diff --git a/composer/lib/dependabot/composer/update_checker/version_resolver.rb b/composer/lib/dependabot/composer/update_checker/version_resolver.rb index ddfdda34fd..cc6161a55f 100644 --- a/composer/lib/dependabot/composer/update_checker/version_resolver.rb +++ b/composer/lib/dependabot/composer/update_checker/version_resolver.rb @@ -301,7 +301,7 @@ def handle_composer_errors(error) # If there *is* a lockfile we can't confidently distinguish between # cases where we can't install and cases where we can't update. For # now, we therefore just ignore the dependency. - nil + raise Dependabot::DependencyFileNotResolvable, sanitized_message elsif error.message.include?("URL required authentication") || error.message.include?("403 Forbidden") source = error.message.match(%r{https?://(?[^/]+)/}).named_captures.fetch("source")