Description
openedon Jan 22, 2023
https://github.com/jenkinsci/jenkins-test-harness/releases/tag/1933.vda_8285a_2162a was not offered by Dependabot as expected. Rather it was erroneously filtered out as a prerelease by https://github.com/dependabot/dependabot-core/blob/1afa8518245f23c14eb652452e6f9539e48893d7/maven/lib/dependabot/maven/update_checker/version_finder.rb#L34. The Dependabot tokenization of this version was ["1933", "vda_8285", "a_2162", "a"]. The last token causes https://github.com/dependabot/dependabot-core/blob/1afa8518245f23c14eb652452e6f9539e48893d7/maven/lib/dependabot/maven/version.rb#L57 to erroneously flag this as an alpha version. One solution would be to append an underscore in cases like this so that the last token would be "a_" and would not trigger https://github.com/dependabot/dependabot-core/blob/1afa8518245f23c14eb652452e6f9539e48893d7/maven/lib/dependabot/maven/version.rb#L57.