Recent change to Python versioning causing illformed requirements

[spiralogist]

Hi all,

As of last week, dependabot was able to correctly identify and update Python pip package versions of the form 20241015.1829.593497+master.fef2068

I am now seeing an error:
illformed_requirement {:message=>"Malformed version string -20241015.1829.593497+master.fef2068 does not match regex"}

I see that there was a new dependabot-core release as of a few days ago. While it isn't explicitly called out here, I did find this PR that seems to be responsible for the behavior I am seeing.

While I'm not super familiar with Ruby, this code seems to imply the existence of a feature flag. Since we are not going to be able to update our versioning immediately, is there a way for us to disable this feature and/or potentially roll back to a different version of dependabot/dependabot-core? I am just using the standard dependabot.yml file and it was not clear if there is a way to 'pin' those versions there.

Thanks for the help!