Skip to content

feat: add semver targeting support to local flag evaluation#447

Open
dmarticus wants to merge 3 commits intomasterfrom
dmarticus/semver-targeting
Open

feat: add semver targeting support to local flag evaluation#447
dmarticus wants to merge 3 commits intomasterfrom
dmarticus/semver-targeting

Conversation

@dmarticus
Copy link
Contributor

@dmarticus dmarticus commented Feb 27, 2026

Summary

  • Add 9 semver comparison operators (semver_eq, semver_neq, semver_gt, semver_gte, semver_lt, semver_lte, semver_tilde, semver_caret, semver_wildcard) for local feature flag evaluation
  • Implements the client-side evaluation to match feat(flags): support semver comparisons in user_blast_radius posthog#44596
  • Parsing handles v-prefix, whitespace, pre-release suffixes, leading zeros, and 4-part versions

Why not use a semver library?

Libraries like packaging and semver exist but aren't runtime dependencies of this SDK. The current runtime deps are intentionally minimal (requests, six, python-dateutil, backoff, distro, typing-extensions), and adding a dependency for ~20 lines of string splitting isn't worth the install footprint cost for SDK consumers. The Rust feature-flags service uses its ecosystem's semver crate, but Rust deps don't have the same user-facing cost as Python deps.

Test plan

  • All 9 operators tested with positive/negative cases
  • Edge cases: v-prefix, whitespace, leading zeros, pre-release suffixes, partial versions, 4-part versions
  • Caret operator ^0.x.y behavior per semver spec
  • Invalid input and missing property handling
  • All 115 tests pass (12 new + 103 existing)

Implement 9 semver comparison operators (semver_eq, semver_neq, semver_gt, semver_gte, semver_lt, semver_lte, semver_tilde, semver_caret, semver_wildcard) for feature flag local evaluation. Uses regex-based parsing that matches the server-side sortableSemver behavior to handle v-prefix, whitespace, pre-release suffixes, and non-standard version formats.

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
@github-actions
Copy link
Contributor

github-actions bot commented Feb 27, 2026

posthog-python Compliance Report

Date: 2026-02-27 01:55:47 UTC
Duration: 159371ms

✅ All Tests Passed!

29/29 tests passed


Capture Tests

29/29 tests passed

View Details
Test Status Duration
Format Validation.Event Has Required Fields 516ms
Format Validation.Event Has Uuid 1507ms
Format Validation.Event Has Lib Properties 1507ms
Format Validation.Distinct Id Is String 1507ms
Format Validation.Token Is Present 1507ms
Format Validation.Custom Properties Preserved 1507ms
Format Validation.Event Has Timestamp 1507ms
Retry Behavior.Retries On 503 9514ms
Retry Behavior.Does Not Retry On 400 3511ms
Retry Behavior.Does Not Retry On 401 3507ms
Retry Behavior.Respects Retry After Header 9510ms
Retry Behavior.Implements Backoff 23532ms
Retry Behavior.Retries On 500 7502ms
Retry Behavior.Retries On 502 7513ms
Retry Behavior.Retries On 504 7516ms
Retry Behavior.Max Retries Respected 23528ms
Deduplication.Generates Unique Uuids 1498ms
Deduplication.Preserves Uuid On Retry 7511ms
Deduplication.Preserves Uuid And Timestamp On Retry 14525ms
Deduplication.Preserves Uuid And Timestamp On Batch Retry 7505ms
Deduplication.No Duplicate Events In Batch 1506ms
Deduplication.Different Events Have Different Uuids 1507ms
Compression.Sends Gzip When Enabled 1507ms
Batch Format.Uses Proper Batch Structure 1507ms
Batch Format.Flush With No Events Sends Nothing 1004ms
Batch Format.Multiple Events Batched Together 1506ms
Error Handling.Does Not Retry On 403 3508ms
Error Handling.Does Not Retry On 413 3508ms
Error Handling.Retries On 408 7512ms

Copy link
Contributor

@greptile-apps greptile-apps bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

2 files reviewed, no comments

Edit Code Review Agent Settings | Greptile

Add input length limit before regex search to prevent polynomial
backtracking on adversarial input (CodeQL py/polynomial-redos).
Replace SEMVER_EXTRACT_RE regex with simple string splitting to
eliminate nested quantifiers that CodeQL flagged as polynomial-redos.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant