fix: julia parser panicing (#8883)

Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
2025-12-05 20:40:16 -08:00 · 2025-05-19 11:47:44 +02:00
parent 6aff7b0c4f
commit be8c7b796d
4 changed files with 46 additions and 0 deletions
--- a/pkg/dependency/parser/julia/manifest/parse.go
+++ b/pkg/dependency/parser/julia/manifest/parse.go
@@ -140,6 +140,9 @@ func decodeDependency(man *primitiveManifest, dep primitiveDependency, metadata
 		var possibleUuids []string
 		for _, depName := range possibleDeps {
 			primDep := man.Dependencies[depName]
+			if len(primDep) == 0 {
+				return primitiveDependency{}, xerrors.Errorf("Dependency %q has invalid format (parsed no deps): %s", depName, primDep)
+			}
 			if len(primDep) > 1 {
 				return primitiveDependency{}, xerrors.Errorf("Dependency %q has invalid format (parsed multiple deps): %s", depName, primDep)
 			}
--- a/pkg/dependency/parser/julia/manifest/parse_test.go
+++ b/pkg/dependency/parser/julia/manifest/parse_test.go
@@ -17,6 +17,7 @@ func TestParse(t *testing.T) {
 		file     string // Test input file
 		want     []ftypes.Package
 		wantDeps []ftypes.Dependency
+		wantErr  string
 	}{
 		{
 			name:     "Manifest v1.6",
@@ -60,6 +61,16 @@ func TestParse(t *testing.T) {
 			want:     juliaV10FormatPkgs,
 			wantDeps: juliaV10FormatDeps,
 		},
+		{
+			name:    "Manifest file doesn't contain child dependency of another dependency",
+			file:    "testdata/missed-child-dep/Manifest.toml",
+			wantErr: "has invalid format (parsed no deps)",
+		},
+		{
+			name:    "Manifest file contains multiple dependencies with same name",
+			file:    "testdata/multiple-same-deps/Manifest.toml",
+			wantErr: "has invalid format (parsed multiple deps)",
+		},
 	}

 	for _, tt := range tests {
@@ -68,6 +79,11 @@ func TestParse(t *testing.T) {
 			require.NoError(t, err)

 			gotPkgs, gotDeps, err := NewParser().Parse(f)
+
+			if tt.wantErr != "" {
+				require.ErrorContains(t, err, tt.wantErr)
+				return
+			}
 			require.NoError(t, err)

 			sort.Sort(ftypes.Packages(tt.want))
--- a/pkg/dependency/parser/julia/manifest/testdata/missed-child-dep/Manifest.toml
+++ b/pkg/dependency/parser/julia/manifest/testdata/missed-child-dep/Manifest.toml
@@ -0,0 +1,16 @@
+# This file is machine-generated - editing it directly is not advised
+
+[[Base64]]
+uuid = "2a0f44e3-6c83-55bd-87e4-b1978d98bd5f"
+
+[[Dates]]
+deps = ["Printf"]
+uuid = "ade2ca70-3891-5945-98fb-dc099432e06a"
+
+[[InteractiveUtils]]
+deps = ["Markdown"]
+uuid = "b77e0a4c-d291-57a0-90e8-8db25a27a240"
+
+[[LibGit2]]
+deps = ["Printf"]
+uuid = "76f85450-5226-5b5a-8eaa-529ad045b433"
--- a/pkg/dependency/parser/julia/manifest/testdata/multiple-same-deps/Manifest.toml
+++ b/pkg/dependency/parser/julia/manifest/testdata/multiple-same-deps/Manifest.toml
@@ -0,0 +1,11 @@
+# This file is machine-generated - editing it directly is not advised
+
+[[Dates]]
+deps = ["Printf"]
+uuid = "ade2ca70-3891-5945-98fb-dc099432e06a"
+
+[[Printf]]
+uuid = "de0858da-6303-5e67-8744-51eddeeeb8d7"
+
+[[Printf]]
+uuid = "de0858da-6303-5e67-8744-51eddeeeb8d8"