Ignore pre-release parts when comparing GHES versions

src/upload-lib.test.ts

@@ -575,6 +575,19 @@ test("throwIfCombineSarifFilesDisabled when on GHES 3.18", async (t) => {
   );
 });
 
+test("throwIfCombineSarifFilesDisabled with an invalid GHES version", async (t) => {
+  await t.notThrowsAsync(
+    uploadLib.throwIfCombineSarifFilesDisabled(
+      [createMockSarif("abc", "def"), createMockSarif("abc", "def")],
+      createFeatures([]),
+      {
+        type: GitHubVariant.GHES,
+        version: "foobar",
+      },
+    ),
+  );
+});
+
 test("throwIfCombineSarifFilesDisabled with only 1 run", async (t) => {
   await t.notThrowsAsync(
     uploadLib.throwIfCombineSarifFilesDisabled(

src/upload-lib.ts

@@ -6,7 +6,6 @@ import * as core from "@actions/core";
 import { OctokitResponse } from "@octokit/types";
 import fileUrl from "file-url";
 import * as jsonschema from "jsonschema";
-import * as semver from "semver";
 
 import * as actionsUtil from "./actions-util";
 import * as api from "./api-client";
@@ -29,7 +28,7 @@ import {
   getRequiredEnvParam,
   GitHubVariant,
   GitHubVersion,
-  parseGhesVersion,
+  satisfiesGHESVersion,
   SarifFile,
   SarifRun,
 } from "./util";
@@ -132,7 +131,7 @@ export async function shouldShowCombineSarifFilesDeprecationWarning(
   // Do not show this warning on GHES versions before 3.14.0
   if (
     githubVersion.type === GitHubVariant.GHES &&
-    semver.lt(parseGhesVersion(githubVersion.version), "3.14.0")
+    satisfiesGHESVersion(githubVersion.version, "<3.14", true)
   ) {
     return false;
   }
@@ -177,7 +176,7 @@ async function shouldDisableCombineSarifFiles(
 ) {
   if (githubVersion.type === GitHubVariant.GHES) {
     // Never block on GHES versions before 3.18.
-    if (semver.lt(parseGhesVersion(githubVersion.version), "3.18.0-0")) {
+    if (satisfiesGHESVersion(githubVersion.version, "<3.18", true)) {
       return false;
     }
   } else {

src/util.ts

@@ -1133,20 +1133,28 @@ export function checkActionVersion(
 }
 
 /**
- * This will parse a GitHub Enterprise Server version string into a SemVer object.
+ * This will check whether the given GitHub version satisfies the given range,
+ * taking into account that a range like >=3.18 will also match the GHES 3.18
+ * pre-release/RC versions.
  *
- * GHES versions are usually in a semver-compatible format, so usually this will
- * just call the SemVer constructor. However, for GHES pre-release versions,
- * the version string is in the format "3.18.0.pre1", which is not a valid semver
- * version since the pre-release part of the version should be separated by a
- * hyphen. This function will replace the ".pre" part of the version with "-pre"
- * to make it a valid semver version.
+ * When the given `githubVersion` is not a GHES version, or if the version
+ * is invalid, this will return `defaultIfInvalid`.
  */
-export function parseGhesVersion(version: string): semver.SemVer {
-  if (version.includes(".pre")) {
-    version = version.replace(".pre", "-pre");
+export function satisfiesGHESVersion(
+  ghesVersion: string,
+  range: string,
+  defaultIfInvalid: boolean,
+): boolean {
+  const semverVersion = semver.coerce(ghesVersion);
+  if (semverVersion === null) {
+    return defaultIfInvalid;
   }
-  return new semver.SemVer(version);
+
+  // We always drop the pre-release part of the version, since anything that
+  // applies to GHES 3.18.0 should also apply to GHES 3.18.0.pre1.
+  semverVersion.prerelease = [];
+
+  return semver.satisfies(semverVersion, range);
 }
 
 /**