From ad9a2f4e77fe2ae0b5288938f71495e209c8702f Mon Sep 17 00:00:00 2001
From: Rhys Arkins <rhys@arkins.net>
Date: Tue, 23 Nov 2021 07:56:19 +0100
Subject: [PATCH] fix: gracefully handle invalid locked version (#12800)

---
 lib/workers/repository/process/lookup/index.ts | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/lib/workers/repository/process/lookup/index.ts b/lib/workers/repository/process/lookup/index.ts
index a946363ce6..93cb4189a0 100644
--- a/lib/workers/repository/process/lookup/index.ts
+++ b/lib/workers/repository/process/lookup/index.ts
@@ -205,9 +205,16 @@ export async function lookupUpdates(
         });
       }
       let filterStart = currentVersion;
-      if (lockedVersion && rangeStrategy === 'update-lockfile') {
-        // Look for versions greater than the current locked version that still satisfy the package.json range
-        filterStart = lockedVersion;
+      if (lockedVersion) {
+        // istanbul ignore if
+        if (!versioning.isVersion(lockedVersion)) {
+          res.skipReason = SkipReason.InvalidVersion;
+          return res;
+        }
+        if (rangeStrategy === 'update-lockfile') {
+          // Look for versions greater than the current locked version that still satisfy the package.json range
+          filterStart = lockedVersion;
+        }
       }
       // Filter latest, unstable, etc
       let filteredReleases = filterVersions(
-- 
GitLab