Confusing downgraded dependencies report #182
Description
I was trying out the differential analysis on ericcornelissen/eslint-plugin-top#1395 and encountered the "Downgraded packages" in the report for the first time. I'm not sure if this setting causes this part of the report to show up but I figured I'd mention it for completeness.
Now, either me or dirty-waters is confused. The report reads as follows:
❗ Downgraded packages (
| package_name | repo_link | category | old_version | new_version |
|---|---|---|---|---|
@eslint/core |
https://github.com/eslint/rewrite | Downgraded package | 0.14.0 | 0.10.0 |
@eslint/markdown |
https://github.com/eslint/markdown | Downgraded package | 6.5.0 | 6.4.0 |
the way I read that it is suggesting that, e.g., 0.14.0 of @eslint/core is the (old) version I'm currently using and I should use the (new?) v0.10.0 instead 🤔 That does not seem right to me...
Now, for @eslint/core I do use multiple versions and some are older than v0.14.0 but all are above v0.10.0. For completeness, here is the versions npm says I'm using:
$ npm ls @eslint/core
@ericcornelissen/eslint-plugin-top@3.5.2 /workspace/eslint-plugin-top
├─┬ @eslint/json@0.11.0
│ ├── @eslint/core@0.12.0
│ └─┬ @eslint/plugin-kit@0.2.8
│ └── @eslint/core@0.13.0
├─┬ @eslint/markdown@6.5.0
│ ├── @eslint/core@0.14.0
│ └─┬ @eslint/plugin-kit@0.3.1
│ └── @eslint/core@0.14.0 deduped
└─┬ eslint@9.27.0
├── @eslint/core@0.14.0
└─┬ @eslint/plugin-kit@0.3.1
└── @eslint/core@0.14.0 deduped
$ npm ls @eslint/markdown
@ericcornelissen/eslint-plugin-top@3.5.2 /workspace/eslint-plugin-top
├─┬ @ericcornelissen/eslint-plugin-top@3.5.2 -> ./
│ └── @eslint/markdown@6.5.0 deduped
└── @eslint/markdown@6.5.0