[Security Solution] Placeholder “Semver” Appears in the Related Integrations “Version” Text Field in Rule Upgrade Flyout

[pborgonovi]

Describe the bug:
In the Upgrade Flyout under the “Related integrations” section, the placeholder “Semver” is displayed in the “Version” text field.

Kibana/Elasticsearch Stack version:
8.x

Current branch: 8.x  
Latest commit: ecae27e4444 - [8.x] [Index Mgmt] Improve accessibility of templates table (#199980) (#200031)  
Remote tracking: origin/8.x  
Status relative to remote: up to date (no pending commits)  

Server OS version:

Browser and Browser OS versions:

Elastic Endpoint version:

Original install method (e.g. download page, yum, from source, etc.):

Functional Area (e.g. Endpoint management, timelines, resolver, etc.):
Prebuilt Rules Upgrade

Pre requisites:

1. Have an older rules package installed (e.g. 8.15.4)
2. Have prebuilt rules installed
3. One of installed rules must have diff in integrations (e.g. Image File Execution Options Injection)

Steps to reproduce:

1. Upgrade rules package to the latest version
2. Go to Rule Updates table
3. Select the rule with diff in integrations
4. In the Upgrade Flyout, select 'Edit' under Related Integrations section
5. Remove value from a field 'Version'

Current behavior:
The “Version” field displays “Semver” as a placeholder

Expected behavior:
The placeholder in the “Version” field should provide clear guidance, such as:

• “Enter a version”
• “e.g., ^1.0.0”

Screenshots (if relevant):

Errors in browser console (if relevant):

Provide logs and/or server output (if relevant):

Any additional context (logs, chat logs, magical formulas, etc.):

[elasticmachine]

Pinging @elastic/security-solution (Team: SecuritySolution)

[elasticmachine]

Pinging @elastic/security-detection-rule-management (Team:Detection Rule Management)

[elasticmachine]

Pinging @elastic/security-detections-response (Team:Detections and Resp)

[banderror]

@pborgonovi Great catch! I think there's a bigger issue here.

The abnormal_security integration that was (if I understand correctly) added to the list of related integrations in the target version, has "version": "0.0.0" which I'm pretty sure doesn't exist. The UI handles this case by resetting the whole related integration, so the user has to re-add it manually.

I would suggest that UI should keep what is in the data and never change it on its own. Only the user should change it. And any invalid values potentially coming from the data should be blocked by validation.

Since this is a low-impact UX issue and an edge case, I will add this bug to Milestone 4.

cc @maximpn