Regex for dependency versions

[buschtoens]

Related to #42, #93

It would be nice if we could give more granular control over what types of versions, Git URLs, tarball URLs, etc are allowed.

For example, I would like to disallow anything but valid semantic versions (especially Git URLs) for all dependency packages, and only allow tarballs from a certain host for some dependency packages.

[tclindner]

Hey @buschtoens great suggestion! Would you be interested in helping define the patterns you would like to use?

[GenrikhFetischev]

I join to that suggestion. I use git flow approach and gitversion for versioning my packages and have the following model:

• the main branch, just SemVer like 1.2.3
• a release branch has "beta" suffix, like 1.2.3-beta.12
• the develop branch has "alpha" suffix like 1.2.3-alpha.12
• also, I can publish my packages from feature branches (like feature/AAA-123) during development, and those packages have versions like 1.2.3-AAA-123.12.

I want to use the linter to prevent having anything other than strict SemVer, but there are hardcoded dev branches suffixes as far as I found out. I would propose to use RegExp, for example, to configure no-restricted-pre-release-devDependencies" rule.
It could be great to have something like that (just one minute thinking proposal):

{
  "no-restricted-pre-release-devDependencies": [
    "error",
    {
      "packages": ["package-a", "package-b"], // and even allow "*", may be
      "check": {
        "type": "string | regex",
        "values": "string[]" // if type == regex, create new RegExp(string)
      }
    }
  ]
}

I'm ready to contribute to the implementation, @tclindner please consider that improvement