Version number comparisons in Python and GYP files are not safe

[targos]

Noted by @richardlau in #29897

Problem

In various places in GYP files and Python scripts, we use string or number comparisons to check if the version of compiling tools satisfies some minimum value. These are not safe and could give wrong results:

• "10.1" >= "2.4" returns False
• 2.24 > 2.3 returns False

Some examples in our code base

node/configure.py

Lines 1233 to 1237 in 81bc7b3

	openssl110_asm_supported = \
	('gas_version' in variables and float(variables['gas_version']) >= 2.23) or \
	('xcode_version' in variables and float(variables['xcode_version']) >= 5.0) or \
	('llvm_version' in variables and float(variables['llvm_version']) >= 3.3) or \
	('nasm_version' in variables and float(variables['nasm_version']) >= 2.10)

node/deps/openssl/openssl.gypi

Line 1039 in 81bc7b3

'llvm_version>="3.3" or xcode_version>="5.0" or gas_version>="2.23"', {

node/deps/openssl/openssl.gyp

Line 24 in 81bc7b3

}, 'gas_version >= "2.26" or nasm_version >= "2.11.8"', {

Solution?

I haven't found a solution yet, because we need something that works in GYP conditions, meaning simple Python expressions that cannot import external libraries (correct me if I'm wrong).

We could use the builtin from distutils.version import StrictVersion and StrictVersion("2.24") >= StrictVersion("2.3") but I don't know if it's possible to make StrictVersion available to GYP conditionals.

/cc @nodejs/gyp @nodejs/python

[richardlau]

I think we’ll need to move the version checks into configure.py and set variables for use in the GYP files.

[bnoordhuis]

#29931

[cclauss]

In Python, the best way is to break each version string into tuple of ints before comparing...

>>> import sys
>>> vers = sys.version.split()[0]
>>> vers
'3.6.1'
>>> vers = tuple(int(x) for x in vers.split("."))
>>> vers
(3, 6, 1)
>>> vers > (3, 6, 0)
True
>>> vers < (3, 6, 2)
True