Merge pull request #9471 from dependabot/bdragon/iss-9430

Avoid passing empty strings as versions, part 2
dependabot · Apr 10, 2024 · 3562413 · 3562413
2 parents b5bbd1e + fd48208
commit 3562413
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 5 deletions.
diff --git a/common/lib/dependabot/dependency.rb b/common/lib/dependabot/dependency.rb
@@ -85,6 +85,8 @@ def self.register_name_normaliser(package_manager, name_builder)
     sig { returns(T::Hash[Symbol, T.untyped]) }
     attr_reader :metadata
 
+    # rubocop:disable Metrics/AbcSize
+    # rubocop:disable Metrics/PerceivedComplexity
     sig do
       params(
         name: String,
@@ -110,8 +112,10 @@ def initialize(name:, requirements:, package_manager:, version: nil,
         end,
         T.nilable(String)
       )
+      @version = nil if @version == ""
       @requirements = T.let(requirements.map { |req| symbolize_keys(req) }, T::Array[T::Hash[Symbol, T.untyped]])
       @previous_version = previous_version
+      @previous_version = nil if @previous_version == ""
       @previous_requirements = T.let(
         previous_requirements&.map { |req| symbolize_keys(req) },
         T.nilable(T::Array[T::Hash[Symbol, T.untyped]])
@@ -128,6 +132,8 @@ def initialize(name:, requirements:, package_manager:, version: nil,
 
       check_values
     end
+    # rubocop:enable Metrics/AbcSize
+    # rubocop:enable Metrics/PerceivedComplexity
 
     sig { returns(T::Boolean) }
     def top_level?
@@ -354,8 +360,6 @@ def all_sources
 
     sig { void }
     def check_values
-      raise ArgumentError, "blank strings must not be provided as versions" if [version, previous_version].any?("")
-
       check_requirement_fields
       check_subdependency_metadata
     end

diff --git a/common/lib/dependabot/update_checkers/base.rb b/common/lib/dependabot/update_checkers/base.rb
@@ -241,7 +241,7 @@ def updated_dependency_without_unlock
       sig { returns(Dependabot::Dependency) }
       def updated_dependency_with_own_req_unlock
         version = preferred_resolvable_version.to_s
-        previous_version = latest_resolvable_previous_version(version)&.to_s
+        previous_version = latest_resolvable_previous_version(version)
 
         Dependency.new(
           name: dependency.name,

diff --git a/common/spec/dependabot/update_checkers/base_spec.rb b/common/spec/dependabot/update_checkers/base_spec.rb
@@ -437,7 +437,7 @@
     end
     let(:latest_version) { Gem::Version.new("1.9.0") }
     let(:latest_resolvable_version) { Gem::Version.new("1.8.0") }
-    let(:latest_resolvable_version_with_no_unlock) { Gem::Version.new("1.7.0") }
+    let(:latest_resolvable_version_with_no_unlock) { "1.7.0" }
 
     its(:count) { is_expected.to eq(1) }
 
@@ -467,7 +467,7 @@
       end
 
       context "when resolved from a requirement" do
-        let(:latest_resolvable_previous_version) { Gem::Version.new("1.4.0") }
+        let(:latest_resolvable_previous_version) { "1.4.0" }
 
         describe "the dependency" do
           subject { updated_dependencies.first }