From 7ee38fe3b3418396d55fd65553fc6e5c1ce84144 Mon Sep 17 00:00:00 2001
From: Rob Aiken <robaiken@github.com>
Date: Tue, 17 Dec 2024 16:31:22 +0000
Subject: [PATCH] Throw exception if we can't find an updatable version

---
 .../dependabot/github_actions/file_parser.rb  |  3 +++
 .../github_actions/file_parser_spec.rb        | 19 +++++++++++++++++++
 .../workflow_files/unresolved_version.yml     |  7 +++++++
 3 files changed, 29 insertions(+)
 create mode 100644 github_actions/spec/fixtures/workflow_files/unresolved_version.yml

diff --git a/github_actions/lib/dependabot/github_actions/file_parser.rb b/github_actions/lib/dependabot/github_actions/file_parser.rb
index ace623218b..ecadd0a6f7 100644
--- a/github_actions/lib/dependabot/github_actions/file_parser.rb
+++ b/github_actions/lib/dependabot/github_actions/file_parser.rb
@@ -35,6 +35,9 @@ def parse
           dependency_set += workfile_file_dependencies(file)
         end
 
+        dependencies_without_version = dependency_set.dependencies.select { |dep| dep.version.nil? }
+        raise UpdateNotPossible, dependencies_without_version.map(&:name) unless dependencies_without_version.empty?
+
         dependency_set.dependencies
       end
 
diff --git a/github_actions/spec/dependabot/github_actions/file_parser_spec.rb b/github_actions/spec/dependabot/github_actions/file_parser_spec.rb
index 8314b3b795..13f6c1a7e7 100644
--- a/github_actions/spec/dependabot/github_actions/file_parser_spec.rb
+++ b/github_actions/spec/dependabot/github_actions/file_parser_spec.rb
@@ -560,5 +560,24 @@ def mock_service_pack_request(nwo)
         end
       end
     end
+
+    context "with an unresolvable version" do
+      let(:workflow_file_fixture_name) { "unresolved_version.yml" }
+      let(:service_pack_url) do
+        "https://github.com/taiki-e/install-action.git/info/refs" \
+          "?service=git-upload-pack"
+      end
+
+      before do
+        mock_service_pack_request("taiki-e/install-action")
+      end
+
+      it "raises an UpdateNotPossible error" do
+        expect { parser.parse }.to raise_error(
+          Dependabot::UpdateNotPossible,
+          "The following dependencies could not be updated: taiki-e/install-action"
+        )
+      end
+    end
   end
 end
diff --git a/github_actions/spec/fixtures/workflow_files/unresolved_version.yml b/github_actions/spec/fixtures/workflow_files/unresolved_version.yml
new file mode 100644
index 0000000000..432e2bf232
--- /dev/null
+++ b/github_actions/spec/fixtures/workflow_files/unresolved_version.yml
@@ -0,0 +1,7 @@
+on: [push]
+
+name: Integration
+jobs:
+  chore:
+    steps:
+    - uses: taiki-e/install-action@nextest