antalya-26.3: ClickHouseVersion parser accepts malformed version strings instead of rejecting them (PR #1653)

[CarlosFelipeOR]

ClickHouseVersion parser accepts malformed version strings instead of rejecting them (PR #1653)

Source: Altinity/ClickHouse PR #1653 – audit review
Context: Antalya 26.3 patch for SettingsChangesHistory + ClickHouseVersion parsing update (base branch antalya-26.3)
AI audit note: The original review was generated by AI (gpt-5.3-codex).

---

Summary

Code audit of the Antalya 26.3 SettingsChangesHistory / version-parsing patch identified 1 confirmed defect (Medium): the updated ClickHouseVersion constructor silently accepts malformed version strings that the previous implementation rejected with BAD_ARGUMENTS.

---

Confirmed defects

1. Medium: Malformed compatibility versions are now accepted instead of rejected

• Impact: Typos in compatibility values can silently apply an unintended compatibility profile instead of failing fast, causing hard-to-diagnose settings behavior.
• Anchor: src/Common/ClickHouseVersion.cpp / ClickHouseVersion::ClickHouseVersion
• Trigger: A non-numeric middle component such as 26..1, 26.1., or 26.x.1 in a parsed version string.
• Why defect: The constructor now treats the first non-numeric token (including empty tokens) as suffix and stops parsing, while previous behavior rejected such strings with BAD_ARGUMENTS.
• Fix direction (short): Restrict suffix handling to an explicit terminal suffix pattern; keep empty/intermediate non-numeric components invalid.
• Regression test direction (short): Add parser tests asserting exceptions for malformed inputs and success for valid suffixed forms like 26.1.3.20001.altinityantalya.

---

Notes

• The second item flagged in the original audit comment (stateless check in 02995_new_settings_history.sh) was confirmed by the dev to be the intended purpose of the change, not a defect, and is therefore not tracked here.