Raise invalid constraint when invalid version
What does this MR do?
Make IntervalParser
raise an InvalidConstraintError
when parsing the version raises an InvalidVersionError
.
This change is necessary b/c validation based on a generic regular expression no longer ensures that the version is invalid.
In the gitlab backend, Continuous Vulnerability Scanning makes a distinction b/w the two types of errors.
- It recovers from invalid versions referenced in project dependencies.
- However, it lets the advisory scan job fails when the invalid version is in the affected range of versions, in the advisory.
What are the relevant issue numbers?
gitlab-org/gitlab#386070 (comment 1821312900)
Does this MR meet the acceptance criteria?
-
Changelog entry added -
Documentation created/updated for this project, if necessary -
Tests added for this feature/bug -
Conforms to the code review guidelines -
Security reports checked/validated by reviewer
Edited by Fabien Catteau