- Issue created by @mingsong
- First commit to issue fork.
- Merge request !8261[#3451701] fix(update): Catch exceptions thrown by Semver::satisfies() in ProjectCoreCompatibility β (Closed) created by dww
- Status changed to Needs review
4 months ago 11:22am 1 June 2024 - πΊπΈUnited States dww
Here's a quick start. Needs tests, but wanted to get an MR open ASAP.
Elevating to critical since this is potentially very bad. π¬ While there are guardrails for the version strings themselves when creating releases on d.o, there's nothing to prevent people from having typos in the
core_version_requirementthey put into tagged releases. Update manager needs to be resilient to those sorts of mistakes, not hard crash with uncaught exceptions. Especially since we generally prevent anyone from fixing a broken release, so once there's a problem, we've got it "forever".Fixing the summary, both formatting, and some technical details.
- πΊπΈUnited States dww
Added Unit test coverage that shows the bug and proves the fix.
We probably want to extend some Functional coverage for this, too, since there might be other spots that blow up in this case, and it'd be nice to have an end-to-end test to verify it.
- Status changed to RTBC
4 months ago 8:02pm 2 June 2024 - πΊπΈUnited States smustgrave
Thanks @dww for super clear ticket
Test-only was already ran https://git.drupalcode.org/issue/drupal-3451701/-/jobs/1748750 and shows the coverage.
Code review of using a try/catch seems fine and good idea for an immediate fix.
- π¬π§United Kingdom catch
Committed/pushed to 11.x and cherry-picked back through to 10.2.x, thanks!
- πΊπΈUnited States drumm NY, US
(Saving to resolve issue indexing issue, please disregard.)
Automatically closed - issue fixed for 2 weeks with no activity.