Is checking for a version really common enough to justify adding it to the Validator component?

I also thought about just using regex, but as you can see, the regex(es) itself are quite complicated, so I thought it would be a nice addition.

Ofc lets wait what others say

Do you agree with the default true value for strict option?

Great idea 💡 I can do that in a follow up PR 🙋‍♂️

Min and max must then be a "valid" semantic version based on "strict" parameter, right?

Great idea 💡 I can do that in a follow up PR 🙋‍♂️

Let's do it here :)

Will do it tomorrow 🙌

Note that various package managers have different regexps for versions they accept. Composer and npm don't agree on the regexp for instance.
And the regex used here does not match the Composer one (I haven't checked whether it matches the npm one)

Note that various package managers have different regexps for versions they accept. Composer and npm don't agree on the regexp for instance.
And the regex used here does not match the Composer one (I haven't checked whether it matches the npm one)

I would say its fine to have a constraint based on the official RFC, I guess there are more projects with different regexes out there and we can't fulfill all of them

Note that various package managers have different regexps for versions they accept. Composer and npm don't agree on the regexp for instance.
And the regex used here does not match the Composer one (I haven't checked whether it matches the npm one)

I would say its fine to have a constraint based on the official RFC, I guess there are more projects with different regexes out there and we can't fulfill all of them

But then, the usefulness for this in core is limited? I suppose that supporting at least Composer would make sense?

But then, the usefulness for this in core is limited? I suppose that supporting at least Composer would make sense?

Well I don't want to use the composer logic, but the strict RFC one, we could ofc implement an option like "type": rfc, composer. To me following standards makes sense, this is what we do for IBAN, BIC, Http etc.

The question is whether it is useful to have this in core, if projects cannot use it in practice because they expect a version supported by npm or by composer.

To me, this is too specific to be in core.

WDYT @alexandre-daubois @javiereguiluz @GromNaN as you approved this PR

There may be more validations based on composer version and constraint parser. In that case, you would need to use composer/semver.

But I must admit that I can't think of a use for it.

What are the actual use cases for using that constraint ?

I wasn't aware that there were multiple "standards" for semver. I thought all the tools agreed on the same definition. If two major tools like Composer and NPM can't agree on that, it becomes really specific. But as @stof asked, maybe actual use cases would be welcomed to have a better opinion?

What are the actual use cases for using that constraint ?

We release software for pur clients based on SemVer and following the official specs, and in our database we want to track when, what was delivered. So I need this constraint in this way. I don't need the min/max thing and we only use strict, so these options are only added by me for the community. OFC I can use this constraint on my own in userland.

I suggest keeping this (simplified) constraint in your own project (or maybe even just defining a constant holding the regexp and using it with the Regex constraint).
I think having it in core is risky (people will then complain that this constraint is not compatible with what composer accepts because they work with versions targeting usage in composer)