Skip to content

Commit

Permalink
Fix ArgumentError Malformed version number in github actions
Browse files Browse the repository at this point in the history
  • Loading branch information
amazimbe committed Aug 2, 2024
1 parent 7ea926f commit d4e8522
Show file tree
Hide file tree
Showing 3 changed files with 11 additions and 2 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,8 @@ def updated_requirements
sig { returns(T::Array[Dependabot::SecurityAdvisory]) }
def active_advisories
security_advisories.select do |advisory|
advisory.vulnerable?(version_class.new(git_commit_checker.most_specific_tag_equivalent_to_pinned_ref))
version = git_commit_checker.most_specific_tag_equivalent_to_pinned_ref
version.nil? ? false : advisory.vulnerable?(version_class.new(version))
end
end

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -810,7 +810,7 @@
it { is_expected.to eq(expected_requirements) }
end

context "when a vulnerable dependency hase a major tag reference" do
context "when a vulnerable dependency has a major tag reference" do
let(:dependency_name) { "kartverket/github-workflows" }
let(:reference) { "v2" }

Expand Down Expand Up @@ -840,6 +840,14 @@
expect(updated_requirements.first[:source][:ref]).to eq("v3")
end
end

context "when no matching tag with a higher version is available" do
let(:upload_pack_fixture) { "github-workflows-no-tags" }

it "stays on the vulnerable version" do
expect(updated_requirements.first[:source][:ref]).to eq(reference)
end
end
end
end

Expand Down
Binary file not shown.

0 comments on commit d4e8522

Please sign in to comment.