 
     Redistribution and use in source and binary forms, with or without

docsgen/go.mod

@@ -76,7 +76,7 @@ require (
 	github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect
 	go.bug.st/cleanup v1.0.0 // indirect
 	go.bug.st/downloader/v2 v2.1.0 // indirect
-	go.bug.st/relaxed-semver v0.0.0-20190922224835-391e10178d18 // indirect
+	go.bug.st/relaxed-semver v0.9.0 // indirect
 	go.opentelemetry.io/contrib v0.20.0 // indirect
 	go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace v0.20.0 // indirect
 	go.opentelemetry.io/otel v0.20.0 // indirect

docsgen/go.sum

@@ -1248,8 +1248,9 @@ go.bug.st/cleanup v1.0.0 h1:XVj1HZxkBXeq3gMT7ijWUpHyIC1j8XAoNSyQ06CskgA=
 go.bug.st/cleanup v1.0.0/go.mod h1:EqVmTg2IBk4znLbPD28xne3abjsJftMdqqJEjhn70bk=
 go.bug.st/downloader/v2 v2.1.0 h1:VqGOrJrjgz8c0c8ExvF9dvvcpcrbo2IrI+rOoXKD6nQ=
 go.bug.st/downloader/v2 v2.1.0/go.mod h1:VZW2V1iGKV8rJL2ZEGIDzzBeKowYv34AedJz13RzVII=
-go.bug.st/relaxed-semver v0.0.0-20190922224835-391e10178d18 h1:F1qxtaFuewctYc/SsHRn+Q7Dtwi+yJGPgVq8YLtQz98=
 go.bug.st/relaxed-semver v0.0.0-20190922224835-391e10178d18/go.mod h1:Cx1VqMtEhE9pIkEyUj3LVVVPkv89dgW8aCKrRPDR/uE=
+go.bug.st/relaxed-semver v0.9.0 h1:qt0T8W70VCurvsbxRK25fQwiTOFjkzwC/fDOpyPnchQ=
+go.bug.st/relaxed-semver v0.9.0/go.mod h1:ug0/W/RPYUjliE70Ghxg77RDHmPxqpo7SHV16ijss7Q=
 go.bug.st/serial v1.1.1/go.mod h1:VmYBeyJWp5BnJ0tw2NUJHZdJTGl2ecBGABHlzRK1knY=
 go.bug.st/serial.v1 v0.0.0-20180827123349-5f7892a7bb45/go.mod h1:dRSl/CVCTf56CkXgJMDOdSwNfo2g1orOGE/gBGdvjZw=
 go.elastic.co/apm v1.8.0/go.mod h1:tCw6CkOJgkWnzEthFN9HUP1uL3Gjc/Ur6m7gRPLaoH0=

etc/schemas/arduino-library-properties-definitions-schema.json

@@ -493,8 +493,8 @@
                 "type": "string"
               },
               {
-                "$comment": "Based on #/definitions/propertiesObjects/name/base/definitions/patternObjects/allowedCharacters and general-definitions-schema.json#/definitions/patternObjects/relaxedSemver",
-                "pattern": "^((((([a-zA-Z][a-zA-Z0-9 _.\\-]*)|([0-9][a-zA-Z0-9 _.\\-]*[a-zA-Z][a-zA-Z0-9 _.\\-]*))+( \\( *(<|<=|=|>=|>)(0|[1-9]\\d*)(\\.(0|[1-9]\\d*))?(\\.(0|[1-9]\\d*))?(-((0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(\\.(0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(\\+([0-9a-zA-Z-]+(\\.[0-9a-zA-Z-]+)*))? *\\) *)?), *)*((([a-zA-Z][a-zA-Z0-9 _.\\-]*)|([0-9][a-zA-Z0-9 _.\\-]*[a-zA-Z][a-zA-Z0-9 _.\\-]*))+( \\( *(<|<=|=|>=|>)(0|[1-9]\\d*)(\\.(0|[1-9]\\d*))?(\\.(0|[1-9]\\d*))?(-((0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(\\.(0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(\\+([0-9a-zA-Z-]+(\\.[0-9a-zA-Z-]+)*))? *\\) *)?))?$"
+                "$comment": "Based on #/definitions/propertiesObjects/name/base/definitions/patternObjects/allowedCharacters",
+                "pattern": "^((((([a-zA-Z][a-zA-Z0-9 _.\\-]*)|([0-9][a-zA-Z0-9 _.\\-]*[a-zA-Z][a-zA-Z0-9 _.\\-]*))+( \\(.*\\) *)?), *)*((([a-zA-Z][a-zA-Z0-9 _.\\-]*)|([0-9][a-zA-Z0-9 _.\\-]*[a-zA-Z][a-zA-Z0-9 _.\\-]*))+( \\(.*\\) *)?))?$"
               }
             ]
           }

go.mod

@@ -20,7 +20,7 @@ require (
 	github.com/stretchr/testify v1.7.1
 	github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb
 	github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415
-	go.bug.st/relaxed-semver v0.0.0-20190922224835-391e10178d18
+	go.bug.st/relaxed-semver v0.9.0
 )
 
 require (

go.sum

@@ -1278,8 +1278,9 @@ go.bug.st/cleanup v1.0.0 h1:XVj1HZxkBXeq3gMT7ijWUpHyIC1j8XAoNSyQ06CskgA=
 go.bug.st/cleanup v1.0.0/go.mod h1:EqVmTg2IBk4znLbPD28xne3abjsJftMdqqJEjhn70bk=
 go.bug.st/downloader/v2 v2.1.0 h1:VqGOrJrjgz8c0c8ExvF9dvvcpcrbo2IrI+rOoXKD6nQ=
 go.bug.st/downloader/v2 v2.1.0/go.mod h1:VZW2V1iGKV8rJL2ZEGIDzzBeKowYv34AedJz13RzVII=
-go.bug.st/relaxed-semver v0.0.0-20190922224835-391e10178d18 h1:F1qxtaFuewctYc/SsHRn+Q7Dtwi+yJGPgVq8YLtQz98=
 go.bug.st/relaxed-semver v0.0.0-20190922224835-391e10178d18/go.mod h1:Cx1VqMtEhE9pIkEyUj3LVVVPkv89dgW8aCKrRPDR/uE=
+go.bug.st/relaxed-semver v0.9.0 h1:qt0T8W70VCurvsbxRK25fQwiTOFjkzwC/fDOpyPnchQ=
+go.bug.st/relaxed-semver v0.9.0/go.mod h1:ug0/W/RPYUjliE70Ghxg77RDHmPxqpo7SHV16ijss7Q=
 go.bug.st/serial v1.1.1/go.mod h1:VmYBeyJWp5BnJ0tw2NUJHZdJTGl2ecBGABHlzRK1knY=
 go.bug.st/serial.v1 v0.0.0-20180827123349-5f7892a7bb45/go.mod h1:dRSl/CVCTf56CkXgJMDOdSwNfo2g1orOGE/gBGdvjZw=
 go.elastic.co/apm v1.8.0/go.mod h1:tCw6CkOJgkWnzEthFN9HUP1uL3Gjc/Ur6m7gRPLaoH0=

internal/project/library/libraryproperties/librarypropertiesschemas_test.go

@@ -390,17 +390,21 @@ func TestPropertiesDependsPattern(t *testing.T) {
 		{"Pre-release version", "foo (=1.2.3-rc1)", compliancelevel.Specification, assert.False},
 		{"Pre-release version", "foo (=1.2.3-rc1)", compliancelevel.Strict, assert.False},
 
-		{"Invalid version", "foo (bar)", compliancelevel.Permissive, assert.True},
-		{"Invalid version", "foo (bar)", compliancelevel.Specification, assert.True},
-		{"Invalid version", "foo (bar)", compliancelevel.Strict, assert.True},
-
 		{"Version w/o space", "foo(>1.2.3)", compliancelevel.Permissive, assert.True},
 		{"Version w/o space", "foo(>1.2.3)", compliancelevel.Specification, assert.True},
 		{"Version w/o space", "foo(>1.2.3)", compliancelevel.Strict, assert.True},
 
 		{"Names w/ version", "foo (<=1.2.3),bar", compliancelevel.Permissive, assert.False},
 		{"Names w/ version", "foo (<=1.2.3),bar", compliancelevel.Specification, assert.False},
 		{"Names w/ version", "foo (<=1.2.3),bar", compliancelevel.Strict, assert.False},
+
+		{"Names w/ parenthesized version constraints", "foo ((>0.1.0 && <2.0.0) || >2.1.0),bar", compliancelevel.Permissive, assert.False},
+		{"Names w/ parenthesized version constraints", "foo ((>0.1.0 && <2.0.0) || >2.1.0),bar", compliancelevel.Specification, assert.False},
+		{"Names w/ parenthesized version constraints", "foo ((>0.1.0 && <2.0.0) || >2.1.0),bar", compliancelevel.Strict, assert.False},
+
+		{"Names w/ empty version constraint", "foo (),bar", compliancelevel.Permissive, assert.False},
+		{"Names w/ empty version constraint", "foo (),bar", compliancelevel.Specification, assert.False},
+		{"Names w/ empty version constraint", "foo (),bar", compliancelevel.Strict, assert.False},
 	}
 
 	checkPropertyPatternMismatch("depends", testTables, t)

internal/rule/ruleconfiguration/ruleconfiguration.go

@@ -1113,6 +1113,23 @@ var configurations = []Type{
 		ErrorModes:       nil,
 		RuleFunction:     rulefunction.LibraryPropertiesDependsFieldNotInIndex,
 	},
+	{
+		ProjectType:      projecttype.Library,
+		SuperprojectType: projecttype.All,
+		Category:         "library.properties",
+		Subcategory:      "depends field",
+		ID:               "LP058",
+		Brief:            "invalid depends constraint syntax",
+		Description:      "The `depends` field in the library's `library.properties` metadata file uses invalid version constraint syntax.",
+		MessageTemplate:  "library.properties depends field item(s) {{.}} have invalid constraint syntax.",
+		Reference:        "https://arduino.github.io/arduino-cli/latest/library-specification/#libraryproperties-file-format",
+		DisableModes:     nil,
+		EnableModes:      []rulemode.Type{rulemode.Default},
+		InfoModes:        nil,
+		WarningModes:     nil,
+		ErrorModes:       []rulemode.Type{rulemode.Default},
+		RuleFunction:     rulefunction.LibraryPropertiesDependsFieldConstraintInvalid,
+	},
 	{
 		ProjectType:      projecttype.Library,
 		SuperprojectType: projecttype.All,

internal/rule/rulefunction/library.go

@@ -1201,37 +1201,21 @@ func LibraryPropertiesDependsFieldNotInIndex() (result ruleresult.Type, output s
 		return ruleresult.Skip, "Field not present"
 	}
 
-	dependsList := commaSeparatedToList(depends)
+	dependencies := libDependencies(depends)
 
-	var dependencyRegexp = regexp.MustCompile("^([^()]+?) *(?:\\((.+)\\))?$")
 	dependsNotInIndex := []string{}
-	for _, depend := range dependsList {
-		// Process raw depend string into a dependency object
-		if depend == "" {
-			// This is the responsibility of LibraryPropertiesDependsFieldInvalidFormat()
-			continue
-		}
-		dependencyData := dependencyRegexp.FindAllStringSubmatch(depend, -1)
-		if dependencyData == nil {
-			// This is the responsibility of LibraryPropertiesDependsFieldInvalidFormat()
-			continue
-		}
-		dependencyConstraint, err := semver.ParseConstraint(dependencyData[0][2])
-		if err != nil {
+	for _, dependency := range dependencies {
+		if dependency.parseConstraintErr != nil {
 			// This is the responsibility of LibraryPropertiesDependsFieldInvalidFormat()
 			continue
 		}
-		var dependency semver.Dependency = &librariesindex.Dependency{
-			Name:              dependencyData[0][1],
-			VersionConstraint: dependencyConstraint,
-		}
 
-		logrus.Tracef("Checking if dependency %s is in index.", depend)
+		logrus.Tracef("Checking if dependency %s is in index.", dependency.depend)
 		// Get all releases of the dependency
-		library := projectdata.LibraryManagerIndex().Index.FindIndexedLibrary(&libraries.Library{Name: dependency.GetName()})
+		library := projectdata.LibraryManagerIndex().Index.FindIndexedLibrary(&libraries.Library{Name: dependency.data.GetName()})
 		if library == nil {
 			logrus.Tracef("Dependency is not in the index.")
-			dependsNotInIndex = append(dependsNotInIndex, depend)
+			dependsNotInIndex = append(dependsNotInIndex, dependency.depend)
 			continue
 		}
 		// Convert the dependency's libraries.Library object to a semver.Releases object
@@ -1240,10 +1224,10 @@ func LibraryPropertiesDependsFieldNotInIndex() (result ruleresult.Type, output s
 			releases = append(releases, release)
 		}
 		// Filter the dependency's releases according to the dependency's constraint
-		dependencyReleases := releases.FilterBy(dependency)
+		dependencyReleases := releases.FilterBy(&dependency.data)
 		if len(dependencyReleases) == 0 {
 			logrus.Tracef("No releases match dependency's constraint.")
-			dependsNotInIndex = append(dependsNotInIndex, depend)
+			dependsNotInIndex = append(dependsNotInIndex, dependency.depend)
 			continue
 		}
 	}
@@ -1255,6 +1239,34 @@ func LibraryPropertiesDependsFieldNotInIndex() (result ruleresult.Type, output s
 	return ruleresult.Pass, ""
 }
 
+// LibraryPropertiesDependsFieldConstraintInvalid checks whether the syntax of the version constraints in the
+// library.properties `depends` field is valid.
+func LibraryPropertiesDependsFieldConstraintInvalid() (result ruleresult.Type, output string) {
+	if projectdata.LibraryPropertiesLoadError() != nil {
+		return ruleresult.NotRun, "Couldn't load library.properties"
+	}
+
+	depends, hasDepends := projectdata.LibraryProperties().GetOk("depends")
+	if !hasDepends {
+		return ruleresult.Skip, "Field not present"
+	}
+
+	dependencies := libDependencies(depends)
+
+	nonCompliant := []string{}
+	for _, dependency := range dependencies {
+		if dependency.parseConstraintErr != nil {
+			nonCompliant = append(nonCompliant, dependency.depend)
+		}
+	}
+
+	if len(nonCompliant) > 0 {
+		return ruleresult.Fail, strings.Join(nonCompliant, ", ")
+	}
+
+	return ruleresult.Pass, ""
+}
+
 // LibraryPropertiesDotALinkageFieldInvalid checks for invalid value in the library.properties "dot_a_linkage" field.
 func LibraryPropertiesDotALinkageFieldInvalid() (result ruleresult.Type, output string) {
 	if projectdata.LibraryPropertiesLoadError() != nil {
@@ -1552,3 +1564,45 @@ func commaSeparatedToList(commaSeparated string) []string {
 
 	return list
 }
+
+// libDependency is a library dependency
+type libDependency struct {
+	depend             string                    // Raw element from depends field.
+	data               librariesindex.Dependency // Dependency object.
+	parseConstraintErr error                     // Error produced by parsing the version constraint.
+}
+
+var dependRegexp = regexp.MustCompile("^([^()]+?) *(?:\\((.*)\\))?$")
+
+// libDependencies parses the library.properties `depends` field contents and returns an array of libDependency objects
+func libDependencies(depends string) []libDependency {
+	dependList := commaSeparatedToList(depends)
+
+	dependencies := []libDependency{}
+	for _, depend := range dependList {
+		// Process raw depend string into a dependency object
+		if depend == "" {
+			// This function is only concerned with the parseable depend elements.
+			// `depends` field data format is checked separately.
+			continue
+		}
+		dependencyData := dependRegexp.FindAllStringSubmatch(depend, -1)
+		if dependencyData == nil {
+			// This function is only concerned with the parseable depend elements.
+			// `depends` field data format is checked separately.
+			continue
+		}
+		dependencyConstraint, err := semver.ParseConstraint(dependencyData[0][2])
+		dependencies = append(dependencies, libDependency{
+			depend: depend,
+			data: librariesindex.Dependency{
+				Name:              dependencyData[0][1],
+				VersionConstraint: dependencyConstraint,
+			},
+			parseConstraintErr: err,
+		},
+		)
+	}
+
+	return dependencies
+}

internal/rule/rulefunction/library_test.go

@@ -846,6 +846,20 @@ func TestLibraryPropertiesDependsFieldNotInIndex(t *testing.T) {
 	checkLibraryRuleFunction(LibraryPropertiesDependsFieldNotInIndex, testTables, t)
 }
 
+func TestLibraryPropertiesDependsFieldConstraintInvalid(t *testing.T) {
+	testTables := []libraryRuleFunctionTestTable{
+		{"Unable to load", "InvalidLibraryProperties", ruleresult.NotRun, ""},
+		{"Legacy", "Legacy", ruleresult.Skip, ""},
+		{"No depends field", "NoDepends", ruleresult.Skip, ""},
+		{"Depends field empty", "DependsEmpty", ruleresult.Pass, ""},
+		{"Invalid depends field format", "DependsHasBadChars", ruleresult.Pass, ""},
+		{"Invalid constraint syntax", "DependsConstraintInvalid", ruleresult.Fail, "^BarLib \\(nope\\), QuxLib \\(huh\\)$"},
+		{"Valid constraint syntax", "DependsConstraintValid", ruleresult.Pass, ""},
+	}
+
+	checkLibraryRuleFunction(LibraryPropertiesDependsFieldConstraintInvalid, testTables, t)
+}
+
 func TestLibraryPropertiesDotALinkageFieldInvalid(t *testing.T) {
 	testTables := []libraryRuleFunctionTestTable{
 		{"Invalid", "InvalidLibraryProperties", ruleresult.NotRun, ""},

internal/rule/rulefunction/testdata/libraries/DependsConstraintInvalid/library.properties

@@ -0,0 +1,11 @@
+name=DependsConstraintInvalid
+version=1.0.0
+author=Cristian Maglie <c.maglie@example.com>, Pippo Pluto <pippo@example.com>
+maintainer=Cristian Maglie <c.maglie@example.com>
+sentence=A library that makes coding a web server a breeze.
+paragraph=Supports HTTP1.1 and you can do GET and POST.
+category=Communication
+url=http://example.com/
+architectures=avr
+depends=FooLib (=0.0.1),BarLib (nope),BazLib (=1.2.3),QuxLib (huh)
+includes=DependsConstraintInvalid.h

internal/rule/rulefunction/testdata/libraries/DependsConstraintInvalid/src/DependsConstraintInvalid.h

@@ -0,0 +1,11 @@
+name=DependsConstraintValid
+version=1.0.0
+author=Cristian Maglie <c.maglie@example.com>, Pippo Pluto <pippo@example.com>
+maintainer=Cristian Maglie <c.maglie@example.com>
+sentence=A library that makes coding a web server a breeze.
+paragraph=Supports HTTP1.1 and you can do GET and POST.
+category=Communication
+url=http://example.com/
+architectures=avr
+depends=LibA (=0.0.1),LibB (>1.0.0),LibC (>=1.0.0),LibD (<2.0.0),LibE (<=2.0.0),LibF (!=1.0.0),LibG (<1.0.0 || >2.0.0),LibH ((>0.1.0 && <2.0.0) || >2.1.0),LibI (),LibJ
+includes=DependsConstraintValid.h

internal/rule/rulefunction/testdata/libraries/DependsConstraintValid/library.properties

@@ -7,4 +7,4 @@ paragraph=Supports HTTP1.1 and you can do GET and POST.
 category=Communication
 url=http://example.com/
 architectures=avr
-depends=,(foo),foo (bar),Adafruit NeoPixel,Servo (<1.1.4),Stepper (<=1.1.3),Mouse (=1.0.0),Keyboard (>=1.0.1),WiFiNINA (>1.0.0)
+depends=,(foo),foo (bar),Adafruit NeoPixel,Servo (<1.1.4),Stepper (<=1.1.3),Mouse (=1.0.0),Keyboard (>=1.0.1),WiFiNINA (>1.0.0),Ethernet ()

internal/rule/rulefunction/testdata/libraries/DependsConstraintValid/src/DependsConstraintValid.h

@@ -1911,8 +1911,8 @@ var _arduinoLibraryPropertiesDefinitionsSchemaJson = []byte(`{
                 "type": "string"
               },
               {
-                "$comment": "Based on #/definitions/propertiesObjects/name/base/definitions/patternObjects/allowedCharacters and general-definitions-schema.json#/definitions/patternObjects/relaxedSemver",
-                "pattern": "^((((([a-zA-Z][a-zA-Z0-9 _.\\-]*)|([0-9][a-zA-Z0-9 _.\\-]*[a-zA-Z][a-zA-Z0-9 _.\\-]*))+( \\( *(<|<=|=|>=|>)(0|[1-9]\\d*)(\\.(0|[1-9]\\d*))?(\\.(0|[1-9]\\d*))?(-((0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(\\.(0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(\\+([0-9a-zA-Z-]+(\\.[0-9a-zA-Z-]+)*))? *\\) *)?), *)*((([a-zA-Z][a-zA-Z0-9 _.\\-]*)|([0-9][a-zA-Z0-9 _.\\-]*[a-zA-Z][a-zA-Z0-9 _.\\-]*))+( \\( *(<|<=|=|>=|>)(0|[1-9]\\d*)(\\.(0|[1-9]\\d*))?(\\.(0|[1-9]\\d*))?(-((0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(\\.(0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(\\+([0-9a-zA-Z-]+(\\.[0-9a-zA-Z-]+)*))? *\\) *)?))?$"
+                "$comment": "Based on #/definitions/propertiesObjects/name/base/definitions/patternObjects/allowedCharacters",
+                "pattern": "^((((([a-zA-Z][a-zA-Z0-9 _.\\-]*)|([0-9][a-zA-Z0-9 _.\\-]*[a-zA-Z][a-zA-Z0-9 _.\\-]*))+( \\(.*\\) *)?), *)*((([a-zA-Z][a-zA-Z0-9 _.\\-]*)|([0-9][a-zA-Z0-9 _.\\-]*[a-zA-Z][a-zA-Z0-9 _.\\-]*))+( \\(.*\\) *)?))?$"
               }
             ]
           }

internal/rule/rulefunction/testdata/libraries/DependsIndexed/library.properties

@@ -72,7 +72,7 @@ require (
 	github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect
 	go.bug.st/cleanup v1.0.0 // indirect
 	go.bug.st/downloader/v2 v2.1.0 // indirect
-	go.bug.st/relaxed-semver v0.0.0-20190922224835-391e10178d18 // indirect
+	go.bug.st/relaxed-semver v0.9.0 // indirect
 	go.opentelemetry.io/contrib v0.20.0 // indirect
 	go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace v0.20.0 // indirect
 	go.opentelemetry.io/otel v0.20.0 // indirect

internal/rule/schema/schemadata/bindata.go

@@ -1252,8 +1252,9 @@ go.bug.st/cleanup v1.0.0 h1:XVj1HZxkBXeq3gMT7ijWUpHyIC1j8XAoNSyQ06CskgA=
 go.bug.st/cleanup v1.0.0/go.mod h1:EqVmTg2IBk4znLbPD28xne3abjsJftMdqqJEjhn70bk=
 go.bug.st/downloader/v2 v2.1.0 h1:VqGOrJrjgz8c0c8ExvF9dvvcpcrbo2IrI+rOoXKD6nQ=
 go.bug.st/downloader/v2 v2.1.0/go.mod h1:VZW2V1iGKV8rJL2ZEGIDzzBeKowYv34AedJz13RzVII=
-go.bug.st/relaxed-semver v0.0.0-20190922224835-391e10178d18 h1:F1qxtaFuewctYc/SsHRn+Q7Dtwi+yJGPgVq8YLtQz98=
 go.bug.st/relaxed-semver v0.0.0-20190922224835-391e10178d18/go.mod h1:Cx1VqMtEhE9pIkEyUj3LVVVPkv89dgW8aCKrRPDR/uE=
+go.bug.st/relaxed-semver v0.9.0 h1:qt0T8W70VCurvsbxRK25fQwiTOFjkzwC/fDOpyPnchQ=
+go.bug.st/relaxed-semver v0.9.0/go.mod h1:ug0/W/RPYUjliE70Ghxg77RDHmPxqpo7SHV16ijss7Q=
 go.bug.st/serial v1.1.1/go.mod h1:VmYBeyJWp5BnJ0tw2NUJHZdJTGl2ecBGABHlzRK1knY=
 go.bug.st/serial.v1 v0.0.0-20180827123349-5f7892a7bb45/go.mod h1:dRSl/CVCTf56CkXgJMDOdSwNfo2g1orOGE/gBGdvjZw=
 go.elastic.co/apm v1.8.0/go.mod h1:tCw6CkOJgkWnzEthFN9HUP1uL3Gjc/Ur6m7gRPLaoH0=