From b6e9029fb65e64f90d81087f8733e12f22cf33b6 Mon Sep 17 00:00:00 2001
From: "S.Sandhu" <167903774+sachin-sandhu@users.noreply.github.com>
Date: Fri, 10 Jan 2025 18:30:51 -0500
Subject: [PATCH] Fixes [1.2k weekly errors] [JS] exception handler for
 malformed package manager version (#11274)

adds exception handler for malformed package manager version
---
 .../lib/dependabot/npm_and_yarn/package_manager.rb        | 7 +++++++
 .../npm_and_yarn/package_manager_helper_spec.rb           | 8 ++++++++
 2 files changed, 15 insertions(+)

diff --git a/npm_and_yarn/lib/dependabot/npm_and_yarn/package_manager.rb b/npm_and_yarn/lib/dependabot/npm_and_yarn/package_manager.rb
index e86198ec9c..4b22861c63 100644
--- a/npm_and_yarn/lib/dependabot/npm_and_yarn/package_manager.rb
+++ b/npm_and_yarn/lib/dependabot/npm_and_yarn/package_manager.rb
@@ -221,6 +221,9 @@ def unsupported?
       PNPMPackageManager::NAME => PNPMPackageManager
     }.freeze, T::Hash[String, NpmAndYarnPackageManagerClassType])
 
+    # Error malformed version number string
+    ERROR_MALFORMED_VERSION_NUMBER = "Malformed version number"
+
     class PackageManagerDetector
       extend T::Sig
       extend T::Helpers
@@ -520,6 +523,10 @@ def package_manager_by_name(name)
           raw_version: installed_version,
           requirement: package_manager_requirement
         )
+      rescue ArgumentError => e
+        raise DependencyFileNotParseable, e.message if e.message.include?(ERROR_MALFORMED_VERSION_NUMBER)
+
+        raise
       rescue StandardError => e
         Dependabot.logger.error("Error resolving package manager for #{name || 'default'}: #{e.message}")
         raise
diff --git a/npm_and_yarn/spec/dependabot/npm_and_yarn/package_manager_helper_spec.rb b/npm_and_yarn/spec/dependabot/npm_and_yarn/package_manager_helper_spec.rb
index d6bb655cc5..b49257759f 100644
--- a/npm_and_yarn/spec/dependabot/npm_and_yarn/package_manager_helper_spec.rb
+++ b/npm_and_yarn/spec/dependabot/npm_and_yarn/package_manager_helper_spec.rb
@@ -337,6 +337,14 @@
           end
         end
       end
+
+      context "with a malformed packageManager" do
+        context "when package manager version is not specified correctly" do
+          it "returns the nil packageManager version" do
+            expect(helper.detect_version("npm^@1.2.3")).to be_nil
+          end
+        end
+      end
     end
 
     context "when packageManager field does not exist" do