Invalid Version error running Renovate 24.52.0 against Poetry project

[riconnon]

What Renovate type, platform and version are you using?

Gitlab configured using template: https://gitlab.com/renovate-bot/renovate-runner

Describe the bug

When I run Renovate version 24.52.0 against my Poetry project I get an error like

This does not occur with Renovate version 24.49.9

Relevant debug logs

ERROR: Repository has unknown error (repository=hunter2.app/hunter2)
       "err": {
         "message": "Invalid Version: 1.9",
         "stack": "TypeError: Invalid Version: 1.9\n    at new SemVer (/usr/src/app/node_modules/semver/classes/semver.js:38:13)\n    at Object.major [as getMajor] (/usr/src/app/node_modules/semver/functions/major.js:2:29)\n    at Object.lookupUpdates (/usr/src/app/node_modules/renovate/lib/workers/repository/process/lookup/index.ts:295:30)\n    at fetchDepUpdates (/usr/src/app/node_modules/renovate/lib/workers/repository/process/fetch.ts:44:26)\n    at /usr/src/app/node_modules/p-map/index.js:57:22"
       }

I don't see any more in the debug logs than quoted above other than one line indicating the package being looked at:

DEBUG: Returning cached datasource response (repository=hunter2.app/hunter2)
       "cacheKey": "pypi https://pypi.org/pypi/ lupa"
ERROR: Repository has unknown error (repository=hunter2.app/hunter2)
       "err": {
         "message": "Invalid Version: 1.9",
         "stack": "TypeError: Invalid Version: 1.9\n    at new SemVer (/usr/src/app/node_modules/semver/classes/semver.js:38:13)\n    at Object.major [as getMajor] (/usr/src/app/node_modules/semver/functions/major.js:2:29)\n    at Object.lookupUpdates (/usr/src/app/node_modules/renovate/lib/workers/repository/process/lookup/index.ts:295:30)\n    at fetchDepUpdates (/usr/src/app/node_modules/renovate/lib/workers/repository/process/fetch.ts:44:26)\n    at /usr/src/app/node_modules/p-map/index.js:57:22"
       }

Have you created a minimal reproduction repository?

I've not managed to create a minimal reproducer. I suspect it needs some specific state in the lockfile which I can't quite produce minimally.

It's exhibited by the repo here:
https://gitlab.com/hunter2.app/hunter2

Please read the minimal reproductions documentation to learn how to make a good minimal reproduction repository.

• This is a really small bug, it does not need a reproduction (think small typo)
• I have provided a minimal reproduction repository
• I don't have time for that, but it happens in a public repository I have linked to
• I don't have time for that, and cannot share my private repository
• The nature of this bug means it's impossible to reproduce publicly

Additional context

It looks like this might be caused by #8672
It seems like it might be unconditionally expecting version numbers to be semantic versions and tripping over the two-part version of this dependency.

[viceice]

Can reproduce it here cloned from gitlab.

Looks like a cache issue, investigating.

TypeError: Invalid Version: 1.9
    at new SemVer (/home/kriese/src/renovate/node_modules/semver/classes/semver.js:38:13)
    at Object.major [as getMajor] (/home/kriese/src/renovate/node_modules/semver/functions/major.js:2:29)
    at lookupUpdates (/home/kriese/src/renovate/lib/workers/repository/process/lookup/index.ts:287:30)
    at async fetchDepUpdates (/home/kriese/src/renovate/lib/workers/repository/process/fetch.ts:44:26)
    at async /home/kriese/src/renovate/node_modules/p-map/index.js:57:22

[viceice]

@rarkins I think it's a repositoryCache incompatibillity.

[rarkins]

I deleted the app cache for all repos about a day actually. What makes you suspect it?

[viceice]

Was wrong, it's failing on semver.major (versioning -> poetry -> npm -> getMajor -> semver.major)

Welcome to Node.js v14.15.4.
Type ".help" for more information.
> const s = require('semver')
undefined
> s.major('1.9')
Uncaught TypeError: Invalid Version: 1.9
    at new SemVer (/home/kriese/src/renovate/node_modules/semver/classes/semver.js:38:13)
    at Object.major (/home/kriese/src/renovate/node_modules/semver/functions/major.js:2:29)
>

[rarkins]

We could have npm versioning itself coerce versions before getMajor(), or do it in poetry versioning

[viceice]

it's poetry versioning, but poetry versioning extends npm, so getMajor points to semver.major

on 24.49.9 fromVersion is null here, so getMajor is not called.

renovate/lib/workers/repository/process/lookup/index.ts

Lines 279 to 283 in 0e0308f

	if (
	fromVersion &&
	rangeStrategy === 'pin' &&
	!versioning.isSingleVersion(currentValue)
	) {

on HEAD currentVersion=1.9, which is wrong, should be ^1.8from file

renovate/lib/workers/repository/process/lookup/index.ts

Lines 273 to 277 in 01e1f38

	if (
	currentVersion &&
	rangeStrategy === 'pin' &&
	!versioning.isSingleVersion(currentValue)
	) {

so this fails with mentioned error because 1.9 is not a valid semver.

renovate/lib/workers/repository/process/lookup/index.ts

Line 287 in 01e1f38

newMajor: versioning.getMajor(currentVersion),

[viceice]

I'm also confused that we have no 1.9 release at all for lupa

[
  {
    version: "0.13.1",
    releaseTimestamp: "2010-08-30T09:07:48",
  },
  {
    version: "1.0.1",
    releaseTimestamp: "2014-10-11T14:32:10",
  },
]

[rarkins]

on HEAD currentVersion=1.9, which is wrong, should be ^1.8from file

I'm not sure it's wrong. currentValue should be ^1.8 but currentVersion is 1.9 as that's detected from the lock file.

[renovate-release]

🎉 This issue has been resolved in version 24.53.1 🎉

The release is available on:

• GitHub release
• 24.53.1

Your semantic-release bot 📦🚀