Maven: skip unresolvable properties

[yeikel]

What are you trying to accomplish?

This change makes PropertyValueFinder#resolve_property_placeholder tolerant of unresolvable nested properties.

Previously, we assumed that recursive resolution would always return a value but If a nested property could not be resolved, this would raise due to T.must, causing parsing to fail.

Fixes #14330

How will you know you've accomplished your goal?

• The existing and new test cases pass
• The reproducer documented in update_files_error Passed nil into T.must #14330 runs successfully after this change

Checklist

• I have run the complete test suite to ensure all tests and linters pass.
• I have thoroughly tested my code changes to ensure they work as expected, including adding additional tests for new functionality.
• I have written clear and descriptive commit messages.
• I have provided a detailed description of the changes in the pull request, including the problem it addresses, how it fixes the problem, and any relevant details about the implementation.
• I have ensured that the code is well-documented and easy to understand.

[yeikel]

@kbukum1 Please review if you get a chance. Thanks in advance

[Copilot]

Pull request overview

Improves Maven property resolution so that nested, unresolvable property placeholders don’t raise (via T.must) and instead resolve safely, preventing POM parsing from failing (fixes #14330).

Changes:

• Make PropertyValueFinder#resolve_property_placeholder tolerant of unresolvable nested properties.
• Add a new Maven POM fixture with an intentionally undefined nested property.
• Add a spec covering the undefined-nested-property resolution behavior.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 1 comment.

File	Description
maven/lib/dependabot/maven/file_parser/property_value_finder.rb	Avoids raising when a nested property can’t be resolved during placeholder substitution.
maven/spec/dependabot/maven/file_parser/property_value_finder_spec.rb	Adds coverage asserting undefined nested properties resolve to an empty string (and do not error).
maven/spec/fixtures/poms/pom_with_undefined_property.xml	Provides a reproducible fixture with an unresolved nested property placeholder.

Comments suppressed due to low confidence (1)

maven/lib/dependabot/maven/file_parser/property_value_finder.rb:134

• resolve_property_placeholder is annotated as returning a nilable hash, but it always returns a hash literal. Now that the placeholder resolution can yield empty strings, tightening this signature to a non-nilable hash would better reflect reality and prevent nil-handling from creeping into callers.

        sig do
          params(
            content: String,
            callsite_pom: DependencyFile,
            pom: DependencyFile,
            node: T.untyped,
            seen_properties: T::Set[String]
          ).returns(T.nilable(T::Hash[Symbol, T.untyped]))
        end
        def resolve_property_placeholder(content, callsite_pom, pom, node, seen_properties)
          resolved_value = content.gsub(/\$\{(.+?)}/) do
            inner_name = Regexp.last_match(1)
            resolved = property_details(
              property_name: T.must(inner_name),
              callsite_pom: callsite_pom,
              seen_properties: seen_properties
            )
            resolved[:value] if resolved
          end

          { file: pom.name, node: node, value: resolved_value }
        end

---

You can also share your feedback on Copilot code review. Take the survey.

[kbukum1]

LGTM